Keywords:
information security, critical information infrastructures, residual risk, incomplete threat models,
asymptotic security management, security event monitoring.
References
1. Rossiyskaya Federaciya (2017) 187-FZ 26.07.2017, Federalniy zakon "O bezopasnosti kriticheskoy infrastrukturi Rossiyskoy Federacii" [Federal law
of the Russian Federation 187-FZ "On security of critical information infrastructure of the Russian Federation" dated 26.07.2017], Moscow, Russia
2. Commission Of The European Communities (2005), COM/2005/576 final, CELEX:52005DC0576 Green Paper on a European Programme for Critical
Infrastructure Protection. Brussels, Belgium.
3. National Institute of Standards and Technology (2018) Framework for Improving Critical Infrastructure Cybersecurity, USA.
4. Pravitelstvo Rossiyskoy Federacii (2018) No. 127 08.02.2018, Postanovlenie "Ob utverzhdenii Pravil kategorirovaniya ob'ektov kriticheskoy informa-
cionnoy infrastrukturi Rossiyskoy Federacii, a takzhe perechnya pokazateley kriteriev znachimosti ob'ektov kriticheskoy informacionnoy infrastrukturi
Rossiyskoy Federacii I ih znacheniy". [Resolution of the Government of the Russian Federation No. 127 of 08.02.2018 "On approval of the rules of cat-
egorization of objects of critical information infrastructure of the Russian Federation, as well as the list of indicators of criteria of significance of objects
of critical information infrastructure of the Russian Federation and their values"], Moscow, Russia.
5. GusninS.Y. and Petukhov A.N. (2019). Security reference model for critical information infrastructures.
SCM 2019 XXII International Conference on
Soft Computing and Measurement,
23-25 May, 2019 Saint-Petersburg, Russia.
6. Petukhov A.N. (2017). Cybersecurity management information base for critical infrastructures.
XI Mezhdunarodnaya otraslevaya nauchno-tehnicheskaya
konferenciya "Tehnologii informacionnogo obschestva"
[XI International branch scientific and technical conference "Information and society technologies"],
15-16 March 2017, Moscow, Russia.
7. Hoffman, L.J. (1977).
Sovremenniye metodi zazhiti informacii
[Modern methods for computer security and privacy] 1980, Sovetskoye radio, Moscow,
Russia.
8. Simonov S.V. (1999). Risk analysis, risk management,
JetInfo
. Vol.1, pp. 11-17.
9. UspenskiyV.A. (1982). Teorema Gedelya o nepolnote.
Populyarnie lekcii po matematike
. Vipusk 57 [Godel's theorem on incompleteness. Popular lec-
tures on mathematics . Issue 5] Nauka, Moscow, Russia.
10.
Erokhin S.D., Petukhov A.N. and Pilyugin P.L. Critical Information Infrastructures Security Modeling, available at
https://fruct.org/publications/fruct24/files/Ero.pdf, , Accessed 15.11.2019.
11. Kurilo A.P., Miloslavskaya N.G., Senatorov M.Y. and Tolstoy A.I. (2013).
Osnovi upravleniya informacionnoy bezopasnostyu
[Frameworks for informa-
tion security management] Goryachaya liniya-Telekom.
12. FSTEK Rossii (2017) № 239 от 25.12.2017, Prikaz "Ob utverzhdenii Trebovaniy k obespecheniyu bezopasnosti znachbmsh ob'ektov kriticheskoy
informacionnoy infrastrukturi Rossiyskoy Federacii" [Order of FSTEC of Russia No. 239 dated 25.12.2017 " On approval of requirements for security
of significant objects of critical information infrastructure of the Russian Federation"], Moscow, Russia.
13. Petukhov A.N. and Pilyugin P.L. (2019). Normative definition of security events.
REDS 2019 Radioelektronnie ustroystva i sistemi dlya infokommunika-
cionnih tehnologiy
[REDS 2019 Radio-electronic devices and systems for info-communication technologies], Moscow, Russia 29-31 May, 2019.
Do'stlaringiz bilan baham: |