=Paper=
{{Paper
|id=Vol-2514/paper115
|storemode=property
|title=Method of analysis the functional stability of the software of the infocommunication system in cyber-attack conditions
|pdfUrl=https://ceur-ws.org/Vol-2514/paper115.pdf
|volume=Vol-2514
|authors=Sergei Kochedykov,Sergei Kobzistyy,Alexander Dushkin,Pavel Markin
}}
==Method of analysis the functional stability of the software of the infocommunication system in cyber-attack conditions==
https://ceur-ws.org/Vol-2514/paper115.pdf
Method of analysis the functional stability
of the software of the infocommunication system
in cyber-attack conditions
Sergey S. Kochedykov
Candidate of Technical Sciences, Associate Professor
Voronezh institute of the Federal Penitentiary Service
Irkutskaya St., 1, Voronezh, Russia, 394072
infosec36@mail.ru
Alexander V. Dushkin
Doctor of Technical Sciences, Associate Professor
National Research University of Electronic Technology
Shokin Square, 1, Zelenograd, Moscow, Russia, 124498
a_dushkin@mail.ru
Sergey Yu. Kobzistyy
Candidate of Technical Sciences, Associate Professor
Voronezh institute of the Federal Penitentiary Service
Irkutskaya St., 1, Voronezh, Russia, 394072
akobzuk@yandex.ru
Pavel V. Markin
National Research University of Electronic Technology
Shokin Square, 1, Zelenograd, Moscow, Russia, 124498
mrkinp@bk.ru
Abstract: The paper proposes a new method for analyzing the
functional stability of software, information and communication
systems, which allows to evaluate the systems performance and
take into account external and internal destructive effects caused
by cyber attacks. In the paper, a criterion of functional stability is
formulated using the theory of integro-differential calculus and
the theory of fuzzy sets, a quantitative and qualitative method for
analyzing the functional stability of software, information and
communication systems is developed.
Keywords: information and communication systems,
cyberattack, functional stability, method of analysis.
Introduction
Applications in all fields of information and communication systems have contributed to the fact that the attackers for
decades, actively committed various crimes in the sphere of high technologies [1]. Currently, they are actively developing
various cyber-attacks that affect the information security of critical information infrastructure throughout the country.
Under the cyber attacks should understand targeted information and technical impact using tools and capabilities of
information and other technologies unauthorized destructive impact of the attacker on the objects of a global network, on
the processes of its functioning, violating the stability of its operation and its information security [2-5]. Thus, as
information technology impact can make cyber attacks, financial damage from which is very significant. The financial
Copyright © 2019 for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
289
�damage caused by cyber-attacks [5] show that existing solutions for information security, not fully able to protect against
this type of attack [5-6].
To protect from these threats is currently developed and widely used various systems to detect and counter cyber attacks
[7, 8]. However, such systems do not account for the functional stability of the software infocommunication systems under
conditions of cyber attacks that does not allow to build system of diagnosing and implement recovery information and
communication systems.
1 Formulation of the problem
Under the functional sustainability of information and communication systems will understand their ability to perform their
functions in the presence of the destructive factors of different nature. Interest in the analysis and evaluation of the
functional stability of the software infocommunication systems emerged simultaneously with the emergence of complex
systems [9-10]. The approach to solving this problem was originally based on the identification of the concepts "reliability"
and "stability" and was to transfer well-known statistical methods of classical reliability theory into a new soil. In
methodological terms, this approach differed little from the estimation of the reliability of technical devices. With minor
modifications it remains up to the present time.
However, with the development of information technology, especially in the direction of the need to protect them from
external destructive influences, due to the large number of types of cyber attacks [11], it is understood that the theory of
reliability in relation to the assessment of sustainability software infocommunication systems in terms of destructive effects
has a conceptual incompleteness. First of all, in this theory, the dominant factors in determining the reliability of systems
that are random defects and errors in their design, development and operation, and factors of destruction of special software
modules at the expense of purposeful influences virtually invisible to researchers. In addition, the identification of the
concepts "reliability" and "sustainability" often leads to fuzzy identification of causes of failures in the operation of
information communication systems: internal destructive effects are taken for external and Vice versa. As a result of
difficult implementation measures for the detection, identification and monitoring of destructive impacts on the objects of
information and communication systems. In view of the foregoing problem of analyzing the sustainability of information
and communication systems in terms of destructive impacts are relevant both in theoretical and in practical terms.
The aim in this section is to develop a method for solving this problem. The specific objectives of the study are as follows:
- choose a representative criterion for evaluating the stability of software infocommunication systems in terms of
destructive influences, reflecting both random and targeted (intentional) nature of these impacts;
- to develop a method to analyze the functional stability of the software infocommunication systems in terms of
destructive impacts according to the introduced criterion.
