JUSTIFICATION OF RATIONAL PARAMETERS FOR PROTECTIVE STRUCTURES OF THE PARTIALLY PENETRABLE SCREEN TYPE DURING ENGINEERING PROTECTION OF CRITICAL INFRASTRUCTURE OBJECTS

Relevance. One of the key areas of russia's military operations against Ukraine is the destruction of critical infrastructure objects (CIO) of strategic importance. The main types of enemy means for air strikes on CIO are air-launched, ground-launched and water-launched missiles, as well as barrage munitions. The vast majority of the CIO were built in Ukraine above ground, without any engineering structural protection systems to counter air threats, explosions or other impacts related to military operations. The importance of developing the most effective methods of engineering structural protection of the CIO from various types of projectiles as soon as possible was demonstrated by the experience of Ukraine's war with russia, in particular, the analysis of the significant impact of damage to the CIO in the energy sector. At present, Ukraine has a certain lack of regulatory data for designing reliable protective structures for CIO. The aim of this work is to develop a regulatory base for making calculations for the possible impact of various types of forceful effects from air strikes, terrorist attacks, etc. when designing the CIO and other strategic facilities. Currently, the issue of organising the defence of critical infrastructure and other strategic objects is being systematically addressed on the basis of the "Country-Fortress" principle, which provides for the organisation of echeloned air defence combined with comprehensive civil and engineering defence measures. In addition, it is necessary to provide for the reliable protection of existing facilities, taking into account the hazards and threats of today. The process of reducing the risks of damage to the CIO involves identifying threats, their comprehensive assessment, developing measures to reduce threats and their prompt implementation, followed by an assessment of the measures effectiveness. Results. The presented methods of risk assessment of critical infrastructure damage, methods of their engineering and analytical calculations and methods of engineering structural protection against ammunition of various types allow developing an effective integrated system of protection of strategically important objects. The article deals with both the protection of existing facilities and the design of new ones, taking into account the requirements for engineering protection and civil defence.

The military aggression of the Russian Federation against Ukraine, through the use of the full range of enemy aerial attack means not only against military targets but also against critical infrastructure objects (hereinafter – CIOs) [1, 2] and other civilian facilities, has brought significant changes in the construction of protective and civil defense structures. The current regulatory documents [3] were developed under the assumption of a single nuclear explosion occurring at a considerable distance from the facility, which is why the design of building structures was carried out without taking into account other damaging factors [4]. The realities of the war have shown that the enemy’s use of high-precision weapons in the form of kamikaze unmanned aerial vehicles (hereinafter – UAVs) and various types of missiles requires the immediate development of unified approaches to the construction of modern, highly reliable protective and fortification structures. Today, Ukraine is actively implementing the “Fortress Country” concept, approved by a resolution of the Cabinet of Ministers of Ukraine. This concept envisions integrated protection of CIOs and other strategically important facilities, which includes the organization of layered air defense systems similar to those used in Israel, the United States, and other countries. This approach is combined with comprehensive civil and engineering protection measures, electronic warfare systems, the deployment of decoys, camouflage, the shift from large strategic facilities to smaller, dispersed ones, as well as the transition to natural energy sources. Altogether, these measures are expected to significantly increase the country’s resilience to external threats during martial law. Ukraine must develop a regulatory framework ensuring that, when designing fortification and engineering protection structures for CIOs and other critical objects, new threats from enemy aerial attacks are duly considered.

