Научная статья на тему 'A METHOD FOR EFFICIENCY ASSESSMENT OF MULTI-LEVEL DISTRIBUTED SYSTEM FOR REGIONAL SECURITY SUPPORT'

A METHOD FOR EFFICIENCY ASSESSMENT OF MULTI-LEVEL DISTRIBUTED SYSTEM FOR REGIONAL SECURITY SUPPORT Текст научной статьи по специальности «Компьютерные и информационные науки»

CC BY
34
8
i Надоели баннеры? Вы всегда можете отключить рекламу.
Ключевые слова
SECURITY SUPPORT SYSTEM / REGIONAL SECURITY / EFFICIENCY ESTIMATION / MANAGEMENT / THREAT / RISK ANALYSIS / SOCIO-ECONOMIC SYSTEM

Аннотация научной статьи по компьютерным и информационным наукам, автор научной работы — Masloboev Andrey V., Tsygichko Vitaliy N.

Background . The study is aimed to development and analysis of models and methods for automation facilities perfection of security organizational management of the socio-economic objects and critical infrastructures. Materials and methods . For configuration and quality enhancement problem-solving of the risk management systems of regional socio-economic system security violation a method for efficiency assessment of the multi-level distributed system for regional security support has been developed. The method is based on object categorization of regional socio-economic systems that allows adequate procedures implementation of regional security support conditionally to critical situations on-line context and specification emergent at that objects. Results and conclusions . The method distinctive features are human factor accounting under efficiency estimation of regional security support system and operation possibility with decomposed problem statements of that system structural synthesis, which have minor dimensions. That provide structure and composition synthesis problem-solving of regional security support system by means of its parameters direct search at the each level of system functional organization that allows simple and rapid calculation algorithms design of the efficiency technical-economic indexes on the basis of computer simulation.

i Надоели баннеры? Вы всегда можете отключить рекламу.
iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.
i Надоели баннеры? Вы всегда можете отключить рекламу.

Текст научной работы на тему «A METHOD FOR EFFICIENCY ASSESSMENT OF MULTI-LEVEL DISTRIBUTED SYSTEM FOR REGIONAL SECURITY SUPPORT»

БЕЗОПАСНОСТЬ В ЧРЕЗВЫЧАЙНЫХ СИТУАЦИЯХ

SAFETY IN EMERGENCY SITUATIONS

УДК 004.051, 007.51, 004.94 doi:10.21685/2307-4205-2021-1-13

AMETHOD FOREFFICIENCY ASSESSMENT OF MULTI-LEVEL DISTRIBUTED SYSTEM FOR REGIONAL SECURITY SUPPORT

A.V. Masloboev1, V.N. Tsygichko2

1 Federal Research Centre "Kola Science Centre of the Russian Academy of Sciences", Apatity, Russia 2 Federal Research Center "Computer Science and Control of the Russian Academy of Sciences", Moscow, Russia

1 [email protected], 2 [email protected]

Abstract. Background. The study is aimed to development and analysis of models and methods for automation facilities perfection of security organizational management of the socio-economic objects and critical infrastructures. Materials and methods. For configuration and quality enhancement problem-solving of the risk management systems of regional socio-economic system security violation a method for efficiency assessment of the multi-level distributed system for regional security support has been developed. The method is based on object categorization of regional socio-economic systems that allows adequate procedures implementation of regional security support conditionally to critical situations on-line context and specification emergent at that objects. Results and conclusions. The method distinctive features are human factor accounting under efficiency estimation of regional security support system and operation possibility with decomposed problem statements of that system structural synthesis, which have minor dimensions. That provide structure and composition synthesis problem-solving of regional security support system by means of its parameters direct search at the each level of system functional organization that allows simple and rapid calculation algorithms design of the efficiency technical-economic indexes on the basis of computer simulation.

Keywords: security support system, regional security, efficiency estimation, management, threat, risk analysis, socio-economic system

Acknowledgments: The work was carried out within the framework of the State Research Program of the Institute for Informatics and Mathematical Modeling of the Kola Science Centre of RAS (project No. 0226-2019-0035).

For citation: Masloboev A.V., Tsygichko V.N. A method for efficiency assessment of multi-level distributed system for regional security support. Nadezhnost' i kachestvo slozhnykh sistem = Reliability and quality of complex systems. 2021;1:129-143. doi:10.21685/2307-4205-2021-1-13

МЕТОД ОЦЕНКИ ЭФФЕКТИВНОСТИ МНОГОУРОВНЕВЫХ РАСПРЕДЕЛЕННЫХ СИСТЕМ ОБЕСПЕЧЕНИЯ РЕГИОНАЛЬНОЙ БЕЗОПАСНОСТИ

А. В. Маслобоев1, В. Н. Цыгичко2

1 Федеральный исследовательский центр «Кольский научный центр Российской академии наук»,

Апатиты, Россия

2 Федеральный исследовательский центр «Информатика и управление Российской академии наук»,

Москва, Россия 1 [email protected], 2 [email protected]

© Masloboev A. V., Tsygichko V. N., 2021. Контент доступен по лицензии Creative Commons Attribution 4.0 License / This work is licensed under a Creative Commons Attribution 4.0 License.

Аннотация. Актуальность и цели. Работа направлена на разработку и исследование моделей и методов для совершенствования автоматизированных средств организационного управления безопасностью социально-экономических объектов и критических инфраструктур. Материалы и методы. Для задач конфигурирования и повышения качества систем управления рисками нарушения безопасности региональных социально-экономических систем разработан метод оценки эффективности многоуровневых распределенных систем обеспечения региональной безопасности. Метод основан на категорировании объектов региональных социально-экономических систем, что позволяет реализовать адекватные процедуры обеспечения региональной безопасности в зависимости от оперативного контекста и спецификации критических ситуаций, возникающих на этих объектах. Результаты и выводы. Отличительными особенностями метода являются учет человеческого фактора при оценке эффективности систем обеспечения региональной безопасности и возможность работы с декомпозированными постановками задач структурного синтеза этих систем, имеющими небольшую размерность. Это обеспечивает решение задач синтеза структуры и состава систем обеспечения региональной безопасности путем прямого перебора их параметров на каждом уровне функциональной организации системы, что позволяет построить простые и быстрые алгоритмы расчета технико-экономических показателей эффективности на базе компьютерного моделирования.

