Advertisement

Industrial Cyber-Physical Systems: Risks Assessment and Attacks Modeling

  • Alla G. KravetsEmail author
  • Natalia Salnikova
  • Kirill Dmitrenko
  • Mikhail Lempert
Chapter
Part of the Studies in Systems, Decision and Control book series (SSDC, volume 260)

Abstract

The chapter is devoted to the attacks modeling for Cyber-Physical systems of industrial enterprises with regard to risk assessment. In this chapter the analysis of corporate systems of industrial is held; systems’ attacks and risk assessment techniques were studied; software for attacks modeling are compared. Information models of corporate networks and attacks are developed; describes the design and basic functions of the module for assessing the risks of attacks in the corporate system. Corporate networks of more than 70% of industrial enterprises are potentially vulnerable to hacker attacks. Today, according to research by Positive Technologies analysts, hackers can cross the perimeter and get into the corporate network of 73% of the companies in the industrial segment. In 82% of companies, penetration from the corporate network to the technological one is possible. One of the main opportunities for obtaining unauthorized access to the enterprise network turned out to be administrative control channels. Solving the problem of ensuring the information security of Cyber-Physical systems is an urgent task today.

Keywords

Informational resources Cyber-physical systems Industrial enterprise Industrial cybersecurity Information security threats Attack modeling Unauthorized access Protection systems 

Notes

Acknowledgements

The reported study was funded by RFBR according to the research project # 19-07-01200.

