Assessment of components to ensure the security of control and diagnostic information about technological processes

. The features of the technique are considered to ensure the security of control and diagnostic information about technological processes is carried out. As an example, a theoretical and experimental assessment of the component realizing this technique is fulfilled. The component of elimination of incompleteness and inconsistency of data analysis (within the framework of the system of their intelligent analytical processing) is analyzed. This component is assessed in terms of expert knowledge and judgments about the quality of software, based on formulated and substantiated quality indicators, taking into account the functional and other requirements for this component. The generalized integral quality indicator and the general quality class of the component are determined.


Introduction
In the modern world, much attention is paid to the problem of ensuring the security of information about technological processes (TP) [1][2][3]. At the same time, the task of ensuring the security of such information is aimed at obtaining accurate (reliable) and not distorted control and diagnostic data on the change in the state of TP security over time [4][5][6]. With the level of existing security threats and the growing number of attempts to maliciously influence information about TP, when it is possible to "throw" false data, or complex multi-step attacks from various categories of violators [7][8][9][10] are realized, this is especially important.
As part of the solution to this problem, intelligent analytical data processing systems are being created to ensure the security of control and diagnostic information (CDI) about TP. This is especially important now, when various production technologies, using a huge number of diverse tools and equipment, collect and analyze very large amounts of information describing the results of diagnostics and control measurements of TP parameters [4-6, 11, 12].
An important task in the framework of creating and improving the system of intelligent analytical data processing to ensure the security of CDI about TP is the theoretical and experimental evaluation of methods, models, techniques, algorithms and software prototypes of the components of this system.
The modern system of intelligent analytical data processing to ensure the security of CDI about TP includes many components. These are the following components: collection and preprocessing of CDI security data, multidimensional assessment and categorization of this data, ensuring the timeliness of multi-level and multi-module data analysis, as well as the development (selection) of measures to counter CDI threats and implementation of visual interfaces. But one of the key roles in the structure of such a system is played by the component for eliminating the analysis incompleteness and inconsistency to ensure the security of CDI about TP. This component is based on the use of methods, algorithms and software for processing incomplete, contradictory and fuzzy data and knowledge.
The essence of the problem lies in the fact that no research and practical work on the creation and preparation for implementation into the system of intelligent analytical data processing of the component of eliminating incompleteness and inconsistency cannot be considered complete until the most important set of tasks is implemented -checking the quality of this component. We need a preliminary theoretical and experimental assessment of the quality and applicability of all elements of the system. Reliable theoretical and experimental analysis allows one to put a reliable barrier to a low-quality component in the intelligent analytical data processing system to ensure the security of CDI about TP. Moreover, we are talking about an original component capable of operating under conditions of various types of uncertainty in the initial data, capable of eliminating fuzziness, incompleteness and inconsistency of data analysis to ensure the security of CDI about TP. That is why the traditional approach to solving such a problem is the theoretical and experimental analysis of this component within the framework of intelligent analytical data processing in order to protect CDI about TP.
At the same time, there are a number of features of the stages of the methodology of theoretical and experimental analysis, features of the formulation of quality indicators that must be taken into account. So, services of intelligent analytical data processing to ensure the security of CDI about TP, from the point of view of quality assessment, are software tools. For this reason, the methodology of theoretical and experimental evaluation of methods, models, techniques, algorithms and software prototypes of intelligent analytical data processing to ensure the security of CDI about TP should be based on international standards in the field of software quality assessment.
At the same time, the theoretical assessment of the component for ensuring security of CDI about TP is understood as the establishment of the theoretical (epistemological assessment) of the significance of the investigated component (software tool) for the acting and cognizing subject. The experimental assessment of the component for ensuring the security of CDI about TP is understood as the establishment of the practical (experimental implementation in practice of epistemological assessments) significance of the component (software) for the acting and cognizing subject.
Thus, the proposed paper is devoted to the description of the features and results to implement the stages of the theoretical and experimental evaluation of software tools that realize a specific element of the intelligent analytical data processing system to ensure the security of CDI about TP -a component for eliminating the incompleteness and inconsistency of data analysis of this class.