2 Criteria for functional stability of the software infocommunication systems
To select a representative criterion for evaluating the functional stability of the software infocommunication systems in
terms of destructive effects, we introduce into consideration the following continuous and differentiable function
E1 t , …, E N t , characterizing the current functionality of each software module included in the software
infocommunication systems N – the total number of the software module in the software infocommunication systems; t –
the current time. To measure the values of these functions and giving them physical meaning, we introduce into
consideration 0, 1 - a scale with interval gradations 0 ÷ k1 , k1 ÷k 2 and k 2 1 , which will be interpreted in the
following way: if Ei t 0 ÷ k1 , then the i-th software module subjected to destructive effect ceases to perform its
function ("unhealthy") E i t k1 ÷k 2 , then the i-th software module subjected to destructive exposure, continues to
perform its function, but not in full ("working part") Ei t k2 1 , then the i-th software module subjected to
destructive exposure, continues to perform its function in full ("healthy". Let: 1i ( t ) – the probability that
Ei t 0 ÷ k1 ; 2i (t) – the probability that E i t k1 ÷k 2 ; 3i ( t ) – the probability that Ei t k2 1 , when the
1 N
normalizing condition: (1i ( t ) 2i ( t ) 3i ( t )) 1 . Then the criterion of stability of functioning of the software
N i 1
infocommunication systems in terms of destructive effects can be written in the following form:
1 N
- if 3i 1 , the software operates steadily, that is, in spite of the destructive effects, the system is able to perform its
N i 1
functions in full;
1 N
- if 1i 1 , the software operates extremely unstable, that is, destructive effects led to the fact that the system has
N i 1
lost the ability to carry out its functions;
290
� N
- if 1 2i (t) 1 , the software operates is unstable, that is, destructive effects led to the fact that the system has partially
N i 1
lost the ability to carry out its functions. Note two circumstances associated with the use of criteria. First, the essence does
not change when you assign more or fewer gradations on the evaluation scale functions E1 t , …, E N t when one
changes the threshold intervals 0 ÷ k1 , k1 ÷k 2 и k 2 1 . The selection of these parameters is the subject of the
agreement and should be in the process of assessing the sustainability of individual information and communication
systems with the features of its construction and functions. Secondly, when using this criterion, the effect of destructive
impacts on software infocommunication systems is reflected via the changes of values of functions E1 t , …, E N t
therefore the main objective of sustainability appraisal is to assess the current functionality of the software modules of the
software infocommunication systems in terms of destructive impacts, expressed by the functions E1 t , …, E N t
3 The analysis of the current functionality of the software modules of information and
communication systems. A quantitative approach
We proceed from the fact that the process of functioning of each software module in the software infocommunication
systems without taking into account its links with other modules occurs according to the logistic law that is formally
expressed by equations of the following form:
dE i (t)
dt
E i (t)i 1 E i (t) ; i 1, N, (1)
where N – the number of the software module in the software; ρi – the dimensionless coefficient characterizing the ability
of the i-th program module to increase its functionality 0 ρi 1 , the greater the value, the faster this module comes into
operation after a stop.
This means that the functionality of each software module without taking into account its links with other modules change
1
0
over time along an S-curve with saturation Ei (t) 1 Ei 1 ;i 1, N, which is the solution of equation (1) in which
E 0 ei (t t 0 )
i
the symbol E i0 0 E i0 1 , designated starting functionality of the i-th program module at a time t0 .
Let result destructive influences in software infocommunication systems were implemented "K" malicious software
modules. In response to this, in the same software environment was introduced by the "M" modules that can find and
eliminate (block) malicious modules. We also assume that:
– the functionality of malware and blocking software modules without regard to their relations with other modules
change over time by the same law, and functionality of software modules from the software infocommunication systems,
that is, for all i (N 1), , K и i (K 1), , M true:
dE i (t)
dt
E i (t)i 1 E i (t) ; i (N 1), K ;i (K 1), M,
and, accordingly,
1
E0 1
E i (t) 1 0 i (t t ) ; i (N 1), K ;i (K 1), M,
Ei e i
0
where all components have the same meaning as before.
