<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Archiving and Interchange DTD v1.0 20120330//EN" "JATS-archivearticle1.dtd">
<article xmlns:xlink="http://www.w3.org/1999/xlink">
  <front>
    <journal-meta />
    <article-meta>
      <title-group>
        <article-title>Information Technologies of Active Control of Complex Hierarchical Systems under Threats and Information Attacks</article-title>
      </title-group>
      <contrib-group>
        <contrib contrib-type="author">
          <string-name>Volodymyr Sabat</string-name>
          <email>v_sabat@ukr.net</email>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Lyubomyr Sikora</string-name>
          <email>lssikora@gmail.com</email>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Bohdan Durnyak</string-name>
          <email>durnyak@uad.lviv.ua</email>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Olga Fedevych</string-name>
          <email>olha.y.fedevych@lpnu.ua</email>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Natalia Lysa</string-name>
          <email>lysa.nataly@gmail.com</email>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <aff id="aff0">
          <label>0</label>
          <institution>National University «Lviv Polytechnic»</institution>
          ,
          <addr-line>12, Stepan Bandera St., Lviv,, 79000</addr-line>
          ,
          <country country="UA">Ukraine</country>
        </aff>
        <aff id="aff1">
          <label>1</label>
          <institution>Ukrainian Academy of Printing</institution>
          ,
          <addr-line>19, Pid Holoskom St., Lviv, 79020</addr-line>
          ,
          <country country="UA">Ukraine</country>
        </aff>
      </contrib-group>
      <abstract>
        <p>The effect of active information, system and resource threats on the printing technology structure with a hierarchical organization of production is complex, and therefore the identification of influence channels and methods of countering attacks is an important challenge. In order to solve problems of this type, it is necessary, in accordance with the hierarchical structure, to separate the processes of technological, informational, managerial and actual preparation of the printing production product. Accordingly, the primary threats can be made at the stage of document design (content distortion). Information threats and system attacks on the management of the production process have a complex structure and their detection is an important task, as it is necessary to identify sources of threats, channels of attacks and assess the level of risk if attacks occur. According to the protection tasks analysis, the structural scheme of decision-making in technical and publishing systems is substantiated and developed. On the basis of the decisionmaking process studies, the model of man-made structure under threats on ACSPP resources is constructed.</p>
      </abstract>
      <kwd-group>
        <kwd>1 Threats</kwd>
        <kwd>attacks</kwd>
        <kwd>control of hierarchical systems</kwd>
      </kwd-group>
    </article-meta>
  </front>
  <body>
    <sec id="sec-1">
      <title>1. Introduction</title>
      <p>Accordingly, a table has been developed to assess possible intrusion channels and failure criteria and
the risk of destruction of system protection.
2. Control of complex hierarchical structures under threats and information
attacks</p>
      <p>
        Solving the problems of control of complex hierarchical structures under threats and information
attacks requires forming a set of methods for each type of object and system and decompose the
problem into subject-oriented components (Fig. 1) [
        <xref ref-type="bibr" rid="ref18">1</xref>
        ]:
• the localization of the main factors of influence and threats and attacks;
• the assessment of heterogeneities and uncertainties in the structural hierarchy of the system
and levels of risk under threats;
• the physical and statistical analysis of factors of influence, disturbances, threats;
• the identification of cause-effect relationships in the system and the influence of factors on
various components of the structure;
• the organizational and technological models of decision-making processes and management
under uncertainty and risk;
• the identification of the structural organization of the system functioning (block diagrams,
digraphs, topology), the analysis of resources and human potential;
• the identification of models of dynamics of the control object for normal and emergency
modes, strategies of target management;
• the management and coordination strategies, calendar dynamic action plans for all levels of
the hierarchy of corporate, municipal and educational systems.
      </p>
      <p>
        Sustainable operation of permanent systems, taking into account the impact of a set of factors, is
maintained by constant management influences based on decision-making and implementation, both
automatic system and DM (DM – a decision maker) at different levels of the hierarchy of structural
organization [
        <xref ref-type="bibr" rid="ref1 ref2">2–5</xref>
        ].
      </p>
      <p>The decision, in a broad sense, means the choice of action mode to achieve the goals of the system
control. The decision process has two components of activity [6] (Fig. 2):
1. Intellectual one (problem, goal, control, purposeful decision-making strategy);
2. Procedural, organizational and technological one (methods of implementing management
actions).