Related works
Many works are devoted to the development of methodological approaches to theoretical and experimental evaluation of software tools. There are works devoted to methods for evaluating software tools that implement data processing in the interests of analyzing and ensuring the security of information and complex controlled technical systems.
Taking into account the fact that it is accepted to analyze the final product of development -software, in some works basic concepts are introduced, for example, "quality of a software tool" is a set of its properties that determine its suitability to meet given or implied needs in accordance with its purpose [13]. The concept of "property of a software tool" is its distinctive feature, which can manifest itself during its creation, use, analysis or modification [13]. The concept of "assessment criterion (of software quality)" is a set of rules and conditions adopted in the established order, with the help of which the acceptability of the quality of software is established as a whole [13].
Based on this, the concept of "fitness level (of software)" is usually defined -the degree of satisfaction of needs, represented by a specific set of values for the software quality characteristics. In accordance with the standard [14], the concept of "quality assessment of a software tool" is considered as a set of the following operations: selection of a nomenclature of quality indicators of the evaluated software tool, determination of the values of these indicators and their comparison with the base values. These works explain the essence of the key concepts of software quality analysis, but do not bring us closer to the content of assessment methods.
The content of methods and particular techniques of theoretical and experimental assessment of the quality of software and other means of protection, storage and analytical processing of information are partially considered in [15][16][17][18][19][20][21][22][23][24][25][26]. In these works, a number of particular methods of analysis are given, which have undoubted advantages. However, their direct application for theoretical and experimental evaluation of the software quality is not always advisable, and often impossible. This is due to the fact that for real problems of assessing the software quality, it is necessary to take into account all the set of their indicators and the many requirements imposed on both them and the assessment process [15][16][17]. This is the reason for the objective need to develop and apply a technique for multi-criteria assessment of the quality of software tools embedded in the system of intelligent analytical data processing to ensure the security of CDI about TP.
In [18][19][20], methods for quality assessment based on stochastic calculations are proposed, but they do not take into account modern functional and other requirements for software tools of collecting, processing and storing data to ensure the security of CDI about TP, do not take into account the features of the generalized integral quality indicator of software means and are not able to determine the general quality class of the component (software).
In some works [21][22][23], the authors use probabilistic assessments of the quality and reliability of complex software and hardware, but they require preliminary preparation of statistical data, which is not always feasible within the framework of a real theoretical and experimental assessment of the software quality to ensure security of CDI about TP.
Moreover, all the considered methods either partially or completely do not take into account the opinion of specialists -developers and professional users (experts) of software tools. Whereas it is experts who are able to objectively take into account all the variety of operating features, as well as functional and other requirements for specific software tools [24][25][26].
It is these factors, in our opinion, that determine the relevance of the task of developing existing techniques and testing their real applicability for theoretical and experimental evaluation of the quality of software tools included in the systems of intelligent analytical data processing in the interests of ensuring the security of CDI about TP, taking into account the use of expert assessments.

Methodological part (stages of the assessment technique)
Based on the analysis of relevant works, we can conclude that the main tasks that must be solved when evaluating the methods, models, techniques, algorithms and software prototype of the component for eliminating incompleteness and inconsistency of data analysis to ensure the security of CDI about TP are (1) determining the range of quality indicators and (2) defining the technique for calculating the values of quality indicators of software tools.
It is accepted to define six key characteristics [27], which, with minimal duplication, describe the software quality and form the basis for further clarification and description of the software quality as part of the system of intelligent analytical data processing to ensure security CDI about TP: functionality; reliability; practicality; efficiency; maintainability and mobility.
They, in turn, are complex indicators of the software quality and include [27]: • functionality -suitability, correctness, interoperability, consistency, security; • reliability -stability, error resistance, recoverability; • practicality -clarity, learning and ease of use; • efficiency -the nature of change over time and the nature of resource change; • maintainability -analyzability, mutability, robustness, and testability; • mobility -adaptability (cross-platform) and interchangeability. The general technique for assessing the quality of a software prototype of the component for eliminating incompleteness and inconsistencies in data analysis (as part of the intelligent analytical data processing system to ensure security of CDI about TP) is based on expert opinions and includes the following steps.
At the first step, a set of experts M and a set K of possible assessed indicators (characteristics, factors) are determined.
Each expert is invited to choose {Ki | i = 1 … M, Ki ⊂ K} indicators and set the priority between them, i.e. rank them in descending order of importance, placing between each two adjacent indicators the conditions «=» (equal), «>» (more) or «>>» (much more) [28].
These conditions make it possible to establish weighting coefficients characterizing the significance of two adjacent indicators Xj and Xj+1. It should be considered that the normalization condition is valid for all coefficients; their sum is equal to 1.
At the second stage, each expert assigns points from 0 to 5 to each of the assessed indicators in accordance with the specified criteria for assessing the quality indicators of the software prototype (in accordance with the previously accepted degrees of satisfaction of the quality indicator to the needs) [29]: • excessive satisfaction of needs -0; • fully meets the needs -1; • meets the needs in general -2; • meets the needs rather than not -3; • rather inadequate than meeting -4; • does not fully meet the needs -5. This scale is formed so that a higher score corresponds to the worst quality of the software in terms of the corresponding indicator.
The third stage is devoted to determining the integral quality indicator for each j -th expert Wj (taking into account the previously agreed weighting coefficients) in accordance with the expression [27]: where Sj is the number of quality indicators selected by the j -th expert; Xij is the value in points of the i-th indicator assessed by the j-th expert; pij is the weighting coefficient of the i-th indicator assessed by the j-th expert.
It is important to remember that the condition 0 < pij < 1 is valid for the weighting coefficients. For this, first, the set of unnormalized weighting coefficients {rij} is determined, then for each pair of unnormalized weighting coefficients rij and ri+1, priority conditions are introduced for specific quality indicators, and the transition from unnormalized weights {rij} to normalized {pij} is carried out in accordance with the expression Analysis of expressions (1) and (2) shows that when using normalized weighting coefficients, if all Xij → 0, then Wj → 0 is true. So, if the software has all quality indicators that exceed the requirements, then the integral quality indicator is the best, Wj = 0. At the same time, if all Xij → 5, then Wj → 1. Then the value of Wj lies in the range from 0 to 1.
At the fourth stage, the generalized integral quality indicator W and the quality class of the software are determined, depending on the values of the integral quality indicator Wj . The value of the generalized integral quality indicator W is calculated as a weighted average value on the set {Wj}, taking into account the normalized coefficients {sj}, characterizing the competence of experts where M is the total number of experts.
The weighting coefficients {sj} are first set in an unnormalized form by the experts themselves in the form of points from 0 to 3 (the higher the score, the higher the expert's competence), and then normalized, by analogy with the weighting coefficients of quality factors, in accordance with the expression where qj is an unnormalized weighting coefficient for the j-th expert, estimated by points from 1 to 5 and characterizing the expert's competence. As a result, the quality class of the software is determined in accordance with the values of the generalized integral quality indicator (excellent (0-0.25), good (0.25-0.5), satisfactory (0.5-0.75), unsatisfactory (0.75-1.0)).

