Principles of organization of information protection in automated system for aircraft flight data preparation

2020 ◽  
Author(s):  
A.G. Andreev ◽  
V.N. Zakharov ◽  
G.V. Kazakov ◽  
V.V. Koryanov
Keyword(s):  
Information Security ◽  
Automated System ◽  
General Nature ◽  
First Principle ◽  
Information Protection ◽  
Data Preparation ◽  
Basic Principles ◽  
Flight Data ◽  
Aircraft Flight ◽  
Number Of Publications

When designing automated systems for aircraft flight data preparation, many practical problems are solved by introducing either insufficient protection means or their redundancy. Both situations create information security vulnerability. On the basis of a number of publications analysis it is concluded that the basics of information security theory are reduced to the formulation of the main axioms, with the implication that there is currently no complete theory of information security of computer systems. As a result there are many issues, including issues of general nature, requiring some elaboration. The article considers a set of issues related to ensuring information security of the automated system for aircraft flight data preparation. The nature of two basic principles of information protection organization in this system is unraveled. The first principle requires consideration of all aspects related to the problem of ensuring information security of the system, and the second ― optimal control of means of information protection of the automated system of aircraft flight data preparation.

scholarly journals Principles of design and development of automated system for aircraft flight data preparation

2019 ◽  
Author(s):  
A.G. Andreev ◽  
G.V. Kazakov ◽  
V.V. Koryanov
Keyword(s):  
Systems Approach ◽  
System Development ◽  
Automated System ◽  
Data Preparation ◽  
Design And Development ◽  
Flight Data ◽  
Aircraft Flight ◽  
Principles Of Design ◽  
Software Information

The problem of the quality of automated systems can be solved both from a common standpoint and from the standpoint of ensuring the quality of individual system components (software, information security tools, etc.). However, this leaves a number of particular questions due to the characteristics of a specific automated system. The occurrence of errors in the automated system for the preparation of aircraft flight data can lead to irreparable losses, the most damage is caused by design errors and incorrect general solutions implemented at the stage of system development. This necessitated the identification of specific principles of system design and development. The developed principles of designing an automated system consist, firstly, in determining its reference result, secondly, in identifying the main types of data and ensuring controlling their syntactic and semantic correctness, and, thirdly, in correct defining the boundaries of the system. The theoretical basis for the principles of the development of an automated system is the provisions of the systems approach, in particular, the new application of the system stratification tool. A typical automated data preparation system is considered as an example. It is shown that the use of the proposed principles allows avoiding or minimizing design errors and miscalculations and bringing the system representation stratification to a level that allows obtaining the necessary initial data and evaluating the quality indicators of the output data

Method for assessing the reliability of the output data prepared by automated system for aircraft flight data preparation

2019 ◽  
Author(s):  
A.G. Andreev ◽  
G.V. Kazakov ◽  
V.V. Koryanov
Keyword(s):  
Reliability Index ◽  
Process Model ◽  
Automated System ◽  
Control Procedure ◽  
Preparation Process ◽  
Data Preparation ◽  
Data Reliability ◽  
Flight Data ◽  
Aircraft Flight ◽  
Serial Connection

Methods for solving the problem of ensuring the reliability of information have been considered in the works of many domestic and foreign scientists. Nevertheless, when performing some tasks of automation of the activity of the personnel of the governing bodies, it may be difficult to calculate the required value of data reliability due to the complexity of the algorithms for calculating the confidence indicator and difficulties in obtaining adequate input data. A new method for assessing the reliability of aircraft flight data is considered on the basis of the special representation of the data preparing process as a serial connection of technological sections in time and calculating the reliability indicators for each element of the technological section and the technological section as a whole. The structure of a typical technological section includes a documentalist, an operator, hardware, software and a procedure for correcting erroneous data detected by the control procedure. The use of such a process model allows obtaining a simple recurrent algorithm for estimating the data reliability index for any technological section using the reliability index values for the previous technology sections. Having determined the probabilities of data distortion and the time of operation performing by elements of the technological section, it is possible to calculate the values of similar indicators for each elementary data preparation process and the system as a whole. An elementary data preparation process, the essence of which is to update the system database is considered as an example. This stage is the most representative one, since all elements of the technological section are involved in its implementation

scholarly journals AUTOMATED SYSTEM FOR ESTIMATION-EFFICIENCYSOFTWARE MEANS OF IN-FORMATION PROTECTION

2019 ◽  
Vol 2019 (2) ◽  
pp. 25-32
Author(s):  
Алексей Горлов ◽  
Aleksey Gorlov ◽  
Михаил Рытов ◽  
Mikhail Rytov ◽  
Дмитрий Лысов ◽  
...  
Keyword(s):  
Information Security ◽  
Automated System ◽  
Security Threats ◽  
Information Protection ◽  
Technical Documentation ◽  
Confidential Information ◽  
Hardware System ◽  
Material Costs ◽  
Software And Hardware