2.1.</p>
    </sec>
    <sec id="sec-2">
      <title>Analysis of the decision-making process</title>
      <p>Characteristic features of the decision-making process are respectively [7-13] (Fig. 3):
• the ability to choose how to act on a variety of alternatives (action plans) according to a
goaloriented strategy;
• the goal (clear or blurred by the situation) that needs to be realized under threat factors;
• the need for a willful act of DM in choosing the method of solving the problem and the
corresponding mental determination to target actions;
• the timeliness, according to the stages of development and analysis of the situation, solving
the problem of overcoming the crisis of the control system;
• the authority of DM to act within its rights and powers;
• the specificity of the procedure for choosing the method of the control implementation;
• the constructiveness – taking into account the cost of changing the situation and the quality of
management actions in relation to the target based on the analysis of the situation;
• targeting of executive mechanisms of both ACS and DM;
• the implementation of strategies and management plans in accordance with the goal;
• the terminality of time for decision-making and implementation of actions in normal and
emergency situations caused by active threats.</p>
      <p>Thus, the situational control in hierarchical human-machine local and distributed systems is a
method of forming control actions based on strategies for predicting hazards and analyzing their
destructive factors, symptoms and strategies to reduce negative consequences, maintaining the
functional structure and technological modes with limited resources and acceptable product quality
(Fig. 4) [8].</p>
      <p>Accordingly, all actions are formed on a set of control cycles, which corresponds to the allowable
terminal time of their implementation Тці ® {t j=1,m } on the axis Тці . Each cycle corresponds to:
performed by the agent-operator.</p>
      <p>Terminal time is divided into intervals {ti , t i i=1,m } (Fig. 4).</p>
      <p>the assessment of the situation in the system and threats based on data processing;
the formation of a model for the situation solving according to the object condition;
the generation of action plans and acts in accordance with the goal and situation;
the distribution of tasks for intelligent and automatic implementation;
•
•
•
•
•
•
time markers (ti ,i = 1, k ) on the axis of the decision-making interval;
time intervals of operations and actions on Тці ® {t i j=1,m } for every control act {Ai },
• decision-making and its implementation by an active intelligent agent-operator for block
management.</p>
      <p>In this case, the balance condition of real and terminal time on the control cycle, which is formed
by the ACS operator [9], must be met, respectively:</p>
      <p>" Tці МTF {е im= 1t i Ј е im= 1t iT },
wherе t iT</p>
      <p>— is a terminal time interval (t iT ОTF ) for the operation implementation.
decision-making process; (tos ,toa ,tr ),t p ,(t pr ,tl ,tla )
— are time markers needed to complete cycles of
decision-making procedures according to the situation and the target task; ВМ – is an executive
mechanism; ПS – is a state space of the object; Тm — is the terminal time of the decision cycle
(formation and action); Fa, FB, Fc — are factors of influence, probability of occurrence of disturbances
and information attacks and threats to infrastructure; DAi — is the flow of aggregate data on the
control objects condition; (t os , t o , t sr , t pr , t os , t ad , t lk ) — are time intervals of operations
implementation when making decisions on the management cycle under threats and attacks on the
object; CUS — is a goal-oriented system that implements the management strategy.</p>
    </sec>
    <sec id="sec-3">
      <title>3. Threats and crisis situations in hierarchical structures</title>
      <p>Factors of internal and external influence can be the causes of crisis problem situations. Such
factors include:
• natural phenomena (storms, typhoons, floods) threats;
• production and technical processes that went out of normal operation due to loss of reliability of
units;
• political and economic situation;
• insufficient level of the operational staff skills;
• instability of the functional and structural system, random deviations, engineering errors in the
design, system);
• intentional provocative actions of external threats of the target type;
• loss of design documentation as a basis for the formation of action chains in decision-making
and project errors;
• conflict situations in the management team (leadership);
• equipment failures and breakdowns due to active intervention.</p>
      <p>The above factors can negatively affect the decision-making process itself, as well as the
functioning of the hierarchical structure as a whole. Therefore, they need to be analyzed in detail and
their level of risk should be studied in the formation of protection systems, as well as in the process of
functioning of complex hierarchical structures, in particular those located in high-risk areas. It is
necessary to take into account both the losses that may result from the occurrence of negative factors
of external and internal influences, and methods of restoring the information system due to the
occurrence of such factors.
