The possibility of improving procedures for quantitative threat assessment of unauthorized access to information of critical information infrastructure facilities

The content of the main threat assessment stages of unauthorized access (UA) at critical information infrastructure (CII) facilities is determined on the basis of analysis of the primary provisions of the Methodology for Assessing Information Security Threats, approved on February 5, 2021 by the FSTEC of Russia. The ways to develop a methodology for assessing such information security threats are focused. A functionally-oriented approach is proposed to take into account the dynamics of the UA threat implementation regarding information of CII facilities. The procedure for constructing a functional model of the threat is considered in accordance with its existing structuring within the framework of the basic model of information security threats presented in the documents of the FSTEC of Russia. The decompositional hierarchical structure of the target threat function is substantiated as the first stage in constructing the model. The content of structure levels is given: the level of target threat function, the level of its implementation strategies, the level of tactics used, the level of the intruder’s action stages, and the level of procedures done to access the operating environment of the computer system (CS) and destructive impact on information. The execution sequence of individual functional components of this structure is determined as well as the order of their implementation is illustrated in the form of a change of states of the Markov process as the second stage of constructing the model. Based on this vision, the possibility of moving from a description of the UA threat to information of CII facilities in terms of functional modeling to a mathematical representation of the temporal characteristics of functional components of its target function is demonstrated. The corresponding analytical expressions are given for various options for representing the order of executed functional components