Formation of the list of critical aviation information systems in the context of the cyber threats activities

Article Sidebar

PDF (Українська)
DOI: https://doi.org/10.20998/2522-9052.2019.2.16
Keywords:
critical infrastructure, critical information infrastructure, critical aviation information systems, cyber threats, simplexes, incidence matrix

Main Article Content

Viktoriia Sydorenko
National Aviation University, Kyiv
https://orcid.org/0000-0002-5910-0837
Yuliia Polishchuk
National Aviation University, Kyiv
https://orcid.org/0000-0002-0686-2328
Sergiy Gnatyuk
National Aviation University, Kyiv
https://orcid.org/0000-0003-4992-0564

Abstract

The subject of the paper is the methods and models of forming the list of objects of critical information infrastructure (CII). The purpose of this paper is to form a list of critical aviation information systems (CAIS) on the basis of the developed unified data model and determine their metrics of connectivity and complexity. Results. Based on the author’s previously developed unified data model, a methodology was developed for creating a list of CII objects. It due to multi-level detail, hierarchical representation of sets characterizing systems and their components, as well as the introduction of the incidence matrix of CII cybersecurity, its simplex complexes and Q-analysis, allowed to formulate the list of CAIS and to determine their connectivity (the ratio of q-bonds between sets cyber threats (CT) and CAIS). Conclusions. This research study has shown that the relations q-connections of sets of CT have a higher connectivity in comparison with similar relations q-connections of sets of systems of CAIS, which indicates that the implementation of one CT can initiate a cascade effect on other related threats and lead to damage, and sometimes devastating consequences for a certain system of CAIS. In addition, the complexity measurements of complexes jKAIS = 1,39 and jTHREATS = 1,13 are calculated and indicate a greater «complexity» of CAIS systems. Given results can be used by the relevant state authorities to build a list of CII objects in order to apply adequate security methods and means.

Article Details

How to Cite
Sydorenko, V., Polishchuk, Y., & Gnatyuk, S. (2019). Formation of the list of critical aviation information systems in the context of the cyber threats activities. Advanced Information Systems, 3(2), 91–98. https://doi.org/10.20998/2522-9052.2019.2.16
Issue
Vol. 3 No. 2 (2019): Advanced Information Systems
Section
Methods of information systems protection
Author Biographies

Viktoriia Sydorenko, National Aviation University, Kyiv

PhD, Senior lecturer of IT-Security Academic Department

Yuliia Polishchuk, National Aviation University, Kyiv

PhD student of IT-Security Academic Department

Sergiy Gnatyuk, National Aviation University, Kyiv

D.Sc., Associate Professor, Professor of IT-Security Academic Department

References

Dovgan, O. (2013), “Critical infrastructure as an object of protection against cyber attacks”, Information security: the challenges and threats of our time, NA SBU, Kyiv, pp. 17–20.

Greeen paper on Critical Infrastructure Protection in Ukraine, available at:

http://www.niss.gov.ua/public/File/2016_book/Syxodolya_ost.pdf.

Biryukov, D. and Kondratov, S. (2012), Protection of critical infrastructure: problems and prospects of implementation in Ukraine: analytical report, NІSS, Kyiv, 96 p.

Lyadovska, V. (2014), “Methods and criteria for the identification of objects of the state's critical infrastructure”, Integrated intelligent robotic complexes, 19-20 May 2014, рp. 356–358.

On the identification and designation of European critical infrastructures and the assessment of the need to improve their protec-tion: Council Directive 2008/114/EC, available at:

http://eur-lex.europa.euLexUriServ/LexUriServ.do?uri=CELEX:32008L0114:EN:HTML:NOT.

Tsigichko, V., Smolyan, G. and Chereshkin, D. (2006), “Ensuring the safety of critical infrastructures in the USA”, Т.27.

Fekete, A. (2011), “Common criteria for the assessment of critical infrastructures”, International Journal of Disaster Risk Sci-ence, Vol. 2, № 1. pp. 15–24.

Resolution on approval of the procedure for the formation of the list of information and telecommunication systems of critical infrastructure objects of the state (2016), available at: http://zakon0.rada.gov.ua/laws/show/563-2016-%D0%BF.

Doc 8973 ІСАО “Aviation Safety Guide” (2014), no 9, 818 p.

Doc 30 «ECAC Policy Statement in the Field of Civil Aviation Facilitation» (2010), Т. 13, 138 р.

Gnatyuk, S., Sydorenko, V. and Seilova, N. (2017), “Universal data model for the formation of the critical information infra-structure of the state objects list”, Ukrainian Scientific Journal of Information Security, Vol. 23 (2), рp. 80–91.

Sydorenko, V., Zhmurko, T., Polishchuk, Yu. and Gnatyuk, S. (2017), “Data model for forming critical infrastructure objects and determining its connectivity”, Inzynier XXI wieku, Bielsko-Biala, ATH, Poland, pр. 329–350.

Sydorenko, V., Gnatyuk, S. and Aleksander, M. (2018), “Unified data model for defining state critical information infrastruc-ture in civil aviation”, The 9th IEEE Int. Conf. on Dependable Systems, Services and Technologies, Kyiv, рр. 37–42.

Kuchuk, G.A., Kovalenko, A.A. and Mozhaev A.A. (2010), “An Approach To Development Of Complex Metric For Multi-service Network Security Assessment”, Statistical Methods Of Signal and Data Processing (SMSDP – 2010), Proc. Int. Conf., October 13-14, 2010,: IEEE Ukraine section joint SP, NAU, RED, Kyiv, pp. 158–160.

Amin Salih, M., Yuvaraj, D., Sivaram, M. and Porkodi, V. (2018), “Detection And Removal Of Black Hole Attack In Mobile Ad Hoc Networks Using Grp Protocol”, International Journal of Advanced Research in Computer Science, Vol. 9, No 6, pp. 1–6, DOI: http://dx.doi.org/10.26483/ijarcs.v9i6.6335

Gnatyuk, S., Hu, Zh., Sydorenko, V., Aleksander, M., Polishchuk, Yu. and Yubuzova, Kh. (2019), “Critical Aviation Infor-mation Systems: Identification and Protection”, Cases on Modern Computer Systems in Aviation, IGI Global, USA, рp. 423–448.

Kachinsky, А. (2003), Security, threats and risks: scientific concepts and mathematical methods, Kyiv, 472 p.

Sydorenko, V. (2018), Methods for critical information infrastructure objects identification and cybersecurity assessment in aviation, available at: http://er.nau.edu.ua:8080/handle/NAU/33987.

Gnatyuk, S. and Vasyliev, D. (2016), “Modern critical aviation information systems”, Information Security, Vol. 22, Issue 1, pp. 51–57.