This article discusses the process of automating the assessment of the effectiveness of software and hardware information protection by creating an automated system. The main functions of the proposed system are: conducting an audit of information security, forming a model of information security threats, forming recommendations for creating a software and hardware system for protecting information, and creating organizational-technical documentation. The developed automated system for evaluating the effectiveness of software and hardware protection of information allows in an automated way to build a model of information security threats, to form organizational and technical documentation governing the protection of confidential information, and also to make recommendations for improving the software and hardware system for protecting information. The use of this system will significantly reduce the time and material costs of auditing information security and developing additional measures to protect information.

scholarly journals Rationing requirements to the characteristics of software tools to protect information

2019 ◽  
Vol 80 (4) ◽  
pp. 96-110
Author(s):  
A. V. Skrypnikov ◽  
V. A. Khvostov ◽  
E. V. Chernyshova ◽  
V. V. Samtsov ◽  
M. A. Abasov
Keyword(s):  
Information Security ◽  
Information Structure ◽  
Optimization Methods ◽  
Automated System ◽  
Modern Theory ◽  
Information Protection ◽  
Functional Requirements ◽  
Classification Approach ◽  
Normative Approach ◽  
The Impact

The article is devoted to the solution of the scientific problem of the development of theoretical foundations and technology of substantiation of quantitative requirements (rules) for software information security (PSI). The basis of the modern theory of information security is a classification approach. When using the classification approach, the requirements for PSSS are defined as a set of functional requirements necessary for implementation for a certain class of security. At the same time, the concept of "effectiveness of information protection" is not considered. The contradiction between the qualitative classification approach in the formation of requirements for PSI and the need to use their quantitative characteristics in the development of automated systems (as) in protected execution required the development of a new normative approach to substantiate the requirements for information protection. Normative approach based on the systematic consideration of problems in which the analysis of interaction of elements as each other and the influence of PSSI on the AU in General and the analysis of the goals of security of information (BI). The information structure of the system is constructed on the basis of the analysis of the AU topology, internal and external relations and information flows. At the same time, the normative method considers the full set of BI threats. BI threats are stochastic, multi-stage and multi-variant. In turn, the NSCI in implementing protection functions neutralizes BI threats with some probability (there are residual risks) and length in time. The presence of a variety of BI threats, characterized by different time of implementation, probabilistic characteristics of overcoming PSI and destructive capabilities, require the finding of BI norms by optimization methods, based on the requirements of minimizing the impact on the efficiency of the automated system.

scholarly journals Assessment of the efficiency of aircraft control data preparation by the method of technological sites

2019 ◽  
Author(s):  
A.G. Andreev ◽  
G.V. Kazakov
Keyword(s):  
Preparation Process ◽  
Data Preparation ◽  
Network Graph ◽  
New Approach ◽  
Flight Data ◽  
Aircraft Flight ◽  
Data Distortion ◽  
Data Volume ◽  
Typical Site

Nowadays methods for solving the problem of estimating the temporal characteristics of data processing are well studied and based on the timing performed operations, the use of the network graph, the construction of the spanning tree, etc. However, in solving some problems of automating controls, there may be difficulties associated with modeling the information processing and obtaining adequate input data for calculating the indicator of the timeliness of the system function implementation. The article considers general issues of assessing the properties determining the quality of aircraft flight data, its feasibility and timeliness. A new approach associated with the model "the presence of exactly one error in the generated data volume" is proposed for assessing the feasibility of aircraft flight data. This model is applicable only in the case when the control of feasibility is carried out for the entire set of necessary data. For timeliness index assessment, it is proposed to present the structure of the automated data preparation system in the form of a sequence of technological sites. Having determined the execution time of functional tasks by elements of a typical site and probabilities of data distortion, it is possible to calculate similar indicators for each elementary process included in the data preparation process and the system as a whole. An elementary data preparation process, the essence of which is to update the system database is considered as an example. This stage is the most representative, since all elements of the technological site are involved in its implementation.

scholarly journals AUTOMATION OF PROCESS AN ASSESSMENT EFFICIENCY OF COMPLEX SYSTEMS OF INFORMATION SECURITY OF THE INDUSTRIAL ENTERPRISES IN CASE WITH SIMULTANEOUS IMPLEMENTATION OF THREATS

