Algorithmization of Reference Security Models of Corporate Automation Systems Based on Formal Security Models

Abstract

The paper considers the process of algorithmization of reference security models implemented on the basis of the existing formal security models. Main approaches to practical implementation of reference security models in a key of identifying potential areas for improvement are studied. The paper describes the analysis of constraints of models for synthesis based on their formal reference model amenable to implementation in a software algorithm for subsequent practical security analysis of real systems. On the basis of a formalized model graph is built which combines multiple information security vulnerabilities and attack methods of realization of the consequences for the security systems on the basis of which controllable models of real systems can be created. An algorithm of the semi-automatic analysis of the security of corporate automated systems is developed.