Written by tuzs
Makarenko S., Smirnov G.
Model of Security Audit of a Critical Information Infrastructure Object with Use the Test Cyber Attacks
- Abstract: The article presents a model for auditing the security of a critical information infrastructure object by test information and technical influences. This model formalizes an object in the form audit process of a multilevel topological model, the individual levels of which correspond to: resource costs for impacts, test information and technical impacts, vulnerabilities, object elements and damage levels. The use of this model in audit practice will make it possible to substantiate the most effective impacts on the basis of the “efficiency / cost” criterion, as well as form test suites that will ensure the rational completeness of the audit of a critical infrastructure facility.
- Keywords: critical information infrastructure, penetration testing, security audit, cyber attack.