Principles of mutual awareness in analysis  of functional and cybersecurity of information  and management systems on programmed  logic controllers

Oleksandr Ivasiuk; Vyacheslav Kharchenko

doi:10.32620/aktt.2025.2.10

Авіаційно-космічна техніка та технологія (Mar 2025)

Principles of mutual awareness in analysis of functional and cybersecurity of information and management systems on programmed logic controllers

Oleksandr Ivasiuk,
Vyacheslav Kharchenko

Affiliations

Oleksandr Ivasiuk: National Aerospace University "Kharkiv Aviation Institute", Kharkiv
Vyacheslav Kharchenko: National Aerospace University “Kharkiv Aviation Institute”, Kharkiv

DOI: https://doi.org/10.32620/aktt.2025.2.10
Journal volume & issue: Vol. 0, no. 2
pp. 108 – 119

Abstract

Read online

The subject of this paper is the properties of instrumental and control systems (ICS) in terms of functional safety (FS) and cybersecurity (CS). This paper investigates the FS and CS of ICS, which are based on digital programmable logic controllers (PLC) and performing the safety related functions. The goal is to develop elements of the methodology for analyzing the design basis by considering the results of the evaluation of the FS of PLC systems (PLC-based ICS) to optimize the costs of such analysis. Objectives: to analyze PLC systems as an object of FS and CS assessment; to formulate and prove the key ideas of the Safety Informed Security (SfISc) concept; to discuss examples and limits of applicability of the formulated statements. The following results are obtained. The principle of the three equivalences is proposed and a generalized structural scheme for its representation is constructed. Two basic theorems are described and proved to establish a relationship between the level of cybersecurity of a PLC, in the presence of information about its functional safety. Based on the first-proven theorems, a basic model of PLC states with a functional safety level of SIL-3 is built in the case of a single hardware failure and/or cyberattack. The existing ontological model SISMECA, which is based on the principle of Security Informed Safety (ScISf), is supplemented. A well-known cyberattack involving a PLC system with high safety level is analyzed. Based on the proposed concept, one of the most likely scenarios of a cyberattack on a PLC in the “online” is evaluated. Conclusions. For the first time, the concept of mutual awareness of the function and cybersecurity of ICS based on PLC - SfISc - is proposed. The theoretical postulates described in this paper make it possible to assess the cybersecurity of a PLC based on previously performed safety assessments. The SfISc principle can be used in the following practical cases: in the process of licensing a new or modernized functional safety ICS; in determining the level of compliance of existing systems that are important for safety with new cybersecurity requirements; and in developing the requirements for a safety-related ICS.

Published in Авіаційно-космічна техніка та технологія

ISSN: 1727-7337 (Print); 2663-2217 (Online)
Publisher: National Aerospace University «Kharkiv Aviation Institute»
Country of publisher: Ukraine
LCC subjects: Technology: Motor vehicles. Aeronautics. Astronautics
Website: http://nti.khai.edu/ojs/index.php/aktt/index

About the journal

Abstract

Keywords