References

  1. 1.
    Vasilev, D., Kravets, E., Naumov, Y., Bulgakova, E., Bulgakov, V.: Analysis of the data used at oppugnancy of crimes in the oil and gas industry. Stud. Syst. Decis. Control 181, 249–258 (2019)CrossRefGoogle Scholar
  2. 2.
    Salnikova, N.A., Lempert, B.A., Lempert, M.B.: Integration of methods to quantify the quality of medical care in the automated processing systems of medical and economic information. In: Communications in Computer and Information Science (CIT&DS 2015), vol. 535, pp. 307–319. Volgograd, Russia Federation. Springer, Heidelberg (2015)Google Scholar
  3. 3.
    Prokofieva, E., Mazur, S., Chervonnykh, E., Zhuravlev, R.: Internet as a crime zone: Criminalistic and criminological aspects. Stud. Syst. Decis. Control 181, 105–112 (2019)CrossRefGoogle Scholar
  4. 4.
    Kravets, A.G., Skorobogatchenko, D.A., Salnikova, N.A., Orudjev, N.Y., Poplavskaya, O.V.: The traffic safety management system in urban conditions based on the C4.5 algorithm, In: Moscow Workshop on Electronic and Networking Technologies (MWENT 2018), Art. No. 8337254, pp. 1–7. Proceedings (2018)Google Scholar
  5. 5.
    Gurlev, I., Yemelyanova, E., Kilmashkina, T.: Development of communication as a tool for ensuring national security in data-driven world (Russian far north case-study). Stud. Syst. Decis. Control 181, 237–248 (2019)CrossRefGoogle Scholar
  6. 6.
    Kravets, A.G., Bui, N.D., Al-Ashval, M.: Mobile security solution for enterprise network. In: Communications in Computer and Information Science (CCIS 2014), vol. 466, pp. 371–382 (2014)Google Scholar
  7. 7.
    Kravets, A., Kozunova, S.: The risk management model of design department’s PDM information system. In: Communications in Computer and Information Science (CIT&DS 2017), vol. 754, pp. 490–500. Volgograd, Russia Federation. Springer, Heidelberg (2017)Google Scholar
  8. 8.
    Orudjev, N.Y., Poplavskaya, O.V., Lempert, L.B., Salnikova, N.A.: Problems of medical confidentiality while using electronic documents in psychiatric practice. In: Atlantis Press, Proceedings of the 2016 Conference on Information Technologies in Science, Management, Social Sphere and Medicine (ITSMSSM 2016), vol. 51, pp. 120–125 (2016)Google Scholar
  9. 9.
    Goroshko, I., Toropov, B., Gurlev, I., Vasiliev, F.: Data analysis of the socio-economic factors’ influence on the state of crime. Stud. Syst. Decis. Control 181, 71–84 (2019)CrossRefGoogle Scholar
  10. 10.
    Urban, V., Kniazhev, V., Maydykov, A., Yemelyanova, E.: Implementation of the law enforcement function of the state in the field of countering crimes committed using the internet. Stud. Syst. Decis. Control 181, 113–120 (2019)CrossRefGoogle Scholar
  11. 11.
    Quyên, L.X., Kravets, A.G.: Development of a protocol to ensure the safety of user data in social networks, based on the Backes method. In: Communications in Computer and Information Science (CCIS 2014), vol. 466, pp. 393–399 (2014)Google Scholar
  12. 12.
    Latov, Y., Grishchenko, L., Gaponenko, V., Vasiliev, F.: Mechanisms of countering the dissemination of extremist materials on the internet. Stud. Syst. Decis. Control 181, 145–161 (2019)CrossRefGoogle Scholar
  13. 13.
    Kravets, A, Shumeiko, N., Shcherbakova, N., Lempert, B., Salnikova, N.: “Smart queue” approach for new technical solutions discovery in patent applications, communications. In: Computer and Information Science (CIT&DS 2017), vol. 754, pp. 37–47. Volgograd, Russia Federation. Springer, Heidelberg (2017)Google Scholar
  14. 14.
    Lebedev, A., Shmonin, A., Vasiliev, F., Korobko, V.: Principles of mathematical models constructing based on the text or qualitative data of social systems. Stud. Syst. Decis. Control 181, 29–38 (2019)CrossRefGoogle Scholar
  15. 15.
    Kondratiev, V., Shchepkin, A., Irikov, V.: Mechanisms for ensuring road safety: The Russian Federation case-study. Stud. Syst. Decis. Control 181, 183–203 (2019)CrossRefGoogle Scholar
  16. 16.
    Shcherbakov, M.V., Kachalov, D.L., Kamaev, V.A., Shcherbakova, N.L., Tyukov, A.P., Strekalov, S.D.: A design of web application for complex event processing based on hadoop and java servlets. Int. J. Soft Comput. 10(3), 218–219 (2015)Google Scholar
  17. 17.
    Kravets, A.G., Kanavina, M.A., Salnikova, N.A.: Development of an integrated method of placement of solar and wind energy objects in the lower Volga. In: International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM 2017), pp. 1–5 (2017)Google Scholar
  18. 18.
    Anufriev, D., Petrova, I., Kravets, A., Vasiliev, S.: Big data-driven control technology for the heterarchic system (building cluster case-study). Stud. Syst. Decis. Control 181, 205–222 (2019)CrossRefGoogle Scholar
  19. 19.
    Dronova, O., Smagorinskiy, B.P., Yastrebov, V.: Counteraction to E-commerce crimes committed with the use of online stores. Stud. Syst. Decis. Control 181, 121–131 (2019)CrossRefGoogle Scholar
  20. 20.
    Golubev, A.V., Shcherbakov, M.V., Scherbakova, N.L., Kamaev, V.A.: Automatic multi-steps forecasting method for multi seasonal time series based on symbolic aggregate approximation and grid search approaches. J. Fundam. Appl. Sci. 8(3S), 2429–2441 (2016)Google Scholar
  21. 21.
    Kravets, A.G., Gurtjakov, A., Kravets, A.: Corporate intellectual capital management: learning environment method. In: Proceedings of the IADIS International Conference ICT, Society and Human Beings 2013, Proceedings of the IADIS International Conference e-Commerce 2013, pp. 3–10 (2013)Google Scholar
  22. 22.
    Novikov, D., Belov, M.: Methodological foundations of the digital economy. Stud. Syst. Decis. Control 181, 3–14 (2019)CrossRefGoogle Scholar
  23. 23.
    Korotkov, A., Kravets, A.G., Voronin, Y.F., Kravets, A.D.: Simulation of the initial stages of software development. Int. J. Appl. Eng. Res. 9(22), 16957–16964 (2014)Google Scholar
  24. 24.
    Makarov, V., Gaponenko, V., Toropov, B., Kupriyanov, A.: Theoretical and applied aspects of orthogonal coding in computer networks technologies. Stud. Syst. Decis. Control 181, 47–58 (2019)CrossRefGoogle Scholar
  25. 25.
    Burkov, V., Shchepkin, A., Irikov, V., Kondratiev, V.: Methodology and technology of control systems development. Stud. Syst. Decis. Control 181, 15–27 (2019)CrossRefGoogle Scholar
  26. 26.
    Chernyshev, S.L.: Investment management technology with discounting. Stud. Syst. Decis. Control 181, 231–236 (2019)CrossRefGoogle Scholar
  27. 27.
    Cyber-Physical Security Education: https://cybati.org/. Last accessed 28 Mar 2019
  28. 28.
    Trike: http://octotrike.org. Last accessed 28 Mar 2019
  29. 29.
    SDL Threat Modeling Tool: https://www.microsoft.com/en-us/sdl/adopt/threatmodeling.aspx. Last accessed 28 Mar 2019
  30. 30.
    An automated threat modeling platform that secures and scales the enterprise software development life cycle. https://threatmodeler.com/. Last accessed 28 Mar 2019
  31. 31.
    R-Vision Incident Response Platform. https://rvision.pro/. Last accessed 28 Mar 2019

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Alla G. Kravets
    • 1
    Email author
  • Natalia Salnikova
    • 2
  • Kirill Dmitrenko
    • 3
  • Mikhail Lempert
    • 4
  1. 1.Volgograd State Technical UniversityVolgogradRussia
  2. 2.Volgograd Institute of Management—Branch of the Russian Presidential Academy of National Economy and Public AdministrationVolgogradRussia
  3. 3.I.M. Sechenov First Moscow State Medical UniversityMoscowRussia
  4. 4.Technion—Israel Institute of TechnologyHaifaIsrael

Personalised recommendations