Home/ Majors directory/Information Security Systems and Automation of Information Processing/Guaranteeability of Automated Systems
Guaranteeability of Automated Systems
Major: Information Security Systems and Automation of Information Processing
Code of subject: 7.125.02.O.002
Credits: 5.00
Department: Information Security
Lecturer: Mykytyn Halyna Vasylivna - DSc., prof., Prof. Department of Information Protection
Semester: 1 семестр
Mode of study: денна
Завдання: The study of the discipline involves the formation of competencies in students:
professional:
PC 1. Ability to reasonably apply, integrate, develop and improve modern information technologies, physical and mathematical models, as well as technologies for creating and using application and specialised software to solve professional problems in the field of information security and/or cybersecurity.
PC 2. Ability to develop, implement and analyse regulations, provisions, instructions and requirements of technical and organisational direction, as well as to integrate, analyse and use the best international practices, standards in professional activities in the field of information security and/or cybersecurity.
PC 8. Ability to research, develop, implement and maintain methods and means of cryptographic and technical protection of information at information facilities and critical infrastructure, in information systems, as well as the ability to evaluate the effectiveness of their use, in accordance with the established strategy and policy of information security and/or cybersecurity of the organisation.
PCS 5. Ability to assess the compliance of the information security system of an automated system with its purpose in accordance with the requirements of applicable standards.
Learning outcomes: As a result of studying the discipline, the student must be able to demonstrate the following learning outcomes:
1. Possess: types and forms of information presentation, information processing processes in an automated system;
2. Know the classification of information security objects, potential threats to its security in an automated system;
3. Based on the analysis of known approaches to information security in an automated system, master the principles of designing an integrated security system at the level of models, methods and tools in accordance with the current regulatory framework;
4. Be able to develop guidelines ‘Integrated information security system in automated systems’
5. To be able to create a methodology for assessing the level of information security in an automated system in accordance with threats to confidentiality, integrity, availability;
6. To be able to describe the structure of the reliability of automated systems and design information security for them according to the main security profiles based on the concept of ‘object - threat - protection’.
As a result of studying the discipline, the student must be able to demonstrate the following programme learning outcomes:
1.
Learning outcomes:
LO1. To communicate fluently in the state and foreign languages, verbally and in writing, to present and discuss the results of research and innovation, business/operational processes and professional activities in the field of information security and/or cybersecurity.
Learning and teaching methods:
Lectures - information and receptive method
Assessment methods for learning outcomes:
Current check in the process of mastering each topic studied; assessment of student activity during lectures; exam - exam paper and verbal questioning.
2.
Learning outcomes:
LO7. To justify the use, implement and analyse the best international standards and practices in order to solve complex problems of professional activity in the field of information security and/or cybersecurity.
Learning and teaching methods:
Lectures - information and receptive method
Assessment methods for learning outcomes:
Current check in the process of mastering each topic studied; assessment of student activity during lectures; exam - exam paper and verbal questioning.
3.
Learning outcomes:
LO10. Ensure the continuity of business/operational processes, as well as identify vulnerabilities of information systems and resources, analyse and assess risks to information security and/or cybersecurity of the organisation.
Learning and teaching methods:
Lectures - information and receptive method
Assessment methods for learning outcomes:
Current check in the process of mastering each topic under study; assessment of student activity during lectures; exam - exam paper and verbal questioning.
4.
Learning outcomes:
LO12. To research, develop and implement methods and measures to counter cyber incidents, to carry out management, control and investigation procedures, as well as to provide recommendations for the prevention and analysis of cyber incidents in general.
Learning and teaching methods:
Laboratory work - reproductive method, heuristic method, Independent work - research method
Assessment methods for learning outcomes:
Current check in the process of mastering each topic studied; assessment of student activity in the process of laboratory classes; checking the performance of laboratory work; verbal questioning on the assimilation of knowledge acquired in the process of performing laboratory work
5.
Learning outcomes:
LO18. To plan training, as well as to accompany and monitor work with staff in the field of information security and/or cybersecurity
Learning and teaching methods:
Laboratory work - reproductive method, heuristic method, Independent work - research method
Assessment methods for learning outcomes:
Current check in the process of mastering each topic studied; assessment of student activity in the laboratory; checking the performance of laboratory work; checking the performance of the control work; verbal questioning on the assimilation of knowledge acquired in the process of performing laboratory work.
