Безопасность информационных технологий (Jun 2024)
A formalized representation of the target function of the impact of malicious software on the operating environment of a special-purpose automated control system
Abstract
The article presents the main provisions of the theory of functional modeling in relation to solving an important and relevant problem for the methodology of information security managing – the development of mathematical models characterizing the dynamic capabilities of malware to implement destructive effects on critical information infrastructure objects. As a result of the analysis of the models that pose a threat to information security through the use of malicious codes, such as the "chain of cyber intrusions", the "unified chain of cyber intrusions", the basic and advanced models of Diamond intrusion analysis, the ATT&CK model, an up-to-date version of the functional model in the IDEF0 notation of the process of malware destructive impact on the operating environment of a special-purpose automated control system was built. The process of malware exposure is decomposed into individual stages, tactics, and techniques. The purpose of the research was to develop a variant of the malware impact on a special-purpose automated control system as a method of violating the state of information security and its processes of the system under consideration. The obtained results are a tool for the formalized presentation of the described processes in terms of the Markov processes and the development of analytical models, appropriate temporal and probabilistic characteristics for quantitative assessment of the intruder's ability to implement threats to the information security state in special-purpose automated control systems, through the malware impact.
Keywords
