About the informatization object functioning stability assessment in conditions of computer attacks at exponential distribution law of time before the enemy’s impact

Objective. The aim of the study is to develop a mathematical model for assessing the stability of the functioning of an informatization object (IO) in the conditions of computer attacks (CA), assuming that the laws of distribution of random variables before the enemy's impact and the recovery time are distributed exponentially.

Method. Application of the method of discrete Markov processes to solve the problem of assessing the stability of IO, which differs from the known approaches in that to describe the state of IO, the concept of "non-returnable state" is introduced, into which the system can move due to the exhaustion of the resource allocated to restore its readiness after a successful CA.

Result. As a result of the research, a mathematical model has been developed that allows us to build the stability function of the IO taking into account the intensity of the CA flow and the intensity of restoring its operability, taking into account the limitations on the allocated resource.

Conclusion. The application of the method makes it possible to quantify the stability of the functioning of the IO by constructing the survivability function of the IO for conditions under which the flows of attacks and recoveries cannot be assumed stationary and ergodic, and there is also no representative statistics for calculating asymptotic estimates of stability. A quantitative assessment of the stability of the IO for the conditions of the CA is in demand by information security management bodies when making decisions to ensure the protection of information, as well as when justifying the requirements for the system to restore operability.

1. https://qrator.net/presentations/2021/QratorLabs_Network_Security_Availability_in_2020_RU.pdf[Visited March 20, 2022] Report on Network security and Availability in 2020 Available at.

2. Data Breach Investigations Report Available at: https://enterprise.verizon.com/resources/reports/2019-data-breachinvestigations-report.pdf [Visited March 20, 2022].

3. Federal`ny` zakon ot 27.07.2006 N 149-FZ "Ob informacii, informacionny`h tehnologiyah i zashhite informacii" SPS Konsul`tant Plyus. (In Russ).

4. GOST R 51275–2006. Zashhita informacii. Ob``ekt informatizacii. Faktory`, vozdejstvuyushhie na informaciyu. Obshhie polozheniya: nacz. standart Ros. Federacii: izd. oficz.: utv. i vved. v dejstvie Prikazom Feder. agentstva po tehn. regulirovaniyu i metrologii ot 27 dekabrya 2006 g. № 374-st: vved. vpervy`e: data vved. 2021-11-30. M.: Standartinform, 2018; 8. (In Russ).

5. Prikaz FSTEK Rossii ot 29 aprelya 2021 g. N 77 On approval of the procedure for organizing and carrying out work on attesting informatization objects for compliance with the requirements for the protection of restricted information that is not a state secret. Registered with the Ministry of Justice of the Russian Federation on August 10, 2021, registration N 64589. Elektronnyj resurs: https://docs.cntd.ru/document/608228209. (In Russ).

6. GOST R ISO 19011–2021 Guidelines for auditing management systems. Approved and put into effect by Order of the Federal Agency for Technical Regulation and Metrology dated April 21, 2021 N261-st. M.: Standartinform, 2021; 42. (In Russ).

7. GOST R ISO/MEK 27007—2014. Information technology. Methods and means of ensuring security. Guidelines for auditing information security management systems. Approved and put into effect by order of the Federal Agency for Technical Regulation and Metrology dated 06/01/2015M.: FGUP «Standartinform», 2015; 27. (In Russ).

8. GOST R 59516—2021. Information Technology. Information security management. Information security risk insurance rules. Approval and put into effect by Order of the Federal Agency for Technical Regulation and Metrology dated May 20, 2021 N420-st.M.: Standartinform, 2021; 20. (In Russ).

9. GOST R ISO/MEK 27005-2010 Methods and means of ensuring security. Information security risk management. Approved and put into effect by Order of the Federal Agency for Technical Regulation and Metrology dated November 30, 2010 N 632-st.M.: Standartinform, 2012; 91. (in Russ).

10. Makarenko S. I. Audit of information security: main stages, conceptual framework, classification of measures. Control Systems, Communications and Security. 2018; 1: 1–29. (In Russ).

11. Livshic I.I. Modern practice of information security audit. Quality management. 2011;7:34–41. (In Russ).

12. Kul'ba V. V., SHelkov A. B., Gladkov YU. M., Pavel'ev S. V. Monitoring and audit of information security of automated systems. M.: IPU im. V. A. Trapeznikova RAN, 2009; 94. (In Russ).

13. Markov A. S., Cirlov V. L., Barabanov A. V. Methods for assessing the inconsistency of information security tools M.: Radio and communication. 2012; 192. (In Russ).

14. Hohlachev E. N. Organization and technology of making decisions in the management of the communication system and troops. Part 2. Development of solutions for the restoration of communication networks. M.: VA RVSN, 2009; 241 (in Russian).

15. GOST R MEK 61165-2019. Application of Markov methods. Approved and put into effect by the Order of the Federal Agency for Technical Regulation and Metrology dated Septembe N 635-st. M.: Standartinform, 2019; 31. (In Russ).

16. GOST R 27.001-2009. Nadezhnost' v tekhnike. Sistema upravleniya nadezhnost'yu. Utverzhden i vveden v dejstvie Prikazom Federal'nogo agentstva po tekhnicheskomu regulirovaniyu i metrologii ot 15 dekabrya 2009 g. N 1247-st. M.: Standartinform, 2010; 12. (In Russ).

17. Voevodin V. A., Markin P. V., Markina M. S., Burenok D. S. Technique for developing an information security audit program taking into account the weight coefficients of the significance of audit evidence based on the hierarchy analysis method. communications and security. Sistemy upravleniya, svyazi i bezopasnosti. 2021; 2: 96–129. DOI: 10.24412/2410-9916-2021-2-96-129. (In Russ).

18. Voevodin V. A., Burenok D. S., Markin P. V., Markina M. S. «Programma metoda analiza ierarhij». Svidetel'stvo o gosudarstvennoj registracii programm dlya EVM № 2020667542. Data registracii 24.12.2020. (In Russ).

19. V. A. Voevodin. Monte Carlo method for solving the problem of predicting the steadiness of the functioning of an automated control system in the conditions of massive computer attacks. Marchuk Scientific Readings-2021: Abstracts of the Intern. Conf., October 4–8, 2021; 75. Institute of Comput. mathematics and math. geophysics SB RAS. DOI 0.24412/CL-35064-2021-095.

20. Reliability and efficiency in technology. Handbook Volume No. 5. Design reliability analysis / ed. IN AND. Patrushev and A.I. Rembeza. Mashinostroenie. 1989; 376. (In Russ).