Development of structure of a subsystem of information security of the automated system

Approach to synthesis of modular structure of a subsystem of information security of the automated process control system is offered. The task has been solved on the basis of a set-theoretic notation with elements of the graph theory. The graph model constructed thus will be used further during the setting and the decision of the task of synthesis of the optimum conceptual diagram of modular structure. Thus, we can conclude that graph theory is widely applied in the design of the information space of the organization and can be used at all stages – from the formation of the it strategy and building it infrastructure to optimize specific software tools subsystem of information security.


Introduction
The rapid development of the computer sphere of high technologies in the past two decades has led to the fact that information acquired particular financial, reputational, temporal and other expressions.In this context, data protection becomes a priority of the organizations.The state takes an active part in the process of formation of information security, as evidenced by the strengthening and toughening of requirements to protect confidential information (commercial secrets, personal data, banking secrecy, etc.), the adoption of new laws and regulations in this area, as well as guidance documents on the classification of information security based on the security requirements.One of the first and main stages of building a secure infrastructure of the organization analysis assessment of the security of the automated control system of technological processes.
Information security system organization is a complex system of processes of different nature.This creates problems associated with the peculiarities of such systems: -the relationship of the processes, which does not allow to consider the system from an economic, social or technical side -all processes should be investigated together; -lack of quantitative information and, consequently, the need to consider qualitative characteristics of the processes; -non-stationary processes when the unknown nature of the changes of process parameters.
Such systems are called semi structured (semi).In such systems impossible with traditional mathematical approach to the analysis of processes to develop a comprehensive (i.e., covering various aspects of the system under study) solutions.
In mathematical modeling of complex systems, the researcher is faced with the necessity of finding a compromise between accuracy of simulation and the possibility of obtaining detailed information needed to build the model.
Recently for the modeling of complex poorly formalized systems use a cognitive approach [1].This approach is based on cognitive aspects, which include the processes of perception, thinking, knowledge, explanations and understanding.A schematic, simplified description of the world picture that is related to the problem situation, often represented in the form of cognitive maps.
It can be visualized as a set of vertices, each of which corresponds to one factor or element of a simulated picture of the world, connected by arcs (the graph model).
The effectiveness of this method is determined by a qualified analyst, his knowledge and ability to determine the necessary to solve a set of basic factors and relations between factors.The construction of cognitive maps allows the analyst to familiarize himself with the problem, to better understand the role of individual factors and their interconnection.
Under the decision of any problem, studied in the framework of the graph model, as providing the required dynamics of the factors that constitute the essence of the problem.These factors (being "output" factors in the graph model) are called trust factors.
The control factors (input factors graph model) are those factors (impacts) by which the analyst can manage the processes in the model, applying certain control actions.
External factors the model's factors that are hanging vertices in the graph model.External factors correspond to factors in the external environment, the dynamics of which does not depend on substructuring system.
Thus, the dynamics of the external factors model is given by the analyst, not for the purpose of process control in the model, but only to reflect relevant influences of the environment on the simulated system.
Control task dynamics models is to select such set of control actions (departments), which compensate for undesirable effects for analysis of initial conditions and provide the desired dynamics of changes in the target factors.

Methods
In the industrial systems of automation there were highquality and quantitative changes [1-4, 7, 8].Insufficiency of the existing approaches to ensuring information security of automated process control systems, has led to emergence of multiple threats which realization leads to catastrophic consequences [5].
Special software of a subsystem of information security represent the difficult multilevel hierarchical system of the components of the automated system connected according to information and management [6].Now introduction of a subsystem of support of modular structure of special software is necessary.It will allow to reduce the general time for creation of the project [9].
Key question is solution of the problem of rational distribution of the information calculating resources defined on a set of information and settlement tasks of each functional module so that the system of modules would provide the solution of objectives and would meet the criteria of quality shown to it [10].The most general is definition of the module as functionally full components of special software of a subsystem of information security [11].The module has three basic characteristics: the functions, logic, communications characterizing operations, their sequence and flows of information.The problem of modeling of processes of information security belongs to the class of problems of modeling of complex systems.Currently developed a wide range of mathematical models.These include models developed based on the methods of Queuing theory, graph theory, automata theory, theory of Petri nets and other [12 -20].
It is offered to use a set-theoretic notation with elements of the graph theory.

