Preview

Proceedings of Telecommunication Universities

Advanced search

Architectural Model ONYX for X-Adaptive Control of Information Systems Under Arbitrary Destabilizing Factors

https://doi.org/10.31854/1813-324X-2026-12-3-112-128

EDN: JIZXYX

Abstract

Background. Modern information systems operate under the permanent influence of hybrid destabilizing factors whose nature — ranging from targeted cyberattacks to stochastic technical failures, sabotage, key personnel departure, and sanctions imposition — is often a priori unknown. Existing methods for controlling information systems under destabilizing factors are fragmented: they either focus on narrow technical aspects or are limited to administrative regulations, failing to provide holistic coverage of all hierarchical levels of the system.

Objective. The objective is to develop a generic architectural control model, ONYX, representing an information system as a computable state space and ensuring verifiable adaptation to destabilizing factors of arbitrary nature in order to preserve its functionality.

Methods. The state of an information system is represented as an attributed multigraph. For hierarchical systems, the Hierarchical Organization Postulate is introduced, decomposing the graph into the following levels: Management, Personnel, Hardware, and Software. The validity and intendedness of states are determined by the predicates and , respectively, based on first-order logic. System control is implemented by the operator R using a database of verified templates.

Results. The ONYX model has been developed, representing an information system as a multigraph with a control operator. Theorems have been proved on the solution existence criterion, namely X-adaptivity, on the solvability of recovery by the operator , on safety invariance, and on the relative completeness of the operator. The following consequences have been derived: the “Cone of Influence” effect and the principle of layer-based threat neutralization. The scientific novelty lies in the universality of the formalism for hierarchical and swarm systems, the definition of necessary and sufficient conditions for the solvability of the recovery task, the proof of the consequences of hierarchy, the substantiation of cross-level recoverability, and the introduction of a validity invariant for automatic control.

Theoretical and Practical Significance. The theoretical significance consists in creating a mathematical apparatus for controlling the structural dynamics of complex systems under destabilizing factors of arbitrary nature. The practical significance lies in formalizing the requirements of information security standards, including ISO/IEC 27001, GOST R ISO/IEC 270xx, and NIST CSF, for building next-generation SOAR systems that integrate organizational and technical protection measures.

About the Author

V. V. Gryzunov
Saint-Petersburg University of the State Fire Service of the EMERCOM of Russia
Russian Federation


References

1. Maksimova E.A. Axiomatics of infrastructural destructivism of a critical information infrastructure subject. Informatization and communication. 2022;1:68–74. (in Russ.) DOI:10.34219/2078-8320-2022-13-1-68-74. EDN:ZMOPQB

2. Gurina L.A., Tomin N.V. Intelligent methods of ensuring cybersecurity of multi-agent microgrid control systems. Voprosy kiberbezopasnosti (Cybersecurity Issues). 2024;6(64):53–64. (in Russ.) DOI:10.21681/2311-3456-2024-6-53-64. EDN:BORTZT

3. Wei L., Yang Y., Wu J., Long C., Li B. Trust Management for Internet of Things: A Comprehensive Study. IEEE Internet of Things Journal. 2022;9(10):7664–7679. DOI:10.1109/JIOT.2021.3139989. EDN:JRPLEV

4. Nguyen T.T., Reddi V.J. Deep Reinforcement Learning for Cyber Security. IEEE Transactions on Neural Networks and Learning Systems. 2021;34(8):3779–3795. DOI:10.1109/TNNLS.2021.3121870. EDN:FKCUDV

5. Yin Z., Lin Y., Zhang Y., Qian Y., Shu F., Li J. Collaborative Multiagent Reinforcement Learning Aided Resource Allocation for UAV Anti-Jamming Communication. IEEE Internet of Things Journal. 2022;9(23):23995–24008. DOI:10.1109/jiot.2022.3188833. EDN:CQKPMR

6. Wan Z., Cho J.H., Zhu M., Anwar A.H., Kamhoua C.A., Singh M.P. Resisting Multiple Advanced Persistent Threats via Hypergame-Theoretic Defensive Deception. IEEE Transactions on Network and Service Management. 2023;20(3):3816–3830. DOI:10.1109/tnsm.2023.3240366. EDN:ISRRNW

7. Segovia-Ferreira M., Rubio-Hernan J., Cavalli A., Garcia-Alfaro J. A survey on cyber-resilience approaches for cyber-physical systems. ACM Computing Surveys. 2024;56(8):1–37. DOI:10.1145/3652953

8. Kuikka V., Rantanen H. Resilience of multi-layer communication networks. Sensors. 2022;23(1):86. DOI:10.3390/s23010086. EDN:JTEMYM

9. Wang X., Niu B., Shang Z., Niu Y. Distributed resilient adaptive consensus tracking control of nonlinear multi-agent systems dealing with deception attacks via K-filters approach. Automatica. 2024;169:111871. DOI:10.1016/j.automatica.2024.111871. EDN:SLWBOM

