RADIOELECTRONIC AND COMPUTER SYSTEMS

The article focuses on improving cybersecurity in civil aviation by introducing a hybrid model that assesses cybersecurity service employees' competencies through gamification and fuzzy logic. The goal of this study is to develop a hybrid model for assessing personnel competencies in the cyber and information security services of civil aviation enterprises. The tasks to be solved are: to analyze the problem of aging knowledge and competencies of specialists; to develop a hybrid model for assessing competencies; to justify the model's feasibility through experimental testing at an airline; and to propose a taxonomy for assessing and certifying personnel. The following methods were used: fuzzy logic with linguistic variables and membership functions; gamification with interactive scenarios simulating cyber incidents; modeling using defuzzification rules and procedures; and experimental testing at an airline. The following results were obtained: the experiment conducted at airlines in the Republic of Kazakhstan proved the feasibility of this approach. Gamified scenarios simulating real cyber incidents allow you to interactively assess the current level of personnel competency without risk to real systems. Artificial intelligence provides deep data analysis, identifies individual and systemic knowledge gaps, and offers personalized learning paths. This testing technology not only allows accurate measurement of personnel's skills and competencies but also enables timely measures to improve their qualifications. The study substantiated the need to develop a taxonomy for building a portfolio of personnel skills and competencies in aviation enterprises’ cybersecurity services. Such a taxonomy will serve as the basis for establishing standardized norms and criteria for assessing personnel’s skills and competencies, enabling objective assessment and certification of cybersecurity specialists. In addition, its use will allow for the timely identification of the need for advanced personnel training, which is critically important in the context of an intensively changing cyber landscape. Conclusions. The scientific novelty of the results obtained is as follows: 1) a hybrid model for assessing the competencies of cybersecurity specialists in aviation enterprises has been developed, integrated with fuzzy logic and gamification elements, which ensures a realistic assessment of skills in a dynamic cyberspace; 2) a methodology for forming a taxonomy of skills and competencies has been substantiated, which will become the basis for forming standardized norms and criteria for assessment (certification); 3) the model’s effectiveness in identifying knowledge gaps and making it possible to form high-quality training trajectories for specialists has been confirmed by experimental testing of the model at an aviation enterprise.

cyber resilience; cyber prevention; cyber immunity; cyberspace; cyber landscape; gamification; artificial intelligence; taxonomies for building a portfolio of competencies

Cybersecurity Action Plan. Available at: https://www.icao.int/cybersecurity-action-plan (accessed 13.09.2025).

Global cybersecurity outlook 2025. Available at: https://www.weforum.org/publications/global-cybersecurity-outlook-2025/ (accessed 13.09.2025).

Aslan, Ö., Aktuğ, S., Ozkan-Okay, M., Yilmaz, A., & Akin, E. A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions. Electronics, 2023, vol. 12, no. 6, art. no. 1333. DOI: 10.3390/electronics12061333.

Koshekov, K., Bakirov, B., Sakhov, A., Levchenko, N., Tanovitskiy, Y., Koshekov, A., Kurbanov, Y., & Togambayev, R. Cyber hygiene of the digital twin of the civil aviation occupational safety management system in the context of quantum transformation. Radioelectronic and Computer Systems, 2025, vol. 2025, no. 1, pp. 231–247. DOI: 10.32620/reks.2025.1.16.

Koshekov, K., Alibekkyzy, K., Toiganbayev, B., Belginova, S., Keribayeva, T., Tulaev, V., & Koshekov, A. Formalization of risk management in the context of digital business transformation. Indonesian Journal of Electrical Engineering and Computer Science, 2023, vol. 30, no. 3, pp. 1428-1439. DOI: 10.11591/ijeecs.v30.i3.pp1428-1439.

Kharchenko, V., Korchenko, O., & Gnatyuk, S. Bazova model formuvannia vymoh do zabezpechennia kiberbezpeky tsyvilʹnoyi aviatsiyi [Basic model for cybersecurity requirements definition in civil aviation]. Ukrainian Scientific Journal of Information Security, 2016, vol. 22, no. 2, pp. 150-155. DOI: 10.18372/2225-5036.22.10708. (In Ukrainian)

Leśnikowski, W. Threats from cyberspace for civil aviation. Wiedza Obronna, 2021, vol. 276, no. 3, pp. 124-153. DOI: 10.34752/2021-h276.

