Multilevel data model for requirements providing identification accordingly to regulatory support for civil aviation cybersecurity

Abstract

Critical infrastructure protection is one of the priorities for states. Particularly acute issue appears to states implementing new information and communication technologies in all critical areas. These technologies, among other things, generate a number of new vulnerabilities and potential cyberthreats. In the civil aviation criticality level substantially reinforced by communication and interaction between ground and aircraft systems. Well-known model of cybersecurity requirements in civil aviation allows to formalize the process of complete set of requirements creating that are necessary to ensure civil aviation security against cyberthreats. But there is no mechanism for determining the availability of certain modes of security because of the methods and tools declared in the request. With this in mind, is to develop relevant approach to defining security regimes that takes account of additional security features. In this paper a multilevel model database was proposed, which through the use of a basic model of requirements to ensure cybersecurity of civil aviation concatenation of binary sequences that characterize the security mode and binary-hexadecimal coded representation of performance security set security models and subsets of performance security (with the additional features), allows to formalize the process of security requirements identification and determine the mode of critical aviation information systems security. In further research the development of method for evaluating the completeness of compliance is planned as a result of appropriate security methods and means implementation.