Ключевые слова: система обеспечения безопасности, региональная безопасность, оценка эффективности, управление, угроза, анализ рисков, социально-экономическая система

Финансирование: Работа выполнена в рамках государственного задания ИИММ КНЦ РАН (НИР № 0226-2019-0035).

Для цитирования: Masloboev A. V., Tsygichko V. N. A method for efficiency assessment of multi-level distributed system for regional security support // Надежность и качество сложных систем. 2021. № 1. С. 129-143. doi:10.21685/2307-4205-2021-1-13

Introduction

At present, one of the main priorities of public policy in the field of national security is risk-sustainable development support of the country's economy and regional security maintenance. First of all, this implies activities intensification of the state public authorities at all levels of governance in direction to safeguarding of the critical facilities and infrastructures of regional socio-economic systems under the impact of multiple threats of various natures, which are the basic catalyst for emergencies and crisis situations occurrence.

This urgent and important problem for our country can be solved only at the expense of high-quality maintenance of regional security, since the regional socio-economic systems are the most vulnerable with a view to various threats appearance, which can lead to the destabilization of higher-level systems - national and global. This is explained by such specific features of regional systems as weak-formalization, multi-aspect nature and interconnectivity of processes occurring in these systems, structural complexity and spatial distribution, a large number of heterogeneous objects. The specificity is also appended by the individual characteristics of the each region such as low stability of ecological system, underdeveloped infrastructure, population density, remoteness from the federal center, high resource intensity, territory congestion by facilities of the military-industrial complex, the manner of industrial and economic development of territories, at alias. All these features of regional socio-economic systems result to complex problems in the security management of the critically important objects of regional economy and in the system organization of regional security support as a whole.

One of the prospective areas in these problem-solving is the development of a methodology, modeling tools and software to support managerial decision-making in the field of regional security ensuring and control. This is necessary, on the one hand, to improve the management quality of regional socio-economic system sustainable development, and, on the other hand, to meet up-to-date system requirements for security support of socio-economic objects and critical infrastructures in the face of global challenges and new threats. Thus, for example, one of the possible ways to these problem-solving is declared in the National Security Strategy of the Russian Federation1, which expects system engineering of distributed situational centers [1] in the regions of the country as an effective means of threat monitoring and regional security support at all levels of government. The mission of this multi-level distributed automated system is on-line security monitoring of the both individual socio-economic elements and regional subsystems. At the same

1 О Стратегии национальной безопасности Российской Федерации : указ Президента РФ № 683 от 31.12.2015. URL: http://kremlin.ru/acts/bank/40391

time, security management is implemented on the basis of fulfillment control and compliance monitoring of the safety requirements to critical facilities, bottlenecks analysis in the security support system and risk assessment of the security violation of regional socio-economic system components. This approach based on risk management and categorization of socio-economic objects in the region according to the degree of their potential danger is widely and successfully applied in practice, both in our country and abroad.

The general risk theory defines risk as an activity associated with overcoming uncertainty in a situation of inevitable choice, when we have the opportunity to quantitatively and qualitatively assessment of achieving probability of the estimated result, failure and goal deviation [2]. Risk management is a set of processes associated with identification, risk analysis and decision-making, which include maximizing the positive and minimizing the negative consequences of the risk events occurrence [3]. The risk of security violation of the regional socio-economic system is understood as the probability of potential threat realization regard to critically important objects of its structure under the existing management system of regional security.

The risk of regional security violation is a unified criteria of efficiency assessment for the all levels of security management hierarchy of regional socio-economic systems and meets the systems principles of regional security system engineering (principles of purpose, information unity and criteria coordination). In accordance with the equal protection principle [4], the risk of security violation of the regional subsystems at all levels of regional socio-economic system organization is understood as a probability of security violation of at least one of the elements of these subsystems.

Risk management of regional security violation is carried out by choosing and implementing methods, means and anti-crisis measures (security profiles), predicting and preventing the negative impact of probable threats on elements of regional socio-economic system, based on efficiency assessment and analysis of the existing Management System of Regional Security support (RSMS).

The formation procedure of RSMS requirements is based on the equal protection (equal strength balance protection) principle of critically important objects of the regional socio-economic systems against all manners of possible threats implementing to the object security violation. In this case, the risk assessment of an object security violation is carried out by its most vulnerable element. The object vulnerability assessment is a key point in its security system engineering, because without a correct RSMS efficiency assessment it is impossible to generate rational security profiles for critically important objects of regional socio-economic systems and justify the essential list of requirements and means selection to ensure their security and the system as a whole.

The national security system of the country couldn't be viewed as a unified functionally coupled system. It consists of a set of relatively independent self-contained operational subsystems of regional security support. These subsystems are individual for each separate region and solve their own specific problems. For efficiency assessment of such locally organized systems, in our study we propose a methodology based on practical experience and theoretical developments in the field of risk management of the security violation of critical infrastructures [5-7], decision support systems [8-10] and information technologies to management support of regional, national and international security [11-14].

1. Related work

In current conditions of geopolitical confrontation and escalation aggravation of the international arena, it is quite necessary to constantly enhance the efficiency of the existing support system of regional security and improve its functional potential, focusing on the advanced foreign experience and developments, as well as commensurating with the state economics capabilities.