3.1.</p>
      <p>Classification and assessment of threats, research methodology
The threat, as a potential opportunity for attacks, has the ability to damage the IS and its assets. If
the threat is realized, it can interact with the IS and cause unwanted incidents that adversely affect the
system. Threats can be based on both natural and human factors, they can be realized accidentally or
intentionally. Sources of both accidental and intentional threats should be identified and the
probability of their implementation assessed [5-9]. The general classification of threats by type,
action, source and object of action is presented in Fig. 5 [10]. A specialized IS threat catalog
developed by Digital Security2, one of the leading Russian consulting companies in the field of
information security, as well as in the field of assessing the compliance of IS with the requirements of
ISO 27001/ISO 177993, was used to assess threats. In the course of the work, a survey was conducted
among system administrators of printing companies of Ukraine in order to increase the reliability of
assessment of criticality, probability of implementation and frequency of threats. Respondents were
sent a chart of the relationships between ACSPP assets, a table listing ACSPP assets and threats, and
asked to assess the criticality, probability, and frequency of threats to each ACSPP asset, taking into
account the relationships between assets. A scale from 0 to 3 was used for the assessment, where “0”
2 Official website — http://www.dsec.ru.
3 https://www.iso.org/isoiec-27001-information-security.html
is the absence of criticality, probability or frequency of threat to the asset, and “1”, “2” and “3”,
respectively, “low”, “medium” and "high" level of these indicators. The survey involved 10
respondents working in 10 printing companies. In order to cover the widest possible risks of ACSPP,
the analysis of the results was carried out on the principle of "maximum assessment", i.e. the highest
value was selected from a number of assessments of one indicator.</p>
      <p>To conduct research, a scheme of possible types of threats that operate in the control system of the
technological process in printing on the basis of the system concept of classification of threats by
type, action, source and object of action was developed.
3.1.1. Critical threat assessment methodology, which act on the management
information and aggregate structure of the technological system</p>
      <p>Examining the assets of automated control systems for printing production (ACSPP), it can be
concluded that the objects of threats may be one or more assets of ACSPP. Tables 1 – 5 present a list
of possible threats to ACSPP, according to the classification (Fig. 5), as well as the criticality of the
threats implementation to ACSPP assets.</p>
      <p>Table 1</p>
      <sec id="sec-3-1">
        <title>Human physical threats aimed at IS resources</title>
        <p>Criticality of the threat to the asset of ACSPP
f
o
s
e
l
u
do PP
rem SCA
a
w
t
f
o
S
6</p>
        <sec id="sec-3-1-1">
          <title>Threat</title>
        </sec>
      </sec>
      <sec id="sec-3-2">
        <title>Threat</title>
      </sec>
      <sec id="sec-3-3">
        <title>Disaster</title>
      </sec>
      <sec id="sec-3-4">
        <title>Technogenic disaster</title>
      </sec>
      <sec id="sec-3-5">
        <title>Military action</title>
      </sec>
      <sec id="sec-3-6">
        <title>Revolution</title>
      </sec>
      <sec id="sec-3-7">
        <title>Terrorist act</title>
      </sec>
      <sec id="sec-3-8">
        <title>Fire</title>
      </sec>
      <sec id="sec-3-9">
        <title>Lightning strikes</title>
      </sec>
      <sec id="sec-3-10">
        <title>Cross-reference</title>
      </sec>
      <sec id="sec-3-11">
        <title>Failure of external energy sources</title>
      </sec>
      <sec id="sec-3-12">
        <title>Failure of internal (reserve) energy sources</title>
      </sec>
      <sec id="sec-3-13">
        <title>Sharp voltage fluctuations in the power grid</title>
      </sec>
      <sec id="sec-3-14">
        <title>Ventilation system failure</title>
      </sec>
      <sec id="sec-3-15">
        <title>Air conditioning system failure</title>
      </sec>
      <sec id="sec-3-16">
        <title>Heating system failure</title>
      </sec>
      <sec id="sec-3-17">
        <title>Violation of the circuit of closed systems near IS objects</title>
        <p>3
3
