RADIOELECTRONIC AND COMPUTER SYSTEMS

The world trends in increasing of threats of natural and man-made nature, a level of terrorist threats, the number and complexity of cyberattacks have caused the actualization of needs for critical information infrastructure protection and improvement it's informational security and functional safety. A critical information infrastructure is considered as a set of information and telecommunication systems, improper operation of which may lead to the occurrence of an accident of critical infrastructure (energy, transport, etc.), as well as to decrease in quality of its services. The subject of paper’s study is the mechanisms for ensuring the safety (protection) of critical information infrastructures. The purpose of the paper is to substantiate the approach to the development of methodological foundations and technologies for assessing and ensuring the safety (protection) of critical information infrastructures taking into account the state and capabilities of modern information technologies. The methods used are: systems analysis methods, mathematical optimization methods, safety, and risk theory methods. The following results were obtained. The main tasks of the critical infrastructure protection system are formulated. The necessity of using the system of protection of critical information infrastructure as part of the system of protection of critical infrastructure is substantiated. The concept and principles of the methodology for assessing and ensuring the safety (protection) of critical information infrastructures are developed, working hypotheses, methods and models necessary for their implementation are suggested. The way of interaction of the elements of the proposed methodology, tasks and elements of the critical infrastructure protection system is shown. The results obtained are aimed at solving of one fundamental problem such as the existence of a contradiction between the intensive development of critical information infrastructures, negative influences and threats of various nature and the lack of methodological foundations, models, methods and information technologies for assessment and assurance of critical information infrastructure security and safety. The results obtained should be used to create elements of informational and analytical support for the decision maker in solving tasks related to the assessment and security (protection) of critical infrastructure

critical information infrastructure; critical energy infrastructure, critical infrastructure protection system; security; safety; decision maker; information technologies

Dodonov, O. H., Horbachyk, O. S., Kuznyetsova, M. H. Orhanizatsiya upravlinnya hrupoyu mobil'nykh tekhnichnykh ob"yektiv [Organization of management of a mobile technical objects’ group] Materialy XVII Mezhdunar. nauch.-prakt. konf. “Informacionnye tehnologii i bezopasnost'” [Proc. 17th Int. Scient. and Pract. Conf. "Information Technology and Security"]. Kyiv, 2017, pp. 3-7. (In Ukrainian).

Bloomfield, R. E., Netkachova, K., Stroud, R. Security-informed safety: If it's not secure, it's not safe. Proc. 5th Int. Workshop on Software Engineering for Resilient Systems (SERENE), Kyiv, Ukraine, 3-4 Oct. 2013, pp. 17-32.

Kharchenko, V., Illiashenko, O., Kovalenko, A., Sklyar, V., Boyarchuk, A. Security informed safety assessment of NPP I&C systems: GAP-IMECA technique. Proc. 22th Int. Conf. on Nuclear Engineering (ICONE), Prague, Republic, 7-11 Jul. 2014, pp. 1-9. doi:10.1115/ICONE22-31175.

Kharchenko, V. Diversity for safety and security of embedded and cyber physical systems: Fundamentals review and industrial cases. Proc. Baltic Electronic Conf. (BEC), Tallinn, Estonia, 5-9 Oct. 2016, pp. 17-26. doi: 10.1109/BEC.2016.7743719

Sachenko, A., Kochan, V., Kharchenko, V., Roth, H., Yatskiv, V., Chernyshov, M., Bykovyy, P., Roshchupkin, O., Koval, V., Fesenko, H. Mobile post-emergency monitoring system for nuclear power plants. Proc. 12th Int. Conf. on ICT in Education, Research and Industrial Applications: Integration, Harmonization and Knowledge Transfer, Kyiv, Ukraine, 23-25 May 2016, pp. 384-398.

Gorbenko, A. V. Metodologicheskie osnovy i informacionnye tehnologii sozdanija garantosposobnyh servis-orientirovannyh Web-sistem. Diss. dokt. tekhn. nauk. [Methodological foundations and information technologies for designing dependable service-oriented Web-systems. Dr. eng. sci. diss.]. Kharkiv, 2012. 413 p.

Giannopoulos, G., Filippini, R., Schimmer, M. Risk assessment methodologies for critical infrastructure protection. Part I: A state of the art. Luxembourg, Publications Office of the European Union, 2012. 70 p. doi:10.2788/22260

Biryukov, D. S., Kondratov, S. I., Sukhodolya, O. M. Zelena knyha z pytan' zakhystu krytychnoyi infrastruktury v Ukrayini [Green paper on critical infrastructure protection in Ukraine]. Kyiv “NISD” Publ., 2015. 176 p.

SOU NAEK 100:2016. Informatsiyni ta keruyuchi systemy, vazhlyvi dlya bezpeky atomnykh stantsiy. Zahal'ni tekhnichni vymohy [SE “NNEGC “Energoatom” Standard 100:2016. Information and control systems important to safety in nuclear power plants. General technical requirements]. Kyiv, DP “NAEK “Enerhoatom” Publ., 2016. 124 p.

Hnatyuk, O., Ryabyy, M. Vyznachennya krytychnoyi informatsiynoyi infrastruktury ta yiyi zakhystu: analiz pidkhodiv [Definition of critical information infrastructure and its protection: analysis of approaches]. Zv"yazok – Communication, 2014, no. 4,

pp. 3-7.