On the issue of improving the security systems of critical facilities as objects of critical information infrastructure

Objective. The purpose of this article is to identify ways to improve the security systems (SS) of critical facilities (CF) that are subject to the regulation of legislation on critical information infrastructure (CII).

Method. The methods used were information protection and information security, analysis and generalization of individual provisions of regulatory documents on ensuring the information security of critical information infrastructure facilities, the results of research work on the subject of the study, presented in the Russian Science Citation Index, Russian State Library, and Federal Institute of Industrial Property. The general methodological basis is a systematic approach.

Result. A review of the requirements of regulatory and legal documents on ensuring the safety of the SS of CF, as objects of CII, has been conducted, which showed that an analysis of the established practice of ensuring their safety is necessary. A review of the methods of ensuring the safety of radio-channel SS present in the Russian market is carried out. Widely used radio channel security alarm systems (SAS) are considered. Contradictions have been revealed between certain provisions of regulatory legal documents on ensuring the safety of CII and the established practice of using radio-channel SS, which can be attributed to CII. Ways to improve the security system of critical information systems, which can be classified as insignificant critical information infrastructure objects, in particular radio channels alarm systems.

Conclusion. The conducted research allowed us to identify ways to improve the radio-channel SS of the CF, as objects of CII, in the field of ensuring their IS.

1. Stepanova E. Terrorism as a threat to critical infrastructure. Svobodnaja mysl' 2010; 4: 35-48 (In Russ.).

2. Lawrence Fennelly Effective Physical Security. 4th Edition. Butterworth-Heinemann. 2013:366

3. Kuzmina N.A. Fixing systems and recognition of unauthorized penetration in the protected zone as an element of effective safety of the transport infrastructure object. T-Comm. 2018;5:7-52. DOI: 10.24411/2072-8735-2018-10086 (In Russ.).

4. Volhonskij V.V., Krupnov A.G. Features of the development of the structure of threat detection tools for a protected object. Nauchno-tehnicheskij vestnik informacionnyh tehnologij, mehaniki i optiki. 2011; 4: 131-136 (In Russ.).

5. Bondarev P.V., Izmajlov A.V., Tolstoj A.I. Physical protection of nuclear facilities. Moscow: MIFI Publ., 2008: 584. (In Russ.).

6. Rudnev A.N., Rjazanov R.A. Analysis of wireless networks used in the performance of work with the radiation factor. T-Comm. 2011; 10: 81-82 (In Russ.).

7. Kostin V.N. Methods, models and methods of substantiation and development of physical protection systems for critical facilities: abstract of the dissertation of the Doctor of Technical Sciences. Orenburg: Orenburgskij gos. un-t, 2021:38. (In Russ.).

8. Federal Law No. 187-FZ dated 26.07.2017 «On the Security of the Critical Information Infrastructure of the Russian Federation» (In Russ).

9. Ministry of Industry and Trade has approved lists of typical CII facilities in metallurgy, mining and defense industry. URL: https://ru-bezh.ru/zakonodatelstvo-i-normativyi/news/24/01/29/minpromtorg-utverdilperechni-tipovyh-obektov-kii-v-metallurgii (date of access: 25.01.2024). (In Russ.)

10. Decree of the Government of the Russian Federation dated 08.02.2018 No. 127 «On Approval of the Rules for Categorizing objects of critical Information Infrastructure of the Russian Federation, as well as a list of indicators of criteria for the significance of objects of critical information infrastructure of the Russian Federation and their values» (In Russ.)

11. Decree of the President of the Russian Federation dated 01.05.2022 No. 250 «On additional measures to ensure information security of the Russian Federation» (In Russ.)

12. FSTEC RF Order No. 239 dated 25.12.2017 «On Approval of Requirements for Ensuring the Security of Significantobjects of the Critical information Infrastructure of the Russian Federation» (In Russ.)