3
3
3
4 The criticality of the treat is a measure of damage caused by this threat in its implementation.</p>
        <p>Threat
0
0
0
0
0
0
0
0</p>
        <sec id="sec-3-17-1">
          <title>Change of the user privileges when running exploits that use local OS vulnerabilities</title>
        </sec>
        <sec id="sec-3-17-2">
          <title>Local OS vulnerabilities that do not require an exploit to run the threat</title>
        </sec>
        <sec id="sec-3-17-3">
          <title>Running files with viruses that affect the OS</title>
        </sec>
        <sec id="sec-3-17-4">
          <title>Running the OS from external media</title>
        </sec>
        <sec id="sec-3-17-5">
          <title>Modification of OS components 1</title>
        </sec>
        <sec id="sec-3-17-6">
          <title>Failure to service the OS</title>
          <p>0 0 0 0
0 0 0 0
0 0 0 0
2 3 4 5
0 0 0 0</p>
        </sec>
        <sec id="sec-3-17-7">
          <title>Local logical threats aimed at software</title>
        </sec>
        <sec id="sec-3-17-8">
          <title>Change of the user privileges when running exploits 0 0 0 0 that use local software vulnerabilities</title>
        </sec>
        <sec id="sec-3-17-9">
          <title>Local application software vulnerabilities that do 0 0 0 0 not require an exploit to run the threat</title>
        </sec>
        <sec id="sec-3-17-10">
          <title>Opening files with macro viruses 0 0 0 0</title>
        </sec>
        <sec id="sec-3-17-11">
          <title>Modification of application software 0 0 0 0</title>
        </sec>
        <sec id="sec-3-17-12">
          <title>Failure to service the application software 0 0 0 0</title>
        </sec>
        <sec id="sec-3-17-13">
          <title>Local logical threats aimed at information,</title>
          <p>stored and processed on the resource</p>
        </sec>
        <sec id="sec-3-17-14">
          <title>Unauthorized modification of information in the 0 0 0 0 database stored on the resource</title>
        </sec>
        <sec id="sec-3-17-15">
          <title>Unauthorized modification of information in the e- 0 0 0 0 mail system stored on the resource</title>
        </sec>
        <sec id="sec-3-17-16">
          <title>Unauthorized modification of electronic documents 0 0 0 0 containing valuable information</title>
        </sec>
        <sec id="sec-3-17-17">
          <title>Unauthorized reading of confidential information in 0 0 0 0 the database stored on the resource</title>
        </sec>
        <sec id="sec-3-17-18">
          <title>Unauthorized reading of messages in the e-mail 0 0 0 0 system stored on the resource</title>
        </sec>
        <sec id="sec-3-17-19">
          <title>Unauthorized reading of confidential information in 0 0 0 0 electronic documents stored on the resource</title>
        </sec>
        <sec id="sec-3-17-20">
          <title>Loss or violation of the integrity of information 0 0 0 0 stored on the resource due to improper operation of the software</title>
        </sec>
        <sec id="sec-3-17-21">
          <title>Unauthorized malicious use of e-mail by an 0 0 0 0 infringer on behalf of a legal user</title>
        </sec>
        <sec id="sec-3-17-22">
          <title>Deletion of valuable information stored in the 0 0 0 0 database by the violator</title>
        </sec>
        <sec id="sec-3-17-23">
          <title>Deletion of e-mails by the violator 0 0 0 0 Deletion of electronic documents containing 0 0 0 0 valuable information by the violator 2</title>
          <p>2
2
2
2
6
2
2
2
2
2
2
0
0
0
0
0
0
0
0
0
3
3
3
3
3
7
3
3
3
3
3
3
0
0
0
0
0
0
0
0
0
3
3
3
3
3
8
3
3
3
3
3
3
3
0
0
0
0
0
3
0
3
0
2</p>
          <p>Criticality of the threat to the asset of ACSPP</p>
        </sec>
      </sec>
      <sec id="sec-3-18">
        <title>Threat</title>
      </sec>
      <sec id="sec-3-19">
        <title>Collection of information about the OS 0 0 0 0 0</title>
      </sec>
      <sec id="sec-3-20">
        <title>Collection of information about the OS 0 0 0 0 0</title>
      </sec>
      <sec id="sec-3-21">
        <title>Launch of exploits that use remote OS 0 0 0 0 3 vulnerabilities</title>
      </sec>
      <sec id="sec-3-22">
        <title>Remote logical threats aimed at network services</title>
      </sec>
      <sec id="sec-3-23">
        <title>Network service failure due to internal 0 0 0 0 0 software failure</title>
      </sec>
      <sec id="sec-3-24">