The article analyzes the existing legal mechanisms for managing critical information infrastructure in Ukraine. The instruments for their improvement are proposing in this article. An important component of critical infrastructure is its information component – a critical information infrastructure. The sphere of protection of critical information infrastructure in Ukraine is at the initial stage of formation. The current legislation defines only certain objects of socio-economic sphere, in which extraordinary events can lead to socially dangerous consequences. In view of the fact, that the term “critical information infrastructure” does not having a consistent interpretation in different countries, we propose our opinion. “Critical information infrastructure is a system of information management of critical facilities and information and communication networks that provide defense capabilities and security of public and private institutions, whose operation may flow to the national security of Ukraine” (KII). In the KII we can identified information and network components. Information environment of KII is a system for information management of critical objects, including computing and information resources that form automated control systems (ACS). The network component of KII consists of a set of telecommunication devices, communication lines and network equipment, systems of open protocols for the exchange of information between elecommunication devices, global system of digital addresses and digital identifiers, software. The Internet network can be considered as a technological add-on over a telecommunication network that provides the provision of data transmission and processing services (e-mail, teleconferencing, file transfer, access to computing and information systems in local area networks). The main threat to the safety of ACS of critical information infrastructure objects is targeted actions on information systems, information and telecommunication networks by software and hardware. KII legal security include two main components – national and international. The national component may be forming by a set of principles, legal institutions and norms, which are enshrined in the national legislation regulating public relations in Ukraine in the area of counteracting the security threats of the ACS of critical objects. In order to protect the most important objects of KII, it is necessary to identify these objects. The current legislation defines such categories of objects, for which special conditions for ensuring their protection and functioning are established. Some of them, in whole or in part, may be classifying as objects of critical infrastructure. The specificity of providing information security was reflecting in such Ukraine laws like “On the Fundamentals of National Security of Ukraine”, “On the Concept of the National Program of Informatization”, “On the National Program of Informatization”. As well as the Concept of Development of the Security and Defense Sector of Ukraine, the National Security Strategy of Ukraine, the Strategy of Cybersecurity Of Ukraine. The National Security Strategy identifies actual threats to national security and sets priorities for information security, cyber security and security of information resources and critical infrastructure. At the same time, the implementation of the state policy in the field of security of KII requires the further development of legal principles and norms governing the relevant social relations, that is, the national component of the legal security of KII. Ukraine should ensure the establishment of a nationwide system for assessing risks and threats to critical infrastructure, and after the legislative definition of the main terms, the implementation of the Identification of Critical Information Infrastructure objects. Identification of objects of critical information infrastructure can be accomplishing by introducing the certification of objects of critical information infrastructure. Such passports must contain general data about the facility, data on the main sources of danger, data on hazardous natural conditions, technological processes and response to threats. The international component of the legal security of KII provides for the regulation of a set of principles and norms defined by international treaties and recognized by the state, regulating issues of international cooperation in this area. Ukraine has signed the Convention on Cybercrime together with the member states of the Council of Europe and other States. It is aiming at stopping actions against the confidentiality, integrity and availability of computer systems, networks and computer data, as well as abusing such systems, networks and data by installing the criminal responsibility for such behavior, the provision of powers sufficient to combat criminal offenses, and the conclusion of agreements on rapid and reliable international cooperation. In addition, the plan of measures for 2017 on implementation of the Cybersecurity Strategy of Ukraine provides for the implementation of Directive 2008/114/EC on the protection of critical infrastructure, in particular on cybersecurity and cyber defense of critical infrastructure objects. Development of the system of international information security, the following main groups of international relations that requirenormative legal regulation within the framework of the legal security of KII: definition of the boundaries of the national KII in the global information and communication infrastructure and fixing signs of computer incidents in the control system of critical objects information infrastructure. The absence of generally recognized borders of state sovereignty of States in this space is a significant obstacle to the application of international law to the actions of other states. In particular, this impedes the establishment of limits of responsibility of states for violating the security of the KII and organizing international cooperation in the field of countering computer crime. The urgency of the legislative consolidation of signs of computer incidents in the automated control system of critical information infrastructure objects suggests the widespread use of the concept of “incident” in international law. An incident in cyberspace usually associated with a violation of the functioning of the components of cyberspace – an electronic collection environment and automated processing of information that determines the processes of the implementation of these operations, as well as information systems and automated control systems. The essence of the general definition of the “international incident” in the field of KII will be determining, firstly, by the nature of international relations between states that are violating by the “incident”. This event may be the result of unforeseen actions of the state, including actions that harm the interests of public bodies of one or more states, or, conversely, be one of many intentional but minor provocations carried out by agents of one state against another state. Given that international relations in the field of incidents in the field of KII are not regulating by international treaties, the main and, in fact, the only source of international law in this case serves as an international custom, however, its application to the sphere of KII is accompanying by considerable difficulties. For Ukraine, it is possible to introduce the positive experience of other states in the security of the KII. In particular, the problem of security of information technologies has been enshrined in the international standard ISO / IEC 15408 “General criteria for assessing the safety of information technology”.

