Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems
Objective. The aim of the work is to develop a methodological apparatus, as well as a mathematical model based on the theory of queuing systems designed to assess the level of security of automated systems.Method. The theory of queuing systems is considered as a mathematical apparatus. In particular...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | Russian |
| Published: |
Dagestan State Technical University
2023-08-01
|
| Series: | Вестник Дагестанского государственного технического университета: Технические науки |
| Subjects: | |
| Online Access: | https://vestnik.dgtu.ru/jour/article/view/1290 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849250156330876928 |
|---|---|
| author | A. O. Efimov E. A. Rogozin |
| author_facet | A. O. Efimov E. A. Rogozin |
| author_sort | A. O. Efimov |
| collection | DOAJ |
| description | Objective. The aim of the work is to develop a methodological apparatus, as well as a mathematical model based on the theory of queuing systems designed to assess the level of security of automated systems.Method. The theory of queuing systems is considered as a mathematical apparatus. In particular, the problem of eliminating vulnerabilities was considered as a multi-channel CFR with an unlimited queue. The flow of detected vulnerabilities of the automated system was considered as an incoming flow of applications. The system, due to the possibility of detecting many vulnerabilities in a short time, has a queue of vulnerabilities. Information security specialists responsible for eliminating vulnerabilities in this system are considered as service channels. Despite the possibility of mutual assistance between specialists, this paper considers a situation where each employee is tasked with eliminating a specific vulnerability. The outgoing flow of applications is the flow of eliminated vulnerabilities of the automated system.Result. A methodological and mathematical apparatus for assessing the level of security of automated systems based on their vulnerabilities and the process of eliminating vulnerabilities has been developed. The theory of queuing systems was used as a basis. The assessment of security levels is given depending on the probability of a queue of unresolved vulnerabilities.Conclusion. The developed methodology can be used to assess the level of security of automated systems. And also allows you to assess the sufficiency of resources spent on eliminating vulnerabilities of a specific automated system. |
| format | Article |
| id | doaj-art-62513902a6364a85992b52e13f429a3f |
| institution | Kabale University |
| issn | 2073-6185 2542-095X |
| language | Russian |
| publishDate | 2023-08-01 |
| publisher | Dagestan State Technical University |
| record_format | Article |
| series | Вестник Дагестанского государственного технического университета: Технические науки |
| spelling | doaj-art-62513902a6364a85992b52e13f429a3f2025-08-20T03:57:21ZrusDagestan State Technical UniversityВестник Дагестанского государственного технического университета: Технические науки2073-61852542-095X2023-08-01502838910.21822/2073-6185-2023-50-2-83-89788Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systemsA. O. Efimov0E. A. Rogozin1Voronezh Institute of the Ministry of Internal Affairs of RussiaVoronezh Institute of the Ministry of Internal Affairs of RussiaObjective. The aim of the work is to develop a methodological apparatus, as well as a mathematical model based on the theory of queuing systems designed to assess the level of security of automated systems.Method. The theory of queuing systems is considered as a mathematical apparatus. In particular, the problem of eliminating vulnerabilities was considered as a multi-channel CFR with an unlimited queue. The flow of detected vulnerabilities of the automated system was considered as an incoming flow of applications. The system, due to the possibility of detecting many vulnerabilities in a short time, has a queue of vulnerabilities. Information security specialists responsible for eliminating vulnerabilities in this system are considered as service channels. Despite the possibility of mutual assistance between specialists, this paper considers a situation where each employee is tasked with eliminating a specific vulnerability. The outgoing flow of applications is the flow of eliminated vulnerabilities of the automated system.Result. A methodological and mathematical apparatus for assessing the level of security of automated systems based on their vulnerabilities and the process of eliminating vulnerabilities has been developed. The theory of queuing systems was used as a basis. The assessment of security levels is given depending on the probability of a queue of unresolved vulnerabilities.Conclusion. The developed methodology can be used to assess the level of security of automated systems. And also allows you to assess the sufficiency of resources spent on eliminating vulnerabilities of a specific automated system.https://vestnik.dgtu.ru/jour/article/view/1290automated systeminformation securityqueuing systemsecurity assessmentvulnerability |
| spellingShingle | A. O. Efimov E. A. Rogozin Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems Вестник Дагестанского государственного технического университета: Технические науки automated system information security queuing system security assessment vulnerability |
| title | Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems |
| title_full | Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems |
| title_fullStr | Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems |
| title_full_unstemmed | Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems |
| title_short | Assessment of the level of security (safety of functioning) of automated systems based on their vulnerabilities, formalized using the theory of queuing systems |
| title_sort | assessment of the level of security safety of functioning of automated systems based on their vulnerabilities formalized using the theory of queuing systems |
| topic | automated system information security queuing system security assessment vulnerability |
| url | https://vestnik.dgtu.ru/jour/article/view/1290 |
| work_keys_str_mv | AT aoefimov assessmentofthelevelofsecuritysafetyoffunctioningofautomatedsystemsbasedontheirvulnerabilitiesformalizedusingthetheoryofqueuingsystems AT earogozin assessmentofthelevelofsecuritysafetyoffunctioningofautomatedsystemsbasedontheirvulnerabilitiesformalizedusingthetheoryofqueuingsystems |