        <title>Launch of exploits that use remote network 0 0 0 0 0 service vulnerabilities and result in denial of service</title>
      </sec>
      <sec id="sec-3-25">
        <title>Running exploits that use remote network 0 0 0 0 0 service vulnerabilities and cause arbitrary code to run on a remote PC</title>
      </sec>
      <sec id="sec-3-26">
        <title>User mailbox overflow 0 0 0 0 0</title>
      </sec>
      <sec id="sec-3-27">
        <title>Selection of user authentication data 0 0 0 0 0</title>
      </sec>
      <sec id="sec-3-28">
        <title>Remote collection of information about 0 0 0 0 0 network services</title>
      </sec>
      <sec id="sec-3-29">
        <title>Remote logical threats aimed at information, processed by network services</title>
      </sec>
      <sec id="sec-3-30">
        <title>Interception of information provided by 0 0 0 0 0 network services using vulnerabilities in data transmission protocols</title>
      </sec>
      <sec id="sec-3-31">
        <title>Logical threats aimed at network equipment</title>
      </sec>
      <sec id="sec-3-32">
        <title>Unauthorized access to the network device at 3 0 0 0 3 the software level</title>
      </sec>
      <sec id="sec-3-33">
        <title>Denial of service at the software level 3 0 0 0 0</title>
        <p>Unauthorized connection to wireless networks 0 0 0 0 0</p>
      </sec>
      <sec id="sec-3-34">
        <title>Remote logical threats to communication protocols</title>
        <p>Interception of network traffic at the logical 0 0 0 0 0
level due to incorrect configuration of network
devices or inability to differentiate traffic
between network nodes
0
0
3
0
0
2
0
0
0
0
3
0
0
3
0
0
2
0
0
0
0
3</p>
        <p>Criticality of the threat to the asset of ACSPP</p>
      </sec>
      <sec id="sec-3-35">
        <title>Threat</title>
      </sec>
      <sec id="sec-3-36">
        <title>Unavailability of information due to incapacity 0 0 0 0 0 of IS users who have this information</title>
      </sec>
      <sec id="sec-3-37">
        <title>Improper functioning of IS due to the inability 2 2 2 2 2 of the administrator</title>
      </sec>
      <sec id="sec-3-38">
        <title>Reduced response to information security 2 2 2 2 2 incidents due to administrator incapacity Violation of business continuity due to physical 0 0 0 0 0 action on the company employee</title>
      </sec>
      <sec id="sec-3-39">
        <title>Threats related to psychological effects on humans</title>
      </sec>
      <sec id="sec-3-40">
        <title>Disclosure of confidential information as a 0 0 0 0 0 result of psychological actions of third parties on the company employee</title>
      </sec>
      <sec id="sec-3-41">
        <title>Substitution of information as a result of 0 0 0 0 0</title>
        <p>psychological actions of outsiders on the</p>
        <p>company employees
Modification or destruction of information as a 0 0 0 0 3
result of psychological actions of third parties
on the company employees</p>
        <p>1 2 3 4 5 6</p>
      </sec>
      <sec id="sec-3-42">
        <title>Unavailability of information due to incapacity 0 0 0 0 0 of IS users who have this information</title>
      </sec>
      <sec id="sec-3-43">
        <title>Improper functioning of IS due to the inability 2 2 2 2 2 of the administrator</title>
      </sec>
      <sec id="sec-3-44">
        <title>Reduced response to information security 2 2 2 2 2 incidents due to administrator incapacity</title>
      </sec>
      <sec id="sec-3-45">
        <title>Threats related to psychological effects on humans</title>
      </sec>
      <sec id="sec-3-46">
        <title>Disclosure of confidential information by the 0 0 0 0 0 company employees</title>
      </sec>
      <sec id="sec-3-47">
        <title>Modification or destruction of information by 0 0 0 0 0 the company employees</title>
      </sec>
      <sec id="sec-3-48">
        <title>Substitution of information by the company 0 0 0 0 0 employees</title>
      </sec>
      <sec id="sec-3-49">
        <title>Threats related to unintentional actions of the staff</title>
      </sec>
      <sec id="sec-3-50">
        <title>Violation of information confidentiality due to 0 0 0 0 0 unintentional actions</title>
      </sec>
      <sec id="sec-3-51">
        <title>Unintentional violation of information 0 0 0 0 3 integrity Unintentional deletion of critical information 0 0 0 0 3 0</title>
        <p>2
2
0
3
3
3
7
0
