Trusted Control Systems

Nowadays, the problem of ensuring security of systems with a critical mission has become particularly relevant. An increased opportunity for unauthorized exposure on such systems via hardware, software and communication networks is the main reason to discuss this problem. It is confirmed by a plenty of accidents when equipment is out of order by means of malicious embedded elements and viruses. Currently, in the Russian Federation the majority of control systems are based on foreign hardware and software platforms, including strategic enterprises and objects with a critical mission. Herewith, the proportion of foreign microelectronic components in such systems is more than 85 %. The article is devoted to the development of scientific basis and techniques of the assurance assessment to control systems of objects with a critical mission. It was shown, that assurance assessment to a control system is a broader index than its reliability and fault tolerance. Such index must integrate various evidences and approvals, which can be objective, based on physical and mathematical assurance assessment methods, as well as they can be subjective, based on the experts experience. A method of assurance assessment to a control system of objects with a critical mission, based on Shortliffe’s scheme, was proposed in this paper. The Shortliffe’s scheme is used in the theories of fuzzy logic for assurance assessment to a hypothesis on the basis of various evidences and statements. An important advantage of a Shortliffe’s scheme is the set of evidences, which can be broadened and augmented (for instance, on the basis of obtained experience). It allows us to clarify a certainty factor. The assessment methods of truth degree of terminal statements of various types, including those, which require the combination of objective and subjective methods of their truth degree assessment, are proposed. The proposed assurance assessment method for national development and creation standards of control systems of objects with a critical mission allows to significantly increase their functional security.

1. GOST R 54581-2011. Information technology. Security techniques. A framework for IT security assurance. Part 1. Overview and framework, Moscow, FGUP "STANDARTINFORM", 2012, 23 p. (in Russian).

2. GOST R 54582-2011. Information technology. Security techniques. A framework for IT security assurance. Part 2. Assurance methods, Moscow, FGUP "STANDARTINFORM", 2013, 47 p. (in Russian).

3. GOST R 54583-2011. Information technology. Security techniques. A framework for IT security assurance. Part 3. Analysis of assurance methods, Moscow, FGUP "STANDARTINFORM", 2012, 50 p. (in Russian).

4. GOST R ISO/MEK 15408-3-2013. Information technology. Security techniques. Evaluation criteria for IT security. Part 3. Security assurance requirements, Moscow, FGUP "STANDARTINFORM", 2014, 267 p. (in Russian).

5. GOST R ISO/MEK 18045-2013. Information technology — Security techniques — Methodology for IT security evaluation, Moscow, FGUP "STANDARTINFORM", 2014, 244 p. (in Russian).

6. GOST R ISO/MEK 25010-2015. Information technology. Systems and software engineering. Systems and software Quality Requirements and Evaluation (SQuaRE). System and software quality models, Moscow, FGUP "STANDARTINFORM", 2015, 30 p. (in Russian).

7. GOST R 27.002-2015. Dependability in technics. Terms and definitions, Moscow, FGUP "STANDARTINFORM", 2016, 24 p. (in Russian).

8. Truhanov V. M. Reliability in technique, Moscow, Mashinostroenie, 1999, 597 p. (in Russian).

9. Viktorova V. S., Stepanyanc A. S. Models and methods for calculating the reliability of technical systems, Moscow, LENAND, 2014, 256 p. (in Russian).

10. Dorohov A. N., Kernozhickij V. A., Mironov A. N., Shestopalova O. L. Ensuring the reliability of complex technical systems, Moscow, Lan’, 2011, 352 p. (in Russian).

11. Majers G. Software reliability, Moscow, Mir, 2008, 360 p. (in Russian).

12. Taejr E., Lipov M., Nel’soe E. Software reliability, Moscow, IL, 2008, 323p. (in Russian).

13. Shafer G. A. Mathematical Theory of Evidence, Princeton University Press, 1976.

14. Finn V. Jensen. Bayesian Networks and Decision Graphs, Springer, New York, 2001, 268 p.

15. Kevin B. Korb. Bayesian Artificial Intelligence. CRC, London, 2004. P. 391.

16. Pyt’ev Yu. P. Opportunity. Elements of theory and application, Moscow, Editorial URSS, 2000, 192 p. (in Russian).

17. Zade L. The concept of a linguistic variable and its application to approximate decision-making, Moscow, Mir, 1976,166 p. (in Russian).

18. Novak V., Perfil’eva I., Mochkrozh I. Mathematical principles of fuzzy logic, Moscow, Fizmatlit, 2006, 352 p. (in Russian).

19. Dzhekson P. Introduction to expert systems, Moscow, Publishing house of "Vil’yams", 2001, 624 p. (in Russian).

20. Buchanan B. G., Shortliffe E. H. Rule-Based Expert Systems: The MYCIN Experiments of the Stanford Heuristic Programming Project, Addison-Wesley, Reading, 1984.

21. Morosanova N. A, Solov’ev S. Yu. Formal properties of the Shortliffe scheme, Upravlenie Bol’shimi Sistemami, 2012, vol. 36, pp. 5—38 (in Russian).

22. Gamkrelidze R. V. Fundamentals of optimal control, Tbilisi, Publishing house of TbGU, 1977, 264 p. (in Russian).

23. Ivanov V. A, Medvedev V. S. Mathematical foundations of the theory of optimal and logical control, Mosсow, Publishing house of MGTU im. N. E. Baumana, 2011, 599 p. (in Russian).

24. Alekseev V. M., Tihomirov V. M., Fomin S. V. Optimal control, Moscow, Fizmatlit, 2005, 408 p. (in Russian).