ArticlePDF Available

CONCEPTION AND APPLICATION OF DEPENDABLE INTERNET OF THINGS BASED SYSTEMS

Authors:
  • National Aerospace University "Kharkiv Aviation Institute"
  • Software Development Hub

Abstract and Figures

Context. The problem is in the design, development, maintenance and commissioning of interoperable dependable systems using on the Internet of Things based on von Neumann paradigm of “building reliable systems from unreliable components” for dependable service-oriented systems and infrastructures. Objective. The goals of the paper are in the development of concepts and principles and assessment technologies for creation and maintenance of complex critical systems based on Internet of Things (IoT) as well as the implementation of research in various domains. Method. In the paper, the concept of development of dependable systems on the basis of the Internet of things is described. The multisectoral analysis of methods and models of reliability and cybersecurity (dependability) evaluation of information and control systems of critical applications using the Internet of things has been performed for different domains: power, healthcare, industrial, etc. The analysis has shown that some software failures and malfunctions, cyberattacks and consequences of the influence of attacks are identical for all domains, but there are specific features for each domain, which are necessary to consider at working out of methodology of maintenance of dependability of reliability of systems of critical applications using the Internet of things. Results. The developed conception, methods, tools and technologies for the creation and implementation of dependable information & control systems for critical applications based on the Internet of Things. Conclusions. The paper proposes a conception that includes a set of scientific and applied tasks for the development of methods, tools and technologies for the creation and implementation of dependable information & analytical and information & control systems for critical applications based on the Internet of Things. The prospects for further research may include the detailing of the developed models, methods and technologies to ensure the dependability of complex information & control systems for critical applications based on the Internet of Things.
Content may be subject to copyright.
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
UDC 004.93
CONCEPTION AND APPLICATION OF DEPENDABLE
INTERNET OF THINGS BASED SYSTEMS
Illiashenko О. О. – PhD, Associate Professor of Computer systems, networks and cybersecurity department, Na-
tional aerospace university “KhAI”, Kharkiv, Ukraine.
Kolisnyk М. А. – PhD, Associate Professor of Computer systems, networks and cybersecurity department, National
aerospace university “KhAI”, Kharkiv, Ukraine.
Strielkina А. E. – PhD, Assistant Lecturer of Computer systems, networks and cybersecurity department, National
aerospace university “KhAI”, Kharkiv, Ukraine.
Kotsiuba І. V. – PhD, Lead Project Engineer of Pukhov Institute for Modelling in Energy Engineering of National
Academy of Sciences of Ukraine, Kyiv, Ukraine.
Kharchenko V. S. – Dr. Sc., Professor and Laureate of the State Prize of Ukraine in the field of science and
technology, Honored Inventor of Ukraine, Head of Computer systems, networks and cybersecurity department, National
aerospace university “KhAI”, Kharkiv, Ukraine.
ABSTRACT
Context. The problem is in the design, development, maintenance and commisioning of interoperable dependable systems using
on the Internet of Things based on von Neumann paradigm of “building reliable systems from unreliable components” for
dependable service-oriented systems and infrastructures.
Objective. The goals of the paper are in the development of concepts and principles and assessment technologies for creation and
maintenance of complex critical systems based on Internet of Things (IoT) as well as implementation of research in various domains.
Method. In the paper the concept of development of dependable systems on the basis of the Internet of things is described. The
multisectoral analysis of methods and models of reliability and cybersecurity (dependability) evaluation of information and control
systems of critical applications using the Internet of things has been performed for different domains: power, healthcare, industrial,
etc. The analysis has shown that some software failures and malfunctions, cyberattacks and consequences of influence of attacks are
identical for all domains, but there are specific features for each domain, which are necessary to consider at working out of method-
ology of maintenance of denepdability of reliability of systems of critical applications using the Internet of things.
Results. The developed conception, methods, tools and technologies for the creation and implementation of dependable informa-
tion & control systems for critical applications based on the Internet of Things.
Conclusions. The paper proposes a conception that includes a set of scientific and applied tasks for the development of methods,
tools and technologies for the creation and implementation of dependable information & analytical and information & control sys-
tems for critical applications based on the Internet of Things. The prospects for further research may include the detailing of the de-
veloped models, methods and technologies to ensure the dependability of complex information & control systems for critical applica-
tions based on the Internet of Things.
KEYWORDS: Information and control systems of critical applications, Internet of Things, dependability, cybersecurity, func-
tional safety.
ABBREVIATIONS
DDoS – Distributed Denial of Services;
ICSIoT – Information & Control Systems based on
Internet of Things;
ICT – Information and Communication Technologies;
IoT – Internet of Things;
LAN – Local Area Network;
USB – Universal Serial Bus.
NOMENCLATURE
λij is a failure rate or attack rate;
µij is a recovery rate;
Pi(t) is a probability of finding the ICSIoT system in
each of the states;
AC(t) is an availability function.
INTRODUCTION
One of the promising areas of modern information and
telecommunication technologies development is the IoT.
The infrastructure of interconnected objects, people, sys-
tems and information resources together with intelligent
services allowing them to process information, combine
the physical and virtual world is a paradigm of IoT, which
ensures the integration of any electronic device into the
Internet environment. Areas of application of IoT are in-
formation & analytical and information & control systems
of manufacturing, energy, defense, transport, construc-
tion, healthcare, smart cities and buildings.
IoT-based technologies are implemented both in every-
day life, where they increase comfort and quality of life,
and in the so-called critical systems, which must provide a
high level of reliability, safety for long-term use, and meet
strict national and international standards. Information &
analytical and information & control systems of critical
applications (energy, aerospace and transport complexes,
medical equipment and communications) based on the IC-
SIoT are a separate class of such systems [1].
Failures of such systems are possible due to software
design defects, physical defects of hardware, attacks on
system vulnerabilities. Adverse effects and attacks on
vulnerabilities in ICSIoT components, software, and data-
bases can occur at each of these levels. The target of at-
139
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
tackers can be data, video and audio recordings, disabling
hardware and software components.
It is important for ICSIoT to ensure the protection and
tolerance of systems to failures of various natures, i.e. to
ensure their dependability. Dependability is a complex
property of the system to perform appropriate functions
and provide services that can be justifiably trusted [2].
Dependability combines reliability, functionality and cy-
bersecurity, which is very important in the requirements
regulation, evaluation, creation and use of critical systems
in general as much as systems based on the IoT in particu-
lar. It should be emphasized that systems based on IoT
technologies consist of hardware, software, communica-
tion components of different reliability and security lev-
els. Therefore, there is a contradiction between the re-
quirements for dependability (reliability and safety) of
ICSIoT and the level of characteristics of the dependabil-
ity of their components in an aggressive physical and in-
formation environment, between the capabilities of ap-
propriate technologies and inspiring methods and means
of creating critical systems using IoT. Therefore, it is nec-
essary to consider the concept of ensuring the
dependability of critical systems based on IoT, which
combines the principles, methods and tools of analysis,
evaluation and ensuring the reliability, security and
dependability of these systems as a whole.
1 PROBLEM STATEMENT
The purpose of the paper: development of concepts
and principles, systematization of models and methods to
ensure ICSIoT compliance with reliability and safety re-
quirements, review of assessment technologies, creation
and maintenance of such systems and implementation of
research results of authors in creating ICSIoT in various
domains.
The scientific novelty and applied task, which is
solved in the work, is the development of methods, means
and technologies of creation and introduction of capable
information-analytical and information-control systems of
critical application on the basis of the IoT.
In accordance with the purpose of the work the fol-
lowing tasks are solved:
1. The concept, principles of dependable ICSIoT are
offered.
2. The normative profile of ICSIoT is developed,
which takes into account and harmonizes the list and con-
tent of requirements of international and national stan-
dards for reliability, availability, functional and cyberse-
curity and modernization.
3. Mathematical models and methods for assessing the
performance, availability, functionality and cybersecurity
of ICSIoT, which take into account various types of fail-
ures and cyberattacks on systems, allow to analyze their
functional behavior and formulate recommendations for
the choice of hardware and software components, archi-
tecture, interaction protocols and more.
4. Methods of development of capable ICSIoT for
various complexes (medical, power, industrial, communi-
cation, etc.) and maintenance of their reliability and safety
at creation, modernization and use are offered.
5. Developed and implemented information technolo-
gies to support decision-making in the creation, moderni-
zation and maintenance of ICSIoT.