- the mutual influence of software module (native and introduced by cyber criminals) on the functionality of each other
in proportion to their current functionality, that is, for all i 1, 2, , N the relation is valid:
NKM
fi E1 (t),...,E N K M (t) Ei (t)i 1 i cijE j (t) ; i 1, N K M,
(2)
j1
where cij (1 cij 1) and (cij 1,i j) – the coefficients absolute values of which serve as a measure of the relative influence
of software module at each other, and their meaning is as follows:
if cij 0 and c ji 0 , between i -th and j -th the software module is no interference, and therefore, the functionality
of one software module does not depend on the state of other, in particular, may be that cybercriminals introduced
malicious modules do not affect the operation of the software infocommunication systems, and blocking modules do not
affect the work of malware;
291
� if cij 0 and c ji 0 , between i -th and j -th software module there is a mutually destructive influence, and the results of
their functioning will depend on the nature of this influence, that is, from the absolute values of the coefficients c ij and c ji ; such
a situation may occur, for example, when cybercriminals introduced malicious modules have a negative impact on the operation
of the software infocommunication systems, and means of struggle in turn inhibit the operation of malicious programs;
if cij 0 and c ji 0 , between i -th and j -th a software module has a mutually beneficial effect, and the results of
their functioning will depend on the nature of the facilitating relationship, that is, from the absolute values of the
coefficients c and c ; such a situation may occur, for example, when the software modules information and
ij ij
communication systems support the functioning of each other, or when the anti-malware programs help each other to solve
the problem of blocking these programs;
if cij 0 and c ji 0 or cij 0 and c ji 0 , then i -th and j -th the software module simultaneously have on each other
both useful and destructive impact, and the results of these effects will depend on the absolute values of the coefficients c ij and
c ji ; such a situation may occur, for example, then, the operation of the software module occurs in conditions of destructive
impacts, which influence can be both positive and destructive, depending on the coefficients c ij and c ji ;).
Given the assumptions made and assumptions the operation of the software infocommunication systems in terms of
destructive effects can be described by a system consisting of (N K M) equations:
NKM
dEi (t)
dt
Ei (t)i 1 cijE j (t) i 1,(N K M)
(3)
i 1
Ei (t 0 ) E0i i 1,(N K M) .
Given the necessary initial data and solving the system of equations (3) numerically (using, for example, Mathcad), we
assess the current functionality of the software modules E1 t , …, E N t depending on the nature of destructive impacts,
defined by the matrix c ,i 1,(N K M); j 1,(N K M) .
ij
Above it was assumed that the mutual influence of software module on the effectiveness of each other is described by a
linear function (2). Let us consider the case where this effect is non-linear. In this case instead of (3) have:
dE i (t)
dt
E i (t)i E1 (t),..., E N K M (t) ; (4)
i i i
E (t) 1; E (0) E 0 ; i 1,(N K M .
where the functions E (t),..., E
i 1
N K M (t) ; i 1, ( N K M ) Express the nonlinear interdependence of
functionality of the software module information and communication system is susceptible to destructive influences.
Let consider the system of equations (4) has a unique positive solution E1* (t),..., E*N K M , the corresponding point of
intersection of the graphs of functions E (t) f E (t),..., E
i i 1
N K M (t) ; i 1, ( N K M )
. Then, for stable
stationary equilibrium (4) is enough to satisfy the inequality:
N df i
E1 (t),..., E N K M (t) dfi 1 E1 (t),..., E N K M (t) . (5)
i 1 dE i (t) dE i (t)
Applying the rule of differentiation for implicit functions, we come to the inequality:
i 1
f E (t),..., E
N K M (t) i 1 E1 (t),..., E N K M (t)
Ei (t) Ei 1(t)
NKM
,
i 1
RE
fi E1 (t),..., E N K M (t) i 1 E1 (t),..., E N R M (t)
Ei 1(t) Ei (t)
292
�or in other notation:
N K M
ii (i 1)(i 1) i(i 1) (i 1)i (6)
i 1
(0 ii , (i 1)(i 1),i(i 1) , (i 1)i 1),
where ii ,(i1)(i1) and i(i1), (i1)i b2 4ac – the coefficients characterizing the change in functionality of the software
module.
The meaning of the inequality (5) is the following: to ensure sustainable operation mode of the information
communication systems in terms of the destructive impacts it is necessary that the joint effect of implementation of all
measures for the protection of software (expressed by the left part of inequality (5)), dominated the cumulative effect of
malware (expressed right-hand side of inequality (5)).
Difficulties of practical realization of the above-mentioned methods are associated primarily with the need for timely
receipt of source data required for the solution of systems of differential equations (3)-(4). In addition, the process of
solving a large number of interrelated differential equations (of the order of 150-500 equations) are not always successful.
In these cases, the aid comes a qualitative approach to the evaluation of the sustainability of information and
communication systems in terms of destructive impacts, based on experts.
4 A qualitative approach
In this case, the probability ji ( t ) will be interpreted as membership functions of the current state of the software module to
one of the three selected grades are: "unhealthy", "healthy", "working partially", and thus used to obtain their estimates of
the theory of fuzzy sets, namely, those sections where we are talking about methods of fuzzy expert evaluation.
