Mathematical Model of Information Security Event Management Using a Markov Chain in Industrial Systems

Mathematical Model of Information Security Event Management Using a Markov Chain in Industrial Systems

연구 분야: Safety

학회: Automatic Control and Computer Sciences

The problem of ensuring information security in industrial Internet-of-Things (IIoT) systems is considered. In the study, it is found that, in most cases, security information and event management (SIEM) systems with configured rules for correlating events in the information infrastructure are used to protect comprehensively the information perimeter of an industrial enterprise from external and internal threats. In this case, there is a need to create a mathematical apparatus that allows for an accurate and objective estimate of the effectiveness of a SIEM system. As a result of the study, the problem of preventing information security incidents in IIoT systems is formalized based on the developed mathematical model of information security event management using a continuous-time Markov chain.