10. Canonico R., Sperlì G. Industrial cyber-physical systems protection: A methodological review. Computers & Security. 2023;135:103531. DOI:10.1016/j.cose.2023.103531. EDN:SZERNJ

11. Arauz T., Chanfreut P., Maestre J.M. Cyber-security in networked and distributed model predictive control. Annual Reviews in Control. 2022;53:338–355. DOI:10.1016/j.arcontrol.2021.10.005. EDN:DOVLWJ

12. Xing W., Shen J. Security Control of Cyber–Physical Systems under Cyber Attacks: A Survey. Sensors. 2024;24(12):3815. DOI:10.3390/s24123815. EDN:OXISLH

13. Luo M., Yu Z., Xiao Y., Xiong L., Xu Q., Ma L., Wu Z. Full-order adaptive sliding mode control with extended state observer for high-speed PMSM speed regulation. Scientific Reports. 2023;13(1):6200. DOI:10.1038/s41598-023-33455-x. EDN:SQOMRD

14. Poltavtseva M. Active monitoring model as a basis for security management of industrial CPS. Voprosy kiberbezopasnosti (Cybersecurity Issues). 2021;42(2):51–60. (in Russ.) DOI:10.21681/2311-3456-2021-2-51-60. EDN:WSMBXF

15. Blanco C., Rosado D.G., Varela-Vaca Á.J., Gómez-López M.T., Fernández-Medina E. Onto-CARMEN: Ontology-driven approach for Cyber–Physical System Security Requirements meta-modelling and reasoning. Internet of Things. 2023;24:100989. DOI:10.1016/j.iot.2023.100989. EDN:HYOTME

16. Bakirtzis G., Sherburne T., Adams S., Horowitz B.M., Beling P.A., Fleming C.H. An ontological metamodel for cyber-physical system safety, security, and resilience coengineering. Software and Systems Modeling. 2022;21(1):113–137. DOI:10.1007/s10270-021-00892-z. EDN:VGYIJO

17. Kayan H., Nunes M., Rana O., Burnap P., Perera C. Cybersecurity of industrial cyber-physical systems: A review. ACM Computing Surveys (CSUR). 2022;54(11s):229. DOI:10.1145/3510410

18. Rahman M.H., Shafae M. Cyber-Physical Security Vulnerabilities Identification and Classification in Smart Manufacturing: A Defense-in-Depth Driven Framework and Taxonomy. Journal of Computing and Information Science in Engineering. 2025:25(9):091005. DOI:10.1115/1.4068844. EDN:OKVQFQ

19. Damm W., Hess D., Schweda M., Sztipanovits J., Bengler K., Biebl B. et al. A Reference Architecture of Human Cyber-Physical Systems–Part I: Fundamental Concepts. ACM Transactions on Cyber-Physical Systems. 2024;8(1):1–32. DOI:10.1145/3622879

20. Immerman N. Descriptive Complexity. Graduate Texts in Computer Science. New York, Berlin, Heidelberg: Springer-Verlag; 1999. DOI:10.1007/978-1-4612-0539-5

21. Gryzunov V.V. Model of Purpose Aggressive Actions on the Information-Computing System. Proceedings of the Third International Scientific and Practical Conference on Human Factor in Complex Technical Systems and Environments, ERGO-2018, 07.06.2018, St. Petersburg, Russian Federation. Tver: Ergonomic Association Publ.; 2018. p.300‒305. (in Russ.) EDN:YUORVZ

22. Gryzunov V.V. Conceptual Model for Adaptive Control of a Geographic Information System under Conditions of Destabilization. Automatic Control and Computer Sciences. 2021;55(8):1222–1227. DOI:10.3103/S0146411621080381. EDN:KWLWGO

23. Mikoni S.V., Sokolov B.V., Yusupov R.M. Qualimetry of Models and Polymodel Complexes. Moscow: RAS Publ.; 2018. 314 p. (in Russ.) DOI:10.31857/S9785907036321000001. EDN:VVUKQW

24. Gryzunov V.V., Shestakov A.V. Model of the adaptive control system of the cyber range of the russian emergencies ministry based on the operator equation. Voprosy kiberbezopasnosti (Cybersecurity Issues). 2024;64(6):140–149. (in Russ.) DOI:10.21681/2311-3456-2024-6-140-149. EDN:GSHMNZ

25. Gryzunov V.V., Shestakov A.V. A multi-level framework for justifying information security incident monitoringand response procedures. Voprosy kiberbezopasnosti (Cybersecurity Issues). 2025;6(70):14–24. (in Russ.) DOI:10.21681/2311-3456-2025-6-14-24. EDN:HTFRHK


Review

For citations:


Gryzunov V.V. Architectural Model ONYX for X-Adaptive Control of Information Systems Under Arbitrary Destabilizing Factors. Proceedings of Telecommunication Universities. 2026;12(3):112-128. (In Russ.) https://doi.org/10.31854/1813-324X-2026-12-3-112-128. EDN: JIZXYX

Views: 18

JATS XML


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.


ISSN 1813-324X (Print)
ISSN 2712-8830 (Online)