To solve the set tasks, it is necessary to create models
and methods that will allow assessing the reliability,
availability, and reliability of the system. The apparatus of
Markov models has proven itself well in assessing IC-
SIoT system availability. The following assumptions were
made when creating the models and simulations. Assump-
tions in Markov model development:
– current system hardware failures are subject to Pois-
son distribution;
– the flow of subsystem failures is governed by Pois-
son’s distribution law because the results of monitoring
and diagnostics, antivirus software testing have corrected
a secondary error (the result of the accumulation of pri-
mary errors and defects, software bookmarks) and to cor-
rect software failures or failures, troubleshooting or con-
sequences code, attacks on DoS – and DDoS – the num-
ber of primary software defects constantly. Therefore, it is
true to assume that the flow of software failures is subject
to Poisson propagation, the failure rate is constant;
– the model does not take into account that the elimi-
nation of software vulnerabilities and design errors
change the parameters of the failure flow (and recovery).
Markov’s model theory is used to study the reliability of
ICSIoT, because the failure rate of hardware and software
and the presence of software vulnerabilities are constant.
The main parameters indicated on the graph of
Markov model – the transition rates from one state to an-
other: λij, µij. Several models are used to create the con-
ception and application of dependable IoT based systems.
The initial data for the models, which are used in concep-
tion, are different for different models. For the model,
described in this paper, initial data are:
λ1317=5,710–4 1/h; λ1517=110–5 1/h; λ1617=110–6 1/h;
λ218=110–5 1/h; λ318=110–5 1/h; λ1320=110–6 1/h;
λ1520=110–6 1/h; λ2017=1,1410–3 1/h; λ120=110–6 1/h;
µ67=60 1/h; µ141=0,125 1/h; µ111=0,5 1/h; µ32=40 1/h;
µ42=30 1/h; µ52=30 1/h; µ1513=50 1/h; µ1613=60 1/h;
µ71=0,02 1/h; µ87=2 1/h; µ81=30 1/h; µ101=1 1/h;
µ121=5 1/h; µ181=1 1/h; µ191=0,02 1/h; µ91=1 1/h;
µ171=1 1/h; µ188=60 1/h; µ61=0,02 1/h; µ2021=60 1/h;
µ221=20 1/h; µ211=30 1/h; µ1722=60 1/h; µ201=40 1/h;
µ2113=20 1/h.
2 REVIEW OF THE LITERATURE
The analysis of known proceedings, projects and ex-
perience of such systems operation allows formulating the
purpose and objectives of research conducted by the au-
thors over the past 10 years. Currently, there are publica-
tions of many authors who have conducted research in the
following areas: critical application systems reliability,
IoT systems cybersecurity, Web-services dependability,
critical application systems dependability, IoT systems,
IoT systems dependability.
140
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
The issues of research and development of dependable
systems were considered in the following scientific
proceedings. In [1] the basic methods of modeling, design
and evaluation, as well as providing dependable IoT
systems described, their architecture and the particular
implementation are introduced. In [2] the basic concepts
of dependability are introduced, and it is shown that it
combines the system’s reliability and cybersecurity, the
classification of different types of failures, threats and
their attributes.
In [3] the modified taxonomic scheme of system
dependability taking into account the changes of
functional requirements, dependability requirements,
computer systems environment characteristics, including
an operating cycle and levels of maintenance of fault
tolerance is offered, the taxonomy of multiversion
calculations in dependable systems is generalized.
Study of the design and architecture of IoT systems
and their dependability were considered in next scientific
proceedings: in [4] the analysis and the classification of
technologies, protocols and applications of IoT and their
interaction with big data technologies and cloud and fog
computing is performed. In [5] the depedability
assessment of energy-efficient IoT devices is held.
In [6] Markov model of applications for ICT systems
dependability is provied, taking into account redundancy.
In [7] the problem of applications of the IoT
dependability regardless of their size and area of use is
reseached. In [8] to ensure IoT system dependability it is
adviced to use a simple formal “Mirror model” to transmit
data from sensors in the IoT network, using the assets of
the trust in blockchain.
In [9] a study of dependability of edge computing is
conducted and challenges of deploying IoT systems in
view of failures as hardware (crashing, hanging, and so
on) and software, and vulnerabilities of IoT devices with
decentralized control are included.
In [10] the methods and tools to predict dependability
and improve the reliability of IoT are provided. The
authors of this article propose the concept of creating
dependable critical systems using IoT.
Thus, there is a large number of scientific publications
that present the results of research, including analysis,
evaluation and assurance of the reliability and
cybersecurity of critical infrastructure systems, the
dependability of these systems, as well as individual
components of IoT systems. The known publications do
not include generalized methodological results that would
take into account certain contradictions between IoT
capabilities and certain security deficiencies that may
occur in their implementation in critical systems.
3 MATERIALS AND METHODS
The conception of interoperable systems based on the
IoT is based on the well-known von Neumann paradigm
of “building reliable systems from unreliable compo-
nents” and its developed variants for dependable service-
oriented systems and infrastructures [1].
For ICSIoT, it can be formulated as the construction
of dependable IoT systems from insufficiently dependable
(reliable and secure) nodes (embedded digital media, in-
telligent sensors, etc.), communications and cloud (server)
resources in an aggressive environment with uncertain
characteristics.
The scheme, which reflects the structure and interrela-
tion of methodology elements of dependable systems,
based design on the IoT, namely the concept, principles,
models, methods, tools and technology, is shown in
Fig. 1.
The conception of dependable systems based on the
IoT is grounded on the next principles:
1. The principle of comprehensive consideration and
assessment of various failure types of components,
communications, services due to software defects and
attacks on ICSIoT.
2. The principle of case-oriented formation and
analysis and assessment of compliance with the
requirements of ICSIoT dependability [11].
3. The principle of selection and implementation of
measures to ensure dependability at all the life-cycle stges
by the criterion – “acceptable risk – costs”.
The conception and principles are implemented
through the development of relevant models and methods
of assessment and dependability implementation. In
particular, the following groups of models have been
developed:
1. Models of ICSIoT functional behavior, which
are divided into:
a. distributed intellectual energy ICSIoT models;
b. dynamic ICSIoT based on cybergraphs model;
c. functional behavior of medical ICSIoT [12]
model.
The use of models allows to get a clear idea of how
the system works (ICSIoT subsystem) in different
situations and under the influence of various factors,
including cyberattacks.
2. Models of dependability which include:
a. theoretical-multiple model of dependability
assessment [13];
b. ICSIoT dependability assessment under
cyberattacks influence [14][16];
c. dependability assessment taking into account the
power consumption modes of ICSIoT components [24].
The use of them allows a detailed assessment of the
performance indicators of ICSIoT (availability functions,
etc.) and its subsystems.
The models take into account two properties of
dependability – cybersecurity and reliability of ICSIoT
and its subsystems considering different types of
cyberattacks.
3. ICSIoT reliability and cybersecurity models, in-
cluding:
a. ontological ICSIoT cybersecurity assessment
mo-del;
141
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
Conception:
Development of dependable
ICsCAIoT based on insufficiently
reliable and secure components
Principle of comprehensive
consideration and assessment of various
failure types of components,
communications, services due to
software defects and attacks on
ICsCAIoT
PRinciple of case-oriented formation
and analysis and assessment of
compliance with the requirements of
ICsCAIo T dependability
PRinciple of selection and
implementation of measures to ensure
dependability at all the life-cycle stges
by the criterion - "acceptable risk -costs"
ICsCAIo T functional behavior models:
distributed intellectual energy IC sCAIoT models;
dynamic ICsCAI oT based on cybergraphs model,
functional behavior of medical ICsCA IoT model
Dependability models:
theoretical-multiple model of dependability
assessment ,
ICsCAIoT dependability assessment under
cyberattacks influence,
dependability assessment taking into account
the power consumption modes of ICsCAIoT
components
ICsCAIoT reliability and cybersecurity
models:
ontological ICsCAIoT cybersecurity
assessment model,
cyber attack models on medical ICsCAIoT,
medical ICsCAIoT preparedness model,
readiness of wireless ICsCAIoT model,
ICsCAIoT wired networks component
readiness model
Software for building a hierarchical model
of requirements in accordance with
regulatory documents to ensure the safety
of medical ICsCAIoT
Software to obtain optimal variants for
ensuring the safety of medical ICsCAIoT
Software for checklist of safety assessment
of ICsCAIoT
ICsCAIoT cybersecurity decision
support technology
ICsCAIoT dependability assessment
technology using cases
Data processing and analysis technology
to ensure the safe operation of the
energy structure of ICsCAIoT
Technology for assessing and ensuring
the dependability of medical ICsCAIoT
Profiling method:
construction and study of models of the
requirements profile for the component
properties of dependability
Evaluation methods:
case-oriented assessment of cybersecurity
ICsCAIoT
assessing the impact of cyberattacks
assessing the readiness of wireless ICsCAIoT
identification of th e ICsCAIoT component, the
most vulnerable type of attack
the impact of staff qualifications on the
ICsCAIoT dependbility
the impact of multi-attacks on the cyber
infrastructure of energy ICsCAIoT
security assessment of distributed intelligent
energy networks ICsCAIoT
assessment of dependability taking into
account the different power regimes ICsCAIoT
Providing methods:
compliance with cybersecurity requirements
choice of countermeasures against cyber attacks
on medical ICsCAIoT
selection of messaging protocols and
application layer protocols for ICsCAIoT
support in decision-making concerning the
sequence of protection of ICsCAIoT networks
from cyber threats
Technologies
Software
Methods
Models
Principles
Conseption
Figure 1 – Structure and interrelation of methodology elements of dependable systems, based design on the IoT
b. cyber attack models on medical ICSIoT [17],
medical ICSIoT preparedness model, taking into account
attacks on vulnerabilities of infrastructure components
[18];
c. availability of wireless ICSIoT model taking into
account the coverage factor;
d. ICSIoT wired networks component availability
model [19].