There are several expert methods for constructing membership functions. The most adequate for solving security
problems should be recognized the method of pairwise comparisons or the method of Saaty. The essence of this method in
our case is the following. The group of experts consisting of four persons proposed to evaluate the membership function
value E i (t) , characterizing the degree of protection of the i-th object of infocommunication systems from unauthorized
access at time t, to the evaluation gradations 0 ÷ k1 , k1 ÷k 2 и k 2 1 ), using the scale presented in table 1.
Table 1 – Scale of Saaty
Rating Qualitative assessment Description accessories
1 Of equal importance The degree of belonging of the same
Weak superiority The arguments about the preference of one element over
3
another is unconvincing
The significant superiority There is strong evidence of preference of one element over
5
another
7 Obvious superiority Convincing evidence for the preference
Absolute superiority Evidence of the superiority of one element over another is
9
undeniable
Intermediate value between adjacent Compromise
2,4,5,5
ratings
Their assessment of the expert is in the form of pairwise comparison matrix A a ij , the elements of which aij show
the degree of belonging of element standing in the i-th row and j-th column, to the numerous in comparison with the item
standing in the j-th row and i-th column. If the expert in their assessments not allow logical contradictions, then the matrix
elements will be related by the ratio a ij 1 a ji . If we now find the eigenvector algebraic system of equations Aw w
(or in another form (A E)w 0 , where E – the identity matrix, i.e. a matrix where the main diagonal filled with ones,
and all the other terms equal 0), then we can calculate the components of the eigenvector w , which characterize the
membership function of this element. Let the results of a survey of experts and use the scale of belonging (table. 1)
composed of matrix of paired comparisons
1 4 6 7
1 4 1 3 4 .
A
1 6 1 3 1 2
1 7 1 4 1 2 1
293
� The first step we find the eigenvector w for which the condition Aw w . It is necessary to find the values , in
which the determinant of the matrix (A E) is equal to zero. We write the equation
1 4 6 7
1 4 1 3 4
4 43 1,687 0,133 0,
1 6 1 3 1 2
1 7 1 4 1 2 1
solving which, we find its roots:
1 0,782; 2 0,12 0,645i; 3 0,12 0,645i; 4 4,102.
Therefore, max 4,102 .
Next, go to the find module eigenvector w , appropriate found your own value max . For this purpose, we solve the
matrix equation:
3,102 4 6 7 w1
14 3,102 3 4 w2 ,
0
16 13 3,102 2 w3
17
14 12 3,102 w4
which for computational convenience is convertible to normal:
3.102w1 4w2 6w3 7w4 0;
0.25w 3.102w 3w 4w 0;
1 2 3 4
0.166w1 0.333w2 3.102w3 2w4 0;
0.142w1 0.25w2 0.5w3 3.102w4 0;
at w1 w 2 w 3 w 4 1.
Since this system of equations has only the trivial solution, then for finding the eigenvector w model one of the equations
4
by the normalization condition for the w i 1. . By solving the resulting system we get eigenvector:
i 1
w1 0.617; w 2 0.224; w 3 0.097; w 4 0.062
(при max 4,102).
The obtained results allow to construct a function (E i ) , characterizing the grade of membership function values
E i t at time t to one of the graduations of zero – w1 , low level – w 2 , normal level – w 3 , a high level – w 4 , presented
in figure 1.
(E)i
0.617
0.224
0.097
0.062
w1 w2 w3 w4
Figure 1 – membership function of fuzzy evaluation value E i (t)
As can be seen from this figure, the degree of belonging of security of the i-th object from unauthorized access to ground
level is 52%, to a low of 22% to a normal level of 10% and to a high level – 5%. In the terminology accepted in the theory
of fuzzy sets, the evaluation expressed by the formula:
294
� Ei (t) 0.52 / the zero level +0.22 / low level + 0,01 / normal level + 0,05 / a high level .
Conclusion: the most probable, we must assume that at a given moment of time the i-th module of the software
infocommunication systems subject to destructive influences will be infected by the malicious software introduced by the
cyber criminals.
5 The algorithm risk assessment functional stability
The proposed method of analysis of the current functionality of the software module information and communication
system allows and without conducting numerical experiments to give a rapid assessment of the risk of violation of stability
of the system as a result of destructive impacts [12]. This push from the concept of stationary equilibrium equations
describing the dynamics of the process, treating it in the following way: the process described by (3) or (4), has the property
of equilibria, if t ∞ this system of equations has a solution with coordinates (E1* ,..., E *N K M ) , otherwise, i.e. when (3)
or (4) does not have solutions, the process has no stationary equilibrium. The lack of stationary equilibrium in the equations
describing the studied process, suggests that the functioning of the software infocommunication systems under the influence
of destructive impacts occur in the transition transient regime, the system that fails (partially or completely), then enters into
the mode of normal operation. The risk of loss of stability is characterized as "undetermined."