Morshedi, R., & Mojtaba Matinkhah, S. Cybersecurity Challenges and Solutions in Unmanned Aerial Vehicles (UAVs). Journal of Field Robotics, 2025. DOI: 10.1002/rob.70040.

Aviation cybersecurity 2023. Available at: https://www.icao.int/aviation-cybersecurity (accessed 09.10.2025).

Aviation Cybersecurity Strategy: Security and Facilitation Strategic Objective. Available at: https://www.icao.int/aviation-cybersecurity-strategy (accessed 09.10.2025).

Cybersecurity Action Plan. Available at: https://www2023.icao.int/aviationcybersecurity/Documents/CYBERSECURITY%20ACTION%20PLAN%20-%20Second%20edition.EN.pdf#search=ICAO%20TRAINING%20Report%20in%20cybersecurity%20professionals (accessed 09.10.2025).

ICAO training evaluation report. Available at: https://www2023.icao.int/training/Documents/ICAO%20Training%20Evaluation%20Report%202020.pdf#search=ICAO%20TRAINING%20Report (accessed 09.10.2025).

Cybersecurity Culture in Civil Aviation. Available at: https://www2023.icao.int/Security/Security-Culture/Documents/ICAO%20-%20Cybersecurity%20Culture%20in%20Civil%20Aviation_EN.pdf#search=ICAO%20TRAINING%20Report%20in%20cybersecurity%20professionals (accessed 09.10.2025).

Cybersecurity Policy Guidance. Available at: https://www.icao.int/sites/default/files/sp-files/aviationcybersecurity/Documents/Cybersecurity%20Policy%20Guidance.EN.pdf (accessed 09.10.2025).

Cyber Information Sharing. Available at: https://www.icao.int/sites/default/files/sp-files/aviationcybersecurity/Documents/Cyber%20Information%20Sharing.EN.pdf (accessed 09.10.2025).

Bendler, D., & Felderer, M. Competency Models for Information Security and Cybersecurity Professionals: Analysis of Existing Work and a New Model. ACM Transactions on Computing Education, 2023, vol. 23, no. 2, pp. 1–33. DOI: 10.1145/3573205.

Akinsanya, M., Ekechi, C., & Okeke, C. The evolution of cyber resilience frameworks in network security: a conceptual analysis. Computer Science & IT Research Journal, 2024, vol. 5, no. 4, pp. 926–949. DOI: 10.51594/csitrj.v5i4.1081.

Emerging skills and professions for Kazakhstan in the post COVID-19 era. Available at: https://www.undp.org/kazakhstan/publications/emerging-skills-and-professions-kazakhstan-post-covid-19-era (accessed 13.09.2025).

He, W., Ash, I., Anwar, M., Li, L., Yuan, X., Xu, L., & Tian, X. Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training. Journal of Intellectual Capital, 2020, vol. 21, no. 2, pp. 203–213. DOI: 10.1108/jic-05-2019-0112.

Elmarady, A., & Rahouma, K. Studying Cybersecurity in Civil Aviation, Including Developing and Applying Aviation Cybersecurity Risk Assessment. IEEE Access, 2021, vol. 9, pp. 143997-144016. DOI: 10.1109/ACCESS.2021.3121230.

Marshall, D., Shannon, D., & Love, S. How teachers experienced the COVID-19 transition to remote instruction. Phi Delta Kappan, 2020, vol. 102, no. 3, pp. 46–50. DOI: 10.1177/0031721720970702.

Lampropoulos, G., Keramopoulos, E., Diamantaras, K., & Evangelidis, G. Integrating Augmented Reality, Gamification, and Serious Games in Computer Science Education. Education Sciences, 2023, vol. 13, no. 6, art. no. 618. DOI: 10.3390/educsci13060618.

Dos Santos, L., Oliveira, W., Corrêa De Lima, A., De Castro Junior, A., & Hamari, J. The Effects of Gamification on Learners’ Engagement According to Their Gamification User Types. Technology, Knowledge and Learning, 2025. DOI: 10.1007/s10758-025-09866-2.

Thai, N., De Wever, B., & Valcke, M. Face‐to‐face, blended, flipped, or online learning environment? Impact on learning performance and student cognitions. Journal of Computer Assisted Learning, 2020, vol. 36, no. 3, pp. 397–411. DOI: 10.1111/jcal.12423.