These models allow to assess separately the reliability
(coefficient or availability function) of ICSIoT and its
subsystems, and separately the indicators of cybersecurity
of ICSIoT and its subsystems.
Security models allow to identify the requirements for
cybersecurity and assess the availability of ICSIoT under
the influence of cyber attacks.
142
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
These security models are the basis for a number of
profiling, evaluation and assurance of ICSIoT methods.
The profiling method is based on the construction and
study of models of the requirements profile for the com-
ponent properties of dependability [20]. Evaluation meth-
ods are based on the development and study of models of
all the above types. Methods of ensuring security are
based on the use of models of dependability and models
of reliability and cybersecurity for ICSIoT [21].
On the basis of the profiling and evaluation methods,
software ools for constructing a hierarchical model of re-
quirements in accordance with the normative documents to
ensure the safety of medical ICSIoT [21] are proposed.
Based on security methods and evaluation methods, the
best options for cybersecurity for the entire range of attacks
have been developed [18]. Based on the profiling method
and assessment methods, the software is developed for the
ICSIoT security checklist assessment [20, 21].
Developed software tools have been integrated into in-
formation technology. Based on the best cybersecurity
options for the entire range of attacks and the construction
of a hierarchical model of requirements in accordance
with regulatory documents to ensure the safety of medical
ICSIoT, as well as the above relevant models and meth-
ods, the technology for assessing and ensuring the de-
pendability of medical ICSIoT [21] was obtained.
Basing on the usage of software to form options for
cybersecurity for the entire range of attacks there were
proposed:
a) data processing and analysis technology to ensure
the safe operation of the energy structure of ICSIoT;
b) ICSIoT dependability assessment technology using
cases [20].
In addition, ICSIoT cybersecurity decision support
technology is proposed, which is based on the use of se-
curity methods and software for ICSIoT security assess-
ment checklists to obtain optimal cybersecurity options
for the entire range of attacks [21].
4 EXPERIMENTS
To create the concept of dependable systems of critical
applications based on the IoT, several models for assessing
the reliability of the system, models of the functional be-
havior of the ICSIoT, models of reliability and cybersecu-
rity were developed by authors of this paper. For so many
models, different assumptions apply, and their input to the
simulation. Based on the proposed models, methods for
assessment, functional behavior, reliability and cyber secu-
rity have been developed. Let’s consider several examples
of simulation of the obtained models.
The Markov model (Fig. 2) [14] describes the states of
ICSIoT, which takes into account the reliability of system’s
software and hardware, attacks on the system and different
modes of power consumption of the server and router. The
simulation results are shown in Fig. 3 and Fig. 4.
The Markov model considering DDoS attacks and
server’s and router’s energy modes without patches on
possible vulnerabilities, which has the following states:
good-working state (1); the server is fully used with high
power consumption S0 (2); the server is fully used, the
hardware, that are not used, can enter the low-power
mode S1 (3); sleep mode of the server with low power
consumption, a computer can wake up from a keyboard
input, a LAN network or USB device S2 (4); server ap-
pears off, power consumption is reduced to the lowest
level S3 (5); server failure (6); switching to the backup
server device after the server failure (7); restarting of the
server after the software fail (8); successful DDoS attack
on the server after the firewall failure (9); firewall soft-
ware or hardware failure (10); attack on the power supply
system after the firewall failure, that lead the failure of
general power system (11); technical state of switch from
the general power system after its failure on the alterna-
tive energy sources (solar, diesel generator, wind turbine)
(12); router status active – sending packages with high
power consumption (13); successful DDoS attack on the
router (14); good-working state of the router with trans-
mitting packets – normal idle (15); good-working state of
the router without packet transmission low-power idle
(16); router software or hardware failure (17); server
software or hardware fail (18); router hardware or soft-
ware fail (20); switching to the backup router device after
the router failure (21); restarting the router software after
the router software fail (22).
Figure 2 Graph of the Markov model of the ICSIoT system
states [14]
The model takes into account the rates to the states of
the power consumption modes of the server and router
(from state 2 to 3, 4, 5 and from states 14 to 13, 15, 16).
Timely installation of a patch on firewall software vulner-
abilities can reduce or stop the impact of DDoS attacks,
which primarily affects the reliability of the ICSIoT
server, router, and firewall (as a separate network device).
When a DDoS attack affects ICSIoT subsystems, they
cannot go into a state of reduced power consumption. For
the Markov model (different variants of firewall software
patching) the system of Kolmogorov-Chapman differen-
tial linear equations was presented and investigated, the
143
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
value of the availability function AC(t) ICSIoT with nor-
malization conditions was calculated and analyzed [14]:
,tPtPtPtP
tPtPtPtPtPtPtAC
)(21)(16)(15)(13
)(12)(5)(4)(3)(2)(1)(
++++
+
++
+
++=
where
1.)0(11;)(
22
1
==
=
PtPi
i
Figure 3 – Graphical dependences of AC ICSIoT on rate
λ1317 for models with patching of firewall software vulnerabili-
ties and without patches, if λ1317 = 0...110–3 1/h [14]
Figure 4 – Graphical dependences of AC ICSIoT on rate λ26
with patcherization of vulnerabilities in firewall software
(AC10) and server and router firewalls (AC9_14), if λ26
changes values within 0... 210–3 1/h [14]
5 RESULTS
If the transition rate λ26 changes from 0 to 0.001 1/h,
the AC value decreases from 1 to 0.99997 for the un-
patched model and to 0.9999925 for the model with the
firewall software patch installed (Fig. 4) [14]. The AC
value is decreased by 0.999945 for the model without
patch. If the values of λ1317 change in the range of 0…
10–3 1/h, the AC value for the model with the firewall
software patch will decrease from 1 to 0.999957 (Fig. 3).
Installing a patch on the firewall (Fig. 3) allows you to
obtain the same AC values (1 ... 0.93) at λ1317 = 0 ... 103
1/h, but this value is significantly higher than in the model
without patches: AC = 1 ... 0.9999553 (Fig. 3).
If no patches are installed on the firewall software,
then AC decreases from 1 to 0.9999553 at λ26 = 103 1/h.
Installing a patch on the server firewall does not signifi-
cantly change the AC value. If you install a patch on the
firewall software, the AC value increases compared to the
case without patches, with the same initial data, from
0.9999553 to 0.9999925. If the transition rate λ26
changes from 0 to 0.001 1/h, the AC value decreases from
1 to 0.99997 for the unpatched model and to 0.9999925
for the model with the firewall software patch installed
(Fig. 4).
The AC value is decreased by 0.999945 for the model
without patch. If the values of λ1317 change in the range
of 0… 10–3 1/h, the AC value for the model with the fire-
wall software patch will decrease from 1 to 0.999957
(Fig. 3).
Installing a patch on the firewall allows to obtain the
same AC values (1 ... 0.93) at λ1317 = 0 ... 103 1/h, but
this value is significantly higher than without patches:
AC = 1 ... 0.9999553.
If no patches are installed on the firewall software,
then AC decreases from 1 to 0.9999553 at λ26 = 103 1/h.
Installing a patch on the server firewall does not signifi-
cantly change the AC value. If you install a patch on the
firewall software, the AC value increases compared to the
model without patches, with the same initial data, from
0.9999553 to 0.9999925.