Modern technologies used in hybrid warfare allow the enemy to perform large-scale attacks on critical infrastructure (e.g., transport, energy, industrial enterprises, etc.), which affects the country's economy. The use of unmanned aerial vehicles (UAVs) by the enemy in the form of swarms of strike drones has significantly increased the risk of damage to critical infrastructure objects (CIOs), which degrade over time and have dangerous vulnerabilities. Therefore, modeling defensive measures to protect CIOs from massive enemy air attacks is important. The subject of this study is the creation of mathematical and simulation models for planning preventive measures in CIO defense. This research aims to create a set of models that can be used to analyze and identify threatening vulnerabilities of critical infrastructure objects triggered by wave attacks of enemy strike drones and to plan appropriate preventive defensive actions under limited capabilities. The tasks to be solved are as follows: conduct a systematic analysis of the sequence of actions for planning CIO defense; identify the most threatening vulnerabilities of CIOs that could be attacked by the enemy; make a rational distribution of defense capabilities to protect CIO, taking into account the enemy’s capabilities to create strike capabilities using combat drones; and develop a multi-agent simulation model to analyze possible CIO damage from massive attacks by strike drones. Mathematical methods and models used: system analysis of preventive measures for CIO defense; qualitative assessment of CIO indicators to identify threatening vulnerabilities; lexicographic ordering of options to identify a set of relevant CIOs that need to be defended; integer (Boolean) optimization for the rational distribution of limited defense capabilities across locations of threatening CIO vulnerabilities; multi-agent simulation modeling of enemy wave drone attacks to analyze CIO damage. The following results were achieved: a logical sequence of preventive measures for CIO defense has been formed; a set of threatening vulnerabilities in CIO has been identified; the strike potential and capabilities of the enemy in terms of CIO vulnerability have been analyzed; the necessary defense potential for protecting CIO has been formed; various scenarios of strike drone attacks and possible CIO damage have been modeled; and a rational distribution of anti-drone means has been carried out to reduce the risks of CIO damage. Conclusions: the proposed set of models allows us to justify the logical sequence of preventive measures to defend CIOs against massive wave attacks by enemy strike drones. This will ensure the effective use of existing anti-drone defense measures against enemy attacks, even under conditions of limited capabilities. The scientific novelty of the proposed approach lies in the justification of protective measures for critical infrastructure against massive wave attacks by enemy strike drones based on a set of original and new mathematical and simulation models.

The work defines the objects of the state's critical infrastructure, their relationship with strategic and other dangerous objects and productions. It should be noted that today Ukraine, as a state that defends its independence in the war, faces many different tasks, one of which is the protection of critical infrastructure objects from military-terrorist influence, the solution of which not only saves the lives of civilians, but also ensures the defense of sovereignty, territorial integrity and independent existence of the state. The solution of this task is carried out both in wartime and in peacetime. The problem is to determine the objects of the state's critical infrastructure, in their correlation with strategic and other dangerous objects and productions, which in practice allows determining the priority of their protection in terms of the involvement of technical and material means. Based on the above, the purpose of this article is to determine the relationship between the terms critical infrastructure object, potentially dangerous object, dangerous production object and strategic object, from the standpoint of ensuring their security and countering terrorist threats. The concept of state infrastructure and the process of formation of the term critical infrastructure of the state are considered. The characteristics of the objects of strategic purpose are given. The meaning of the concepts of potentially dangerous, dangerous industrial and critically important objects is analyzed. It is proved that based on the assessment of the constituent parts of the state's critical infrastructure, the concepts of a potentially dangerous object, an object of hazardous production, a critically important object and a strategic object can be considered identical in relation to nuclear objects. Prolonging the reasoning in this way, it is possible to confirm the validity of this identity in relation to other objects of critical infrastructure, for example, hydro and thermal power, petrochemicals and others. Keywords: critical infrastructure object, nuclear object, terror, dangerous object, protection, concept.