Results and discussion
Let Р = {p 1 ,...,p j ,...,p J } -a set of processing of data.B={В 1 ,...,В k ,...В K } -special software of a subsystem of information security of a complex of the automation equipment of the relevant control centers; About = { o 1 ..., o t ..., o T } -a set of the input, intermediate and output data (variables, objects) processed and transformed by processes of River.On sets of P and O (P O = ) defined the relations of hierarchy of processes of Hp  P  (Р), hierarchy of the data Ho  O  (O);  = {In, Out} -the interaction relations: In  (O)P -the relations input objects of process -process; Out  P(O) -the relations process -output objects of process;   P  (P) -the relations of following of processes.
The relations of hierarchy of Нр (Но) set compliance between separate processes (objects) and sets of the processes (objects) subordinated to them.They are represented in the form of the functional displays which areas of values are elements from bulean of (Р) ((О)): hp: P  (P) , {p j } = h p (p i ), p j h p (p i ), (1) where {p j } -a set of the processes subordinated in model to process of p i ; {o j } -a set of the objects subordinated in model to o i object.Also the relations of interaction of , setting input and output data of processes are in the same way described: where {o i } -set input, and {o j } -output objects of process of p i The relations of following of , the partial execution order of processes sets: : P(P), {p j }=(p i ), where {p j } -a set of processes which execution strictly precedes execution of process of p i (p j (p i )).
With model elements (processes and objects) communicate: -set of names of processes of N p and np function: -set of names of types of processes of T p and t p function: P  T p ; -set of names of objects of No and no function: -set of names of object types of T o and to the function: O T o ; -set of names of types of the relations of hierarchy of processes and objects of T h and t hp function: P  T h , t ho : OT h .The sets set thus and the relations form conceptual model of calculating processes.
This model can be delivered in compliance a processing graph of data of G= (V, U).Tops of such graph V={v i ; i=1,R} is processing of data from P, and edges U={u ij =(v i ,v j )} -a set of data from O h , the general for the corresponding processes.
A lot of M f (V) is an aggregated graph G=(Г q ,S) whose vertices are the subgraphs Г q =(М q ,D q ), (М q ={v i }, М q М f (V); D q ={u ij =(v i ,v j ), v i ,v j М q }be a set of edges M q ), and S is the set of edges connecting the subgraphs Г q : The subgraphs Г q =(М q ,D q ) are called functional modules graph =(V,U) data processing.
The set of edges S of a graph G form an inter-module information system interface modules.
If Г q = {v i ; i=1,R} and S = , then the graph G is no aggregation, which corresponds to the modular system the null level.
This graph model will be further useful in the formulation and solution of the problem of synthesis of optimal conceptual scheme of the modular structure.For this it is necessary to formally describe the conceptual scheme of the modular structure of special software of a subsystem of information security.
The conceptual diagram of the modular structure is a pair: where NM is the name of the modular structure; SMschema modules, which is represented by a pair: PSM = {SMq; q=1,Q} -a lot of diagrams of modules, where SMq diagram of the q-th module: PFV={FVqq'; q,q'=1,Q} -multiple of the relations existing between the modules (Q -the number of modules), where: FVqq' -multiple inputs and outputs of the processes belonging to module q', called from module q: (q q'): FVqq'={ oi  o i  in(p j ) V o i  out(p j ), p j h p (p i ); p i SMq, p j SMq'}. ( The optimal graph should meet the following requirements: -save the reach, that is, each vertex of the graph must be reachable and have your route.
-possibilities of optimization in conditions of incomplete information.That is, all vertices are reachable.
Such a graph is built up gradually on the components with the test reach.Based on models of the strong reach and the reach of the base graph is constructed, and marked his ribs.
When optimizing the links of the graph according to the criteria of information compactness index and stratification of the removed edges, which have less weight.
The main advantages of this model can be called the ease of implementation, fast results of the assessment, the versatility for any degree of research risks.However, a significant drawback is the fact that, when considering large-scale information systems to construct and study the graph causes certain difficulties.Therefore, the most promising is the application of this model to small and medium-sized information systems.The most rational way of Preodolenie this restriction are the logical division of large networks into smaller segments and the implementation of this approach at the level of subsystems.

Conclusions
The graph model constructed thus will be used further during the setting and the decision of the task of synthesis of the optimum conceptual diagram of modular structure.Thus, we can conclude that graph theory is widely applied in the design of the information space of the organization and can be used at all stages -from building it infrastructure to optimize specific software tools subsystem of information security.