Development of Methodological Foundations for Designing a Classifier of Threats to Cyber-physical Systems

Abstract

The emergence of a full-scale quantum computer questions the stability of almost all symmetric and asymmetric cryptography algorithms. At the same time, the rapid growth of computing resources of IT and “G” technologies contributes to an increase in attacks on information and communication (ICS) and cyberphysical systems (CPS). These systems are the core of modern critical cybernetic information systems (CCIS). In such conditions, the primary task of maintaining the required level of security is the classification of modern threats that are integrated with social engineering methods and acquire signs of synergy and hybridity. The paper proposes a synergistic model of threats to ICS/CPS, which takes into account the focus of threats on synergy and hybridity, and the combined impact of security components: information security (IS), cybersecurity (CS), security of information (SI). This approach allows developing methodological foundations for building a unified classifier of threats to cyberphysical systems, forming sets of critical threats, critical points in the ICS/CPS infrastructure elements, based on minimal computing, human and economic costs. The developed methodology for determining the category of an attacker allows systematizing an attacker and, based on the analysis of weighting factors, forming a matrix of correspondence between the capabilities of attackers of various categories and technical means of information security (TMIS). These actions significantly reduce the risk of an attack by certain categories of attackers and allow for planning in the formation of both the IS policy and the corresponding protection profiles.