Required prior and related subjects: Prior academic subjects:
1. Methods and means of technical protection of information
2. Integrated information security systems
Related and subsequent subjects:
1. Design of integrated information security systems
Summary of the subject: The discipline develops the issues of designing integrated information security systems in automated systems. The objects of information protection are: information resources; information systems; information processes; information networks, information life cycle management and information security system. Potential threats to the security of information processing automation are analysed. The structure of the reliability of automated information processing systems with limited access at the level of functional and information security properties is revealed.
Methods of protection of processes of automation of information processing with limited access are presented. A systematic approach to the design of an integrated information security system in an automated information processing system is considered.
The principles of building information security systems in complex automation tools (CAST) for information processing are analysed. The means of controlling the protection of information from unauthorised access in the automated information processing system are considered. The models of information security in information technologies at the level of resources, systems, processes, networks, management are presented.
Опис: Lecture classes: 15 hours in total.
1. Automated information processing systems: subject of protection. Number of hours - 2.
2. Objects of information protection. Number of hours - 2.
3. Potential threats to information security in automated systems. Number of hours - 2.
4. Methods of information security in automated systems. Number of hours - 3.
5. Designing information security in automated systems. Number of hours - 3.
6. Guaranteeability of automated systems. Security models of automated systems. Construction of information security systems in complex means of automation of its processing. Number of hours - 3.
Laboratory classes: Total hours - 30.
1. Introductory class. Introduction to the conceptual approach to laboratory work. Number of hours - 2.
2. Application of methods of qualitative data analysis in the creation of an information processing automation system in the relevant subject area (individual task). Number of hours - 2.
3. Creating a conceptual and information model of the subject area based on the principles of system analysis in the context of designing an information processing automation system. Number of hours - 4.
4. Justification of the criteria for choosing a database, database management system, programming language. Building a relational database. Number of hours - 4.
5. Development of algorithmic and software support for the operation of an information processing automation system with limited access. Number of hours - 8.
6. Development of a user authentication verification algorithm. Application of information encryption algorithms. Number of hours - 6.
7. Protection / delivery of laboratory work. Number of hours - 4.
Independent work: Total hours - 105.
1. Preparation for classes and control activities. The number of hours is 105.
Assessment methods and criteria: Current control in the classroom is carried out to clarify the circumstances of the educational process and determine its results in the following forms
- preliminary identification of the level of knowledge of students before the start of classes;
- current checking in the process of mastering each topic being studied;
- assessment of student activity during lectures;
- assessment of student activity during laboratory classes;
- checking the performance of laboratory work;
- checking the performance of control work;
- verbal examination of the knowledge acquired in the course of laboratory work;
Final (examination) control is carried out based on the results of answers to the examination paper and verbal examination.
Критерії оцінювання результатів навчання: Maximum score in points:
Current control (CC):
1. Laboratory work - 30
Examination control:
1. Written component - 65
2. Verbal component - 5
Total for the discipline - 100
Procedure and criteria for assigning points and grades:
Type of control - Scoring criteria - Maximum number of points:
Laboratory work - Completed and submitted work - 5
Exam (exams) - Correct answers to the questions in the exam papers - 65
Verbal component - Correct answer to the question - 5
Порядок та критерії виставляння балів та оцінок: 100-88 points - certified with an “excellent” grade - High level: the student demonstrates an in-depth mastery of the conceptual and categorical apparatus of the discipline, systematic knowledge, skills and abilities of their practical application. The mastered knowledge, skills and abilities provide the ability to independently formulate goals and organize learning activities, search and find solutions in non-standard, atypical educational and professional situations. The applicant demonstrates the ability to make generalizations based on critical analysis of factual material, ideas, theories and concepts, to formulate conclusions based on them. His/her activity is based on interest and motivation for self-development, continuous professional development, independent research activities, implemented with the support and guidance of the teacher. 87-71 points - certified with a grade of “good” - Sufficient level: involves mastery of the conceptual and categorical apparatus of the discipline at an advanced level, conscious use of knowledge, skills and abilities to reveal the essence of the issue. Possession of a partially structured set of knowledge provides the ability to apply it in familiar educational and professional situations. Aware of the specifics of tasks and learning situations, the student demonstrates the ability to search for and choose their solution according to the given sample, to argue for the use of a particular method of solving the problem. Their activities are based on interest and motivation for self-development and continuous professional development. 70-50 points - certified with a grade of “satisfactory” - Satisfactory level: outlines the mastery of the conceptual and categorical apparatus of the discipline at the average level, partial awareness of educational and professional tasks, problems and situations, knowledge of ways to solve typical problems and tasks. The applicant demonstrates an average level of skills and abilities to apply knowledge in practice, and solving problems requires assistance, support from a model. The basis of learning activities is situational and heuristic, dominated by motives of duty, unconscious use of opportunities for self-development. 49-00 points - certified with a grade of “unsatisfactory” - Unsatisfactory level: indicates an elementary mastery of the conceptual and categorical apparatus of the discipline, a general understanding of the content of the educational material, partial use of knowledge, skills and abilities. The basis of learning activities is situational and pragmatic interest.
