Home/ Majors directory/Cybersecurity/Security of Cyber-Physics Systems
Security of Cyber-Physics Systems
Major: Cybersecurity
Code of subject: 6.125.02.E.134
Credits: 3.00
Department: Information Security
Lecturer: Ph.D., prof., Prof. Department of Information Protection Mykytyn Halyna Vasylivna
Semester: 7 семестр
Mode of study: денна
Learning outcomes: As a result of studying the discipline, the student must be able to demonstrate the following learning outcomes:
1. Know the basic principles of building a multilevel model of a comprehensive information security system in cyberphysical systems at the level of: cyberspace, communication environment, physical space;
2. Know the current state of existing standards as a segment of the information support system;
3. Have a classification of threats, in particular for cyberspace, communication environment, physical space; be able to apply the STRIDE threat classification methodology;
4. Master the criteria for protection of cyberspace, communication environment, physical space according to DSTU ISO / IEC 15408;
5. To master the methodology of creation of models of KSZI of cyberspace, communication environment, physical space on the basis of the concept "object - threat - protection";
6. Be able to create models for the protection of information systems in the space of ensuring their warranty in accordance with targeted and accidental threats;
7. To be able to create models of complex systems of protection of communication environment and physical space on an example - wireless communication technologies and MEMS-sensors;
8. Know the models and methods of information security management according to DSTU ISO / IEC TR 13335, DSTU ISO / IEC 27001. Have the criteria to create a management model KSZI based on the concept of "object - threat - protection".
Required prior and related subjects: Previous disciplines:
Security of cybernetic systems;
Methods and means of information protection:
Information security management.
Related disciplines:
Basics of technical protection of information;
Organizational support of information protection;
Comprehensive information security systems.
Summary of the subject: Abstract of the discipline
The concept of the discipline: models of building integrated information security systems (CCIS) in cyberphysical systems at the level of: cyberspace - information resources, information systems, information processes, communication environment - wireless and wired communication technologies, physical space - special sensors, MEMS-sensors according to the current system of standards for system support: information protection, guarantee of information and communication systems, protection of physical objects of society's infrastructures. The concept space also presents models and methods of information security management and the KSZI management model based on the concept of "object - threat - protection". The practical part of the presentation of the discipline is the creation of models of complex protection systems: information resources, information systems, information processes, information networks. Test work - the creation of a model KSZI object, which allows the practical mastery of all elements of the discipline.
Assessment methods and criteria: Lectures. Practical. Independent work.
Methods of diagnostics of knowledge.
The method of knowledge diagnostics is control work (CR). It covers: 1) analysis of the architecture and functional purpose of automated systems (AS) and communication systems (CS) of wireless communication at the relevant facility; 2) creation of a comprehensive information protection system based on the model of integrated security of the AU and CS of the object; 3) algorithm for assessing the strength of the system of integrated security of the object. This structure of the CD allows the student to systematically approach the assimilation of information support for the construction of a comprehensive system of technical protection of information in accordance with regulations and guidelines. To create a CCIS, each student receives an individual task - the object of security.
Recommended books: Recommended Books
Basic
1. Dudykevich VB, Maksimovich VN, Mikitin GV Development of conceptual foundations of security of information and communication technologies / Information technologies and information protection in information and communication systems: monograph / ed. V.S. Ponomarenko. - H .: Published by LLC "Generous Estate Plus", 2015. - P. 112-126.
2. Dudykevich VB, Maksimovich VN, Mikitin GV Strategy of security of cyberphysical systems / Information technologies and protection of information in information and communication systems: monograph / ed. VS Ponomarenko. - H .: Published by Shchedra Sadiba Plus LLC. - 2016. - P. 286 - 300.
3. Dudykevych VB, Mykytyn GV Complex security systems of cybernetic space of cyberphysical system based on the concept of "object - threat - protection" / Information technology: problems and prospects: a monograph / for general. ed. V.S. Ponomarenko. - H.: Vid Rozhko SG , 2017. - 447 p.
Auxiliary
1. Dudykevych VB Multilevel intellectual control systems: warranty, security of objects / VB Dudykevych, GV Mykytyn, TB Kret // Information processing systems. - 2015. - issue № 4 (129). - P. 92–95.