In today's world, where the number and complexity of cyber threats, especially those targeting strategic state assets, are growing rapidly, there is an urgent need to develop effective, flexible, and adaptive mechanisms for assessing the current level of cyber security. In view of this need, an analysis of existing approaches to assessing the level of cyber security was conducted. Among them are models based on maturity, risk, and compliance. The results of the analysis showed that none of these approaches is completely universal or sufficient for a comprehensive assessment of critical information infrastructure objects in the context of the national legislative field. In particular, approaches based solely on compliance may not take into account real risks, while approaches based on maturity are often too subjective. To address these systemic shortcomings, a hybrid approach was proposed. This approach integrates the best features of previous models, combining the objectivity of compliance testing, the flexibility and process orientation of maturity assessment, and risk-based prioritization. Based on the hybrid approach, a method for calculating the level of cyber protection of critical information infrastructure objects was developed. A component of this method is the introduction of weighting coefficients for different criteria systems. To determine these weighting coefficients, which should ensure an objective reflection of expert knowledge, the hierarchy analysis method was chosen. The proposed method allows qualitative characteristics (e.g., binary “yes/no” answers) to be transformed into a single quantitative indicator. This indicator is calculated in a standardized range from 0 to 1, which facilitates comparison and monitoring. The resulting numerical value is further interpreted on a five-level maturity scale (from “Initial” to “Optimized”), which provides a clear idea of the steps needed for improvement. Thus, the developed method is hierarchical, multi-criteria, and adaptable to current Ukrainian legislation in the field of cyber protection and cyber security. In further research, it is planned to conduct an experimental study and verify the method on three critical infrastructure objects in the fuel and energy sector, as well as to compare the results obtained using the author's software and two other tools.

The paper outlines the basic principles and assumptions used to assess the criticality of critical infrastructure object (CIO) and critical information infrastructure objects (CIIO). Methods for assigning critical information infrastructure objects to the criticality levels are described. The sequence of carrying out the criticality assessment of CIOs is provided. The recommendations concerning evolving regulation in the field of critical information infrastructure objects protection are given. According to the results of the research, several drafts of the Ukrainian state-level normative documents were developed such as “Classification of critical information infrastructure objects by severity (criticality)” and “Criteria and procedure for assigning critical information infrastructure objects to one of the significance (criticality)”. The implementation of the developed documents is an important step in the construction of the Ukrainian state system of protection of critical information infrastructure.

Обґрунтовано актуальність проблеми протипожежного захисту об'єктів критичної інфраструктури держави, до яких віднесено об'єкти, системи, мережі або їх елементи, порушення функціонування або руйнування яких призводить до найсерйозніших наслідків для соціальної та економічної сфери держави, негативно вплине на рівень її обороноздатності та національної безпеки. Аналізуючи статистичні дані, визначено особливу вразливість об'єктів критичної інфраструктури з пожежною навантагою із деревини, паперу, тканини, очерету та інших целюлозовмісних матеріалів. Визначено, що на об'єктах, матеріали пожежної навантаги яких здатні займатись навіть від малокалорійних джерел займання, потрібно створювати системи протипожежного захисту, що забезпечують запобігання та ліквідацію пожежі на початковій стадії її розвитку. Системи протипожежного захисту об'єктів критичної інфраструктури мають об'єднувати заходи і засоби як активного, так і пасивного протипожежного захисту. Активний захист визначається застосуванням речовин, техніки, засобів, що придатні в будь-який час бути мобілізованими для гасіння пожежі, а пасивний захист визначається застосуванням заходів вогнезахисту, що виконані заздалегідь і не потребують додаткової мобілізації під час гасіння пожежі. Обґрунтовано перспективність використання водних вогнебіозахисних і водних вогнегасних речовин для створення систем протипожежного захисту об'єктів критичної інфраструктури. Доведено ефективність реалізації запропонованої системи методом Гретенера.

A special legislation on criminal liability for offences against critical infrastructure objects is currently under development in Ukraine. The Cabinet of Ministers of Ukraine adopted the Concept for the development of a state system for critical infrastructure protection. The paper considers this legal area with regard to objects in the nuclear industry in the general context of critical infrastructure protection. It provides the current state in the legal regulation of fundamentals of criminal liability for offences against the critical infrastructure objects in the nuclear industry. The issue on the sufficiency and appropriateness of the existing level of such a liability is discussed further. The paper presents the list of some main critical infrastructure objects in accordance with the regulatory documents in the sphere of critical infrastructure protection and their classification. In addition, such concepts as “critical infrastructure” (relatively new notion in the national legislation), “unlawful intrusion”, “computer crimes”, “critical information infrastructure” and other concepts important to the nuclear industry were considered in this research. The notions presented in different regulatory documents were analyzed. The paper emphasizes that the legislation of Ukraine does not currently present special (separate) standards on the criminal liability for offences against critical infrastructure objects. Some promising issues related to fundamentals of the criminal liability and protection of critical infrastructure objects in the nuclear industry were also considered. The research involves the prospect of further development of a special law to define the area for improving relevant legislation on general regulation of these issues. The paper also stresses on the need to introduce some changes to the Criminal Code of Ukraine with respect to certain articles of section XIV.