Recommended books: Educational and methodological support:
Methodical instructions for laboratory work in the course ‘Reliability of automated systems’:
1. Creation of an automated system for processing information with limited access: Information technology, methods of qualitative data analysis: Instruction for laboratory work No. 1 in the course ‘Automated systems of information processing with limited access’ for students of the speciality: 7.17010201 ‘Systems of technical protection of information, automation of its processing’ / Compiled by V.B. Dudykevych, G.V. Mykytyn, Kh. S. Ruda - Lviv: NU ‘LP’, 2024. 18 p.
2. Creation of an automated system for processing information with limited access: Conceptual and information models of the subject area based on the principles of system analysis: Instruction for laboratory work No. 2 in the course ‘Automated Information Processing Systems with Restricted Access’ for students of the speciality: 7.17010201 ‘Systems of technical protection of information, automation of its processing’ / Compiled by V.B. Dudykevych, G.V. Mykytyn, Kh. S. Ruda - Lviv: NU ‘LP’, 2024. - 18 p.
3. Creation of an automated system for processing information with limited access: Building a relational database: Instruction for laboratory work No. 3 in the course ‘Automated information processing systems with limited access’ for students of the speciality: 7.17010201 ‘Systems of technical protection of information, automation of its processing’ / Compiled by VB. Dudykevych, G.V. Mykytyn, H.S. Ruda - Lviv: NU ‘LP’, 2024. 17 p.
4. Creation of an automated system for processing information with limited access: Algorithmic and software: Instruction for laboratory work No. 4 in the course ‘Automated Information Processing Systems with Restricted Access’ for students of the speciality: 7.17010201 ‘Systems of technical protection of information, automation of its processing’ / Compiled by V.B. Dudykevych, G.V. Mykytyn, Kh.S. Ruda - Lviv: NU ‘LP’, 2024. 23 p.
5. Creation of an automated system for processing information with limited access: Information protection in ASOI: Instruction for laboratory work No. 5 in the course ‘Automated Systems of Information Processing with Restricted Access’ for students of the speciality: 7.17010201 ‘Systems of technical protection of information, automation of its processing’ / Compiled by: VB. Dudykevych, G.V. Mykytyn, H.S. Ruda - Lviv: NU ‘LP’, 2024. - 19 p.
Recommended literature:
Basic:
1. Zegzhda D.P. Fundamentals of information systems security / D.P. Zegzhda, A.M. Ivashko - Moscow: Hotline - Telecom, 2000. - 452 p.
2. Mikitin G.V. Complex security systems of cyberspace of a cyber-physical system based on the concept of ‘object - threat - protection’ / Information technologies: problems and prospects: monograph / V.B. Dudikevich, G.V. Mykytyn / edited by V.S. Ponomarenko - Kharkiv: Rozhko S.G. Publishing House, 2017. 447 p.
3. Strategic security of the system ‘object - information technology’: [monograph] / [Bobalo Y.Y., Dudykevych V.B., Mykytyn H.V.] - Lviv: Lviv Polytechnic University Press. - 2020. - 260 p.
Additional:
1. ISO-N NKAU 0060:2010. Sectoral quality management system. Reliability of critical software and hardware systems. Guideline of the National Space Agency of Ukraine. - Kyiv, 2011. - 60 p.