2. Dudykevych VB Computer system for monitoring wind flows to determine wind potential and installation of wind power stations / VB Dudykevych, GV Mykytyn, OV Pashuk // Information processing systems. - 2015. - issue № 10 (135). - P. 192–195.
3. Dudikevich VB, Maksimovich VM, Mikitin GV Paradigm and concept of building a multilevel complex security system of cyberphysical systems // Bulletin of the National University "Lviv Polytechnic", Automation, Measurement and Control. - 2015. - № 821. - С 3–7.
4. Dudykevich VB, Mykytyn GV, Rebets AI Communication environment of cyberphysical system "Wi-Fi - Bluetooth - Cloud computing - IoT": information security, models of information security management // Information processing systems. - 2016. - issue № 4 (141). - P. 83 - 85
5. Dudykevych V.B., Mykytyn G.V., Kret T.B .. The concept of creating a multi-level complex system of cyber-physical safety systems // Information processing systems. - 2016. - issue № 5 (142). - P. 87 - 93
6. Dudikevich VB, Mikitin GV, Kret TB The concept and basic approach to building an information security system in a multilevel intelligent control system // Information processing systems. - 2016. - issue № 8 (145). - P. 105 - 110.
7. Dudykevych VB Universal platform for creating a system of information protection in multilevel intelligent control systems / VB Dudykevych, GV Mykytyn, TB Kret // Bulletin of the National University "Lviv Polytechnic". Series: Automation, measurement and control. - 2016. - № 852. - P. 23–28.
8. Dudykevych V., Mykytyn G., Kret T., Rebets A. Security of Cyber-Physical Systems from Concept to Complex Information Security System // Advances in Cyber-Physical Systems / - Volume 1, Number 2 (2016). - P. 67 - 75.
9. Dudykevych VB Complex security system of cyberphysical system "iPhone - Wi-Fi, Bluetooth - sensors" / VB Dudykevych, GV Mykytyn, AI Rebets // Information processing systems. - 2017. - № 2 (148). - P. 84–87.
10. Dudykevych VB The quintessence of information security of the cyberphysical system / VB Dudykevych, GV Mykytyn, AI Rebets // Information systems and networks. - 2018. - № 894 - P. 24–3
Security of Cyber-Physics Systems (курсовий проєкт)
Major: Cybersecurity
Code of subject: 6.125.02.E.138
Credits: 3.00
Department: Information Security
Lecturer: Ph.D., prof., Prof. Department of Information Protection Mykytyn Halyna Vasylivna
Semester: 7 семестр
Mode of study: денна
Learning outcomes: The course project involves the task at the following levels:
- characteristics of the object of research - regime-secret body, development of the plan-scheme of placement of the object - cyberphysical system;
- normative and technical - to involve normative and technical documents, laws, projects of the state level; state, interstate and international regulations in the field of information protection;
- organizational and informational - to involve technical equipment as a companion in the operation of the object of protection;
- hardware and software - to involve hardware and software depending on the micro level of implementation of work on information protection on the basis of normative documents, substantiated criteria of methodology of protection of the object of research;
- functional - to carry out a phased implementation of work on information protection at the regional level with the involvement of problem-oriented approaches and the use of the latest sensors (acoustic, optical, ultrasonic, based on relevant physical phenomena), leading security alarm systems, video surveillance, fire safety the ability to provide comprehensive protection of the object of study - the cyberphysical system.
Required prior and related subjects: Previous disciplines:
Methods and means of information protection;
Integrated protection systems.
Related disciplines:
Design of complex information protection systems
Summary of the subject: Course project content:
1. General information about the regime-secret body and a comprehensive approach to its protection
2. Regulatory and technical security of the cyberphysical system
3. Organizational and information security of the cyberphysical system
4. Hardware security of the cyberphysical system
5. Cyberphysical system security software
6. Functional support of the cyberphysical system
7. Task options
8. Instructions for the course project
9. Example of course project implementation
Used literature
The order of the course:
1. Acquaintance with the content of methodical instructions for performance of the course project
2. Acquaintance with the individual task - the object of research (cyberphysical system of the subject area), the list of the main technical means which are in the room of RSO, means of information transfer
3. Draw a plan of the premises for the location of the RSO, where the appropriate technical means will be placed
4. According to the content of the course project and individual task to create in the appropriate section normative-technical, organizational-informational, hardware, software, functional levels of the complex approach to protection of a regime-secret body.
