#7 2023

Discussing a Topic…
Information security in industry

Nenashev A.V. Organization of information security in decentralized cloud content storage and computing service

The paper discusses the organizational principles of information security in decentralized cloud content storage and computing services under the assumption that the service operates under the control of a decentralized organization with the open access. The decentralized cloud storage and computing service is examined by the example of case study of TheOoL, a versatile decentralized operating system aimed at distributed computing protection. The security system includes user management, access differentiation, data transfer channel protection, and cryptographic security subsystems, as well as a secure billing subsystem and data protection from the owners of computational resources operating the cloud service.
Keywords: peer-to-peer network, decentralized computing, distributed ledger systems, serverless search engines, serverless access management systems.

Livshits I.I., Suntsova D.I. Numerical calculation of functional safety of the components of technically complex industrial plants

The paper shows that the development and implementation of originally safe (including information security) components of technically complex industrial plants (TCIP) should comply with the existing standards and guidelines. However, the application of the existing standards is hampered by the lack of a unified approach to the functional safety for an wide range of TCIP. Therefore, it looks relevant to offer practical examples of functional safety calculation based on existing guidelines to ensure secured TCIP operation in various industries. The approach can be applied for the design and evaluation of TCIP components according to the formal functional safety requirements. It can also justify the selection of specific TCIP components.
Keywords: functional safety, safe failure, dangerous failure, safety integrity level, technically complex industrial plant, reliability, risk analysis, residual risk.

Pokusov V.V. Synthesizing modular architecture for integrated information security systems

The paper investigates an abstract integrated information security system (IISC) for establishing its internal interrelations and interactions which decrease the system’s overall efficiency owing to the lack of their versatility. A case of a multistage destructive impact on a corporate information system is examined. It shows the basic contradiction underlying the design of present-day IISC. A method for developing IISC modules is proposed. It decomposes the synthesis task into three categorial pairs: Data vs. Function, Human Individual vs. Machine, and Analysis vs. Synthesis. A scheme is synthesized, which describes hypothetically the overall information technology interrelation of IISC modules. This interaction synchronizes security model’s elements with external IISC models in compliance with the best practices.
Keywords: corporate information system, multistage destructive impact, integrated information security system, modular architecture, synthesis method, categorization, informational technology interaction.

Slabodchikov A.A. Informational and analytical support of cybersecurity centers and services

The paper presents the analytics of the Cybersecurity Center of Belarus Republic in the context of the presidential decree no. 40 “On cybersecurity” of 14.02.2023, which enables the expansion of the market of technical and cryptographic information security services in Belarus.
Keywords: cybersecurity, information infrastructure, monitoring, cyber threats, information security.

Semykina E. New cybersecurity: from process to clear result

The paper discusses why the businesses need to revise their approaches to cybersecurity: are the old methods sufficient and will they remain effective to the full extent? What actions should be taken to attain the maturity level of company’s information security? The paper shows that the information security market requires the processes with clear and measurable results.
Keywords: cybersecurity, effective cybersecurity, cyber polygon, hardening, bug hunting, bug bounty.

Kopeitsev V.E. The secret to the “success” of ART attacks

The paper discusses the causes of ART attacks against industrial organizations. These include human factor, the problems of process control network isolation, out-of-date operating systems and software applications. It makes recommendations on the improvement of cybersecurity of organizations and industrial plants.
Keywords: cybersecurity, attack, incident, process control network, process control systems, protection tools.

Danilenko V.P. Application open source intelligence in targeted attacks

Business information leakages via open sources are analyzed. This information can be used for targeted attacks. Recommendations are made on how to act in case of possible compromise.
Keywords: information leakage, targeted attacks, open sources, compromise, targeted attack detection services.

Chunizhekov F. Topical cyberthreats in the first quarter of 2023

The paper informs about the present-day global information security threats according to the proprietary expertise of Positive Technologies, investigation results, as well as the data from authorized sources. Most of cyberattacks are not publicized because of reputation risks. Therefore, it is hardly possible to calculate the exact number of threats even for the organizations involved in the investigation of incidents and the analysis of hacker group activities. The study is undertaken in order to pay the attention of businesses and individuals interested in the state of the art in information security to the most relevant methods and motives of cyberattacks as well as to examine the key trends in the world of cyberthreats.
Keywords: information security, cyberattacks, malvertising, Dark Web, blackmailers, quishing.

Osipova N.V. An overview of digital twin projects and solutions for ore-dressing factories
The paper overviews the projects and solutions on digital twins of ore-dressing equipment and processes. It focuses on the digital twins of ball and jet mills, grinding and flotation processes, flotation operator, and maintenance facility. Further development outlook is discussed.
Keywords: digital twin, ore-dressing factory, mill, flotation, Industrial Internet of Things, 3D model.

Zakharov N.A. Blockchain technology in distributed measuring systems
The design of a distributed measuring system using blockchain technology is discussed. The infrastructure of public blockchain keys is demonstrated and compared with conventional authorization centers. The security of measurements is analyzed.
Keywords: blockchain, decentralization, distributed measuring system, measuring instrument, legal, legal metrology, security of measurements.

Journal’s Club

Reshetnikov I.S., Churanov S.A., Tumanov A.A. Digital production: criteria and assessments
The paper analyzes the concept of digitization (digital transformation) in industry. It offers basic digitization criteria and an assessment procedure for the digital transformation level of an industrial enterprise.
Keywords: digitization, digital transformation, business processes, user competence levels, digital technologies.

Vermel’ V.D., Kacharava I.N., Latsoev K.F., Levitsky A.V., Shardin A.O. Measuring aerodynamic moments affecting the aileron in a wind tunnel model of a mainline aircraft with an automated control system during an experiment in a transonic wind tunnel
The paper describes a strain-gauge balance as a part of an automatic control system for an aileron in a wind tunnel model of a mainline aircraft. The model enables flight characterization as well as the evaluation of stability and controllability over the full flight altitude and speed envelope in a transonic wind tunnel. The design and the strain-gauge system of the balance ensure the real-time measuring of aerodynamic moment affecting the aileron.
Keywords: wind tunnel model, aileron, aerodynamic forces and moments, automatic control system, automatic control system, strain-gauge balance.

Ivanov D.I., Yanishevskaya A.G. Visual tracking with on-line multiple instance learning
The learning of an adaptive exterior view model for object tracking is examined. The paper shows that a class of methods named detection-based tracking opens up promising real-time results. These methods train a real-time discriminant classifier to discern the object from the background. The classifier is loaded using the tracker’s current state for deriving positive and negative examples from the current image. Minor uncertainties in the tracker may result in wrong designation of learning sample that impairs the classifier’s operation and ensues further drift. Application of multiple instance learning (MIL) instead of the traditional supervised learning surmounts these challenges and, hence, enables more reliable tracking with smaller amount of parameter settings. A new MIL algorithm for object tracking is presented, which delivers better results in real-time operation.
Keywords: artificial intelligence, visual examination, object detection, tracking algorithms.