Center for Strategic Assessment and forecasts

Autonomous non-profit organization

Home / Defence and security / / Analytics
Comprehensive information attack type "cyber strike" on an industrial automated system: anatomy of phenomena and approaches for protection
Material posted: Publication date: 30-10-2011

The material in this report the analysis of the technology of preparation of the economic crisis different scale by organizing and hosting automated systems that control the production of goods or services, an integrated distributed active information attacks, called cyber strike. The directions of countermeasures against this type of intrusion with the goal of eliminating threats to economic security of the enterprise, the industry or the country as a whole.

The basis of any economy is material production, which is a complex process of transformation of raw materials, semi-finished products and other objects of labor into finished products that meet the needs of society. Material production consists of various kinds of production processes, the structure which forms the consolidation of main, auxiliary, servicing and other processes in sequence [1].

In modern conditions, especially in automated production, the trend is toward integration of the basic and auxiliary processes. In particular, in flexible automated complexes combined in a single production process the basic, pick, warehousing and transport operations.

The main part of the manufacturing process are the technological processes, the implementation of which is changing the geometrical shapes, sizes and physico-chemical properties of the objects of labor. Thus each process has a so-called critical components (FAC), the dysfunction of which leads to the disruption of production process as a whole.

In the information society most of the production processes in enterprises using a variety of automated systems (as). Part of the processes (especially, auxiliary and service production processes, related data exchange and logistics management) directly snapped to a global AU which, in essence, is the Internet. This approach allows us to improve the quality of services and reduce the cost of goods.

The automated system refers to organizational-technical Association of the personnel of the enterprise, automation of its activities, is placed in the structural units and interconnected with other AC through communication lines of different physical nature.

The main task of AC is to support the production and technological processes within given parameters through the provision of timely government entities and managed objects necessary information resources. The information resource may be considered and control actions according to the technology of production of goods and services, and data from various sensors, controlling a technological process, and various kinds of information of an economic nature for the management and the relevant departments of the enterprise, and information and logistics character, and more associated with the normal operation of production.

By analogy with critically important components of production and technological processes, information processes, implemented automated systems, you can also select so-called critical information segments (KIPO) [5].

Depending on the size of the company and tasks of the AU can be Autonomous, local, regional, global. In addition, as individual enterprises can be United into industrial automated system.

In General any speaker regardless of its scale and purpose can be represented as a set of nodes of different rank (levels) that interact with each other using communication channels. Thus each node can distinguish [6]:

  • tools hardware;
  • system-wide software (HPF);
  • applied (special) software (CFA).

On each node of the AU may be stored and processed information resources, user access to which can be carried out through local or network communication.

In the conditions when the information is an integral (and sometimes the main) component of modern production, one of the main objectives of the AU is to protect its information resources from unauthorized access (unauthorized access), and critical information segments from destructive effects. In the article unauthorized access to information resources of the AU refers to the deliberate purposeful violation of one of the three properties of information: confidentiality, integrity, or availability, and operability of software and hardware of its acceptance, storage, processing, display and transmission.

 

Matvienko Yu.


RELATED MATERIALS: Defence and security
Возрастное ограничение