Lampropoulos, G. Educational benefits of digital game-based learning: K-12 teachers’ perspectives and attitudes. Advances in Mobile Learning Educational Research, 2023, vol. 3, no. 2, pp. 805–817. DOI: 10.25082/amler.2023.02.008.

Anayatova, R., Tulekova, G., Koshekov, A., Koshekov, K., & Levchenko, N. Professional and Communicative Competences in Using Linguistic Aspects of the State Language in the Sphere of Civil Aviation of Kazakhstan. PSYCHOLINGUISTICS, 2024, vol. 36, no. 2, pp. 63–89. DOI: 10.31470/2309-1797-2024-36-2-63-89.

Strategic Cybersecurity Talent Framework. https://www3.weforum.org/docs/WEF_Strategic_Cybersecurity_Talent_Framework_2024.pdf (accessed 13.09.2025).

Annual review 2023. Available at: https://www.iata.org/contentassets/c81222d96c9a4e0bb4ff6ced0126f0bb/annual-review-2023.pdf (accessed 13.09.2025).

Willard, J. Economic impact of cybercrime on business predicted to reach $10.5 trillion by 2025: Cybersecurity Ventures. Available at: https://www.reinsurancene.ws/economic-impact-of-cybercrime-on-business-predicted-to-reach-10-5-trillion-by-2025-cybersecurity-ventures/#:~:text=The%20economic%20impact%20of%20cybercrime,risk%20appears%20to%20be%20diminishing (accessed 13.09.2025).

Florido-Benítez, L. The types of hackers and cyberattacks in the aviation industry. Journal of Transportation Security, 2024, vol. 17, art. no. 13. DOI: 10.1007/s12198-024-00281-9.

Mizrak, F., & Reyhan Akkartal, G. Prioritizing cybersecurity initiatives in aviation: A dematel-QSFS methodology. Heliyon, 2024, vol. 10, no. 16, art. no. e35487. DOI: 10.1016/j.heliyon.2024.e35487.

The cybersecurity industry has an urgent talent shortage. Here’s how to plug the gap. Available at: https://www.weforum.org/stories/2024/04/cybersecurity-industry-talent-shortage-new-report/ (accessed 13.09.2025).

Emerging Trends: ENISA Threat Landscape: From January 2019 to April 2020. Available at: https://www.enisa.europa.eu/publications/emerging-trends (accessed 13.09.2025).

Crumpler, W., & Lewis, J. The Cybersecurity Workforce Gap. Available at: https://www.csis.org/analysis/cybersecurity-workforce-gap (accessed 13.09.2025).

Global Cybersecurity Workforce Prepares for an AI-Driven World. Available at: https://www.isc2.org/Insights/2024/10/ISC2-2024-Cybersecurity-Workforce-Study (accessed 13.09.2025).

Gregory, T., & Zierahn, U. When the minimum wage really bites hard: The negative spillover effect on high-skilled workers. Journal of Public Economics, 2022, vol. 206, art. no. 104582. DOI: 10.1016/j.jpubeco.2021.104582.

Kim, J., & Castelli, D. Effects of Gamification on Behavioral Change in Education: A Meta-Analysis. International Journal of Environmental Research and Public Health, 2021, vol. 18, no. 7, art. no. 3550. DOI: 10.3390/ijerph18073550.

Pozo-Sánchez, S., Lampropoulos, G., & López-Belmonte, J. Comparing Gamification Models in Higher Education Using Face-to-Face and Virtual Escape Rooms. Journal of New Approaches in Educational Research, 2022, vol. 11, pp. 307–322. DOI: 10.7821/naer.2022.7.1025.

Kalantayevskaya, N., Koshekov, K., Latypov, S., Savostin, A., & Kunelbayev, M. Design of decision-making support system in power grid dispatch control based on the forecasting of energy consumption. Cogent Engineering, 2022, vol. 9, no. 1, art. no. 2026554. DOI: 10.1080/23311916.2022.2026554.

ISO/IEC 27001:2022. Information security, cybersecurity and privacy protection – Information security management systems – Requirements. Available at: https://www.iso.org/standard/27001 (accessed 13.09.2025).

