Recommendations for Ensuring Cyber Protection of Industrial Control Systems of Energy Sector

M.Yu. Komarov, Cand. Tech. Sci., S.F. Honchar, Dr. Tech. Sci., A.V. Onyskova,
O.O. Bakalynskyi, Cand. Tech. Sci., D.V. Pakholchenko, graduate student
Pukhov Institute for Modelling in Energy Engineering
of the National Academy of Sciences of Ukraine
Ukraine, 03164, Kyiv, Str. General Naumov 15
tel. (+38044) 424 10 63, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Èlektron. model. 2022, 44(5):61-72

https://doi.org/10.15407/emodel.44.05.061

ABSTRACT

One of the factors of the state's ability to ensure the security of its own resources and assets in the conditions of an international political crisis and an ongoing hybrid war is the ability to provide cyber protection of critical information infrastructure facilities, such as enterprises of the energy industry, chemical industry, industrial production, etc. Therefore, the cyber security of a critical structure consists primarily in ensuring the protection of technological processes from any unauthorized informational influences that cause incorrect execution of technological processes. On the basis of NIST (National Institute of Standards and Technology) Special Publication 800-53, basic recommendations for ensuring cyber protection of automated technological process control systems are provided.

KEYWORDS

cyber security, cyber protection, Industrial Control Systems, energy sector, re­commendations.

REFERENCES

  1. Mokhor, V., Honchar, S. and Onyskova, A. (2020), “Cybersecurity Risk Assessment of Information Systems of Critical Infrastructure Objects”, IEEE International Conference on Problems of Infocommunications. Science and Technology, pp. 19-22, DOI: https://doi.org/10.1109/PICST51311.2020.9467957
  2. Komarov, M., Honchar, S. and Dimitriieva, D. (2021), “Research on the Problem of Cyber Survivability of Critical Information Infrastructure”, Nuclear and radiation safety, Vol. 1, no. 89, pp. 59-66, available at: https://doi.org/10.32918/nrs.2021.1(89).07
  3. Potii, O., Semenchenko, A., Dubov, D. et al. (2021), “Сonceptual principles of implementation of the organizational and technical model of cyber defense of Ukraine”, Ukrainian Information Security Research Journal, 81, no. 1, pp. 12-19, available at: https://Doi.org/ 10.18372/ 2410-7840.23.15434.
  4. Law № 2163-VIII, On Basic Principles of Cyber Security of Ukraine, Session 7, (from October 5, 2017), available at: https://zakon.rada.gov.ua/laws/show/2163-viii.
  5. Bakalynskyi, O. and Pakholchenko, D. (2021), “Analysis of cybersecurity requirements of auto­mated process control systems as critical information infrastructure”, Elektronne modelyuvannya, Vol. 43, no. 4, pp. 103-112, available at: https://doi.org/10.15407/emodel
  6. NIST SP 800-82. Rev.2. Guide to Industrial Control Systems (ICS) Security, available at: https://online.budstandart.com/ua/catalog/doc-page.html?id_doc-84401.
  7. NIST Special Publication 800-53. Rev.5. Security and Privacy Controls for Information Systems and Organizations, 2020, available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf.

Full text: PDF