If the transition rate value λ26 is changed from 0 to
0.001 1/h, the AC value decreases from 1 to 0.99997 for
the model without patching and to 0.9999925 for the case
with the patch installed on the firewall.
Decrease in the AC value occurs 0.999945 for a model
without a patch. If the values of λ1317 change within the
range 0…103 1/h, value of AC for the case with patch on
firewall decrease from value 1 to 0.999957.
Establishing a patch on the firewall allows to obtain
the same AC values (1…0.999553) at λ1317 = 0…103
1/h, but this value is significantly higher than in the case
without patch: AC = 1…0.9999553. If patches are not
installed on the firewalls, then the AC decrease from
value 1 to 0.9999553 at λ26 = 103 1/h. Patch installation
on server firewall not significantly changes the AC of
ICSIoT value.
Under the influence of DDoS attacks, the server,
which is in one of the energy-saving modes, will switch to
the mode of increased power consumption.
6 DISCUSSION
It was researched and analyzed the function availabil-
ity of ICSIoT, taking into account the reliability of com-
ponents, recovery rates, and different kinds of energy
modes of server and router OS, DDoS attacks on the
router and the server, and setting patches on firewalls
vulnerabilities. Therefore, it is necessary to analysis of
graphical dependences of the AC on the change of values
of transition rates from one ICSIoT state to another
showed that timely introduction of patches on software
vulnerabilities of ICSIoT components significantly in-
creases the value of the AC of the whole system and al-
lows to increase system availability.
Markov models of ICSIoT system operation, in con-
trast to the existing ones, take into account the power re-
gimes of the router and server, the impact of DDoS at-
tacks, failures and failures of software and hardware,
patching vulnerabilities of router software.
144
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
The study results made it possible to develop and im-
plement appropriate principles, methods, models and in-
formation technologies for assessing and ensuring the
viability of ICSIoT in the fields of energy, medicine, me-
chanical engineering, aerospace, transport systems, etc.
The results of research of this proceeding are imple-
mented on the follwoing enterprises (Table 1):
– at the enterprises of energy engineering (nuclear
domain), RPC Radics LLC (Kropyvnytskyi, Ukraine) and
PJSC SRPA Impulse (Severodonetsk, Ukraine);
– on the development of medical equipment, LLC
“XAI-MEDICA” (Kharkiv, Ukraine);
– on the development of transport systems, LLC
“SPC” Railwayautomatics” (Kharkiv);
– at machine-building enterprise, PJSC “FED”
(Kharkiv);
– on the development of aerospace systems, scientific
and technical design bureau “POLISVIT” (Kharkiv);
– on the development of state regulations by the State
Service for Special Communications and Information
Protection of Ukraine (Kyiv);
– on the development of methodological documents
and requirements for the safety of critical infrastructure,
PJSC “Institute of Information Technologies” (Kharkiv);
– in the educational process of the National Aerospace
University “KhAI” (Kharkiv), Pukhov Institute for Mod-
elling in Energy Engineering (Kyiv), Volodymyr Dahl
East Ukrainian National University (Severodonetsk);
Table 1 – Summary of practical implementation of research and development results
Results of research and development
Models of non-
functional
characteristics
Methods of
working with
requirements
Automation
technologies
Areas, enterprises (organizations), systems
Dependability models
Functional and behavior models
Reliability and cybersecurity models
Requirements profiling methods
Evaluation methods
Providing methods
Tools
Information technologies
ICSIoT components + + + RPC Radics LLC
Regulations + +
ICSIoT components + + + +
Energy
PJSC SRPA Impulse
Software +
Medicine LLC “XAI-MEDICA” Telemedicine systems + + +
Transport systems LLC “Scientific and
Production Company” Rail-
wayautomatics”
Microprocessor systems +
Engineering PJSC “FED” ICSIoT + +
Aerospace systems EDB “POLISVIT” SSPE
“Kommunar Corporation”
Embedded systems + + +
State Service for Special
Communications and Infor-
mation Protection of Ukraine
Critical Infrastructure Asset + + + +
State regulations
PJSC “Institute of
Information Technologies”
Critical Infrastructure Asset + + + +
Higher education National Aerospace
University “KhAI”,
Pukhov Institute for
Modelling in Energy
Engineering, Volodymyr
Dahl East Ukrainian
National University
Learning process + + + + + + + +
TEMPUS international
projects
MASTAC, SAFEGUARD,
GREENCO, SEREIN,
CABRIOLET
+ + + + + + + +
ERASMUS+ international
project
ALIOT + + + + + + + +
FP7 scientific project KhAI-ERA + + + + + + + +
International projects
Horizon 2020 scientific
project
ECHO, COST Action Dig-
ForAsp, SPEAR + + + + + + +
145
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
– in the educational process of the universities of EU
countries: Institute of Informatics and Technology Ales-
sandro Faedo of the National Research Council of Italy
ISTI-CNR (Pisa, Italy), Tallinn Technical University Tal-
Tech (Tallinn, Estonia), Leeds Beckett University LBU
(Leeds, UK);
– within the implementation of international projects
under the European programs TEMPUS MASTAC,
SAFEGUARD, GREENCO, SEREIN, CABRIOLET,
ERASMUS + (ALIOT), FP7 (KhAI-ERA) [22], Horizon
2020 (ECHO) [23], COST Action DigForAsp [24],
SPEAR [25], as well as in the implementation of national
projects commissioned by the Ministry of Education and
Science, the National Academy of Sciences of Ukraine in
2010–2020.The implementation in RPC Radics LLC has
reduced the risks of cybersecurity violations in the devel-
opment and implementation of NPP information and
management systems. The implementation in PJSC SRPA
Impulse allowed increasing the competence of operational
personnel to ensure the protection of components of dis-
tributed intelligent power systems from cyberthreats. The
completeness of cybersecurity increases by 20–30 %. The
implementation of the results in LLC “XAI-MEDICA”
allowed automating the process of the medical device
functional behavior modeling, to reduce the evaluation
time and to provide recommendations for ensuring the
warranty and selection of evaluation tools. The implemen-
tition in LLC “SPCompany” Railwayautomatics” allowed
reducing the risks of cybersecurity violations during the
development and implementation of the software and
hardware set “TEMP”. While using it in PJSC “FED” it
was possible to reduce time costs, automate the process
and increase the credibility of assessing the reliability of
industrial IoT, to provide recommendations for ensuring
the dependability and choice of assessment tools. The
implementation of the research results in scientific and
technical design bureau “POLISVIT” allowed reducing
the time spent on assessing the security of systems, in-
creasing the credibility of the assessment and confirming
compliance with the requirements of technical and regula-
tory documentation. The implementation of the results at
the PJSC “Institute of Information Technologies” has
reduced the risks of cybersecurity violations in the devel-
opment and implementation of cryptographic information
security systems.
The use of research results at enterprises allowed ob-
taining technical and economic indicators that correspond
to the level and exceed the best domestic and world coun-
terparts.
The use of research results in the educational process
and scientific work of the National Aerospace University
“KhAI”, Pukhov Institute for Modelling in Energy Engi-
neering, Volodymyr Dahl East Ukrainian National Uni-
versity, Tallinn Technical University, Institute of Infor-
matics and Technology “Alessandro Faedo” of the Na-
tional Research Council of Italy ISTI-CNR (Pisa, Italy),
Leeds Beckett University (Leeds, UK), as well as in the
implementation of international projects of the European
programmes TEMPUS and ERASMUS+, the seventh
framework program to support research activities FP7, the
framework program of the European Union for Research
and Innovation “Horizon 2020” funded by the EU, as well
as state budget projects allowed to increase the fundamen-
tality, clarity and practical orientation of the educational
process and scientific activity.
Further research of the authors is aimed at detailing
the developed models, methods and technologies to en-
sure the dependability of complex ICSIoT.
Research currently continues withing the ECHO pro-
ject (creation of the European Network of Cyber Security
Centers and the Center of Competence for Innovation and
Operations). The developed methods of ensuring the de-
pendability of complex ICSIoT s form the basis for identi-
fying intersectoral and transversal challenges and oppor-
tunities in cybersecurity in various sectors as health,
transport, manufacturing, telecommunications, energy,
finance, management, space, defense.
The results of the research, presented in this paper,
will be further used and developed in the doctoral disser-
tation on “Methodology for ensuring the dependability of
IIoT systems”, in research projects under the funding pro-
gram Horizon 2020 – ECHO and STARC and in public
research proceedings commissioned by the Ministry of
Education and Science of Ukraine.