The presence in the system of equations (3) or (4) the point or area stationary equilibrium eliminates this uncertainty and
suggests that:
N
а) if E*i 0 , the risk of loss of stability software infocommunication systems from destructive influences can be
i 1
described as "normal";
N
б) if E*i 0 , the risk of loss of stability software infocommunication systems from destructive influences can be
i 1
described as "maximum";
Based on the foregoing, the formula for risk assessmen (R) loss of stability of information and communication systems
as a result of destructive effects, can be written in the following form:
"undefined" if (5.3) (5.4)there is no point of stationary equilibrium;
N
R "normal" if (5.3) (5.4)there is a point of stationary equilibrium and E*i 0 (7)
i1
N
*
"maximum" if (5.3) (5.4)there is a point of stationary equilibrium, but Ei 0 .
i1
In the case where the risk according to the formula (5.7) is evaluated as "normal", it is possible to switch to a more
accurate assessment. The reasoning in this case is as follows. Let the operation of information communication systems
occurs in the linear N K M - dimensional phase space with coordinates E1 ,..., E N K M . Let this process has a
stationary equilibrium point with coordinates (E1* ,..., E *N K M ) , and his current position at the time t is specified by
coordinates [E1 (t),..., E N (t)] . When rating current level of risk of loss of stability R(t) you can be guided by the following
rule [4] farther the trajectory of the process from the point of stationary equilibrium, the greater the risk, and, conversely,
the closer "pressed" trajectory of the process to the point of equilibrium, the less risk. Then an assessment of the risk of loss
of stability software infocommunication systems as a result of destructive impacts on point in time can be obtained using
the formula [7]:
1 N 2
R(t)
* E*i Ei (t) 100%, (8)
R i 1
N
E*i .
* 2
where R
i 1
Thus, the risk of buckling of the software infocommunication systems from the destructive effects obtained by
implementing the following algorithm, presented in figure 2.
Step 1. The input source data of the current functionality.
Step 2. We write the system of differential equations (3) or (4) describing the dynamics of the process of cyberbully.
Step 3. Based on the initial conditions and the initial data produced by the analysis (3) or (4) to determine the point of
stationary equilibrium, determined by the coordinates of this point (E1* ,..., E *N K M ) .
295
� Step 4 and 5. Using the formula (7), estimate the level of risk in qualitative gradations of "normal", "uncertain",
"maximum". If you find that the level of risk is "uncertain" or "maximum" assessment completed.
Step 6. If R = «normal», then, solving the system of differential equations (3) or (4) using a numerical method, the
determined values of the coordinates of the current process [E1 (t),..., E N K M (t)] .
Step 7. Using the formula (5) evaluate the risk at the time t.
As can be seen from this algorithm, when assessing the risk of loss of stability software infocommunication systems
from destructive impacts it becomes necessary to determine the conditions under which the process described by (3) or (4)
has a point of stationary equilibrium. For (4) this question we already considered. Consider it to (3).
Figure 2 – The algorithm of risk assessment of functional stability
From (5.3) we see that the coordinates of the point it is a stationary equilibrium solutions of the following system of
linear algebraic equations:
NK M
c ij E j 1(i 1, ( N K M )). (9)
j1
We illustrate what has been said with an example. Let the software be some conditional infocommunication systems
consists of three modules, the relationships between which are characterized by the coefficients
1, 0 0, 5 0, 3
(c ij ) 0, 7 1, 0 0, 5 .
0, 4 0, 6 1, 0
Using (9), we obtain the system of equations
1.0 x 1 0.5 x 2 0.3x 3 1
0.7 x 1 1.0 x 2 0.5 x 3 1 ,
0.4 x 1 0.6 x 2 1.0 x 3 1
for which, as is easily seen, rightly (11) as
296
� 1 .0 0 .5 0 .3 1 .0 0 .5 0 .3
0 .7 1 .0 0 .5 0 , 5 3 0 ; 1 1 .0 1 .0 0 .5 0 , 3 3 0 ;
0 .4 0 .6 1 .0 1 .0 0 .6 1 .0
1 .0 1 .0 0 .3 1 .0 0 .5 1 .0
2 0 .7 1 .0 0 .5 0 , 0 9 0 ; 3 0 .7 1 .0 1 .0 0 , 2 7 0 ,
0 .4 1 .0 1 .0 0 .4 0 .6 1 .0
and thus runs the necessary and sufficient condition for a stationary equilibrium of the considered process. In this case the
* * *
only equilibrium point E1 , E2 , E3 has coordinates (0.52, 0.14, 0.43), which suggests that the risk of loss of stability in
such a system is not beyond the norm.
1 1(NKM) ... 1 11
... ... ... ... ... ...
