ASSET ACCESS RISK ANALYSIS METHOD IN THE PHYSICAL PROTECTION SYSTEMS

Ахмед Валід Аль-Хафаджі, Олександр Олександрович Соловйов, Дмитро Дмитрович Узун, Вячеслав Сергійович Харченко

Abstract


The subject of study in the article is asset access risk analysis methods inside a physical object. As an example, we consider the object of the physical security system of a scientific institution (as a block of a territorial element) with a hardware environment in the form of devices with low energy consumption and functioning in the Internet of things. The goal is to create a theoretical and mathematical model and method for analyzing the internal components of a security system and access to assets. The tasks set to cover the development of an approach to the analysis of the level of security, which is ensured by the established system of physical security and the formation of an approach to penetration to access assets. In solving the problems, methods were used such as spatial analysis of the physical distribution of system elements, the formation of route graphs, decomposition of blocks and physical protection algorithms, the study of a complete set of components and an individually oriented security element. The following results were obtained: an approach to the analysis of the security level of a physical object using basic parameters consisting of physical and information variables of existing multiple assets was developed, a mathematical model of the system components, block orientation of the perimeter of the object was built, a sequence of stages of penetration into a protected object using multiple routes was proposed. Conclusions: the scientific novelty of the results is as follows: the method of analyzing asset security through the use of environment variables and physical security controls of the facility, as well as the generation and evaluation of penetration routes to the facility to access critical assets, has been improved.

Keywords


FMECA; PSMECA; criticality cube; physical security; gate security; physical security system; room analysis; IoT; security; attack tree

References


Pavlov, D. М. Zabezpechennya fizychnoyi bezpeky yadernykh ob"yektiv v Ukrayini v umovakh zrostannya viyskovo-terorystychnoyi zahrozy: orhanizatsiyno-pravovyy aspect [Physical security of nuclear facilities in Ukraine in terms of growth of military-theoretical threat, organizational and legal aspects]. Yurydychna nauka – Jurisprudence, 2015, no. 2, pp. 21–27. (in Ukrainian).

Niles, S. Physical Security in Mission Critical Facilities Suzanne Niles. Schneider Electric, 2004. 22 p.

Physical Security Systems. Hitachi Review, 2014, vol. 53, no. 2, pp. 73–78.

Avizienis, A., Laprie, J., Randell, B., Landwehr, C. Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 2004, no. 1, pp. 11–33.

Yastrebenetsky, V., Kharchenko, V. Nuclear Power Plants Instrumentation and Control Systems for Safety and Security. Hershey PA, USA, 2014. 470 p.

Qahtan Abdulmunem, M., Kharchenko, V. Availability and Security Assessment of Smart Building Automation Systems: Combining of Attack Tree Analysis and Markov Models. Proceedings of Third International Conference on Mathematics and Computers in Sciences and in Industry, 2016, pp. 302–307.

Charlie, F., Brayon, M. Physical Protection Principles. Nuclear Installation Dept. AELB, 2014. 10 p.

Harris, S. Physical and Environmental Security. CISSP Exam Guide, 2013, pp. 457–502.

Conrath, J. Structural Design for Physical Security: State of the Practice. ASCE Reston: Task Committee, Structural Engineering Institute, 1999. 264 p.

Monk, S. Programming the Raspberry Pi: Getting Started with Python. McGraw Hill Professional, 2015. 192 p.

Blum, J. Exploring Arduino: Tools and Techniques for Engineering Wizardry. Jonh Willey & Sons, 2013. 384 p.

Nadzir, N. M., Rahim, M., Zubir, F. Wireless Sensor Node with Passive RFID for Indoor Monitoring System. International Journal of Electrical & Computer Engineering, 2017, pp. 1459–1466.

Waleed, A. K. A., Kharchenko, V., Uzun, D., Solovyov, O. IoT-based physical security systems: Structures and PSMECA analysis. IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2017, pp. 870–873.

Gorbenko, A., Kharchenko, V., Tarasyuk, O., Furmanov, A. F(I)MEA-technique of Web Services Analysis and Dependability Ensuring. Lecture Notes in Computer Science, 2006, vol. 4157, pp. 153–167.

Illiashenko, O., Babeshko, E. Choosing FMECA-based techniques and tools for safety analysis of critical systems. Information & Security: An International Journal, 2012, no. 28(2), pp. 275–285.




DOI: https://doi.org/10.32620/reks.2019.4.11

Refbacks

  • There are currently no refbacks.