Most developed foreign countries expand research institutions, studying and engineering support systems of regional and national security with an emphasis solely on identification and counteraction of the potential terroristic threats, e.g. [15, 16], including threats in the information sphere (cyber security). Especially these studies have intensified in recent years on a wide front of directions. It should be noted that all research works in these areas are restricted and, therefore, are not available for detailed analysis. Open-access literary sources often contain only general materials published. Almost all basic research work on the methodology and techniques for development and operation of security support systems used for critical facilities and infrastructures, having regional and national importance, are classified. At the same time, it is known for certain that the foreign systems for regional security support are functioning and based on the principles of network-centric control theory [17], as well as on the basis of risk assessment and analysis tools of the security violation of these facilities.

Our analysis shows that well-known foreign studies of regional security problems are highly odd and basically focus on general analytical models of trends and development scenarios of the individual territorial entities. These researches, e.g. [18-20], consider mainly humanitarian aspects and factors of regional and national security in the socio-economic and military-political spheres. Most of the applied research and developments are focused on forecasting of extreme situations in nature and the technosphere, as well as on studying conflicts and crisis phenomena in public and international relations. In theory and in practice all of that works for the most part for the purpose of sustainable development than in the behalf of population protection and national security support. An independent niche is occupied by research work on anti-terroristic security of critically important facilities and infrastructures. At the same time, comprehensive analysis of the security support methodological, organizational and technical issues of regional socioeconomic systems are in the area of responsibility of the foreign-policy and defense departments, as well as authorities and security services. Thereby, foreign research projects and programs in this strategic domain belong to the class of closed scientific developments.

The problem situation is that the security of all elements of socio-economic systems at the regional or federal level couldn't be fully ensured. This would require funds commensurate with the cost of all infrastructure life-support facilities that form these systems. In principle, such assets and funds couldn't be afforded by any country, even the most economically developed country in the world. In reality, only priority or selective security support of certain critically important facilities of the region and regional critical infrastructures is possible. That allows risk and loss minimizing from the impact on these facilities by multiple threats and dangers of various nature typical and specific to the region. The choice of security support facilities is a complex independent problem. Its successful solution largely determines the system efficiency of regional security support.

2. Structure of RSMS

RSMS is a multi-level distributed organizational management structure that implements the set of security measures to critically important elements protection of regional socio-economic systems in accordance with the category, index, safety requirements and security profile of these elements determined on the basis of a categorical approach [5, 7]. This complex (set) constitutes of regulatory, organizational, economic, program-technical and other anti-crisis security measures that cumulatively form a protection profile of regional elements and subsystems. Each type of object has its own specificity, which is determined by its composition, structure and functioning features. Each type of object is affected by a certain set of threats and dangers of various nature implemented in diverse manners. Countermeasures (protection profile) have also a complex character.

In general, the RSMS functional structure of any element of the regional socio-economic system can be represented in a hierarchical form and consists of units at different levels.

The first level of RSMS (elementary unit) is a counteracting means to the specific manner of a certain threat implementation to each type of object of the regional socio-economic system (one implementation manner of one threat - one counteraction means - one object of given type).

The secondary level units of RSMS provide actions organization and coordination of the all counteraction means to a certain manner of threat implementation (one implementation manner of one threat - a set of countermeasures - one object of given type).

The tertiary level units of RSMS provide actions implementation and coordination of the all counteraction means to various manner of threat implementation (all implementation means of one threat - a set of countermeasures - one object of given type).

The fourth-order level units of RSMS provide actions implementation and coordination of the tertiary level units to security support of the object of regional socio-economic system under all expected threats (all implementing manners of all the threats - a set of countermeasures - one object of given type).

The fifth-order level units of RSMS provide operation coordination of the fourth-order level units to security support of all objects of the regional socio-economic system controlled by RSMS (all implementing manners of all the threats - a set of countermeasures - all objects of all the types).

The functioning process of any RSMS can be formally represented in terms of this five-level hierarchical management structure. If necessary, it is possible to define additional levels in RSMS structure. However, it should be borne in mind that this management functional structure usually doesn't correspond to the organizational structure of actually existing RSMS, since the several of functional tasks listed above can be solved at one organizational level.

3. Problem statement

The problem of RSMS efficiency assessment boils down to three tasks. The results of these tasks solving provide a quantitative justification of decisions under procedures of security system requirements formation and rational protection profiles selection of elements of the regional socio-economic systems.

The first task is to estimate the RSMS operation efficiency within the given set of means to security support of the regional socio-economic system.

In essence, this is a task of vulnerability assessment of regional socio-economic system within the given threat model and selected protection profile. As a result of this problem solving, the security violation risk values of the elements of regional socio-economic system by all threat model components and the threat model as a whole are estimated and the bottlenecks in the RSMS are detected. The obtained quantitative risk assessment of security violation by this problem solving should serve as an objective reason for decision-making on reinforcement of protection measures of the regional elements and subsystems.

The second task is to determine the composition and structure of RSMS, which provides the minimum of its cost under the given security level of the regional socio-economic system.

The second problem solving is aimed at the formation of an optimal cost protection profile of regional elements and subsystems under the fixed risk level of security violation, and the development of the rational set of system requirements to their security support.

The third task is to determine the composition and structure of RSMS, which provides the maximum security of the elements of regional socio-economic system under a given value of the protection cost.

The third problem solving is aimed at the formation of an optimally efficient protection profile of the regional system components under the fixed cost of their RSMS, and the development of an appropriate set of system requirements to their security support.

Solving of the assigned tasks requires the following source information for all components of regional socio-economic systems:

- list of possible (probable) threats;

- manners of implementing threats;

- counteraction means to each manner of threat implementation;

- countermeasures efficiency indexes and their functional characteristics;

- countermeasures efficiency estimates as a cost function for the conventional unit security of an element of the regional socio-economic system;

- structure of RSMS;

- dependence of the operation efficiency of regional socio-economic system on the protection rate (for each countermeasure of the threat);

- regulatory restrictions on the elements operation efficiency of the regional socio-economic system;

- list of countermeasures at the disposal of RSMS;

- degree of confidence to RSMS personnel.

The availability of information listed above allows studying and comparative analysis of the RSMS, and identify prospective ways of its enhancement and development.

