Biblio

In this work an overview of basic approaches to choosing protective measures for automated process control systems is done. The aim of the research was to develop a method for choosing protection measures for information security at every APCs level using set theory within analysis of basic sets of protection measures. In the framework of the research relevant attacks on industrial infrastructure are considered, an algorithm of choosing APCs protective measures is constructed, and it is suggested that it is required to use protective measures for every system level in accordance with an individual assessment of data protection class at the corresponding level. The authors concluded that it is necessary to exclude from consideration “specification of an adapted basic set” of the algorithm for choosing APCs protection measures in case the adapted basic set of APCs protective measures provides blocking all security threats at the considered system level. The approach to choosing protection measures based on building Euler-Venn diagrams is suggested. The results of the research are recommended to be used when modeling information security threats and developing requirements for APCs information protection means.