The article presents the outcomes of an analysis on the stress-strain conditions of reinforced concrete structures subjected to an explosive shock wave resulting from the detonation of a combat unit from a kamikaze drone against a protective screen. When designing protective structures for critical infrastructure, employing computer simulation enables an assessment of the genuine impact of explosive loading on the structural elements' strength. The active phase of explosive loading is exceptionally brief, lasting only a fraction of a second. Under such circumstances, modeling is best performed using explicit methods of direct integration in time. The structure considered in this work is a reinforced concrete slab supported by a metal beam cage with I-beam cross-sections, topped with a sand backfill. The study was executed within the SIMULIA Abaqus software suite, incorporating models depicting nonlinear material behavior in a three-dimensional context. Discretely positioned reinforcement was considered for reinforced concrete structures, and the "Concrete Damage Plasticity" model was applied for concrete, accounting for damage accumulation. The devised computational scheme for the shelter represents a section of the protective structure's roof under conditions of cyclic symmetry. The article elucidates the core principles of incorporating explosive loading according to algorithm CONWEP.The results demonstrate that during the detonation of a kamikaze drone, an explosive wave created a crater in the sand backfill, exposing the slab. The study illustrates the development of damage in the reinforced concrete slab at various time intervals. Despite the identified damage to the slab, the protective structure overall withstood the explosive load. The intensity of the explosive shock wave diminishes significantly as it propagates away from the explosion site.

The article examines the model of ensuring cyber security of Ukraine and documents the organizational and legal support for the protection of critical infrastructure objects from cyber attacks. The main concepts are described: multi-level data model, identification of cyber security, and critical infrastructure facilities. The levels of protection of critical infrastructure objects and measures at each level that ensure cyber security are highlighted and described. The stability of the critical infrastructure object is substantiated, and the formula for determining risks in critical infrastructure objects is described. The developed basic tuple model for the classification of critical information infrastructure objects by multi-level data models is highlighted. The prospects and risks of implementing multi-level data models in critical infrastructure facilities have been identified. It was concluded that multi-level data models are an important tool for ensuring cyber security in today's digital world and critical infrastructure enterprises in private. They allow for the effective protection of confidential information by isolating and controlling different levels of data access

Olena Afanasieva, Oleksii Basmanov, Serhii Novikov FORMATION OF THE CONCEPT OF CRITICAL INFRASTRUCTURE OBJECTS TAKING INTO ACCOUNT THE FEATURES OF POTENTIALLY DANGEROUS OBJECTS OF UKRAINE The paper identifies the main provisions of the methodological apparatus of civil protection in relation to the paradigm - the object of critical infrastructure, taking into account the characteristics of potentially dangerous objects and the regulatory framework of Ukraine. The nature of the origin of the paradigm "object of critical infrastructure" is considered. Global trends in the formation of the paradigm of "critical infrastructure object" in the context of solving problems of civil protection are identified. The existing domestic legislative basis for the formation of a modern type of paradigm "critical infrastructure object" in the context of solving problems of civil protection is analyzed. The latter made it possible to determine the following - to date, and in the European Union has formed a definition of critical infrastructure, which includes physical objects, resources, services and information technology, networks and other infrastructure assets, violation or destruction of which leads to serious consequences for the health, safety and economic well-being of citizens and to the disruption of the effective functioning of government. Ukraine has passed and is in force laws that to some extent provide for measures to prevent emergencies caused by accidents and catastrophes at protected potentially dangerous facilities, the consequences of which can lead to infection, disease and death. Therefore, as a definition of critical infrastructure in the work, it is proposed to identify a set of enterprises, networks, systems, failure or disruption of which can cause loss of management and cause serious damage at the national, regional or local level. It includes nuclear and hydroelectric power plants, chemical and petrochemical plants, metallurgical plants and many other state-owned enterprises and private strategic institutions, which are not only protected, but also have special organizational and technical systems of physical protection. At the next stage of the work, the authors plan to join the development of the State system of critical infrastructure protection, which should include: creation of a state system of critical infrastructure protection; to determine the state structure responsible for the coordination of activities for the protection of critical infrastructure; to form the basis of public-private partnership and resource provision in the field of critical infrastructure protection; to promote the development of international cooperation in the field of critical infrastructure protection. Key words: emergency situation, object of critical infrastructure, civil protection, normative-legal basis