4. Efficiency assessment of RSMS 4.1. Efficiency assessment of RSMS elementary unit

Let's consider the estimation procedure of the RSMS efficiency for an elementary object of the regional socio-economic system.

The central concept and initial parameter that allows the regulatory base formation for quantitative assessments of the functioning efficiency of RSMS is "the specific efficiency of the counteraction means to a specific manner of the threat implementing", i.e. the efficiency of the elementary unit in the RSMS structure considered above.

The countermeasure Hijk specific efficiency is understood as a level of execution efficiency of the i means normative functions Yi to counteract the j manner of the k threat implementing. The specific efficiency Hijk can be interpreted as the probability that a given manner of the threat implementing will be prevented.

The dimension of the normative function Yi is determined by the functioning features of the each i protection means. It can be the size of the protected area by one means per unit time, the number of socioeconomic objects diagnosed by one means per unit time, the collected information content of the object security state by one means per unit time, etc. For example, the specific efficiency of a security support means of the transportation or storage of oil products can be defined as the probability of oil spill prevention by one protection means per unit time.

The specific efficiency of the counteraction means allows to put the protection rate index Uijk of an object of the regional socio-economic system against the j manner of the k threat implementing subject to the number (n) of the i (homogeneous) counteraction means (Fig. 1). The protection rate index Uijk is an

efficiency characteristic of the counteraction means, that shows the probability how the i counteraction means will protect an object of the regional socio-economic system against the j manner of the k threat implementing.

Let D0 be the value of the controlled (protected) parameter of any object per unit time t, e.g. the average volume of energy resources or oil products.

Yi is the normative function of the i protection means, i.e. the value of the object parameter that can be controlled (protected) by the i counteraction means per unit time t.

Full protection of an object is achieved when the number of countermeasures is n = n and provides a sufficient security level at the current value of the protected object parameter Y0, where:

Y

n = . (1)

Yi

In addition, there may occur a lack of protection means Do:

n < —, (2)

Yi

and duplication of protection means, when:

n > Yo. (3)

Y

For each of three cases n < n , n = n , n > n the function Uijk = f (Hijk,n) is calculated subject to the

functioning specificity of the protected object.

The type of this function representative for most objects of regional socio-economic systems is shown in Fig. 1.

Fig. 1. The dependence of the object protection rate of the regional socio-economic system on the amount of the homogeneous security facilities

The function U ijk is determined by the functioning method of the countermeasure.

Curve 1 represents the dependence Uijk on the amount of anti-crisis countermeasures, the increase in

the number of which amplifies the protection rate, e.g. a duplication of control means for the state parameters monitoring of oil storage facilities and pipelines or an increase in the number of control devices at the receipt ports of oil-bulk ore carriers and at the transshipment terminals of oil products.

Curve 1 shows that an increase in the number of anti-crisis security facilities turns out to be rational only up to a certain limit, over which the security efficiency of the object doesn't increase.

Curves 2, 3 and 4 represent the dependences Uijk of the object security on the number n of RSMS

personnel.

Curve 2 corresponds to the case when an increase in the number of RSMS employees, performing control and protection functions, leads to an increase of the object security level of the regional socioeconomic system. For example, an increase in the number of physical security posts reduces the probability of an intruder entering the object under the stipulation that the security staff performs its functions in good faith.

Curve 3 corresponds to the case when RSMS employees are not fully prepared to perform their functions because of low-skills, negligent performance of duties and other negative factors that determine the operating efficiency of the personnel.

Curve 4 reflects the fact that an increase in the number of RSMS personnel increases the violation probability of RSMS structure by intruders or persons, who can be persuaded to unlawful actions, e.g. to transfer critical information by tampering in terms of object security.

The given dependences represent the most general case of security level estimation of the objects of regional socio-economic system.

For such a extreme case, when security resources are not used (passive monitoring), the time factor doesn't matter at all. For example, the on-line monitoring of public order in a certain area, and the parameter t is missed in the expressions Do and Dt, and the function U is calculated without taking into account the resource operation time. The analysis shows that all the typical countermeasures, used in existing RSMS, are described in terms of the dependencies shown in Figure 1 as special cases.

iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.

Each counteraction means can more or less negatively affect on the functioning quality of the security objects. The assessment of this negative impact of security facilities is usually carried out through changes in any critical parameter of the object functioning. Timing loops of functioning are often used as such a parameter.

In Fig. 2 a hypothetical dependence of the functioning cycle duration T of an object on the amount of the certain security facilities and control means, i.e. on the object protection rate Uijk in the used terminology, is shown.

Fig. 2. The duration of the object functioning cycle of the regional socio-economic system on its protection rate

Key legend to Fig. 2: To is the normal duration of functioning cycle (without use of the counter-measures); Td is allowable extension value of the functioning cycle; Ud is the allowable protection rate of the object by the considered counteraction means.

As follows from Figure 2, the allowable protection rate Ud of an object is a bounded region by the values Uijk min and UijkmsK, which in turn determines the amount of countermeasures of the given type nmin and nmax used to protection of the considered object of the regional socio-economic system.

It follows from the tracing that on the assumption of n = n the extension value of the object functioning cycle will be minimal. However, in this case the security level Uijk may be lower than required.

One of the description parameters of the i countermeasure can be its cost estimate Cijk that includes

its production and operation cost. The cost increase estimates of the specific efficiency of countermeasures as a result of its enhancement or replacement by a new one, i.e. the rate per unit of the specific efficiency increase of countermeasures, can also be discussed. The input parameters and dependencies allow the efficiency estimation of the existing countermeasures of various types in a unified metrics and developing a theory of RSMS efficiency on the basis of this measure.

4.2. Efficiency assessment of RSMS secondary unit

The reference data availability of all the i counteraction means to the given j manner of the k threat implementing allows formulating the problems of optimal composition estimation (variant of joint use) of counteraction means.