Building a Common Language for Skills at Work A Global Taxonomy. Available at: https://www.weforum.org/publications/building-a-common-language-for-skills-at-work-a-global-taxonomy/ (accessed 13.09.2025).

Global Skills Taxonomy Adoption Toolkit: Defining a Common Skills Language for a Future-Ready Workforce. Available at: https://reports.weforum.org/docs/WEF_Global_Skills_Taxonomy_Adoption_Toolkit_2025.pdf (accessed 13.09.2025).

Akhavan, M., Alivirdi, M., Jamalpour, A., Kheradranjbar, M., Mafi, A., Jamalpour, R. & Ravanshadnia, M. Impact of Industry 5.0 on the Construction Industry (Construction 5.0): Systematic Literature Review and Bibliometric Analysis. Buildings, vol. 15, no. 9, art. no. 1491. DOI: 10.3390/buildings15091491.

Putting Skills First Opportunities for Building Efficient and Equitable Labour Markets. Available at: https://www.weforum.org/publications/putting-skills-first-opportunities-for-building-efficient-and-equitable-labour-markets/ (accessed 13.09.2025).

Ghobakhloo, M., Mahdiraji, H. A., Iranmanesh, M., & Jafari-Sadeghi, V. From Industry 4.0 Digital Manufacturing to Industry 5.0 Digital Society: a Roadmap Toward Human-Centric, Sustainable, and Resilient Production. Information Systems Frontiers, 2024. https://doi.org/10.1007/s10796-024-10476-z.

Qazaqstan Respublikasynyń enbek naryǵyn damytýdyń 2024 – 2029 jyldarǵa arnalǵan tújyrimdamasyn bekitý turaly [On the approval of the Concept for the Development of the Labor Market of the Republic of Kazakhstan for 2024–2029]. Available at: https://adilet.zan.kz/kaz/docs/P2300001050 (accessed 13.09.2025). (In Kazakh).

The Future of Jobs Report 2023. Available at: https://www3.weforum.org/docs/WEF_Future_of_Jobs_2023.pdf?ref=charterworks.com (accessed 13.09.2025).

Sabillon, R., & Bermejo Higuera, J. R. The Importance of Cybersecurity Awareness Training in the Aviation Industry for Early Detection of Cyberthreats and Vulnerabilities. Proceedings of the 25th International Conference on Human-Computer Interaction, Copenhagen, Denmark, Springer, 2023, pp. 461-479. DOI: 10.1007/978-3-031-48057-7_29.

Sabillon, R. Cyber Security Auditing, Assurance, and Awareness Through CSAM and CATRAM. IGI Global, 2021, pp. 1-260. DOI: 10.4018/978-1-7998-4162-3.

Kolotusha, V., Shmelova, T., & Bondarev, D. Multi-criterion Evaluation of the Criteria of the Information Model Conformity of the Air Traffic Controller Simulator to the Real System. Lecture Notes in Networks and Systems, 2024, vol. 992, pp. 364-384. DOI: 10.1007/978-3-031-60196-5_27.

Alothman, B. Y. Cyber Gamification: Implementing Gamified Adaptive Learning Environments for Effective Cyber Security Teams Education. Proceedings of the 5th International Conference on Education Development and Studies, Cambridge, United Kingdom, Associate of Computing Machinery, 2024, pp. 33-40. DOI: 10.1145/3669947.3669953.

Sahnouni, M., & Benghebrid, R. Competency Assessment Based on Fuzzy Logic and Artificial Intelligence Mechanism: A Study of Competency Assessment Document for the Algerian SEROR Company. Business Ethics and Leadership, 2023, vol. 7, no. 4, pp. 159–170. DOI: 10.61093/bel.7(4).159-170.2023.

Slavyanov, K., & Dimov, R. Application of fuzzy logic in cybersecurity decision making and analysis after a cyber incident detection. Proceedings of the 15th International Scientific and Practical Conference, Rezekne, Latvia, 2024, pp. 259–263. DOI: 10.17770/etr2024vol2.8022.

Vargas, H., Heradio, R., Farias, G., Lei, Z., & de la Torre., L. A Pragmatic Framework for Assessing Learning Outcomes in Competency-Based Courses. IEEE Transactions on Education, 2024, vol. 67, no. 2, pp. 224-244. DOI: 10.1109/TE.2023.3347273.