The object of research: First, to identify and discuss the security problems of cyber-physical systems associated with the emergence of qualitatively new technologies and qualitatively new affordable artificial intelligence software. Secondly, building the concept of the security structure of a cyber-physical system based on the Zero Trust Security approach. Creation of a new secure load transfer structure based on the semiotic approach.
 Investigated problem: Information system security problems continue to cause significant costs and damage to organizations. Sustainability requires comprehensive and integrated security platforms that reach customers, whether they work at headquarters, in a branch office, or individually from random touchpoints.
 The main scientific results: the concept of a structured protection system with the Zero Trust Security approach has been developed. The structure of the semiotic analysis of the segmentation of the transmitted load on the blocks is proposed. Blocks by signs are subjected to individual analysis. According to the features, the blocks are transformed by the selected representation into an object/groups of objects. Groups for transmission in the load are tagged, have different coding severity (depth), depending on the risk assessment. Groups are transmitted through the network in different ways (paths) – VPN (different ESP), unencrypted tunnel, open access, etc.
 This solution improves the throughput of malicious load analysis prior to transmission. The performance overhead for encoding/decoding the load and encapsulating/de-encapsulating during transmission is reduced. The transmission bandwidth is increased.
 The area of practical use of the research results: businesses requiring secure access to on-premise resources and mission-critical cloud environments. Organizations using employees in distributed networks. Specialists in the deployment and analysis of the protection of cyber-physical systems.
 Innovative technological product: The semiotic security concept extends the zero-trust security model, which focuses on protecting network traffic within and between organizations. This concept uses load traffic segmentation, which combines an advanced analysis and transfer load transformation framework.
 This concept provides for integration with other cybersecurity technologies such as endpoint discovery and response (EDR) and security information and event management (SIEM) to provide a more comprehensive security solution.
 This solution improves the throughput of malicious load analysis prior to transmission. Reduced performance resources for encode/decode load and encapsulate/deencapsulate in transit.
 Scope of the innovative technological product: this concept can be applied to enterprises that already have some elements of zero trust in their corporate infrastructure, but cannot strictly control the state of the requested assets, are limited in implementing security policies for certain classes of users. This deployment model can also be applied to enterprises that use cloud services for individual business processes.
 It can be useful for researchers and administrators in the development of corporate cybersecurity plans, which uses the concepts of zero-trust and covers relationships between components, workflow planning, and access policies.
Read full abstract