Counteraction means forming the composition function independently in a sequential mode. Moreover, each means performs its specific function. For example, to prevent the intrusion of a strange person into a closed area, there are employed such countermeasures as an external fence, violation sensors of object boundary, a vision-based inspection system, a physical motion control system over the persons and vehicles across the protected area, etc.

The initial problem at the secondary unit of RSMS is efficiency estimation of the existing composition of all countermeasures used against a certain manner of threat implementing.

The efficiency criterion of the countermeasures composition Njk is the protection rate of the object

Ujk against the j manner of the k threat implementing, which is evaluated by the expression:

Ujk = 1-П ( - Ui (n)). (4)

i=l

On the basis of expression (4), the general optimization problem statements of the secondary unit structure of RSMS are formulated.

First problem statement: to estimate the operation efficiency of the RSMS under a given set of means for security support of the element of regional socio-economic system.

Let's estimate the countermeasures composition Njk that provides the maximum security level of

the element max Ujk against the j manner of the k threat implementing. In this statement the capabilities

limit of a particular set of countermeasures is estimated. It is calculated through the maximum capabilities estimates Uidmax of each i countermeasure under accepted constraints.

The composition Njk corresponding to max Ujk is evaluated using the dependence Uijk on n, (Fig. 1) for all i e I (Fig. 2).

The maximum security of an element of regional socio-economic system can be considered as a composition efficiency criterion and is calculated by the following formula:

max Ujk = 1-П (1 - Uid max). (5)

i=1

The problem solution in the first statement allows reasonably setting the required security level UjkTP and estimating the maximum protection cost max Cjk.

Second problem statement: to determine the composition and structure of RSMS, providing a minimum of its cost at the given security level of the element of regional socio-economic system.

Let's define a countermeasures composition Njk which provides the given security level UjkTP of an

object at the minimum of its cost. In this statement, the cost Cjk of composition Njk is used as a criterion of its efficiency:

i

Cjk = min Z C * n' (6)

i=i

by the total cost of countermeasures.

The cost Cjk of composition Njk is estimated by minimization of the following expression in terms

of the total cost of countermeasures:

minn(l-U(C *n,)) = 1 -UjkTp . (7)

i=i

The function U, (C, * n,) can be obtained by multiplication of the function U(n,) values by the cost of one , countermeasure (Figure 1) under the stipulation that C, = const, i.e. the cost Ct doesn't depend on the value n .

Third problem statement: to determine the composition and structure of RSMS that provides maximum security of the element of regional socio-economic system at the given cost value of the element protection.

Let's define a countermeasures composition N jk which provides the maximum security level max Ujk of an object at the given costs Cjkz. In this case, the efficiency criterion of the countermeasures composition is the security level Ujk of an object, the maximum value of which is estimated by the following expression optimization:

max Ujk = 1 - min ft (1 - U (C, * n t.)) (8)

,=i

under constraints:

ZC < CjkZ . (9)

,=1

Under these conditions, the problems of priority countermeasures selection can be stated, the use of which will give the maximum increment of the object security under limited funds for RSMS retrofit.

All the criteria of the RSMS secondary unit can be used to problems statement of efficiency assessment of the tertiary unit, which provides the activities coordination of the secondary unit compositions for the purpose of the object security support against all the manners of threat implementing, i.e. against the threat in tote.

4.3. Efficiency assessment of RSMS tertiary unit

The principal distinction of the tertiary unit functioning is that at this level the counteraction means compositions function simultaneously performing its own task. Another significant feature is that various compositions may contain common countermeasures. E.g. the external protection of the critically important objects of the region or the special operation mode of these objects is a common counteraction means to all possible manners of committing destructive and terrorist acts at objects.

The most significant characteristic of each j countermeasures composition is the dependence of the implementation probability Pjk of the j manner of the k threat on the protection rate Ujk. The general view of the function P (U) is shown in Fig. 3.

Pk = f(Ui/k)

г

2

3

1

и

Umin

Umax

Fig. 3. The dependence of the threat implementation on the object protection rate

Dependency P (U) captures the obvious fact that as more efficient counteraction measures to the threats are, than the less probability of the threat implementation is. E. g., if the territory perimeter of an object is effectively protected from intrusion, then a potential violator will look for another opportunity to terrorist act committing, that isn't related to intrusion through the protected border of this object. In other words, the terrorist will always search for a "bottleneck" in the object protection, through which it is possible to realize his intentions with maximal probability, with less means and with minimal risk. This implyies the importance of equal protection principle adherence within the RSMS engineering of the objects of regional socio-economic system.

For example, curves 1, 2 and 3 in Figure 3 illustrates the differences in protected objects according to their estimated "value" for a source of threat, e. g. a public safety violator. The similar curves can be designed taking into account the cost parameters of the threat implementing manners or the other characteristics.

This dependence imposition has a fundamental methodological character, since it reflects the beliefs of persons responsible for the security of regional socio-economic system objects about the threat risk level, the protected object value, the countermeasures efficiency and the risk value when setting one or other object protection rate or countermeasures cost. In fact, the dependencies P (U) can serve as a guideline and expert justification for the choice of composition and structure of the RSMS. On the basis of this dependence, it is possible to define the problems of efficiency assessment and synthesis of the RSMS higher-level units, starting from the tertiary.

Dependencies P(U) calculation is a complex theoretical and practical problem, because the objective information for its design, as a rule, doesn't exist. These dependencies can be designed for each indexed object of the regional system using a specially organized expert procedure based on the various scenarios analysis of critical situation emergence at an object or a group of objects.

As a universal efficiency criterion of all RSMS units, starting from the secondary level, let's introduce the concept of protection reliability - Qjkl,Qa,Ql, where l e L is the object number, L is the amount

of protected objects. For short definition of formulas let's setting the index l only under consideration of the problem statements for the fourth-order and the fifth-order units of RSMS.

The protection reliability Qjk of the object of regional socio-economic system by the Njk composition against the j manner of the k threat implementing is determined by the expression:

As will be shown below, the expression (10) is the basis for the efficiency index estimation of countermeasures at the all following levels of RSMS.