CONCLUSIONS
The paper proposes a conception that includes a set of
scientific and applied tasks for the development of meth-
ods, tools and technologies for the creation and imple-
mentation of dependable information & analytical and
information & control systems for critical applications
based on the Internet of Things. The following results
were obtained:
1. The conception principles of ensuring the reliability
of Information and control systems of critical applications
based on Internet of Things, which are based on the de-
velopment of von Neumann’s paradigm of creating reli-
able and secure systems based on insufficiently reliable
and secure components.
2. The normative profile of ICSIoT was developed,
which takes into account and harmonizes the list and con-
tent of requirements of international and national stan-
dards, which allow to make decisions on compliance of
such systems with requirements in terms of reliability,
availability, functional and cybersecurity, as well as to
take them into account during development and moderni-
zation of ICSIoT.
3. Mathematical models and methods for assessing the
performance, availability, functional and cybersecurity of
ICSIoT were developed and researched, taking into ac-
count different types of failures and cyberattacks on sys-
tems that allow to analyze their functional behavior, im-
prove assessment accuracy and formulate recommenda-
tions for selection hardware and software components,
architecture, interaction protocols, etc.
4. Methods of creating dependable I ICSIoT for vari-
ous complexes (medical, energy, industrial, communica-
146
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
tion, etc.) and ensuring their reliability and safety in the
development, modernization and use were developed.
5. Tools and information technologies to support deci-
sion-making in the creation, modernization and mainte-
nance of ICSIoT for medical, energy, industrial, commu-
nication systems and complexes were developed and im-
plemented.
In general, the authors obtained a number of technical
and economic indicators, which are provided by the im-
plementation of the results of scientific proceeding, corre-
spond to the level and exceed the best domestic and world
analogues.
The results of the presented study were implemented
at eight enterprises of Ukraine in the fields of energy,
medicine, mechanical engineering, aerospace industry,
transport systems, as well as in the development of state
regulations in the field of critical infrastructures. The ob-
tained results are used in the educational process of three
universities of Ukraine, two universities of the European
Union (Estonia, Italy) and the University of Great Britain,
as well as in the implementation of eleven international
projects funded by the EU.
Some results of the study were also used in the devel-
opment of draft regulations at the state level on the classi-
fication of critical information infrastructure by criticality
and the criteria and procedure for classifying critical in-
formation infrastructure as critical. The implementation of
the developed documents is an important step in building
the Ukrainian state system of protection of critical infor-
mation infrastructure.
ACKNOWLEDGEMENTS
The scientific and educational results obtained during
the research have been implemented and supported by the
project STARC (Methodology of SusTAinable Develop-
ment and InfoRmation Technologies of
Green COmputing and Communication) funded by the
Ministry of Education and Science of Ukraine. These re-
sults were supported by the ECHO (the European network
of Cybersecurity centres and competence Hub for innova-
tion and Operations) project which has received funding
from the European Union’s Horizon 2020 research and
innovation programme under the grant agreement no
830943. The authors very appreciated to scientific society
of consortium and in particular the staff of the Depart-
ment of Computer Systems, Networks and Cybersecurity
of National Aerospace University «Kharkiv Aviation In-
stitute» for discussing the results of the paper.
REFERENCES
1. Kharchenko V. (editor), Kor A-L., Rucinski A. Dependable
IoT for human and industry modeling, architecting, imple-
mentation, River Publishers Series in Information Science
and Technology. Denmark, 2019, 566 p.
2. Avizienis A., Laprie J. С., Randell B. et al. Basic concepts
and taxonomy of dependable and secure computing [Text],
IEEE transactions on dependable and secure computing,
2004, Vol. 1, 1, pp. 11–33. DOI 10.1109/TDSC.2004.2.
3. Fitzgerald J., Ingram C., Romanovsky A. Concepts of de-
pendable cyber-physical systems engineering: model-based
approaches [Electronic resource]. London, CRC Press, 2016,
pp. 1–22. Access mode: https://eprint.ncl.ac.uk/230739.
4. Al-Fuqaha A., Guizani M., Mohammadi M. et al Internet of
Things: A survey on enabling technologies, protocols, and
applications [Text], IEEE Communications Surveys & Tuto-
rials, 2015, Vol. 17, 4, pp. 2347–2376. DOI:
10.1109/COMST.2015.2444095.
5. Henkel J., Pagani S., Amrouch H., et al. Ultra-low power
and dependability for IoT devices (Invited paper for IoT
technologies) [Text], Design, Automation & Test in Europe
Conference & Exhibition (DATE): proceedings, 2017,
pp. 954–959. DOI: 10.23919/DATE.2017.7927129.
6. Macedo D., Guedes L. A., Silva I. A dependability evalua-
tion for Internet of Things incorporating redundancy aspects,
11th IEEE International conference on networking, sensing
and control: proceedings, 2014, pp. 417–422.
DOI: 10.1109/icnsc.2014.6819662.
7. Ojie E., Pereira E. Exploring dependability issues in IoT
applications, The second international conference on inter-
net of things, data and cloud computing – ICC’17): proceed-
ings, 2017, pp. 1–5. DOI:10.1145/3018896.3036364.
8. Bellini A., Bellini E., Gherardelli M., et al. Enhancing IoT
data dependability through a blockchain mirror model
[Text], Future Internet, 2019, Vol. 11, No. 5, pp. 1–9.
DOI: 10.3390/fi11050117.
9. Bagchi S., Siddiqui M.-B., Wood P., et al. Dependability in
edge computing [Text], Communications of the ACM, 2020,
Vol. 63, No. 1, pp. 58–66. DOI 10.1145/3362068.
10. Boano C. A., Romer K., Roderick B., et al. Dependability
for the Internet of Things – from dependable networking in
harsh environments to a holistic view on dependability
[Text], Elektrotechnik und Informationstechnik, 2016,
Vol. 133, pp. 304–309. DOI: 10.1007/s00502-016-0436-4.
11. Illiashenko O., Potii O., Komin D. Advanced security assur-
ance case based on ISO/IEC 15408, Advances in intelligent
systems and computing. International conference on de-
pendability and complex systems DepCoS-RELCOMEX
2015 (June 29 – July3, 2015, Lwówek Śląski). Lwówek
Śląski, Poland. Theory and engineering of complex systems
and dependability. DepCoS-RELCOMEX 2015. Springer,
Cham: proceedings, 2015, Vol. 365, pp. 391–401. DOI:
10.1007/978-3-319-59415-6_7.
12. Strielkina A., Volochiy B., Kharchenko V. Model of func-
tional behavior of healthcare Internet of Things device, 10th
International conference on dependable systems, services
and technologies (DESSERT): proceedings, 2019, pp. 63–
69. DOI: 10.1109/dessert.2019.8770020.
13. Strielkina A., Kharchenko V., Uzun D. Availability models
of the healthcare Internet of Things system taking into ac-
count countermeasures selection, Information and communi-
cation technologies in education, research, and industrial
applications, 2019, Vol. 1007, pp. 220–242. DOI:
10.1007/978-3-030-13929-2_11.
14. Kolisnyk M., Kharchenko V., Kharchenko V.,
Kondratenko Y., Kacprzyk J. (edits). A Markov model of
IoT system availability considering DDoS attacks, patching
and energy modes, Green IT Engineering: social, business
and industrial applications. Springer International Publish-
ing. Book, 2018, pp. 185–207. DOI: 10.1007/978-3-030-
00253-4_9.
15. Kolisnyk M., Kharchenko V. Investigation of the smart
business center for IoT systems availability considering at-
tacks on the router, Dependable IoT for human and industry.
Modeling, architecting, implementation, dependable IoT for
human and industry modeling, architecting, implementation.
147
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
River Publishers series in information science and technol-
ogy, Denmark, 2019, pp. 169–191.
16. Kolisnyk M., Kharchenko V., Piskacheva I. et al.; Khar-
chenko, V. (edits). Markov’s model-based technique of IoT
system availability considering DDoS attacks [Text], Secure
and resilient computing for industry and human domains.
Techniques, tools and assurance cases for security and re-
silient computing. Kharkiv, Department of education and
science of Ukraine, National Aerospace University named
after N. E. Zhukovsky “KhAI”, 2017, 449 p.
17. Strielkina A., Uzun D., Kharchenko V., et al. Modeling and
availability assessment of mobile healthcare IoT using tree
analysis and queueing theory, Dependable IoT for human
and industry modeling, architecting, implementation. River
Publishers series in information science and technology.
Denmark, 2019, pp. 105–126.
