SEMANTIC MODEL OF SECURITY FACTORS INFLUENCE FOR EVALUATING CYBER RESILIENCE OF INFORMATION SYSTEMS
DOI:
https://doi.org/10.18522/2311-3103-2026-1-%25pKeywords:
Process-oriented approach, information system, cyber resilience, semantic model of security factors, sensorAbstract
In modern conditions, ensuring the cyber resilience of enterprise information and telecommunication systems is becoming a priority task that requires accounting for the complex interaction of numerous factors. This paper investigates resilience of information and telecommunication systems through the lens of a process-oriented approach, which focuses on maintaining continuous and secure enterprise operations in the event of cyber incidents. However, one of the current problems lies in the lack of tools for systematic analysis of security factors and their impact on the overall protection of business processes.
The aim of the study is to develop a formalized tool for predicting resilience levels, taking into account functional dependencies between factors. The primary research method is conceptual semantic modeling, which enables the formalization of cause-and-effect relationships between system elements. The scientific novelty consists in the development of a model that captures the mutual influence of threats and countermeasures, allowing for the prediction of information and telecommunication system resilience levels as early as the design stage. Using the method for evaluating the correctness of Industrial Control Systems endpoint parameters as an example, the influence of various factors on the effectiveness of the system’s lower-level protection mechanisms is demonstrated. The results presented in the paper help reduce the gap between the theoretical and practical application of the process-oriented approach. They can also serve as a theoretical foundation for developing software tools to support decision-making in selecting business protection measures, based on a balance between potential damage, expected levels of cyber resilience, risks, and security throughout the entire lifecycle
References
1. Maksimova E.A., Sadovnikova N.P. Otsenka infrastrukturnoy ustoychivosti sub"yekta kriticheskoy in-formatsionnoy infrastruktury pri destruktivnykh vozdeystviyakh [Assessment of the infrastructure resili-ence of a critical information infrastructure subject under destructive impacts], Izvestiya YuFU. Tekhnich-eskie nauki [Izvestiya SFedU. Engineering Sciences], 2021, No. 4, pp. 155-165, DOI: 10.18522/2311-3103-2021-4-155-165.
2. Ross R., Johnson L. Guide for Assessing the Security Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans, Special Publication (NIST SP), Gaithersburg MD, National Institute of Standards and Technology, 2010, 399 p.
3. Voevodin V.A. Model' otsenki funktsional'noy ustoychivosti elementov informatsionnoy infrastruktury dlya usloviy vozdeystviya mnozhestva komp'yuternykh atak [Model for assessing the functional stability of information infrastructure elements under multiple computer attacks], Informatika i avtomatizatsiya [Informatics and Automation], Saint Petersburg, FITs RAN, 2023, Vol. 22, No. 3, pp. 691-715. DOI: 10.15622/ia.22.3.8.
4. Tarasov A.A. Funktsional'naya ustoychivost' komp'yuternykh sistem kak faktor obespecheniya ikh in-formatsionnoy bezopasnosti [Functional stability of computer systems as a factor in ensuring their in-formation security], Informatsionnaya bezopasnost' Rossii v usloviyakh global'nogo informatsionnogo obshchestva [Information Security of Russia in the Global Information Society], Moscow, 2002, pp. 193-200.
5. Borodakiy Yu.V., Lobodinskiy Yu.G. Informatsionnye tekhnologii. Metody, protsessy, sistemy [Infor-mation technologies. Methods, processes, systems], Moscow, Radio i svyaz', 2002, 451 p.
6. Korolev A.N. Funktsional'naya ustoychivost' navigatsionno-informatsionnykh sistem [Functional stabil-ity of navigation and information systems], Izvestiya vuzov. Priborostroenie [Journal of Instrument En-gineering], 2018, Vol. 61, No. 7, P. 559–565. DOI: 10.17586/0021-3454-2018-61-7-559-565.
7. Borodakiy Yu.V., Tarasov A.A. O funktsional'noy ustoychivosti informatsionno-vychislitel'nykh sistem [On the functional stability of information and computing systems], Izvestiya YuFU. Tekhnicheskie nauki [Izvestiya SFedU. Engineering Sciences], 2006, No. 7, pp. 5-12.
8. Lukinova O.V. Komp'yuternye metody i algoritmy upravleniya bezopasnost'yu informatsionnykh sistem [Computer methods and algorithms for information systems security management], Moscow, IPU RAN [ICS RAS], 2014, 248 p.
9. Lukinova O.V. Formalizatsiya zadachi planirovaniya zashchity rasпредelennoy komp'yuternoy seti na osnove biznes-protsessnogo podkhoda [Formalization of the task of planning the protection of a distrib-uted computer network based on a business process approach], Nadezhnost' [Dependability], 2009, No. 1, pp. 72-80.