(10)

The operation objective of the tertiary unit of RSMS is to support equal protection (strength balanced protection) of an object against all the manners of threat implementing. Within the terms introduced above this means that the object protection reliability Qk against the k threat is determined by the Njk composition efficiency, which provides the minimum protection reliability among the all j compositions of coun-termeasures Nk = {Njk} against the k threat. In other words, the object protection reliability is equal to the

efficiency of the weakest composition of all included in {Njk}:

Qk = Qjkmin from {Qjk} for all j e J , (11)

where {Qjk} is a set of efficiency values of the countermeasures compositions Nk against the k threat.

Another significant efficiency characteristic of the RSMS tertiary unit is the difference dQk between the minimum and maximum protection reliability against the variety of compositions Nk = {Njk} :

dQk = qjk max - Qjk min from [Q]k} for all jk e JK . (12)

The parameter dQk is a quality index characterizing the degree of rational use of resources by the tertiary unit of RSMS and the adequacy of its structure to the problem stated.

The problems of protection reliability assessment of the objects of regional socio-economic system against the k threat using the introduced concepts can be defined as follows.

First problem statement: to estimate Qkmin and dQk under the given structure of the tertiary unit of

RSMS Nk ={Njk}.

Second problem statement: to determine the structure of the tertiary unit of RSMS Nk = [Njk} that

j

meets the given level of reliability Qkminz and provides its minimal cost Ck = min Z Cjk or min dQk, since

j=1

both problems are identical in the light of hypotheses accepted above.

Third problem statement: to determine the structure of the tertiary unit of RSMS Nk ={Njk} that

provides max Qkmin at the given cost Ck = Ckz. The min dQk is automatically provided when solving this problem.

4.4. Efficiency assessment of RSMS fourth-order unit

The functioning objective of the RSMS fourth-order unit is to support the equal reliability protection of the element against all the threats. This implyies that the efficiency criterion of the countermeasures for this unit Ql is equal to the minimum protection reliability Qklmin from the set {Qkl} :

Q, = Qkimin from {Qkl } = Q]klmm from Q} for all jkl e JKL , (13)

and the quality index:

dQ, = Qumax - Qmmin from Q} for all jkl e JKL . (14)

The problems of functioning efficiency assessment and synthesis of the fourth-order unit are formulated in the same way as for the tertiary unit, but subject to the ranking of threats.

First case: if the object threats are equivalent, i.e. Ql = Qu, then the formal problem statements are determined by formulas (13) and (14).

Second case: if the threats are ranked according to the risk level by weighting coefficients Au, then the criterion Ql is determined by the expression:

Qi =[Qki * Akl]min from {Qkl * Akl} for all kle KL . (15)

dQ¡ = [Q *Akl]max-Q *Akl]min for all klg KL . (16)

Threat weights are estimated by comparing the maximum values of functions Pjkl = Pj!d (Ujld)

(see Fig. 3) at the point Udmax for all jkl g JKL .

p

AjU =-J^ for all kl g KL . (17)

Pjkl

iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.

The vulnerability assessment of the system object S as the reciprocal value of its security is evaluated by the expression:

S = 1 - Qkl mn. (18)

In conclusion, let's discuss the methodology for efficiency assessment of the RSMS fifth-order unit.

4.5. Efficiency assessment of RSMS for regional socio-economic system

The operation objective of the RSMS as a whole is to support the equal protection reliability Q of all the objects L of regional socio-economic system subject to their importance B1.

The efficiency criterion of the RSMS operation Q is determined by the expression:

Q = [q¡ * B¡ ] min from [Q¡ * B¡} for all l g L . (19)

The quality of RSMS is determined by the expression:

dQ = [Q¡ * Bl ] max- Q * Bl ] min from [Q¡ * Bl} for all l g L . (20)

The problems of efficiency estimation and synthesis of the RSMS are formulated in the same way as at the two previous levels.

Formal ranking of RSMS protection objects according to their comparative importance is possible, if there is an objective opportunity to quantitative assessment of the threat implementation consequences of the each object and the system as a whole. Such an opportunity is provided by the method of categorizing critically important objects of socio-economic systems according to their potential risk level. This method is proposed in research work [8].

4.6. Human factor accounting under efficiency assessment of RSMS

The proposed method for efficiency assessment of RSMS and its components is based on an assumption that all safety requirements to the elements of regional socio-economic system, estimated in accordance with element's categories and index, are strictly fulfilled, and all countermeasures compounding their protection profile are functioning in accordance with accepted organizational, regulatory and technical requirements. However, in real practice these requirements can't be almost never fully met, essentially due to the human factor effect.

The support system of regional security should have an identification program that provides estimation of characteristics, reflecting the confidence degree of the RSMS, through the constantly maintained databases, the set of standard identification rules and violation indicators of order and norms established for security management entities.

The regulatory and legal basis for estimates of confidence degree of the performance quality of control actor's functions in the RSMS should be the standard "tables for confidence degree assessment" [6], reflecting the dependence of the confidence degree value on the amount of various violations in the service activities of RSMS personnel and the inspection results. The degree of confidence is estimated by comparing the violation metrics and surveillance inspection data stored in the database with standard tables of confidence degree estimates.

The risk magnitude Pi of the RSMS failure to fulfill its functions under the i violation is evaluated using formula:

P =(1 -D )bi, (21)

where Di is the confidence degree of the i violation, bi is the weighting coefficient that determines the impact degree of i violation on the overall assessment of confidence of the RSMS.

The total risk estimation of the security violation of an element of the regional socio-economic system as a result of dysfunction of the responsible for it RSMS actors is carried out according to the following formula:

Pum = 1 -IK - P ). (22)

i=1

Accordingly, the confidence degree of the RSMS is evaluated as:

DRM = 1 - P . (23)

RSMS sum V '

The development of standard tables of the confidence degree also supposes the estimation of a critical value called as an "acceptable degree of confidence" [6]. If the confidence degree of the RSMS of any inspected object turns out to be less than the permissible degree of confidence, then this structure can't be confided and the urgent organizational, personnel, financial and other measures must be undertaken to correct the emergency situation appeared in the management group of RSMS.

