INFORMATION SECURITY IN MOBILE MODULAR MEASURING SYSTEMS

A special aspect of aircraft test is carrying out both flight evaluation and ground operation evaluation in a structure of flying aids and special tools equipment. The specific of flight and sea tests involve metering in offshore zone, which excludes the possibility of fixed geodetically related measuring tools. In this regard, the specific role is acquired by shipbased measurement systems, in particular the mobile modular measuring systems. Information processed in the mobile modular measurement systems is a critical resource having a high level of confidentiality. When carrying out their functions, it should be implemented a proper information control of the mobile modular measurement systems to ensure their protection from the risk of data leakage, modification or loss, i.e. to ensure a certain level of information security. Due to the specific of their application it is difficult to solve the problems of information security in such complexes. The intruder model, the threat model, the security requirements generated for fixed informatization objects are not applicable to mobile systems. It was concluded that the advanced mobile modular measuring systems designed for flight experiments monitoring and control should be created due to necessary information protection measures and means. The article contains a diagram of security requirements formation, starting with the data envelopment analysis and ending with the practical implementation. The information security probabilistic model applied to mobile modular measurement systems is developed. The list of current security threats based on the environment and specific of the mobile measurement system functioning is examined. The probabilistic model of the information security evaluation is given. The problems of vulnerabilities transformation of designed information system into the security targets with the subsequent formation of the functional and trust requirements list are examined.

mobile modular measuring system, flight experiment, information systems design, information security, security threats, security requirements, trust requirements

1. Vserossijskaja nauchno-tehnicheskaja konferencija «Nauchnye chtenija po aviacii, posvjashhjonnye pamjati N.E. Zhukovskogo». Sbornik dokladov 2015 [All-Russian scientific and technical conference "Scientific readings on aviation dedicated to the memory of N.E. Zhukovsky". A collection of reports 2015]. M., Zhukovsky Air Force Academy Publishing house, 2015. 552 p. (in Russian)

2. GOST P ISO/IEC 27002:2012 "Information technology – Security techniques – The code of practice for information security management". M., Standartinform, 2014, 3 p.

3. Vetoshkin V.M., Gorshkov P.S., Zholobov A.B. Metodologicheskie problemy i puti sozdanija avtomatizirovannoj sistemy upravlenija ispytanijami aviacionnoj tehniki [Methodological problems and ways of creation of the aircraft equipment test automated control system]. Scientific Bulletin of MSTUCA, 2017, Vol. 20, no. 01, pp. 159–166. (in Russian)

4. Bazovaja model' ugroz bezopasnosti personal'nyh dannyh pri ih obrabotke v informacionnyh sistemah personal'nyh dannyh [The basic model of personal data security threats while processing in personal data information systems]. FSTEK Russia, 2008. 14 p. (in Russian)

5. Gerasimenko V.A., Malyuk A.A. Osnovy zashhity informacii [The basics of information security]. M., MEPhI, 1997, pp. 95, 161. (in Russian)

6. Malyuk A.A. Informacionnaja bezopasnost': konceptual'nye i metodologicheskie osnovy zashhity informacii [Information security: conceptual and methodological foundations of information security]. M., Hot line – Telecom, 2004, 105 p. (in Russian)

7. GOST P ISO/IEC 15408-1-2012. Information technology – Security techniques – Evaluation criteria for IT security – Part 1: Introduction and a general model. M., Standartinform, 2014.

8. Gorshkov P.S. Resursno-ogranichitel'nyj metod issledovanija slozhnyh informacionnyh sistem [Resource-restrictive method for the study of complex information systems]. Gorshkov P.S., Bachkalo B.I. M., Proceedings of the Symposium on Reliability and Quality, 2008, pp. 274–277. (in Russian)

9. Vetoshkin V.M. Osnovy teorii konceptual'nogo proektirovanija baz dannyh dlja avtomatizirovannyh sistem [Theory fundamentals of database conceptual design for the automated systems]. V.M. Vetoshkin. M., Zhukovsky Air Force Engineering Academy, 1992, 267 p. (in Russian)