2016 ◽  
Vol 2016 (4) ◽  
pp. 199-206 ◽  
Author(s):  
Алексей Горлов ◽  
Aleksey Gorlov ◽  
Михаил Рытов ◽  
Mikhail Rytov ◽  
Дмитрий Лысов ◽  
...  
Keyword(s):  
Complex System ◽  
Information Security ◽  
Complex Systems ◽  
Assessment Process ◽  
Automated System ◽  
Security Level ◽  
Information Protection ◽  
Industrial Enterprises ◽  
Information Object ◽  
Effi Ciency

This paper reports the automation of an effi-ciency assessment process for complex systems of information security by means of an automated system formation the basic functions of which are: carrying out of information security (IS) audit, model formation of IS threats, recommendations for the formation of information security systems, a set of organization-regulatory documentation. For the solution of a problem in the efficiency assessment of confidential information protection there is developed a simulator and a universal criterion taking into account a probability of the realization and combating threats and allowing the estimation of the complex system efficiency for information protection in dynamics of processes occurred. The approach offered to the assessment of an information security level of an information object allows reducing considerably material and time costs for carrying out information security audit and also increasing the design solutions quality at the creation and introduction of complex system of information protection.

scholarly journals Method of evaluating indicator of the quality of development and commissioning the automated system for preparing aircraft flight data

2020 ◽  
Author(s):  
A.G. Andreev ◽  
G.V. Kazakov ◽  
V.V. Koryanov ◽  
N.N. Kotyashev
Keyword(s):  
Methodological Approach ◽  
Automated System ◽  
Analysis Method ◽  
Factors Affecting ◽  
Flight Data ◽  
Aircraft Flight ◽  
Hierarchy Analysis ◽  
Main Factors ◽  
Mathematical Processing

The quality of development and commissioning the automated system for preparing aircraft flight data (ASPD) depends on many factors, among which it is necessary to identify and justify those most significantly affecting quality of the system being commissioned. The practice of designing an ASPD has shown that the quality assessment based on its characteristics is nothing more than a consequence. This situation is due to the presence of deeper factors that will only appear during the operation of the system. To eliminate this situation, the problem is formulated as a task of determining the factors affecting the quality of development and commissioning the system, based on the data obtained by mathematical processing of expert estimates of each factor significance. To solve this problem, it is proposed to use the hierarchy analysis method. Developed on its basis the methodological approach makes it possible: – to identify the main factors significantly affecting the quality of the ASPD being commissioned, and to propose qualitative scales for assessing the degree of feasibility of each generic criterion; – to formalize a multi-criteria indicator of the degree of the ASPD quality compliance with the requirements of generic criteria and obtain its dependence on the levels of development and commissioning the system; – to justify the requirements for ASPD operational suitability, perform its evaluation, as well as determine the necessary measures for implementing the specified requirements on operational and technical characteristics of the ASPD.

REGULATORY AND LEGAL SUPPORT OF INFORMATION SECURITY IN UKRAINE

2017 ◽  
Author(s):  
Oleksandr Malashko ◽  
◽  
Serhii Yesimov ◽  
Keyword(s):  
European Union ◽  
Information Security ◽  
National Security ◽  
Legal Regulation ◽  
The European Union ◽  
Basic Principles ◽  
Association Agreement ◽  
Legal Information ◽  
Current Information ◽  
Initial Stage

The article examines trends in the development of legal regulation of information security in Ukraine in the context of the implementation of the Association Agreement between Ukraine and the European Union. The current information legislation and regulations on information security are analyzed. The tendencies in the legal regulation of information security that took place at the initial stage of the formation of information legislation are revealed. Based on the factors that took place before the adoption of the Doctrine of information security of Ukraine, the laws of Ukraine “On the basic principles of ensuring the cybersecurity of Ukraine”, “On the national security of Ukraine”, in the context of the current legislation, based on the methodology of legal forecasting, it is concluded that in the future the development of normative legal information security will be developed on the basis of by-laws, mainly at the departmental level.

IRISK METHOD FOR SECURITY ESTIMATION OF THE SIMULATION POLYGON FOR THE PROTECTION OF CRITICAL INFORMATION RESOURCES

2019 ◽  
Author(s):  
Bogdan Korniyenko ◽  
Lilia Galata
Keyword(s):  
Risk Assessment ◽  
Information System ◽  
Information Security ◽  
Risk Analysis ◽  
Information Resources ◽  
Security System ◽  
Assessment System ◽  
Automated System ◽  
Information Risk ◽  
Critical Information

In this article, the research of information system protection by ana­ ly­ zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni­ ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter­ mi­ nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula­ tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili­ ty  — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul­ nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

Sign in / Sign up

Export Citation Format

Share Document