1 (NKM)(NKM) (NKM)1 ... 1
E1* ,...,E*NKM . (10)
It follows that a necessary and sufficient condition under which the process described by (3) has a point of stationary
equilibrium, it is inequality to zero of the determinant of the system of equations (9), and coincidence of characters
1 ,, N , standing in the numerator of the formula (10), with the sign of the determinant . In formal way this condition
can be written as:
N K M
0 i sign i sign . (11)
i1
The method of evaluation of the current functionality of the software modules of infocommunication systems and an
algorithm for assessing the risk of loss of stability is inextricably linked with the concept of stationary equilibrium
equations describing the considered process. It is possible to introduce a metric based on the following rules: the farther is
located the trajectory of the process from the point of equilibrium, the greater the risk, and, conversely, the less risk the
closer "pressed" trajectory of the process to the point of equilibrium.
By default, it was about the local stability of the process of functioning of information and communication systems. But
as we know from the General theory of control [5], local stability of stationary equilibrium does not necessarily follow its
global stability, that is convergence of the solution (3) or (4) the coordinates (E1* ,..., E *N K M ) from any point
(E10 , E 02 ,..., E 0N K M ) N K M - dimensional phase space E1 ,..., E N K M . For example, information communication
systems, software consists of three software modules, and the functioning of which is described by the equations
dE1 (t)
E1 (t) 2.0 0.8E1 (t) 0.7E 2 (t) 0.5E 3 (t) ;
dt
dE 2
E 2 (t) 2.1 0.2E1 (t) 0.9E 2 (t) E 3 (t) ; , (12)
dt
dE 3
E 3 (t) 1.5 E1 (t) 0.3E 2 (t) 0.2E 3 (t) ,
dt
fixed point (E1* ,..., E *N K M ) = (1.0, 1.0, 1.0) is locally but not globally stable because, for example, from the initial point
with coordinates (0.5, 1.0, 2.0), the process proceeds not to the point (1.0, 1.0, 1.0), and to the point (0.0, 0.0, 0.75). In such
cases, we can assume that for the operation of the software module information and communication systems in terms of
destructive impacts will be characterized by the cyclic mode, when the system is to perform its functions, then enter the
zone of failure.
To determine the conditions under which local stability of stationary equilibrium is always followed by global stability,
we use theorem V. Voltaire [5]. This theorem States: positive steady state of a dissipative system is globally stable. Explain
its meaning. Dissipative (by Voltaire) is a system of equations of the form (3) or (4), if there exists a set of N K M
positive numbers 1 , , N , that the quadratic form
NKM
Ф E1 ,..., E N K M i b ij E i E j (13)
i, j1
297
�under any valid E1 ,..., E N K M takes negative values, i.e. it is negative definite: Ф E1 ,..., E N K M 0 . Therefore, in
order to ensure that the positive stationary point of equation (3) or (4) is globally stable, it is necessary to calculate (13) and
show that it is negative definite. For the practical implementation of this operation should switch from (13) to its equivalent
form
NKM
Ф E1 ,..., E N K M b ij E i E j , (14)
i, j1
where b ij 1
b i b ji .
2 i ij
Then the condition for negative definiteness of the quadratic form (13) takes a fairly simple view. It boils down to the
requirement that all principal minors of the matrix B ( b ij ) was positive, i.e.
b 11 b 12
b 11 0, 0,...,
b21 b22
b 11 b 12 ... b 1(N K M )
(15)
b 21 b 22 ... b 2(N K M )
0.
... ... ... ...
b (N K M)1 b (N K M )2 ... b (N K M )(N K M)
It is easy to show that (15) is equivalent to the following inequality is satisfied
NK M NK M
(b jj b kk ) b ij b ik i k, j, k 1,...,(N K M) . (16)
i j i k
i1
i 1
If the condition (16) possible deviations software infocommunication systems from the standard mode of operation will
be temporary in nature. After some time (depending on the inertial properties of software modules), despite the destructive
impacts, software infocommunication systems will return to normal operation mode.
Conclusion
Proposed method of analysis of the functional stability of the software infocommunication systems in terms of destructive
impacts developed in two ways: quantitative – based on the use of the theory of integro-differential calculus, and quality –
based on the theory of fuzzy sets. This is done in order to fend off uncertainty about the source of the data needed to solve
the problem, as well as for hedging in case of loops standard programs designed for solving large systems of nonlinear
differential equations.
Using this method has allowed us to develop an algorithm for the rapid evaluation of risk of violation of the functional
stability of the software infocommunication systems from destructive attacks [12]. The idea of this algorithm is that the
concept of stability is associated with the concept of stationary equilibrium equations describing the function of the
software infocommunication systems. It is possible to introduce a metric based on the following rules: the farther is located
the trajectory of the estimated process from the point of equilibrium, the greater the risk, and, conversely, the less risk the
closer "pressed" trajectory of the process to the point of equilibrium.