18. Strielkina A., Illiashenko O., Zhydenko M., et al. Cyberse-
curity of healthcare IoT-based systems: Regulation and
case-oriented assessment [Text], 2018 IEEE 9th Interna-
tional conference on dependable systems, services and tech-
nologies (DESSERT): proceedings, 2018, pp. 67–73. DOI:
10.1109/dessert.2018.8409101.
19. Kolisnyk M., Kharchenko V., Piskachova I., et al. Reliabil-
ity and security issues for IoT-based smart business center:
architecture and Markov model [Text], The World confer-
ence IEEE: MCSI. 2016, Greece, Chania: proceedings,
2016, pp. 313–318.
20. Illiashenko O. O., Kharchenko V. S., Kor A. Gap-analysis of
assurance case-based cybersecurity assessment: technique
and case study, Advanced Information Systems. Kharkiv,
НТУ «ХПІ», 2018, Vol. 2. No. 1, pp. 64–68. DOI:
10.20998/2522-9052.2018.1.12.
21. Kharchenko V., Illiashenko O. Concepts of green IT-
engineering: taxonomy, principles and implementation,
Studies in systems, decision and control, 2017, Vol. 74,
pp. 3–19. DOI: 10.1007/978-3-319-44162-7_1.
22. FP7 KhAI-ERA project website [Electronic resource]. Ac-
cess mode: http://khai-era.khai.edu/.
23. Horizon2020 ECHO project website [Electronic resource].
Access mode: https://echonetwork.eu/.
24. DigForAsp project website [Electronic resource]. Access
mode: https://digforasp.uca.es/.
25. Horizon 2020 SPEAR project website [Electronic resource].
Access mode: https://www.spear2020.eu/.
Received 20.06.2020.
Accepted 04.08.2020.
УДК 004.93
КОНЦЕПЦІЯ І ВПРОВАДЖЕННЯ ҐАРАНТОЗДАТНИХ СИСТЕМ НА ОСНОВІ ІНТЕРНЕТУ РЕЧЕЙ
Ілляшенко О. О.кандидат технічних наук, доцент кафедри компютерних систем, мереж і кібербезпеки Націо-
нального аерокосмічного університету ім. М.Є. Жуковського «Харківський авіаційний інститут», Харків, Україна.
Колісник М. О.докторантка, кандидат технічних наук, доцент, доцент кафедри компютерних систем, мереж і
кібербезпеки Національного аерокосмічного університету ім. М. Є. Жуковського «Харківський авіаційний інститут»,
Харків, Україна.
Стрєлкіна А. А.доктор філософії, асистент кафедри компютерних систем, мереж і кібербезпеки Національного
аерокосмічного університету ім. М. Є. Жуковського «Харківський авіаційний інститут», Харків, Україна.
Коцюба І. В.кандидат технічних наук, головний інженер проекту Інституту проблем моделювання в енергетиці
ім. Г.Є. Пухова Національної академії наук України, Київ, Україна.
Харченко В. С. доктор технічних наук, професор, Лауреат Державної премії України у галузі науки і техніки,
Заслужений винахідник України, завідувач кафедри компютерних систем, мереж і кібербезпеки Національного
аерокосмічного університету ім. М. Є. Жуковського «Харківський авіаційний інститут», Харків, Україна.
AНОТАЦІЯ
Актуальність. Проблема проектування, розробки, обслуговування та введення в експлуатацію гарантоздатних
систем, побудованих з використанням інтернету речей на основі парадигми фон Неймана про «створення надійних
систем з ненадійних компонентів» для надійних сервіс-орієнтованих систем та інфраструктур.
Метод. В статті запропоновано концепцію побудови ґарантоздатних систем на основі інтернету речей, проведе-
ний мультисекторальний аналіз методів і моделей оцінки надійності та кібербезпеки (ґарантоздатності)
інформаційно-керуючих системи критичного застосування на основі інтернету речей для різних доменів: енергетич-
ного, медичного, індустріального та ін. Аналіз показав, що деякі відмови і збої технічних засобів і програмного за-
безпечення, кібератаки і післядія впливу атак однакові для всіх доменів, але існують специфічні особливості для
кожного домену, які необхідно враховувати при розробці методології забезпечення ґарантоздатності інформаційно-
керуючих системи критичного застосування на основі інтернету речей.
Результати. Розроблена концепція, методи, засоби та технології створення та впровадження гарантоздатних ін-
формаційно-керуючих систем критичного застосування на основі інтернету речей.
Висновки. У статті запропоновано концепцію, яка включає набір наукових та прикладних завдань щодо розробки
методів, засобів та технологій для створення та впровадження гарантоздатних інформаційно-аналітичних та
інформаційно-керуючих систем критичного застосування на основі інтернету речей. Перспективи подальших
досліджень можуть включати деталізацію розроблених моделей, методів та технологій для забезпечення надійності
складних інформаційно-керуючих систем критичного застосування на основі інтернету речей.
КЛЮЧОВІ СЛОВА: інформаційно-керуючі системи критичного застосування, інтернет речей, ґарантоздатність,
кібербезпека, функційна безпечність.
148
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
УДК 004.93
КОНЦЕПЦИЯ И ПРИМЕНЕНИЕ ГАРАНТОСПОСОБНЫХ СИСТЕМ НА ОСНОВЕ ИНТЕРНЕТА
ВЕЩЕЙ
Ильяшенко О.А.кандидат технических наук, доцент кафедры компьютерных систем, сетей и кибербезопасно-
сти Национального аэрокосмического университета им. Н.Е. Жуковского «Харьковский авиационный институт»,
Харьков, Украина.
Колесник М. А.докторант, кандидат технических наук, доцент, доцент кафедры компьютерных систем, сетей и
кибербезопасности Национального аэрокосмического университета им. Н.Е. Жуковского «Харьковский авиационный
институт», Харьков, Украина.
Стрелкина А. А.доктор философии, ассистент кафедры компьютерных систем, сетей и кибербезопасности На-
ционального аэрокосмического университета им. Н.Е. Жуковского «Харьковский авиационный институт», Харьков,
Украина.
Коцюба І. В.кандидат технических наук, главный инженер проекта Института проблем моделирования в энер-
гетике им. Е. Пухова Национальной академии наук Украины, Киев, Украина.
Харченко В. С. доктор технических наук, профессор, Лауреат Государственной премии Украины в области
науки и техники, Заслуженный изобретатель Украины, заведующий кафедрой компьютерных систем, сетей и кибер-
безопасности Национального аэрокосмического университета им. Н. Е. Жуковского «Харьковский авиационный ин-
ститут», Харьков, Украина.
AННОТАЦИЯ
Актуальность. Проблема проектирования, разработки, обслуживания и ввода в эксплуатацию гарантоспособных
систем, построенных с использованием Интернета вещей на основе парадигмы фон Неймана о «создании надежных
систем из ненадежных компонентов» для надежных сервис-ориентированных систем и инфраструктур.
Метод. В статье предложена концепция построения гарантоспособных систем на основе Интернета вещей, прове-
денный мультисекторный анализ методов и моделей оценки надежности и кибербезопасности (гарантоспособности)
информационно-управляющих систем критического применения на основе Интернета вещей для разных доменов:
энергетического, медицинского, промышленного и др. Анализ показал, что некоторые отказы и сбои программного
обеспечения, кибератаки и последействие влияния атак одинаковы для всех доменов, но существуют специфические
особенности для каждого домена, которые необходимо учитывать при разработке методологии обеспечения гаранто-
способности систем притического применения на основе Интернета вещей.
Результаты. Разработана концепция, методы, средства и технологии создания и внедрения гарантоспособных
информационно-управляющих систем критического применения на основе Интернета вещей.
Выводы. В статье предложена концепция, которая включает набор научных и прикладных задач по разработке
методов, средств и технологий для создания и внедрения гарантоспособных информационно-аналитических и ин-
формационно-управляющих систем критического применения на основе Интернета вещей. Перспективы дальнейших
исследований могут включать детализацию разработанных моделей, методов и технологий для обеспечения надеж-
ности сложных информационно-управляющих систем критического применения на основе Интернета вещей.
КЛЮЧЕВЫЕ СЛОВА: информационно-управляющие системы критического применения, Интернет вещей,
гарантоcпособность, кибербезопасность, функциональная безопасность.
ЛІТЕРАТУРА / ЛИТЕРАТУРА
1. Kharchenko V. (editor). Dependable IoT for human and
industry modeling, architecting, implementation / V.
Kharchenko, A-L. Kor, A. Rucinski // River Publishers
Series in Information Science and Technology. – Den-
mark, 2019. – 566 p.