2
2
3
3
3
3
3
0
2
2
0
3
3
3
9
0
2
2
3
3
3
3
3</p>
        <p>As some threats are not critical to any of ACSPP assets, there is no need to provide further results
of their assessment.</p>
        <p>Comparing the data from Table 1 - 5, it is possible to make the list of the most critical threats for
typical ACSPP:
1. Human physical threats aimed at IS resources:
• unauthorized use of equipment;
• damage or intentional change of equipment operation modes
• disclosure, transfer or loss of access restriction attributes;
2. Human physical threats aimed at IS communication channel:
• Cable damage;
3. Global physical threats aimed at IS (full list of threats);
4. Local physical threats aimed at IS:
• cross-reference;
• failure of external energy sources;
• failure of internal (reserve) energy sources;
• sharp voltage fluctuations in the power grid;
• air conditioning system failure;
5. Physical threats related to the equipment failure:
• loss of information as a result of data carrier failure;
• defective data carriers;
• reduction of equipment reliability after the end of its service life;
• data loss or system malfunction due to overflow of storage devices;
6. Local logical threats aimed at OS:
• running files with viruses that affect the OS;
• running the OS from external media;
• modification of OS components;
• failure to service the OS;
7. Local logical threats aimed at software:
• opening files with macro viruses;
• modification of application software;
• failure to service the application software;</p>
        <p>Thus, a list of critical threats to ACSPP is received, which may occur with a medium or high
probability and cause significant damage to one or more assets, which will lead to serious violations
in the work of ACSPP. For a more accurate analysis of threats in ACSPP, it is also necessary to
analyze the probability of their detection and the frequency of recurrence over a period of time, which
is planned to be done in future studies.</p>
      </sec>
    </sec>
    <sec id="sec-4">
      <title>4. Conclusions</title>
      <p>The analysis of information support of the complex system control process with a hierarchical
structure under threats is done as well as the process of document circulation in the formation and
decision-making process, based on which a structural and functional scheme is developed and
substantiated to counter threats and attacks on the control process in the hierarchical structure.</p>
      <p>The block diagram of decision-making in technical and publishing systems under risk is
substantiated and developed.</p>
      <p>The characteristic features of the decision-making process and parameters affecting this process
are analyzed, as a result of which a model of technogenic structure under threats to resources is
constructed.</p>
      <p>Management actions on a set of control cycles to which the admissible time of their performance
corresponds are studied and the block diagram of the scenario of situational management under
threats on a terminal cycle is constructed.</p>
      <p>The system concept of classification of threats and crisis situations in hierarchical structures by
type, action, source and object of action, influencing the decision-making processes, is presented.</p>
      <p>A survey of ACSPP system administrators is conducted in order to increase the reliability of
assessing the threat criticality. Based on the studied data, the most critical threats to a typical
automatic control system are presented.</p>
      <p>The results of research can be implemented in the design of control and protection systems not
only for automatic control systems, but also for any complex systems with a hierarchical structure
under threats and crises.</p>
    </sec>
    <sec id="sec-5">
      <title>5. References</title>
    </sec>
  </body>
  <back>
    <ref-list>
      <ref id="ref1">
        <mixed-citation>
          <article-title>3 3 3 Local physical threats aimed at IS</article-title>
        </mixed-citation>
      </ref>
      <ref id="ref2">
        <mixed-citation>
          <issue>2 2 2</issue>
          [1] .B.
          <string-name>
            <surname>Boyer</surname>
          </string-name>
          , Countering Hybrid Threats in Cyberspace.
          <source>Cyber Defense Review</source>
          . Vol.
          <volume>2</volume>
          Ed. 3,
        </mixed-citation>
      </ref>
      <ref id="ref3">
        <mixed-citation>
          <year>2015</year>
          .