In general, the above material suggests that using mathematical tools can adequately simulate the operation of the
software infocommunication systems in terms of destructive impacts, and to formulate and solve the problem of
stabilization of the process in real time.
The developed method may be used for the design of advanced systems to detect and counter cyber attacks. For example,
this method can be used to use the quick risk evaluation of the functional stability of information and communication
systems in terms of cyber attacks.
In this case, you might encounter the following problem which may need the intervention of man can professionally and
psychologically to cope with the task, to achieve the maximum effect of protecting transmitted and processed information
[13]. The following stage of countering cyber attacks can serve as tools of diagnosing the state of the actuators of the
system [14] and intelligent security system using artificial intelligence, using the conceptual approaches of the immune
system [15], which will help to reduce the impact of negative effects on the information system from cyber attacks [16].
Further research is needed to develop a methodology description of the information process as a discrete stream [17] for the
subsequent evaluation of the effectiveness of all systems support the activities of information and communication systems
in terms of cyber attacks. But it is not included in the scope of this article, so we look forward to further scientific
cooperation of authors and commend the leaders of the scientific project.
298
�References
[1] A.V. Dushkin, I.V. Goncharov. N.I. Goncharov, S.S. Kochedykov and ets. Probabilistic Modeling in System Engineering /
Edited by A.I. Kostogryzov // UK, London: IntechOpen, 2018. P. 278. – DOI: 10.5772/intechopen.71396.
[2] N.I. Goncharov, I.V. Goncharov, P.A. Parinov, A.V. Dushkin, M.M. Maximova. Modeling of Information Processes
for Modern Information System Security Assessment // 28-31.01.2019 IEEE Conference of Russian Young
Researchers in Electrical and Electronic Engineering (EIConRus). 2019. p.p. 1758-1763. –
DOI: 10.1109/EIConRus.2019.8656828.
[3] N.I. Goncharov , A.V. Dushkin , I.V. Goncharov, P.A. Parinov. Simulation and evaluation of conflict interactions in
information systems // International Conference «Applied Mathematics, Computational Science and Mechanics:
Current Problems», 17-19.12.2018, Voronezh, Russian Federation. IOP Conf. Series: Journal of Physics: Conf.
Series 1203 (2019) 012063. – DOI: 10.1088/1742-6596/1203/1/012063.
[4] V.I. Novoseltsev, T.I. Kasatkina, A.V. Dushkin, S.A. Ivanov. An improved method for predicting the evolution of
the characteristic parameters of an information system // International Conference «Applied Mathematics,
Computational Science and Mechanics: Current Problems» 18-20.12.2017, Voronezh, Russian Federation. IOP
Conf. Series: Journal of Physics: Conf. Series 973 (2018) 012031. – DOI: 10.1088/1742-6596/973/1/012031.
[5] T.I. Kasatkina , A.V. Dushkin , V.A. Pavlov, R.R. Shatovkin. Algorithm for predicting the evolution of series of
dynamics of complex systems in solving information problems // International Conference «Applied Mathematics,
Computational Science and Mechanics: Current Problems» 18-20.12.2017, Voronezh, Russian Federation. IOP
Conf. Series: Journal of Physics: Conf. Series 973 (2018) 012031. – DOI: 10.1088/1742-6596/973/1/012035.
[6] A.V. Parfiryev, I.N. Ischuk, A.V. Dushkin, T.S. Buriak, N.A. Popova. The Software Implementation of the System
of Automatic Observation of Ground Objects Based on Correlation Analysis // 2019 IEEE Conference of Russian
Young Researchers in Electrical and Electronic Engineering (EIConRus). 2019. p.p. 1749-1753. –
DOI: 10.1109/EIConRus.2019.8656636.
[7] S.S. Kochedykov, A.V. Dushkin, A.N. Noev and I.A. Gubin. Method of optimum channel switching in equipment of
infocommunication network in conditions of cyber attacks to their telecommunication infrastructure // International
Conference Information Technologies in Business and Industry 2018. IOP Conf. Series: Journal of Physics: Conf.
Series 1015 (2018) 032101. – DOI: 10.1088/1742-6596/1015/3/032101.
[8] E.V. Grechishnikov, M.M. Dobryshin, S.S. Kochedykov and V.I. Novoselcev. Algorithmic model of functioning of
the system to detect and counter cyber attacks on virtual private network // IOP Conf. Series: Journal of Physics:
Conf. Series 1203 "Applied Mathematics, Computational Science and Mechanics: Current Problems", 2019. –
DOI: 10.1088/1742-6596/1203/1/012064.
