Information Security Threat Analysis

In accordance with existing approaches, it is generally accepted that information security of automated systems (AS) is ensured if a certain level of confidentiality (impossibility of unauthorized receipt of any information) is maintained for any information resources in the system, integrity (impossibility of unauthorized or accidental modification thereof ) and availability (the ability to obtain the required information in a reasonable amount of time).

A threat is a potential opportunity to violate information security in a certain way.

A threat is a potential event, action (impact), process or phenomenon that could lead to harm to someone’s interests.

A threat to the information security of a nuclear power plant is the possibility of influencing the information processed by the nuclear power plant, which leads to distortion, destruction, copying, blocking access to information, as well as the possibility of affecting the components of the nuclear power plant, which leads to the loss, destruction or malfunction of the information medium, means of interaction with the medium or controls.

An attempt to implement a threat is called an attack, and the one who makes such an attempt is called an attacker. Potential attackers are called sources of threat.

Most often, the threat is a consequence of the presence of vulnerabilities in the protection of information systems (such as the ability of unauthorized persons to access critical equipment or software errors).

The time interval from the moment when it becomes possible to use a weak spot to the moment when the gap is closed is called the danger window associated with this vulnerability. As long as the danger window exists, successful attacks on the IP are possible.

If we are talking about errors in the software, then the danger window “opens” with the appearance of the means of using the error and is eliminated when applying patches that correct it.

For most vulnerabilities, the danger window exists for a relatively long time (several days, sometimes weeks), since the following events should occur during this time:

  • should be aware of the means of using the security gap;
  • appropriate patches should be issued;
  • patches must be installed in the protected IP.

New vulnerabilities and means of their use appear constantly; this means, firstly, that there are almost always danger windows and, secondly, that such windows should be monitored on a continuous basis, and patches should be issued and imposed as quickly as possible.

Some threats cannot be considered the result of any errors or miscalculations; they exist because of the very nature of modern IP. For example, the threat of power outage or its parameters exceeding the permissible limits exists due to the dependence of the hardware of the IC on high-quality power.

Consideration of the most common threats to which modern information systems are exposed gives an idea of the possible threats, as well as the vulnerabilities that these threats usually exploit, in order to choose the most cost-effective security tools. Too many myths exist in the field of information technology (“Problem 2000”), so ignorance in this case leads to cost overruns and, even worse, to the concentration of resources where they are not particularly needed, due to the weakening of truly vulnerable areas.

Threats, like everything in information security, depend on the interests of the subjects of information relations (and on what damage is unacceptable to them). The task of possible threats to information security is carried out in order to determine the full list of requirements for the developed security system. The list of threats, assessments of the probabilities of their implementation, as well as the model of the offender serve as the basis for analyzing the risk of threats and formulating requirements for a nuclear power plant protection system. In addition to identifying possible threats, they should be analyzed based on classification features. Each of the classification features reflects one of the generalized requirements for the protection system. At the same time, threats corresponding to each attribute of the classification make it possible to detail the requirement reflected by this attribute.