10. Lukinova O.V. Formirovanie modeli ugroz bezopasnosti komp'yuternoy seti pri biznes-protsessnom podkhode [Formation of a computer network security threat model using a business process approach], Reinzhiniring biznes-protsessov na osnove sovremennykh informatsionnykh tekhnologiy [Business Pro-cess Reengineering Based on Modern Information Technologies], Moscow, 2009, pp. 170-176.
11. GOST R 51897-2011/ISO Guide 73:2009. Menedzhment riska. Terminy i opredeleniya [Risk manage-ment. Vocabulary. Guidelines for use in standards]. Moscow: Standartinform, 2012, 16 p.
12. GOST R ISO/IEC 13335-1-2006. Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Chast' 1. Kontseptsiya i modeli menedzhmenta bezopasnosti informatsionnykh i telekom-munikatsionnykh tekhnologiy [Information technology. Security techniques. Part 1. Concepts and mod-els for information and telecommunications technology security management], Moscow, Standartinform, 2007, 23 p.
13. Azbuka kiberustoychivosti [Cyber resilience ABCs], Kaspersky Blog [Kaspersky Blog], 2025. Availa-ble at: https://www.kaspersky.ru/blog/cyber-resilience-101/39564/ (accessed 03 November 2025).
14. Krasnov A.E., Mosolov A.S., Feoktistova N.A. Otsenivanie ustoychivosti kriticheskikh informatsionnykh infrastruktur k ugrozam informatsionnoy bezopasnosti [Evaluating the resilience of critical information infrastructures to information security threats], Bezopasnost' informatsionnykh tekhnologiy [IT Security], 2021, Vol. 28, No. 1, pp. 106-120. DOI: 10.26583/bit.2021.1.09.
15. Solyanov D.A., Timiryanova D.R. Strategii povysheniya urovnya kiberustoychivosti v korporativnoy infrastrukture [Strategies for increasing the level of cyber resilience in corporate infrastruc-ture], Mezhdunarodnyy studencheskiy nauchnyy vestnik [International Student Scientific Bulletin], 2025, No. 1. Available at: https://eduherald.ru/ru/article/view?id=21744 (accessed 03 November 2025).
16. NIST SP 800-39. Managing Information Security Risk: Organization, Mission, and Information System View, National Institute of Standards and Technology, Gaithersburg, NIST, 2011, 82 p. Available at: https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-39.pdf (accessed 03 November 2025).
17. Russian Federation. Laws. O personal'nykh dannykh: Feder. zakon No. 152-FZ [On Personal Data: Federal Law No. 152-FZ]. Moscow, 2006, ConsultantPlus.
18. Russian Federation. Laws. O bezopasnosti: Feder. zakon No. 390-FZ [On Security: Federal Law
No. 390-FZ]. Moscow, 2010, ConsultantPlus.
19. Russian Federation. Laws. Ob informatsii, informatsionnykh tekhnologiyakh i o zashchite informatsii: Feder. zakon No. 149-FZ [On Information, Information Technologies and Information Protection: Fed-eral Law No. 149-FZ]. Moscow, 2006, ConsultantPlus.
20. ITIL Essentials for IT Service Management: materialy uchebnogo kursa. Versiya B.00 [ITIL Essentials for IT Service Management: Course Materials. Version B.00], Hewlett-Packard Education, 1998, 178 p.
21. GOST R ISO/IEC 31010-2011. Menedzhment riska. Metody otsenki riska [Risk management. Risk assessment techniques]. Moscow, Standartinform, 2012, 74 p.
22. ISO/IEC 27005:2018. Information technology — Security techniques — Information security risk man-agement, 3rd ed., Geneva, ISO/IEC, 2018, 61 p.
23. Bogacheva D.N., Lukinova O.V. Voprosy otsenki korrektnosti dannykh ustroystv nizhnego urovnya avtomatizirovannykh sistem [Issues of assessing the correctness of data from low-level devices of auto-mated systems], Materialy 32-y Mezhdunarodnoy nauchno-tekhnicheskoy konferentsii "Sistemy be-zopasnosti – 2023" [Proceedings of the 32nd International Scientific and Technical Conference "Security Systems – 2023"]. Moscow, Akademiya GPS MCHS Rossii, 2023, pp. 349-355.
24. Bogacheva D.N., Lukinova O.V., Pavlova E.S. The Approach to Assessing the Correctness of Automat-ed System Endpoint Devices' Parameters Using their Reference Models, Proceedings of the 2024 Inter-national Russian Smart Industry Conference (SmartIndustryCon), Sochi, IEEE, 2024, pp. 850-854.
25. Massel' A.G., Gaskova D.A. Ontologicheskiy inzhiniring dlya razrabotki intellektual'noy sistemy analiza ugroz i otsenki riskov kiberbezopasnosti energeticheskikh ob"yektov [Ontological engineering for the development of an intelligent system for threat analysis and cybersecurity risk assessment of energy fa-cilities], Ontologiya proektirovaniya [Ontology of Designing], 2019, Vol. 9, No. 2 (32), pp. 225-238.