          <volume>11</volume>
          . [2]
          <string-name>
            <surname>Groome</surname>
            ,
            <given-names>D.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Brace</surname>
            ,
            <given-names>N.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Edgar</surname>
            ,
            <given-names>G.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Edgar</surname>
            ,
            <given-names>H.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Eysenck</surname>
            ,
            <given-names>M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Gobet</surname>
            ,
            <given-names>F.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Law</surname>
            ,
            <given-names>R.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Manly</surname>
            ,
            <given-names>T.</given-names>
          </string-name>
          , Ness,
        </mixed-citation>
      </ref>
      <ref id="ref4">
        <mixed-citation>
          <string-name>
            <surname>Disorders. Routledge</surname>
          </string-name>
          , 4th edn. (
          <year>2021</year>
          ). https://doi.org/10.4324/9781351020862 Title Suppressed
        </mixed-citation>
      </ref>
      <ref id="ref5">
        <mixed-citation>
          <source>Due to Excessive Length</source>
          <volume>11</volume>
          [3]
          <string-name>
            <surname>Andonov</surname>
            ,
            <given-names>S. Safety</given-names>
          </string-name>
          <article-title>Accidents in Risky Industries: Black Swans, Gray Rhinos</article-title>
          and Other
        </mixed-citation>
      </ref>
      <ref id="ref6">
        <mixed-citation>
          <string-name>
            <given-names>Adverse</given-names>
            <surname>Events</surname>
          </string-name>
          . CRC Press,
          <year>1st</year>
          edn. (
          <year>2021</year>
          ).https://doi.org/10.1201/9781003230298 [4]
          <string-name>
            <surname>Boy</surname>
            ,
            <given-names>G.A.</given-names>
          </string-name>
          :
          <article-title>The Handbook of Human-Machine Interaction: A Human-Centered Design</article-title>
        </mixed-citation>
      </ref>
      <ref id="ref7">
        <mixed-citation>
          <string-name>
            <surname>Approach.</surname>
          </string-name>
          CRC Press,
          <year>1st</year>
          edn. (
          <year>2011</year>
          ). https://doi.org/10.1201/9781315557380 [5]
          <string-name>
            <given-names>L.</given-names>
            <surname>Sikora</surname>
          </string-name>
          ,
          <string-name>
            <given-names>R.</given-names>
            <surname>Tkachuk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>N.</given-names>
            <surname>Lysa</surname>
          </string-name>
          ,
          <string-name>
            <given-names>I.</given-names>
            <surname>Dronyuk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>O.</given-names>
            <surname>Fedevych</surname>
          </string-name>
          ,
          <string-name>
            <given-names>R.</given-names>
            <surname>Talanchyk</surname>
          </string-name>
          . Information-resource
        </mixed-citation>
      </ref>
      <ref id="ref8">
        <mixed-citation>
          <article-title>cause and category diagrams integration</article-title>
          .
          <source>IntellTSIS 2021. Proceedings of the 2nd International</source>
        </mixed-citation>
      </ref>
      <ref id="ref9">
        <mixed-citation>
          <string-name>
            <surname>CEUR-WS</surname>
            <given-names>Khmelnytskyi</given-names>
          </string-name>
          , Ukraine, March
          <volume>24</volume>
          -26,
          <year>2021</year>
          . Vol.
          <volume>2853</volume>
          , pp.
          <fpage>398</fpage>
          -
          <lpage>416</lpage>
          . [6]
          <string-name>
            <given-names>L.</given-names>
            <surname>Sikora</surname>
          </string-name>
          ,
          <string-name>
            <given-names>R.</given-names>
            <surname>Tkachuk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>N.</given-names>
            <surname>Lysa</surname>
          </string-name>
          ,
          <string-name>
            <given-names>I.</given-names>
            <surname>Dronyuk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>O. Fedevych</given-names>
            <surname>Information</surname>
          </string-name>
          and Logic Cognitive
        </mixed-citation>
      </ref>
      <ref id="ref10">
        <mixed-citation>
          <article-title>Technologies of Decision-making in Risk Conditions</article-title>
          .
          <source>IntellTSIS 2020. Proceedings of the 1st</source>
        </mixed-citation>
      </ref>
      <ref id="ref11">
        <mixed-citation>
          <string-name>
            <surname>Security. Khmelnytskyi</surname>
          </string-name>
          , Ukraine, June 10-12,
          <year>2020</year>
          . pp.
          <fpage>340</fpage>
          -
          <lpage>356</lpage>
          . http://ceur-ws.
