Abstract

This article addresses the issue of information security in the Industrial Internet of Things (IIoT) environment. Information security risk assessment in the IIoT is complicated by several factors: the complexity and heterogeneity of the system, the dynamic nature of the system, the distributed network infrastructure, the lack of standards and guidelines, and the increased consequences of security breaches. Given these factors, information security risk assessment in the IIoT requires a comprehensive approach adapted to the peculiarities and requirements of a particular system and industry. It is necessary to use specialized risk assessment methods and to take into account the context and peculiarities of the system. The method of information security risk assessment in the IIoT, based on the mathematical apparatus of fuzzy set theory, is proposed. This paper analyzes information security threats for IIoT systems, from which the most significant criteria are selected. The rules, based on which decisions are made, are formulated in the form of logical formulas containing input parameters. Three fuzzy inference systems are used: one to estimate the probability of threat realization, another to estimate the probable damage, and a final one to estimate the information security risk for the IIoT system. Based on the proposed method, examples of calculating the information security risk assessment in the IIoT environment are provided. The proposed scientific approach can serve as a foundation for creating expert decision support systems for designing IIoT systems.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.