Sydorenko V. Methods for critical information infrastructure objects identification and cybersecurity assessment in aviation

This thesis is devoted to solving actual scientific and technical problem of developing methods for critical information infrastructure (CII) objects identification and cybersecurity (CS) assessment. In this work modern approaches to CII objects identification and CS assessment was analyzed, it allowed to identify their shortcomings and formalize scientific tasks of the research, regarding to development and improvement of methods for CII objects identification and CS assessment. A unified data model is developed, that allows formalizing the process of creating a CII objects list for the state, and determine their connectivity (the ratio of q-bonds of cyber threats and the critical aviation information system (CAIS) sets). In addition, a technique was developed, which allows creating a CII objects list both for particular sphere and national level. Method for identification was developed, and it allows identifying CII sphere elements, their influence on functional CAIS operations. Also, a special software application has been developed and implemented, which can be used to identify CII elements and determining their influence on functional operations. Method for determining importance level was improved, which allows evaluating the CII objects criticality in aviation, and rank them for corrective measures adequate use. Method for CS assesment was developed, it gives opportunity to calculate the quantitative parameters, which characterize the security of a particular sphere or CII of the state as a whole. Based on proposed research technique and developed software application, an experimental study was carried out and verified developed methods and model. The results of the thesis were implemented and used in the activity of following companies: AxxsonSoft, State Service of Special Communications and Information Protection of Ukraine, Pukhov Institute for Modelling in Energy Engineering of National Academy of Sciences of Ukraine, and also at IT-Security Academic Department of National Aviation University in educational process to increase the efficiency of training specialists in CS.