          <source>org/</source>
          Vol-
        </mixed-citation>
      </ref>
      <ref id="ref12">
        <mixed-citation>
          <volume>2623</volume>
          /paper29.pdf [7]
          <string-name>
            <surname>Bhise</surname>
            ,
            <given-names>V.D.</given-names>
          </string-name>
          :
          <article-title>Decision-Making in Energy Systems</article-title>
          . CRC Press,
          <year>1st</year>
          edn. (
          <year>2021</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref13">
        <mixed-citation>
          https://doi.org/10.1201/9781003107514 [8]
          <string-name>
            <surname>Kozlova</surname>
            ,
            <given-names>L.P.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Kozlova</surname>
            ,
            <given-names>O.A.</given-names>
          </string-name>
          :
          <article-title>Using of fuzzy set theory when designing technical systems</article-title>
          . In:
        </mixed-citation>
      </ref>
      <ref id="ref14">
        <mixed-citation>
          2015
          <string-name>
            <given-names>XVIII</given-names>
            <surname>International</surname>
          </string-name>
          <article-title>Conference on Soft Computing and Measure-ments (SCM)</article-title>
          . pp.
        </mixed-citation>
      </ref>
      <ref id="ref15">
        <mixed-citation>
          <volume>193</volume>
          {
          <fpage>194</fpage>
          (
          <year>2015</year>
          ). https://doi.org/10.1109/SCM.
          <year>2015</year>
          .
          <volume>7190453</volume>
          [9]
          <string-name>
            <surname>Tattam</surname>
            ,
            <given-names>D.</given-names>
          </string-name>
          :
          <article-title>A Short Guide to Operational Risk. Routledge, 1st edn</article-title>
          .
        </mixed-citation>
      </ref>
      <ref id="ref16">
        <mixed-citation>
          (
          <year>2011</year>
          ).https://doi.org/10.4324/9781315263649 [10]
          <string-name>
            <surname>Hovorushchenko</surname>
            <given-names>T.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Pavlova</surname>
            <given-names>O</given-names>
          </string-name>
          .
          <article-title>Method of Activity of Ontology-Based Intelligent Agent for</article-title>
        </mixed-citation>
      </ref>
      <ref id="ref17">
        <mixed-citation>
          <string-name>
            <surname>Computing</surname>
          </string-name>
          .
          <year>2019</year>
          . Vol.
          <volume>836</volume>
          . Pp.
          <volume>169</volume>
          -
          <fpage>178</fpage>
          . doi:
          <volume>10</volume>
          .1007/978-3-
          <fpage>319</fpage>
          -97885-7_
          <fpage>17</fpage>
          [11]
          <string-name>
            <surname>Wiggins</surname>
            ,
            <given-names>M.W.</given-names>
          </string-name>
          :
          <article-title>Introduction to Human Factors for Organisational Psychologists</article-title>
          . CRC Press,
        </mixed-citation>
      </ref>
      <ref id="ref18">
        <mixed-citation>
          <article-title>1st edn</article-title>
          . (
          <year>2022</year>
          ). https://doi.org/10.1201/9781003229858 [12]
          <string-name>
            <given-names>S.</given-names>
            <surname>Demri</surname>
          </string-name>
          ,
          <string-name>
            <given-names>V.</given-names>
            <surname>Goranko</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Lange</surname>
          </string-name>
          . Temporal Logics in Computer Science, Cambridge:
        </mixed-citation>
      </ref>
      <ref id="ref19">
        <mixed-citation>
          Cambridge University Press.
          <year>2016</year>
          .
          <volume>752</volume>
          р. [13]
          <string-name>
            <surname>Balyk</surname>
            ,
            <given-names>V.M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Thuong</surname>
            ,
            <given-names>N.Q.</given-names>
          </string-name>
          <article-title>Statistical synthesis of the principle of ra-tional organization of a</article-title>
        </mixed-citation>
      </ref>
      <ref id="ref20">
        <mixed-citation>
          <article-title>complex technical system</article-title>
          . In: 2019 InternationalConference on Engineering and
        </mixed-citation>
      </ref>
      <ref id="ref21">
        <mixed-citation>
          <article-title>Telecommunication (EnT)</article-title>
          . pp.
          <volume>1</volume>
          {
          <issue>4</issue>
          (
          <year>2019</year>
          ). https://doi.org/10.1109/EnT47717.
          <year>2019</year>
          .
          <volume>9030569</volume>
          . [14]
          <string-name>
            <given-names>F.G.</given-names>
            <surname>Hoffman. Hybrid Warfareand</surname>
          </string-name>
          <string-name>
            <surname>Challenges</surname>
          </string-name>
          ,
          <source>Joint Forces Quarterly</source>
          <volume>52</volume>
          ,
          <year>2009</year>
          .
        </mixed-citation>
      </ref>
    </ref-list>
  </back>
</article>