13. Order of the FSB of Russia dated 19.06.2019 No. 282 «On Approval of the Procedure for Informing the FSB of Russia about Computer Incidents, Responding to Them, and Taking Measures to Eliminate the consequences of computer attacks carried out against Significant objects of the Critical Information Infrastructure of the Russian Federation» (In Russ.)

14. Gavrishev A.A., Zhuk A.P., Osipov D.L. Analysis of protection technologies radio fire alarm systems against unauthorized access. SPIIRAS Proceedings. 2016;I(4): 28-45. DOI: 10.15622/sp.47.2 (In Russ.).

15. Braude-Zolotarev Yu. Safety radio’s algorithms. Algoritm bezopasnosti . Safety algorithm. 2013;1:64-66 (In Russ.).

16. Mal'cev G.N., Matveev S.A. Investigation of the security of the command radio control system of a mobile object using the Markov model of overcoming a multi-level information protection system by an intruder. Trudy Voenno-kosmicheskoj akademii imeni A.F. Mozhajskogo. 2021;677:153-163. (In Russ.).

17. Chlenov A.N., Ryabtsev N.A., Fedin A.N. Analysis of methods of neutralizing alarm protection systems categorized objects. Technology of technosphere safety. 2017; 3: 271-279 (In Russ.).

18. Gavrishev A.A. Analytical Review of Publications Covering the Theme of «Improving the Protection of Wireless Security Systems». Vestnik NSU. Series: Information Technologies. 2017; 1: 5-14. (In Russ.).

19. Recommendations «Application of equipment for radio channel notification transmission systems» R 78.36.048. Mosсow: NIC «Ohrana» Publ., 2015;182. (In Russ.)

20. The list of technical security equipment that meets the «Uniform requirements for notification transmission systems, object technical security equipment and alarm anti-theft devices of motor vehicles intended for use in non-departmental security units of the National Guard of the Russian Federation». URL: http://nicohrana.ru/237-spisok-tehnicheskih-sredstv-bezopasnosti.html (date of access: 01.02.2024). (In Russ.)

21. Product catalog of NPK «Daedalus». URL: https://www.dedal.ru/include/catalog.pdf (date of access: 01.02.2024). (In Russ.)

22. https://www.tinko.ru/catalog/download.php?file=185600B0DE45090CA6F364035140DDED.pdf&prodid= 1798 (date of access: 01.02.2024) Implementation of the requirements of SP484.1311500.2020 (hereinafter SP484) in Astra Pro series devices. (In Russ.)

23. Gavrishev A.A. The use of broadband methods of organizing radio communication DSSS, FHSS and OFDM in radio channel of fire alarm systems present on the market. Civil Defense on guard of peace and security. Proceedings of the V International Scientific and Practical Conference dedicated to the World Civil Defense Day. Vol. III. Moscow: Academy of the SFS of the Ministry of Emergency Situations of Russia, 2021; 24-27. (In Russ.).

24. Decree of the Government of the Russian Federation dated 16.04.2012 No. 313 «On Approval of the Regulations on Licensing Activities for the Development, Production, Distribution of Encryption (cryptographic) tools, information systems and Telecommunications Systems Protected using encryption (cryptographic) tools, performance of works, provision of services in the field of information encryption, maintenance of encryption (cryptographic) tools, information systems and telecommunication systems protected using encryption (cryptographic) means (except in the case of, if the maintenance of encryption (cryptographic) means, information systems and telecommunication systems protected using encryption (cryptographic) means is carried out to meet the own needs of a legal entity or an individual entrepreneur)». (In Russ.)

25. Vasilev V.I., Sharabyrov I.V. Intelligent intrusion detection system in local wireless networks. Vestnik UGATU. 2015; 4: 95-105 (In Russ.).

26. Lesnyak D.A., Matveev S.A. Modeling of the complex of information protection means of radio channels with temporary colored Petri nets. SPbNTORES. 2020;1:127-130 (In Russ.).