2. Basic concepts and taxonomy of dependable and secure
computing [Text] / [A. Avizienis, J. С. Laprie, B. Ran-
dell, et al.] // IEEE transactions on dependable and secure
computing. – 2004. – Vol. 1, 1. – P. 11–33. DOI
10.1109/TDSC.2004.2.
3. Fitzgerald J. Concepts of dependable cyber-physical sys-
tems engineering: model-based approaches [Electronic
resource] / J. Fitzgerald, C. Ingram, A. Romanovsky. –
London : CRC Press, 2016. – P. 1–22. Access mode:
https://eprint.ncl.ac.uk/230739.
4. Internet of Things: A survey on enabling technologies,
protocols, and applications [Text] / [A. Al-Fuqaha,
M. Guizani, M. Mohammadi, et al.] // IEEE Communica-
tions Surveys & Tutorials. – 2015. – Vol. 17, 4. – P.
2347–2376. DOI: 10.1109/COMST.2015.2444095.
5. Ultra-low power and dependability for IoT devices (In-
vited paper for IoT technologies) [Text] / J. Henkel, S.
Pagani, H. Amrouch, et al.] // Design, Automation &
Test in Europe Conference & Exhibition (DATE): pro-
ceedings. – 2017. – P. 954–959. DOI:
10.23919/DATE.2017.7927129.
6. Macedo D. A dependability evaluation for Internet of
Things incorporating redundancy aspects / D. Macedo,
L. A. Guedes, I. Silva // 11th IEEE International confer-
ence on networking, sensing and control: proceedings. –
2014. – P. 417–422. DOI:10.1109/icnsc.2014.6819662.
7. Ojie E. Exploring dependability issues in IoT applica-
tions. / E. Ojie, E. Pereira // The second international
conference on internet of things, data and cloud comput-
ing – ICC’17): proceedings. – 2017. – P. 1–5.
DOI:10.1145/3018896.3036364.
8. Enhancing IoT data dependability through a blockchain
mirror model [Text] / [A. Bellini, E. Bellini, M. Gher-
149
e-ISSN 1607-3274 Радіоелектроніка, інформатика, управління. 2020. 4
p-ISSN 2313-688X Radio Electronics, Computer Science, Control. 2020. 4
© Illiashenko О. О., Kolisnyk М. А., Strielkina А. E., Kotsiuba І. V., Kharchenko V. S., 2020
DOI 10.15588/1607-3274-2020-4-14
ardelli, et al.] // Future Internet. – 2019. – Vol. 11, 5. –
P. 1–9. DOI:10.3390/fi11050117.
9. Dependability in edge computing [Text] / [S. Bagchi,
M.-B. Siddiqui, P. Wood, et al.] // Communications of
the ACM. – 2020. – Vol. 63, 1. – P. 58–66. DOI
10.1145/3362068.
10. Dependability for the Internet of Things – from depend-
able networking in harsh environments to a holistic view
on dependability [Text] / [C. A. Boano, K. Romer,
B. Roderick, et al.] // Elektrotechnik und Information-
stechnik. – 2016. – Vol. 133. – P. 304–309. DOI:
10.1007/s00502-016-0436-4.
11. Illiashenko O. Advanced security assurance case based
on ISO/IEC 15408 / O. Illiashenko, O. Potii, D. Komin //
Advances in intelligent systems and computing. Interna-
tional conference on dependability and complex systems
DepCoS-RELCOMEX 2015 (June 29 – July 3, 2015,
Lwówek Śląski). Lwówek Śląski, Poland. Theory and
engineering of complex systems and dependability.
DepCoS-RELCOMEX 2015. Springer, Cham : proceed-
ings. – 2015. – Vol. 365. – P. 391–401. DOI:
10.1007/978-3-319-59415-6_7.
12. Strielkina A. Model of functional behavior of healthcare
Internet of Things device / A. Strielkina, B. Volochiy,
V. Kharchenko // 10 th International conference on de-
pendable systems, services and technologies (DESSERT)
: proceedings. – 2019. – P. 63–69. DOI:
10.1109/dessert.2019.8770020.
13. Strielkina A. Availability models of the healthcare Inter-
net of Things system taking into account countermea-
sures selection / A. Strielkina, V. Kharchenko, D. Uzun //
Information and communication technologies in educa-
tion, research, and industrial applications. – 2019. – Vol.
1007. – P. 220–242. DOI: 10.1007/978-3-030-13929-
2_11.
14. Kolisnyk M. A Markov model of IoT system availability
considering DDoS attacks, patching and energy modes /
M. Kolisnyk, V. Kharchenko // Green IT Engineering:
social, business and industrial applications / V. Khar-
chenko, Y. Kondratenko, J. Kacprzyk (edits). – Springer
International Publishing. Book. – 2018. – P. 185–207.
DOI: 10.1007/978-3-030-00253-4_9.
15. Kolisnyk M. Investigation of the smart business center
for IoT systems availability considering attacks on the
router / M. Kolisnyk, V. Kharchenko // Dependable IoT
for human and industry. Modeling, architecting, imple-
mentation, dependable IoT for human and industry mod-
eling, architecting, implementation. – River Publishers
series in information science and technology, Denmark. –
2019. – P. 169 – 191.
16. Markov’s model-based technique of IoT system avail-
ability considering DDoS attacks [Text] / [M. Kolisnyk,
V. Kharchenko, I. Piskacheva et al.]; Kharchenko V. (ed-
its). // Secure and resilient computing for industry and
human domains. Techniques, tools and assurance cases
for security and resilient computing. – Kharkiv : Depart-
ment of education and science of Ukraine, National
Aerospace University named after N. E. Zhukovsky
“KhAI”. – 2017. – 449 p.
17. Modeling and availability assessment of mobile health-
care IoT using tree analysis and queueing theory / [A.
Strielkina, D. Uzun, V. Kharchenko, et al.] // Dependable
IoT for human and industry modeling, architecting, im-
plementation. – River Publishers series in information
science and technology, Denmark. – 2019. – P. 105–126.
18. Cybersecurity of healthcare IoT-based systems: Regula-
tion and case-oriented assessment [Text] / [A. Strielkina,
O. Illiashenko, M. Zhydenko, et al.] // 2018 IEEE 9th In-
ternational conference on dependable systems, services
and technologies (DESSERT): proceedings. – 2018. – P.
67–73. DOI: 10.1109/dessert.2018.8409101.
19. Reliability and security issues for IoT-based smart busi-
ness center: architecture and Markov model [Text] /
[M. Kolisnyk, V. Kharchenko, I. Piskachova, et al.] //
The World conference IEEE: MCSI. 2016, Greece, Cha-
nia: proceedings. – 2016. – P. 313–318.
20. Illiashenko O. O. Gap-analysis of assurance case-based
cybersecurity assessment: technique and case study /
O. O. Illiashenko, V. S. Kharchenko, A. Kor // Advanced
Information Systems. – Kharkiv : НТУ «ХПІ». – 2018. –
Vol. 2, 1. – P. 64–68. DOI: 10.20998/2522-
9052.2018.1.12.
21. Kharchenko V. Concepts of green IT-engineering: tax-
onomy, principles and implementation / V. Kharchenko,
O. Illiashenko // Studies in systems, decision and con-
trol. – 2017. – Vol. 74. – P. 3–19. DOI: 10.1007/978-3-
319-44162-7_1.
22. FP7 KhAI-ERA project website [Electronic resource]. –
Access mode: http://khai-era.khai.edu/.
23. Horizon2020 ECHO project website [Electronic re-
source]. – Access mode: https://echonetwork.eu/.
24. DigForAsp project website [Electronic resource]. – Ac-
cess mode: https://digforasp.uca.es/.
25. Horizon 2020 SPEAR project website [Electronic re-
source]. – Access mode: https://www.spear2020.eu/.
150
... розроблення інструментальних засобів та кейс-орієнтованих методів оцінювання якості ШІ [39,40]. Вони можуть базуватися на загальних Assurance Case підходах [41] і підходах, які стосуються оцінювання функційної і кібербезпеки [42]. Відбір інструментальних засобів, зокрема, для оцінювання кібербезпеки є окремою задачею, яка може виконуватися за допомогою засобів ШІ [43]. ...
