Model of the quantitative criterion calculation for security assessment of the information and telecommunications systems in the critical infrastructure of the state

Abstract

The subject of the article is methods and models for assessing the criticality of industry information and telecommunications systems (ITS). The purpose of this article is to analyze the existing methods and models of criticality assessment and use its results to propose a functional model for calculating the quantitative criterion for assessing the security of ITS. Results. Based on the known method of hierarchy analysis, a functional model for calculating the quantitative criterion for assessing ITS security is proposed, which, through the processing of expert assessments, allows to obtain a quantitative indicator of ITS security. This makes it possible to simplify the procedure for selecting experts, to avoid the specifics of processing expert data, as well as to assess ITS in a limited amount of statistics. Conclusions. The study showed that the developed model for calculating the quantitative criterion for assessing the security of ITS, using pairwise comparisons, allows experts to focus on the problem. In addition, the proposed model has a built-in quality criterion of the expert and allows to move from a qualitative assessment in the form of an ordered series of alphanumeric combinations, to a quantitative assessment in the form of the ratio of the basic security profile to the security profile defined by the expert.