Development of a multi-loop security system of information interactions in socio-cyberphysical systems

Abstract

The object of the study is a multi-loop security system of information interactions in socio-cyberphysical systems. The dynamic nature of physical environments inherently challenges the ability of socio-cyber-physical systems to perform adequate control actions for physical assets in many contexts. However, adaptation and evolution actions must be evaluated before implementation in the control system to ensure fault tolerance while minimizing risks. Therefore, the design of socio-cyber-physical systems must ensure not only reliable autonomy, but also operational fault tolerance and safety. The proposed approach is based on the integration of targeted (mixed) threats based on the synthesis of technical cyber threats with social engineering methods. This approach allows forming a dynamic security model based on the analysis of the interaction of various agents in socio-cyberphysical systems, which makes it possible to increase the level of counteraction to targeted (mixed) cyber threats. The results of modeling are based on the proposed classification of threats using social engineering methods, which allows cyberattackers to ensure the probability of implementing targeted threats up to 95–98 %. The proposed classification of threats based on social engineering methods will allow forming an additional parameter for the objectivity of target threats, taking into account their integration and synergy. At the same time, the presented model will make it possible to timely provide knowledge about the possibility of implementing a targeted attack and timely take preventive countermeasures. This approach will improve the set of protection measures, as well as promptly create an increase in the level of resistance of the company's personnel (organization, enterprise, etc.) to threats of social engineering