If the value of confidence degree of the RSMS by an element does not reach a critical value, then adjustment of the estimated index of object's protection rate Ql on the value of confidence degree is possible:

Qlpol = QiDrsmS . (24)

The value of protection rate index, estimated by taking into account the human factor, gives occasion to the procedure implementation of rational protection profile selection of the elements of regional socioeconomic systems, security requirements formation of RSMS objects, planning of defect elimination and security system enhancement in accordance with the categorical approach to regional security support stated in studies [7, 11, 21].

Conclusion

The proposed methodology is essentially a general theory of the security management system efficiency of socio-economic objects, since the developed systemic representation of RSMS allows interpreting the protection mechanisms of all the types of elements of the regional socio-economic system and the system as a whole. There remains only the problem of ensuring the information completeness for calculating of estimates of the RSMS efficiency.

The peculiarity of the stated above theory of RSMS efficiency is that the hierarchical system of formal problem statements proposed in it have a small dimensions. This means that it is possible to solve RSMS synthesis problems by direct enumeration of its parameters at each level of the RSMS functional structure. That allows development of the simple and effective computational algorithms and its application in distributed computing environment.

An important aspect of the proposed theory is the method of taking into account the human factor when assessing the RSMS efficiency. The method allows transferring this complex and ambiguous process into the framework of a standard regulated procedure. The assessment results of RSMS efficiency obtained using the represented method are the main index that makes it possible to implement procedures of regional security support based on facilities categorization of regional socio-economic systems.

The research results are used within the strategy realization of the Arctic region of Russian Federation development and national security ensuring until 2020 in the Murmansk region in terms of enhancement and configuration of RSMS, built on the basis of a network of distributed regional situational centers [22].

References

1. Игнатьев М. Б. [и др.]. Предложения для развития системы распределенных ситуационных центров: отраслевой уровень и проблемно-ориентированные технологии управления рисками // Экономика и предпринимательство. 2018. № 4. С. 1249-1254.

2. Шоломницкий А. Г. Теория риска. Выбор при неопределенности и моделирование риска. М. : Изд. дом ГУ ВШЭ, 2005. 400 с.

3. Цыгичко В. Н., Черешкин Д. С., Смолян Г. Л. Управление рисками в организационных системах. Lambert Academic Press, 2018. 200 с.

4. Цыгичко В. Н. Руководителю о принятии решений. Изд. 3-е, перераб. и доп. М. : Красанд, 2010. 352 с.

5. Стиславский А. Б., Кононов А. А., Цыгичко В. Н. Управление рисками нарушения транспортной безопасности. М. : АС-Траст, 2008. 210 с.

6. Северцев Н. А., Бецков А. В. Системный анализ теории безопасности. М. : МГУ «ТЕИС», 2009. 457 с.

7. Цыгичко В. Н., Черешкин Д. С., Смолян Г. Л. Безопасность критических инфраструктур. М. : УРСС, 2019. 200 с.

8. Remagnino P., Monekosso D. N., Jain L. C. Innovations in Defence Support Systems - 3: Intelligent Paradigms in Security. Berlin, Heidelberg : Springer-Verlag, 2011. 212 p.

9. Ильин Н. И. Эволюция информационных систем государственного управления // Информационные войны. 2017. № 1. С. 54-57.

10. Юрков Н. К. Безопасность сложных технических систем // Вестник Пензенского государственного университета. 2013. № 1. C. 128-134.

11. Маслобоев А. В., Путилов В. А. Информационное измерение региональной безопасности в Арктике. Апатиты : КНЦ РАН, 2016. 222 с.

12. Соложенцев Е. Д., Карасев В. В. Управление социально-экономической безопасностью России // Материалы X съезда Петровской академии наук и искусств. СПб. : Стратегия будущего, 2017. С. 21-35.

13. Юсупов Р. М. Наука и национальная безопасность. 2-е изд. СПб. : Наука, 2011. 369 с.

14. Шульц В. Л., Кульба В. В., Шелков А. Б., Чернов И. В. Сценарный анализ в управлении геополитическим информационным противоборством. М. : Наука, 2015. 542 с.

15. The Palgrave handbook of security, risk and intelligence / ed. by R. Dover, H. Dylan, M. Goodman. Palgrave Macmillan UK, 2017. 501 p.

16. Recent Advances in Computational Intelligence in Defense and Security / ed. by R. Abielmona, R. Falcon, N. Zincir-Heywood, H. A. Abbass // Studies in Computational Intelligence. 2016. Vol. 621. 752 p.

17. Oleynik A., Fridman A., Masloboev A. Informational and analytical support of the network of intelligent situational centers in Russian Arctic // CEUR Workshop Proceedings. 2018. Vol. 2109. P. 57-64.

18. Young C. S. Risk and the Theory of Security Risk Assessment // Advanced Sciences and Technologies for Security Applications. Springer International Publishing, 2019. 274 p.

19. Sustainable Development and Disaster Risk Reduction / ed. by J. I. Uitto, R. Shaw. Springer, 2016. 287 p.

20. Mazarr M. J. Rethinking Risk in National Security. Lessons of the Financial Crisis for Risk Management. Palgrave Macmillan US, 2016. 246 p.

21. Северцев Н. А., Юрков Н. К., Гришко А. К. К проблеме глобальной оптимизации параметров надежности и безопасности сложных динамических систем инверсным методом // Надежность и качество сложных систем. 2020. № 1. С. 13-23.

22. Маслобоев А. В. Концепция Центра перспективных исследований и обеспечения безопасности Арктики // Арктика: экология и экономика. 2019. № 2. C. 129-143.

