«Automation and Informatization of the fuel and energy complex»

Development of a methodology for testing the security system of the automated control systems of the technological processes on the basis of a corporate standard

UDC: 004.056.53
DOI: -

Authors:

¹ National University of Oil and Gas "Gubkin University", Moscow, Russia

Keywords: system security, customization, security assurance, critical information infrastructure object, automated control systems of technological processes (ACSTP)

Annotation:

Coordination of the critical information infrastructure (CII) security is an important task for the Russian Federation. The corporate standard defines its own package of the required documents that contain the rules of CII safe operation. Their implementation requires a methodical approach taking into account each of the tasks. To do this, it is necessary to rely on the latest tools installed in both the operating system and network equipment. In case of the tools absence necessary for specific purposes, tools that have been certified by the Federal Service for Technology and Export Control of Russia (FSTEC of Russia) and are compatible with the current software should be used. At the same time, test methods were developed separately for each requirement. Part of the design of the prototype of the automated control systems of technological processes (ACSTP) was developed on the basis of this test methodology. The security system should be built over the existing ACSTP to minimize interaction with it.

Bibliography:

1. Maksimova E.A., Sadovnikova N.P. Otsenka infrastrukturnoy ustoychivosti sub"ekta kriticheskoy informatsionnoy infrastruktury pri destruktivnykh vozdeystviyakh // Izv. YuFU. Tekhn. nauki. – 2021. – № 4(221). – S. 155–165. – DOI: 10.18522/2311-3103-2021-4-155-165
2. O bezopasnosti kriticheskoy informatsionnoy infrastruktury Rossiyskoy Federatsii: feder. zakon ot 26 iyulya 2017 g. № 187-FZ. – URL: https://www.consultant.ru/document/cons_doc_LAW_220885/
3. Ganeev A.A. Kiberbezopasnost' v usloviyakh agressivnoy vneshney informatsionnoy sredy // Mezhdunar. forum Kazan Digital Week-2022: sb. materialov Mezhdunar. foruma, Kazan', 21–24 sent. 2022 g. – Kazan': Nauch. tsentr bezopasnosti zhiznedeyatel'nosti, 2022. – S. 286–290.
4. Gorbenko A.V. Issledovanie kiberbezopasnosti v Rossiyskoy Federatsii // Studencheskaya nauchnaya vesna: tez. dokl. Vseros. studen. konf., posvyashch. 175-letiyu N.E. Zhukovskogo, M., 01–30 apr. 2022 g. – M.: Nauch. b-ka, 2022. – S. 241–242.
5. Glukhareva S.V. Metod otsenki urovnya blagonadezhnosti sotrudnikov v sisteme kadrovoy bezopasnosti predpriyatiya (na primere predpriyatiy kriticheskoy informatsionnoy infrastruktury (KII)) // Dokl. Tomskogo gos. un-ta sistem upravleniya i radioelektroniki. – 2022. – T. 25, № 2. – S. 59–67. – DOI: 10.21293/1818-0442-2022-25-2-59-67
6. Kidyaeva S.M., Shaburova A.V., Selifanov V.V. Voprosy organizatsii menedzhmenta riskov znachimykh ob"ektov kriticheskoy informatsionnoy infrastruktury // Interekspo Geo-Sibir'. – 2022. – T. 6. – S. 82–87. – URL: https://cyberleninka.ru/article/n/voprosy-organizatsii-menedzhmenta-riskov-znachimyh-obektov-kriticheskoy-informatsionnoy-infrastruktury (data obrashcheniya 06.10.2023).
7. Savin K.N., Shelomentsev A.G., Aleshkin I.A. Kriticheskaya informatsionnaya infrastruktura Rossii i Yuzhnoy Osetii osnova ekonomicheskoy bezopasnosti // Fundamental'naya i prikladnaya nauka: aktual. vopr. teorii i praktiki: sb. st. II Mezhdunar. nauch.-prakt. konf., Penza, 15 marta 2023 g. – Penza: Nauka i Prosveshchenie (IP Gulyaev G.Yu.), 2023. – S. 126–129.
8. Gazprom avtomatizatsiya. Katalog produktsii. – URL: https://www.gazprom-auto.ru/upload/Catalogue.pdf (data obrashcheniya 06.10.2023).
9. Sovremennye resheniya i podkhody k telemekhanizatsii ob"ektov lineynoy chasti / V.V. Buts, K.G. Savenkov, A.V. Roshchin, S.A. Lavrov // Sfera. Neft' i Gaz. – 2021. – № 3(82). – S. 88–93.
10. Mikhaylov A.G. Opyt realizatsii norm Federal'nogo zakona ot 26 iyulya 2017 g. № 187-FZ "O bezopasnosti kriticheskoy informatsionnoy infrastruktury Rossiyskoy Federatsii" i ego podzakonnykh aktov v ramkakh obespecheniya informatsionnoy bezopasnosti razrabatyvaemykh ASU TP // Neft' i gaz – 2022: tez. dokl. 76-oy Mezhdunar. molodezh. nauch. konf., M., 25–29 apr. 2022 g.: v 2 t. T. 2. – M.: RGU nefti i gaza (NIU) im. I.M. Gubkina, 2022. – S. 675–676.
11. Yusupov R.Yu., Vasilevskaya S.P. Issledovanie vozmozhnosti povysheniya effektivnosti radiograficheskogo kontrolya svarnykh soedineniy za schet primeneniya tsifrovykh metodov kontrolya // Novye nauch. issled.: sb. st. VII Mezhdunar. nauch.-prakt. konf., Penza, 30 apr. 2021 g. – Penza: Nauka i Prosveshchenie (IP Gulyaev G.Yu.), 2022. – S. 52–55.
12. Grekov V.S., Uymin A.G. Perspektivy kiberbezopasnosti v neftegazovoy otrasli // Gubkinskiy un-t v reshenii vopr. neftegazovoy otrasli Rossii: tez. dokl. VI Region. nauch.-tekhn. konf., posvyashch. 100-letiyu M.M. Ivanovoy, M., 19–21 sent. 2022 g. – M.: RGU nefti i gaza (NIU) im. I.M. Gubkina, 2022. – S. 1108–1109.
13. Tsypkina A.V., Shaburova A.V. Kategorirovanie ob"ektov KII v oboronnoy promyshlennosti // Interekspo Geo-Sibir'. – 2022. – T. 6. – S. 288–293.
14. Verevkin S.A., Kravchuk A.V., Belyakov M.I. Metodika upravleniya intsidentami informatsionnoy bezopasnosti na ob"ektakh kriticheskoy informatsionnoy infrastruktury // Izv. TulGU. Tekhnicheskie nauki. – 2022. – № 8. – S. 116–120.
15. Kravchuk A.Yu., Kotova N.A., Anichkin I.I. Sovremennye podkhody k obespecheniyu informatsionnoy bezopasnosti avtomatizirovannykh sistem upravleniya tekhnologicheskimi protsessami // Innovatsii i investitsii. – 2022. – № 3. – S. 191–195. – URL: https://cyberleninka.ru/article/n/sovremennye-podhody-k-obespecheniyu-informatsionnoy-bezopasnosti-avtomatizirovannyh-sistem-upravleniya-tehnologicheskimi/viewer
16. Miloslavskaya N.G., Karapet'yants M., Cheverkalov V.A. Issledovanie primenimosti metoda analiza ierarkhiy dlya vybora SIEM-sistemy // Bezopasnost' inform. tekhnologiy. – 2023. – T. 30, № 3. – S. 16–29. – DOI: 10.26583/bit.2023.3.01