Assessment methods and criteria: Evaluation methods.
Course project defense.
Recommended books: Recommended Books:
Gerasimenko VA Information protection in automated data processing systems. In 2 books. M .: Energoatomizdat, 1994. 400 s., 176 s.
Golovan SM. General record keeping and record keeping of documents containing confidential information marked "for official use". Training manual. - К .: НАУ, 2003. - 176 с.
Golovan SM. Keeping documents classified. Training manual. - К ..: НАУ, 2003. - 92 с.
Davidenko AM, Golovan SM, Shcherbina VP Model of office processes of information processing with limited access // Collection of scientific works of IPME NAS of Ukraine. - Vip. 20. - К .: 2003. - С. 146-151.
DSTU 2732-94 Edition. The main types. Terms and definitions. - Valid from 01.01.95.
DSTU 3396.0-96 Information protection. Technical protection of information. Substantive provisions. - Valid from 1997-01-01.
DSTU 3396.1-96 Information protection. Technical protection of information. The order of works. - Valid from 1997-01-07.
DSTU 3396.2-97 Information protection. Technical protection of information. Terms and definitions. - Valid from 1998-01-01.
Dudikevich VB, Zachepilo VS, Khoma VV Legal bases of information protection. Lecture notes. Lviv Polytechnic National University, 2002, 68 p.
Law of Ukraine “On State Secrets”: Law of Ukraine of September 21, 1999 № 1079-XIV // Bulletin of the Verkhovna Rada of Ukraine. - 1999. - № 49. - Ст. 428.
Law of Ukraine “On Information”: Law of Ukraine of October 2, 1992 № 2657-ХII // Bulletin of the Verkhovna Rada of Ukraine. - 2002. - № 29. - Ст. 194.
Law of Ukraine “On Information Protection in Automated Systems”: Law of Ukraine of 05.10.94 № 80/94-VR // Bulletin of the Verkhovna Rada of Ukraine. - 1994. - № 31. - Ст. 286.
The set of information constituting the state secret of Ukraine, approved by the order of the Chairman of the Security Service of Ukraine of March 1, 2001 N 52;
Instruction on the procedure for accounting, storage and use of documents, files and other material media that contain confidential information owned by the state. Approved by the resolution of the Cabinet of Ministers of Ukraine dated 27.11.98 № 1893. Official Gazette of Ukraine. - 1998. - № 48. - Ст. 1764
Criminal Code of Ukraine: Law of Ukraine of 05.04.01 № 2341-III // Bulletin of the Verkhovna Rada of Ukraine. - 2001. - № 25-26. - St. 131.
The procedure for organizing and ensuring secrecy in public authorities, local governments, enterprises, institutions and organizations. Approved by the resolution of the Cabinet of Ministers of Ukraine dated 02.10.03 № 1561-12.
ND TZI 1.4-001-2000 Standard regulations on information protection service in the automated system. - Valid from 2000-12-15.
ND TZI 3.6-001-2000 Technical protection of information. Computer systems.
On Approval of Provisions on State Secrets and Amendments to Certain Resolutions of the Cabinet of Ministers of Ukraine Resolution of the Cabinet of Ministers of November 29, 2001 № 1601
Tarasov Yu.V. Control - access mode at the enterprise. - M .; Arsin, 1998. - 71 p.
Khoroshko VA, Chekatov AA Methods and means of information protection / Ed. Ю.С.Ковтонюка - К .: Юниор, 2003, - 504 с.
Hoffman LJ Modern methods of information protection: Per s angl .. M .: Sov. radio, 1980. 264 p.
http://www.rada.gov.ua
http://www.kmu.gov.ua
http://www.sbu.gov.ua
http://www.dstszi.gov.ua
http://kiev-security.org.ua
http://www.bezpeka.com
http://www.nics.com.ua