Article
Full-text available
The subject of the research is the models of artificial intelligence (AI) quality. The current paper develops an AI quality model based on the definition and ordering of its characteristics. Objectives: to develop the principles and justify the sequence of analysis and development of AI quality models as ordered sets of characteristics; to offer models of AI quality for further use, first, the evaluation of individual characteristics and quality in general; to demonstrate the profiling of AI quality models for systems using artificial intelligence. The following results were obtained. The sequence of construction of AI quality models is offered. Based on the analysis of references, a list of AI characteristics was formed and their definitions were harmonized. The general model of AI quality is presented with a description of the step-by-step procedure for the realization of its hierarchical construction. A basic model of AI with abbreviated sets of characteristics is proposed due to its importance. Examples of profiling of quality models for two systems - monitoring of engineering communications and recognition of road signs are given. Conclusions. The study's main result is the development of a quality model for artificial intelligence, which is based on the analysis and harmonization of definitions and dependencies of quality characteristics specific to AI. The selection of characteristics and the construction of the quality model were carried out in such a way to exclude duplication, ensure the completeness of the presentation, as well as to determine the specific features of each characteristic. It is extremely difficult to create a model that would fully meet such requirements, so the presented options should be supplemented and improved considering the rapid development of technologies and applications of AI. The proposed quality models are open and can be supplemented and detailed according to the specific purpose and scope of AI.
... It is advisable to collect and analyze information on various criteria for their inclusion in the general database; • Development of tools and case-oriented methods for assessing the quality of AI, AI systems, and AI platforms [120]. They can be based on general assurance case approaches [121,122] as well as functional and cybersecurity assessment approaches [123]; • Application of internal validation as an additional procedure which can be embedded into AIS assessment [124]; • Development of content quality models including different aspects of image quality assessment and so on. ...
Article
Full-text available
The factors complicating the specification of requirements for artificial intelligence systems (AIS) and their verification for the AIS creation and modernization are analyzed. The harmonization of definitions and building of a hierarchy of AIS characteristics for regulation of the development of techniques and tools for standardization, as well as evaluation and provision of requirements during the creation and implementation of AIS, is extremely important. The study aims to develop and demonstrate the use of quality models for artificial intelligence (AI), AI platform (AIP), and AIS based on the definition and ordering of characteristics. The principles of AI quality model development and its sequence are substantiated. Approaches to formulating definitions of AIS characteristics, methods of representation of dependencies, and hierarchies of characteristics are given. The definitions and harmonization options of hierarchical relations between 46 characteristics of AI and AIP are suggested. The quality models of AI, AIP, and AIS presented in analytical, tabular, and graph forms, are described. The so-called basic models with reduced sets of the most important characteristics are presented. Examples of AIS quality models for UAV video navigation systems and decision support systems for diagnosing diseases are described.
Article
Full-text available
Cybersecurity is a common Internet of Things security challenge. The lack of security in IoT devices has led to a great number of devices being compromised, with threats from both inside and outside the IoT infrastructure. Attacks on the IoT infrastructure result in device hacking, data theft, financial loss, instability, or even physical damage to devices. This requires the development of new approaches to ensure high-security levels in IoT infrastructure. To solve this problem, we propose a new approach for IoT cyberattack detection based on machine learning algorithms. The core of the method involves network traffic analyses that IoT devices generate during communication. The proposed approach deals with the set of network traffic features that may indicate the presence of cyberattacks in the IoT infrastructure and compromised IoT devices. Based on the obtained features for each IoT device, the feature vectors are formed. To conclude the possible attack presence, machine learning algorithms were employed. We assessed the complexity and time of machine learning algorithm implementation considering multi-vector cyberattacks on IoT infrastructure. Experiments were conducted to approve the method’s efficiency. The results demonstrated that the network traffic feature-based approach allows the detection of multi-vector cyberattacks with high efficiency.
Book
Full-text available
The third volume of the three volume book called “Secure and resilient computing for industry and human domains” contains materials of the lecture parts of the study modules for MSc and PhD level of education as well as lecture part of in-service training modules developed in the framework of the SEREIN project "Modernization of Postgraduate Studies on Security Resilience for Human and Industry Related Domains"1 (543968-TEMPUS-1-2013-1-EE-TEMPUS-JPCR) funded under the Tempus programme are given. The book describes model and case-based techniques and tools applied to support simulation, assessment and assurance of FPGA and software components and systems. The descriptions of trainings, which are intended for studying with technologies and means of assessing security guarantees, are given in accordance with international standards and requirements. Courses syllabuses and description of practicums are placed in the correspondent notes on practicums and in-service training modules. Designed for engineers who are currently or tend to design, develop and implement information security systems, for verification teams and professionals in the field of quality assessment and assurance of cyber security of IT systems, for masters and PhD students from universities that study in the areas of information security, computer science, computer and software engineering, as well as for lecturers of the corresponding courses.
Article
Full-text available
The Internet of Things (IoT) is a remarkable data producer and these data may be used to prevent or detect security vulnerabilities and increase productivity by the adoption of statistical and Artificial Intelligence (AI) techniques. However, these desirable benefits are gained if data from IoT networks are dependable-this is where blockchain comes into play. In fact, through blockchain, critical IoT data may be trusted, i.e., considered valid for any subsequent processing. A simple formal model named "the Mirror Model" is proposed to connect IoT data organized in traditional models to assets of trust in a blockchain. The Mirror Model sets some formal conditions to produce trusted data that remain trusted over time. A possible practical implementation of an application programming interface (API) is proposed, which keeps the data and the trust model in synch. Finally, it is noted that the Mirror Model enforces a top-down approach from reality to implementation instead of going the opposite way as it is now the practice when referring to blockchain and the IoT.
Article
Full-text available
The subject matter of the article is the processes of cybersecurity assessment. The goal is to develop a technique for gap-analysis of cybersecurity analysis process. The task to be solved is to develop a method for analyzing gaps in the process of assessment of non-functional requirements for safety and cybersecurity of ICS. It is based on the classification of requirements, taking into account the possibility of their decomposition, which includes the construction of an advanced security assurance and determination of countermeasures to address detected gaps. Conclusions. The scientific novelty of the results obtained is as follows: the method for ensuring the information security of digital components of the I&Cs was further developed by analyzing the discrepancies of requirements using vulnerability description procedures and assessing the severity of the intrusions consequences, as well as determining the set of countermeasures by the "security-cost" criterion, which makes it possible to reduce risks to an acceptable level.
Conference Paper
Full-text available
One of the key subsystems from point of view of security of the complex IoT system is the smart business center (SB?) system. Some problems the design and operation of the SBC system are analyzed. When analysis of safety of the IoT system must take into account the reliability and security of the system at several levels: the level of sensors, the level of communication (communication lines, router, switch), the server level as the control device of components of the network, the level of the entire SBC subsystem. General architecture of network of the SB? is described. Reliability and security of key SB? hardwareand software manufacturers are analysed. In particular, security issue for SB? routers is considered. Shown the Markov model, which takes into account the technical conditions of typical network components of the SBC with the presence of software vulnerabilities when exposed to hacker attacks. On this model's basis it is possible to conduct further researches directed for improving the reliability operation and safety of IoT.
Chapter
An active infiltration of information technology in the healthcare sector has led to a fundamental change in people’s quality of life. Networked medical and healthcare devices and their applications are already creating an Internet of Medical Things which is aimed at better health monitoring and preventive care. But the new concepts and applying of new technologies bring certain risks including failures of devices, infrastructure which may lead to the worst outcome. In this regard, the security and safety problems of this technology using increase rapidly. This paper touches upon the issue of the healthcare Internet of Things (IoT) infrastructure failures and attacks on components and complete system. The purpose of the paper is to develop and research the availability models of a healthcare IoT system regarding failures and attacks on components. A detailed analysis of an architecture of healthcare IoT infrastructure is given. The main causes of the healthcare IoT based system failures are considered. This paper presents an approach to develop a Markov models set for a healthcare IoT infrastructure that allows considering safety and security issues. Much attention is given to developing and research of the Markov model of a healthcare IoT system considering failures of components. The analysis of obtained simulation results showed the rates that have the greatest influence on the availability function of the healthcare IoT system. In addition, it is presented a case study with a game theoretical approach to select countermeasure tools.
Conference Paper
We have been witnessing a formation of a new technological marvel: Internet of Things. The Internet of Things (IoT) is driven by an expansion of the Internet through the inclusion of physical objects combined with an ability to provide smarter services to the environment as more data becomes available. This construction is able to combine in a particular operational entity all the bits and pieces of the world around us. This concept has been able to be integrated into various fields which includes the health care sector, transportation sectors, smart cities and various areas of human endeavor to make life a better and easy place for mankind. Hence, it is important to understand how to build IoT applications that are dependable and deliver what they are need to deliver. This paper explores dependability issues in Internet of Things applications by analyzing what is currently in the literature and conceptualizing the requirements of dependability in IoT application irrespective of their sizes and domain application and finally argues an importance why the issues of dependability needs to be explore and addressed in IoT applications