Experimental part (calculations, results and discussion)
Let us carry out, as an example, experimental calculations in order to evaluate the software tool for the component of eliminating the uncertainty of data analysis to ensure the security of CDI about TP. To solve the problem of evaluating the software tool, a list of functional requirements for this component has been compiled; it is detailed for this specific task.
The elements of this list are indicated by the letter of the Latin alphabet, and its composition is based on the previously considered complex quality indicators and includes: • performance indicators (determined based on functional testing) -support for interaction with other components (A), the possibility of preprocessing (B), input and processing of expert information (C), solving the problem of eliminating uncertainty based on computing fuzzy set systems and implementing neural network identification algorithms (D), data output (E); • efficiency indicators (determined on the basis of load testing) -time indicators for eliminating ambiguity (fuzziness) of data analysis (F) and time indicators for eliminating insufficiency (incompleteness, inconsistency) of security data attributes of CDI about TP (G); • maintainability indicators (determined on the basis of static analysis) -flexibility of the list (data) of preliminary assessment results (H), flexibility of the input format of expert information (I) and flexibility of the report form (J); • mobility indicator -cross-platform (Z). Within the framework of experimental calculations, for our example, statistics were obtained on the expert estimates of the above indicators. These assessments were formulated by 10 experts, and the analysis of the level of indicators was carried out in accordance with the previously adopted degrees of satisfaction of the quality indicator with needs (from 0 to 5). All received estimates are summarized in Table 1, where Mj is the j-th expert (j = 1,…, 10). The next step in the experiment is the distribution of the weights for the estimated indicators. For this purpose, each expert, relying on his own experience and knowledge, sorted the quality indicators of the component of eliminating the uncertainty of data analysis to ensure the security of CDI about TP, in descending order of their priority in accordance with the previously agreed ranking conditions: «=» (equal), «>» (More) or «>>» (much more). The results of ranking (formation by experts of weight coefficients for all indicators, except for Z) are summarized in Table 2.
The integral quality indicators were calculated for all experts, and these indicators were reflected in the graphs presented in Fig. 1.
Were obtained unnormalized weighting coefficients qj , characterizing the competence of experts. The calculation results are summarized in a "wind rose" -a circular "petal" diagram ( Fig. 2). Then these coefficients were normalized in accordance with the expression (4). The normalized weighting coefficients sj , characterizing the competence of experts, are presented in Fig. 3.  a number of priorities  1  2  3  4  5  6  7  8  9 10 At the fourth stage, taking into account the obtained coefficients sj , characterizing the competence of experts, and the values of the integral quality indicator Wj , W was determined -the generalized integral quality indicator of the component of eliminating the uncertainty of data analysis to ensure the security of CDI about TP. The W value calculated in accordance with expression (3) is 0.254.
The final stage of the computational experiment is the definition of the quality class of the software tool, which is the essence of the component for eliminating incompleteness and inconsistency of data analysis to ensure the security of CDI about TP.
Thus, according to the previously introduced criteria for the values of the generalized integral quality indicator, the quality class of the component for eliminating the uncertainty of data analysis, based on the use of methods for processing incomplete, contradictory and fuzzy knowledge, is equal to 1, which corresponds, in terms of quality ranking, to a "good" level.

Conclusion
Thus, in accordance with the accepted methodology, a theoretical and experimental assessment of the component of eliminating incompleteness and inconsistency of data analysis (within the framework of the system of their intelligent analytical processing) was carried out to ensure the security of CDI about TP.
This assessment was carried out from the point of view of an expert analysis of the software quality, which forms the basis and the practical essence of this component. The assessment was carried out on the basis of formulated and substantiated indicators of the quality of the software under consideration, taking into account the functional and other requirements for this component. The generalized integral quality indicator and the quality class of the component for eliminating incompleteness and inconsistency of data analysis (within the framework of their intelligent analytical processing) are determined to ensure the security of CDI about TP.
A possible direction for further research can be theoretical and experimental evaluation of methods, models, techniques, algorithms and the software prototype of the component for generating and selecting measures to counter threats that may occur during the collection, storage and processing of CDI about TP.