2. The quintessence of security of cyber-physical systems / V.B. Mykytyn. Dudykevych, G.V. Nikitin, AI. Rebets // Information systems and networks. - 2018. - No. 887 - P. 58-69.
3. To the problem of managing the integrated security system of cyber-physical systems / VB. Dudykevych, G.V. Nikitin, AI. Rebets // Bulletin of Lviv Polytechnic National University, Information Systems and Networks. - 2018. - No. 901. - P. 10-21.
4. Computer monitoring of wind potential: a conceptual approach, a system for selecting wind flow parameters / V.B. Dudykevych, G.V. Mykytyn, I.R. Opirskyi, O.V. Pashuk // Measuring Instrumentation and Metrology - 2018 - Issue 79.3 - P. 17-24.
5. Wireless sensor networks ZigBee, Wi-Fi and Bluetooth in cyber-physical systems: the concept of ‘object - threat - protection’ based on the OSI model / V.B. Dudykevych, G.V. Pashuk. Dudikevich, G.V. Nikitin, A. I. Rebets, M. Melnyk // Information Processing Systems. - 2019. - P. 114 - 120.
6. Mykytyn G.V. Multilevel security of information systems / V.B. Dudykevych, G.V. Mykytyn // Modern special equipment. - 2019. - No. 4. - P. 14 - 23
7. Mykytyn H.V. System model of information security of a smart city / V.B. Dudykevych, H.V. Mykytyn, M.O. Halunets // Information processing systems. - 2020. - Issue 2(161). - P. 93 - 98
8. Mykytyn G.V. Security elements of the ‘smart home’ / V.B. Dudykevych, G.V. Mykytyn, D.V. Vasiliev // Modern Special Equipment. - 2020. - No. 4. - P. 35 - 47
9. Mykytyn G.V. Secure information exchange in wireless networks of the information support centre / V.B. Dudykevych, G.V. Mykytyn, M.V. Lennik // Modern special equipment. - 2021. - No. 2. - P. 7 - 19
10. Yuriy Bobalo, Valeriy Dudykevych, Galyna Mykytyn, Taras Stosyk Paradigm of Safe Intelligent Ecological Monitoring of Environmental Parameters. CEUR Workshop Proceedings, 2021, 3200, pp.244-249.
11. Mykytyn H.V. Application of deep learning to detect deepfake modifications of biometric image / V.B. Dudykevych, H.V. Mykytyn, H.S. Ruda // Modern Special Equipment. - 2022. - No. 1. - pp. 13 - 22
12. Mykytyn H.V. On the issue of secure authentication in web applications / V.B. Dudykevych, H.V. Mykytyn, V.P. Nasilevsky, V.R. Figurniak // Information Protection. - 2023. - Vol. 25, No. 2. - P. 76 - 82
Information resources:
1. Work programme for the discipline ‘Guaranteeability of automated systems’ for speciality 8.125.00.02 ‘Systems of technical protection of information, automation of its processing’ / Compiled by Mykytyn H.V. - Lviv: Lviv Polytechnic National University. - 2024. - 12 p. // Virtual learning environment of Lviv Polytechnic: https://vns.lpnu.ua/course/view.php?id=13185.
Уніфікований додаток: Lviv Polytechnic National University ensures the realization of the right of persons with disabilities to obtain higher education. Inclusive educational services are provided by the Service of accessibility to learning opportunities "Without restrictions", the purpose of which is to provide permanent individual support for the educational process of students with disabilities and chronic diseases. An important tool for the implementation of the inclusive educational policy at the University is the Program for improving the qualifications of scientific and pedagogical workers and educational and support staff in the field of social inclusion and inclusive education. Contact at: St. Karpinsky, 2/4, 1st floor, room 112
E-mail: nolimits@lpnu.ua
Websites: https://lpnu.ua/nolimits https://lpnu.ua/integration
Академічна доброчесність: The policy regarding the academic integrity of the participants of the educational process is formed on the basis of compliance with the principles of academic integrity, taking into account the norms "Regulations on academic integrity at the Lviv Polytechnic National University" (approved by the academic council of the university on June 20, 2017, protocol No. 35).