References

1. Ignat'ev M.B. [et al.]. Proposals for the development of a system of distributed situation centers: industry level and problem-oriented risk management technologies. Ekonomika i predprinimatel'stvo = Economics and Entre-preneurship. 2018;4:1249-1254. (In Russ.)

2. Sholomnitskiy A.G. Teoriya riska. Vybor pri neopredelennosti i modelirovanie riska = Risk theory. Selection under uncertainty and risk modeling. Moscow: Izd. dom GU VShE, 2005:400. (In Russ.)

3. Tsygichko V.N., Chereshkin D.S., Smolyan G.L. Upravlenie riskami v organizatsionnykh sistemakh = Risk management in organizational systems. Lambert Academic Press, 2018:200. (In Russ.)

4. Tsygichko V.N. Rukovoditelyu o prinyatii resheniy = To the manager about decision-making. 3rd, rev. and suppl. Moscow: Krasand, 2010:352. (In Russ.)

5. Stislavskiy A.B., Kononov A.A., Tsygichko V.N. Upravlenie riskami narusheniya transportnoy bezopasnosti = Transport security risk management. Moscow: AS-Trast, 2008:210. (In Russ.)

6. Severtsev N.A., Betskov A.V. Sistemnyy analiz teorii bezopasnosti = System analysis of security theory. Moscow: MGU «TEIS», 2009:457. (In Russ.)

7. Tsygichko V.N., Chereshkin D.S., Smolyan G.L. Bezopasnost' kriticheskikh infrastruktur = Critical infrastructure security. Moscow: URSS, 2019:200. (In Russ.)

8. Remagnino P., Monekosso D.N., Jain L.C. Innovations in Defence Support Systems - 3: Intelligent Paradigms in Security. Berlin, Heidelberg: Springer-Verlag, 2011:212.

9. Il'in N.I. Evolution of public administration information systems. Informatsionnye voyny = Information wars. 2017;1:54-57. (In Russ.)

10. Yurkov N.K. Security of complex technical systems. Vestnik Penzenskogo gosudarstvennogo universiteta = Bulletin of the Penza State University. 2013;1:128-134. (In Russ.)

11. Masloboev A.V., Putilov V.A. Informatsionnoe izmerenie regional'noy bezopasnosti v Arktike = Information dimension of regional security in the Arctic. Apatity: KNTs RAN, 2016:222. (In Russ.)

12. Solozhentsev E.D., Karasev V.V. Management of social and economic security of Russia. Materialy X s"ezda Petrovskoy akademii nauk i iskusstv = Materials of the X Congress of the Petrovsky Academy of Sciences and Arts. Saint-Petersburg: Strategiya budushchego, 2017:21-35. (In Russ.)

13. Yusupov R.M. Nauka i natsional'naya bezopasnost' = Science and national security. 2nd ed. Saint-Petersburg: Nauka, 2011:369. (In Russ.)

14. Shul'ts V.L., Kul'ba V.V., Shelkov A.B., Chernov I.V. Stsenarnyy analiz v upravlenii geopoliticheskim infor-matsionnym protivoborstvom = Scenario analysis in the management of geopolitical information warfare. Moscow: Nauka, 2015:542. (In Russ.)

15. Dover R., Dylan H., Goodman M. (eds.) The Palgrave handbook of security, risk and intelligence. Palgrave Macmillan UK, 2017:501.

16. Abielmona R., Falcon R., Zincir-Heywood N., Abbass H. A. (eds.) Recent Advances in Computational Intelligence in Defense and Security. Studies in Computational Intelligence. 2016;621:752.

17. Oleynik A., Fridman A., Masloboev A. Informational and analytical support of the network of intelligent situational centers in Russian Arctic. CEUR Workshop Proceedings. 2018;2109:57-64.

18. Young C.S. Risk and the Theory of Security Risk Assessment. Advanced Sciences and Technologies for Security Applications. Springer International Publishing, 2019:274.

19. Uitto J. I., Shaw R. (ed.) Sustainable Development and Disaster Risk Reduction. Springer, 2016:287.

20. Mazarr M.J. Rethinking Risk in National Security. Lessons of the Financial Crisis for Risk Management. Palgrave Macmillan US, 2016:246.

21. Severtsev N.A., Yurkov N.K., Grishko A.K. On the problem of global optimization of reliability and safety parameters of complex dynamic systems by the inverse method. Nadezhnost' i kachestvo slozhnykh system = Reliability and quality of complex systems. 2020;1:13-23.

22. Masloboev A.V. Concept of the Center for Advanced Research and Security of the Arctic. Arktika: ekologiya i ekonomika = Arctic: ecology and economy. 2019;2:129-143.

Информация об авторах

Андрей Владимирович Маслобоев

доктор технических наук, доцент,

ведущий научный сотрудник,

Институт информатики и математического

моделирования технологических процессов

Федерального исследовательского центра

«Кольского научного центра

Российской академии наук»

(Россия, Мурманская область, г. Апатиты,

ул. Ферсмана, 14)

E-mail: [email protected]

Виталий Николаевич Цыгичко

доктор технических наук, профессор, главный научный сотрудник, Институт системного анализа Федерального исследовательского центра «Информатика и управление Российской академии наук» (Россия, г. Москва, просп. 60-летия Октября, 9) E-mail: [email protected]

/ Information about the authors Andrey V. Masloboev

Doctor of technical sciences, associate professor, leading researcher,

Institute of Informatics and mathematical modelling of technological processes of the Federal Research Center "Kola Science Centre of the Russian Academy of Sciences" (14 Fersmana street, Apatity, Murmansk region, Russia)

Vitaliy N. Tsygichko

Doctor of technical sciences, professor,

chief researcher,

Institute for System Analysis

iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.

of the Federal Research Center

"Computer Science and Control

of the Russian Academy of Sciences"

(9 60-letiya Oktyabrya avenue, Moscow, Russia)

i Надоели баннеры? Вы всегда можете отключить рекламу.