Method of assessing the protection of computerbased control systems under information technology interference

Abstract

The aim of this paper is to develop models that would enable a standardized representation of the structure, functions of computer-based control systems (CBCS) and quantification of the risk (fault tolerance) of automated control systems and their primary components, i.e. CBCS, under information technology interference (ITI). The paper shows the relevance and importance of CBCS models and estimation of the risk of operation of automated process control systems (APCS) under various ITI (computer attacks). Intruder ITI under consideration includes hardware, firmware and software-based interference able of blocking communication channels, disrupting information availability and integrity, as well as targeted and lasting information technology interference with an automated system, namely with the use of malware. The structural and functional model of a computer-based control system as the primary component of a higher-level system (APCS) developed in this paper is composed of a set of diagrams and descriptions of functions. The structural and functional model includes the following: channel structure of the control system’s main cycle (reading, processing of data, recording of output values, as well as communication subsystem operations), structural and functional diagram of CBCS of various types depending on the availability and utilization of a communication channel within the structure of the control cycles, standard vulnerability certificate. The diagrams detail the standard functions, operating procedures and information interaction of CBCS modules with the environment via communication channels. The ITI-specific risk model of APCS and CBCS as its part is described by indicators that characterize the conditional harm and condition of the control system, in which it is able to recover its operability, or whether external intervention is required that would affect not only the control system itself, but the controlled process as well. The following indicators were examined: characteristic points and parameters of risk function based on the Weibull-Gnedenko distribution, statistical estimation of CBCS protection, risk function, dynamic estimation of the risk of successful implementation of ITI against CBCS. It is assumed that the values of the parameters required for the calculation of the risk parameters and CBCS protection were obtained: - empirically based on structural and parametric analysis of the design features, functional dynamics and vulnerabilities of CBCS - as part of testbed simulation of CBCS as computer network users under ITI - experimentally based on the frequency of successful ITI threats,and the protection indicators are also extrapolated to the whole CBCS lifecycle by means of a dynamic risk function-based correction using the Weibull-Gnedenko distribution. In the conclusion it is noted that the developed method of assessment of CBCS protection under ITI allows evaluating the risks of successful implementation by an intruder of malicious actions against CBCS and APCS in general, which predetermines the requirement for timely elimination of CBCS vulnerabilities and adoption of additional organizational and technical measures aimed at improving information security of automated control systems.