Presented are the results of research studies with the attracting of the GIS and geophysical methods for solving the problems of monitoring of dangerous natural and man-made processes at the areas of the critical infrastructure objects location. The possible ways of the magnetic methods applied for the critical infrastructure objects monitoring were considered. The natural and man-made processes associated with the critical infrastructure were defined. Among them are the objects that can influence the changes in soils, atmospheric air composition, as well as near-surface geological horizons. The most important objects are the energy enterprises, chemical industry, transport network, and landslide areas. The "Rzhyshchev" section and the "Grebeni" site were used as testing objects of the landslide critical infrastructure. According to the results of processing of cosmoimages and measurements of lateral and vertical distributions of magnetic susceptibility of soils and near-surface geological horizons, the classification of territory risks has been carried out. The territory of the cliff on the slopes of the Dnieper is the most potentially dangerous. Anthropogenically impacted natural and man-made territory of the field road and private economy has received an average category of risks. The most risky part of the site are the elements of the landscape, which are located on the land with a minimum slope, the absence of anthropogenic loading, agricultural land and virgin land. Magnetic methods proved to be rapid, effective and low-cost technology for the study of natural and man-made processes associated with objects of critical infrastructure. The integration with other geophysical, soil science methods, and GIS technologies are required.

The article examines the methodological approach to increasing the safety and stability of critical infrastructure objects, which is an important element of ensuring Ukraine’s national security. In the conditions of modern terrorist threats, military operations, and technological progress, the need to develop effective approaches to the protection of such objects becomes especially relevant. The existing approaches for determining certain levels of guaranteed security for critical infrastructure (CI) objects are analyzed. Their assessment is provided and the shortcomings are identified. The use of a quantitative method for assessing the probability and consequences of risky events at CI facilities is proposed, which allows to increase the accuracy of assessments and the effectiveness of risk management. A mathematical model of cascading effects of various types in the event of danger risks for critical infrastructure objects has been developed, which allows obtaining probabilistic estimates of the development of events under defined scenarios. An algorithm for countermeasures with the appearance of appropriate threats for typical CI objects has been built. Proposals for emergency response measures have been developed, which can be successfully used to make informed decisions about increasing the safety and stability of critical infrastructure objects, for the development of strategic plans and long-term policies regarding the management of critical infrastructure. The proposed approach allows you to assess all threats and analyze possible scenarios of threat implementation, prioritize threats according to their degree of probability, model the likely consequences of threat implementation, taking into account various conditions and risk factors, identify vulnerabilities in the systems of CI objects, create strategies for responding to crisis situations.

The article is devoted to analyzing threats to Ukraine’s critical infrastructure. The relevance of the study is driven by the dangerous dynamics of threat levels that affect national security and the socio-economic stability of the state under martial law. A review of the scientific literature revealed that there is currently no unified approach to the classification and assessment of such threats. Therefore, the article aims to analyze existing classifications of threats to critical infrastructure and propose an original classification of their manifestations on critical infrastructure objects under martial law, considering both international and national experiences. During the research, several tasks were accomplished: the essence of the term «threat to critical infrastructure» was defined; an analysis of legal documents related to the protection of critical infrastructure was conducted; domestic and international experiences in threat classification were studied; principles underlying both domestic and foreign classifications were reviewed and their effectiveness was assessed; and an original classification of threats to critical infrastructure for Ukraine was developed. The results of the study revealed that there are various classifications of threats to critical infrastructure today. However, in our opinion, the most effective classification that meets modern challenges is one that considers all forms of their manifestations: physical assaults, cyberattacks, economic sabotage, terrorist actions, and assaults using climate weapons. This classification of threats to Ukraine’s critical infrastructure is developed based on international and domestic experience and is of great importance for enhancing national security, as its value lies in the systematization of theoretical knowledge and a deep analysis of modern threats facing the state. The main scientific value of the proposed classification lies in its ability to integrate different aspects of threats into a single classification that takes into account both internal and external factors. This allows for a more accurate risk assessment and the implementation of appropriate measures to protect national critical infrastructure objects.