[9] V.I. Sumin, A.V. Dushkin, T.E. Smolentseva. Mathematical Models to Determine Stable Behavior of Complex
Systems // International Conference Information Technologies in Business and Industry 2018. IOP Conf. Series:
Journal of Physics: Conf. Series 1015 (2018) 032136. – DOI: 10.1088/1742-6596/1015/3/032136.
[10] V.I. Sumin, A.V. Dushkin, E.V. Grechishnikov, S.V. Ivanov. Determining the reliability of network information
systems // International Conference «Applied Mathematics, Computational Science and Mechanics: Current
Problems», 17-19.12.2018, Voronezh, Russian Federation. IOP Conf. Series: Journal of Physics: Conf. Series 1203
(2019) 012083. – DOI: 10.1088/1742-6596/1203/1/012083.
[11] S.S. Kochedykov, E.V. Grechishnikov, A.V. Dushkin, D.E. Orlova. The mathematical model of cyber attacks on the
critical information system // International Scientific Conference on Informatics: Problems, Methodologies and
Technologies, 8-9.02.2018, Voronezh, Russian Federation. IOP Conf. Series: Journal of Physics: Conf. Series 1202
(2019) 012013. – DOI: 10.1088/1742-6596/1202/1/012013.
[12] S.S. Kochedykov, A.V. Dushkin, P.V. Markin. Express Assessment Method for the Risk of Impaired Functional
Stability Information and Communication System in Conditions Cyber Attacks // 28-31.01.2019 IEEE Conference of
Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2019. p.p. 1754-1757. –
DOI: 10.1109/EIConRus.2019.8657323.
[13] I.V. Goncharov, N.I. Goncharov, P.A. Parinov, S.S. Kochedykov, A.V. Dushkin. Probabilistic Analysis of the
Influence of Staff Qualification and Information-Psychological Conditions on the Level of Systems Information
Security Probabilistic Analysis of the Influence of Staff Qualification and Information-Psychological Conditions on
the Level of Systems Information Security // Probabilistic Modeling in System Engineering. UK, London:
IntechOpen, pp. 233-253. – DOI: 10.5772/intechopen.75079.
[14] A.V. Dushkin, S.S. Kochedykov, V.I. Novoseltsev. Tool and algorithmic diagnostic devices of operability of
actuation mechanisms of automated control systems // Proceedings. 2017 2nd International Ural Conference on
Measurements (UralCon). South Ural State University (national research university), Chelyabinsk, Russian
Federation, October 16-19, 2017. IEEE, 2017. p.p. 193-198. – DOI: 10.1109/URALCON.2017.8120709.
[15] L.V. Stepanov, E.V. Grechishnikov, V.I. Novoseltsev and S.S. Kochedykov. Conceptual approach to building
information security systems for telecommunication systems using artificial immune systems // IOP Conf. Series:
Journal of Physics: Conf. Series 1202 “International Scientific Conference on Informatics: Problems, Methodologies
and Technologies”, 2019. – DOI: 10.1088/1742-6596/1202/1/012031.
[16] Yu.Yu. Gromov, V.I. Sumin, S.S. Kochedykov and V.I. Novoselcev. Evaluating the efficiency of mitigation tools
against negative external actions on the information system // IOP Conf. Series: Journal of Physics: Conf. Series
299
� 1203 International Conference "Applied Mathematics, Computational Science and Mechanics: Current Problems”,
2019. – DOI: 10.1088/1742-6596/1203/1/012078.
[17] V.I. Sumin, Т.Е. Smolentseva, S.S. Kochedykov and V.S. Zarubin. Description of the information process as a
discrete stream // IOP Conf. Series: Journal of Physics: Conf. Series 1202 “International Scientific Conference on
Informatics: Problems, Methodologies and Technologies”, 2019. – DOI: 10.1088/1742-6596/1202/1/012016.
[18] A.S. Dubrovin, A.V. Parfiryev, A.V. Dushkin, L.V. Stepanov. Control of unmanned aerial vehicles based on the
detection algorithm // International Scientific Conference on Informatics: Problems, Methodologies and
Technologies, 8-9.02.2018, Voronezh, Russian Federation. IOP Conf. Series: Journal of Physics: Conf. Series 1202
(2019) 012014. – DOI: 10.1088/1742-6596/1202/1/012014.
[19] A.V. Dushkin, A.V. Porfiriev, V.I. Sumin. Algorithm of measurement information processing for hardware and
software complex capture and automatic tracking of unmanned aerial vehicle // Proceedings. 2017 2nd International
Ural Conference on Measurements (UralCon). South Ural State University (national research university),
Chelyabinsk, Russian Federation, October 16-19, 2017. // IEEE, 2017, p. 199-204. –
DOI: 10.1109/URALCON.2017.8120710.
300