26. Buryy A.S., Ustselemov V.N. Ontologicheskiy podkhod k formirovaniyu kognitivnykh modeley otsenki kiberbezopasnosti [Ontological approach to the formation of cognitive models for cybersecurity assess-ment], Informatsionno-ekonomicheskie aspekty standartizatsii i tekhnicheskogo regulirovaniya [Infor-mation and Economic Aspects of Standardization and Technical Regulation], 2020, No. 3 (55), pp. 77-84.
27. Uchenye MGU razrabotali novuyu ontologiyu informatsionnoy bezopasnosti [MSU scientists have developed a new information security ontology], VMK MSU [VMK MSU website], 2025. Available at: https://cs.msu.ru/news/3933 (accessed 03 November 2025).
28. Kolesnikova D.S., Vereshchagina E.A. Primenenie ontologiy v obuchayushchikh sistemakh [Application of ontologies in educational systems], Inzhenernyy vestnik Dona [Engineering Journal of Don], 2025, No. 6 (102), pp. 247-257.
29. Guzairov M.B., Vul'fin A.M., Kartak V.M., Kirillova A.D., Mironov K.V. Sravnitel'nyy analiz algoritmov kognitivnogo modelirovaniya pri otsenke riskov informatsionnoy bezopasnosti [Comparative analysis of cognitive modeling algorithms in information security risk assessment], Trudy ISA RAN [Proceedings of ISA RAS], 2019, Vol. 69, No. 4. Available at: http://www.isa.ru/proceedings/images/documents/2019-69-4/62-69.pdf (accessed 03 November 2025).
30. Yatsuk K.V., Sviridov O.I., Ivanov D.A., Skorobogatov S.Yu. Metodika modelirovaniya ugroz STRIDE na tekhnologiyu SDN-kontrollerov [STRIDE threat modeling methodology for SDN controller technol-ogy], Izvestiya Tul'skogo gosudarstvennogo universiteta. Tekhnicheskie nauki [News of the Tula State University. Technical Sciences], 2022, No. 3, pp. 347-352.
31. Khan R., McLaughlin K., Laverty D., Sezer S. STRIDE based Threat Modeling for Cyber-Physical Systems, Proceedings of the 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe, 2017, pp. 1-6.
32. Shevchenko N., Chick T.A., O’Riordan P., Scanlon T.P., Woody C. Threat modelling: A summary of available methods, Carnegie Mellon University Software Engineering Institute, 2018, pp. 1-24.
33. Minyaev A.A. Modelirovanie ugroz bezopasnosti informatsii v territorial'no-raspredelennykh infor-matsionnykh sistemakh [Information security threat modeling in geographically distributed information systems], Naukoyemkie tekhnologii v kosmicheskikh issledovaniyakh Zemli [Hign-tech Technologies in Earth Space Research], 2021, No. 13 (2), pp. 52-65.
34. Zufarova A.S., Kosheleva A.D. Chto takoe MITRE ATT&CK: razbor populyarnoy takticheskoy modeli [What is MITRE ATT&CK: Analysis of a Popular Tactical Model], Informatika. Ekonomika. Uprav-lenie [Informatics. Economics. Management], 2025, No. 4 (1), pp. 2027-2037. DOI: 10.47813/2782-5280-2025-4-1-2027-2037.
35. Doynikova E.V., Chechulin A.A., Kotenko I.V. Otsenka zashchishchennosti komp'yuternykh setey na osnove metrik CVSS [Security assessment of computer networks based on CVSS met-rics], Informatsionno-upravlyayushchie sistemy [Information Management Systems], 2017, No. 6 (91), pp. 76-87.
36. Boychenko A.V., Lukinova O.V. Kognitivnyy podkhod k analizu vliyaniya faktorov informatsionnoy bezopasnosti [Cognitive approach to the analysis of the influence of information security factors], Trudy 7-y Mezhdunarodnoy nauchno-prakticheskoy konferentsii "Integrirovannye modeli i myagkie vychisleni-ya v iskusstvennom intellekte" [Proceedings of the 7th International Scientific and Practical Conference "Integrated Models and Soft Computing in Artificial Intelligence"], Moscow, Fizmatlit, 2013, pp. 583-586.
37. Afontsev E.V., Porshnev S.V. Opyt postroeniya metodik obnaruzheniya virusnoy setevoy aktivnosti [Ex-perience in building methods for detecting viral network activity], Vestnik UGTU-UPI [Bulletin of USTU-UPI], 2004, No. 20 (50), pp. 215-217.
38. Lukinova O.V., Pugachev A.V. Osobennosti postroeniya profiley sistem bezopasnosti IS [Features of constructing security system profiles for information systems], Otkrytoe obrazovanie [Open Education], 2015, No. 4, P. 80-87. DOI: 10.21686/1818-4243-2015-4(111-38-44).
