The Command and control network Resilience pattern against Cyber threats

Document Type : Original Article

Author

faculty member

Abstract

One of the threat areas from the point of view of passive defense; cyber threats and among them cyber resilience; It is the actions and predictions that must be done in a system to be prepared to face and deal with cyber attacks and intrusions and tolerate and adapt to the conditions of continuous occurrence and quick recovery and rehabilitation after the interruptions.
Therefore, a system is resilient when it has the ability to resist cyber attacks or incidents. The main goal of this research is to present the cyber resilience model of command and control systems and its sub-goals are to explain cyber threats, cyber vulnerabilities, dimensions and components of cyber resilience of command and control systems. This research is of an applied type and in terms of a descriptive method with a mixed approach, the researcher first uses the analysis and categorization of the proposed methods and solutions to explore the appropriate pattern, and in order to check the meaningful relationship between the dimensions and components using the factor analysis method, from the software It uses Smart PLS. factor load coefficients calculated for the three dimensions of command and leadership, control and supervision, and process and operation, respectively; It is 0.926, 0.917 and 0.920, which shows the high importance of these factors in increasing the cyber resilience of systems.
The cyber resilience model of command and control systems is presented in three dimensions of command and control with four components, control and monitoring dimension with four components, process and operation dimension with three components,against six threats and seven vulnerabilities (weaknesses).

Keywords


  • فهرست منابع:

    • امین زاده؛ علی محمد ، محمودزاده؛ ابراهیم، موحدی صفت؛ محمد رضا(1399)مدل افزایش تاب آوری سایبری سامانه ها ی فرماندهی و کنترل صنعتی مبتنی بر بهبود فرآیندها ، دوازدهمین کنفرانس ملی فرماندهی و کنترل ایران
    • بت شکن، بهمن(1396)، بررسی مهندسی تاب‌آوری سایبری در فضای سایبری، سومین اجلاس ملی علوم و مهندسی رایانه و فناوری اطلاعات، دانشگاه اصفهان، دانشکده مهندسی رایانه.
    • چمنی؛ مسلم، محمدی؛ اردشیر، بختیاری؛ ایرج(1397) تحلیل پایداری شبکه فرماندهی و کنترل پدافند هوایی و ارائه راه‌کار مناسب برای ارتقاء آن، فصلنامه فرماندهی و کنترل ، شماره 4
    • راهکارهایی برای تدوین راهبرد تاب آوری سایبری سازمان، نشریه فراست ، آذر 1399

    - ربیعی؛ بهزاد، علی‌یاری؛ شهرام، مردانی شهربابک، محمد(1399) معرفی الگویی برای اندازه‌گیری و ارزیابی قدرت سایبری یک سازمان دفاعی در ج.ا.ایران ، فصلنامه راهبرد دفاعی، شماره 69

    - رستگار، عبدالمطلب(1399)،رویکردهای جدید مدیریت تهدیدات از منظر پدافندغیرعامل، نخستین همایش ملی رویکرد های نوین مدیریت در مطالعات میان رشته‌ای

    • سعادتی، رضا(1400)، شناسایی و اولویت‌‌بندی عوامل مؤثر بر تاب‌آوری سایبری ارتش جمهوری اسلامی ایران، پایان‌نامه کارشناسی ارشد، دانشگاه فرماندهی و ستاد ارتش جمهوری اسلامی ایران.
    • مظفری و همکاران (1399)، احصاء شاخص‌های تاب‌آوری برکاهش آسیب پذیری سیستم های کنترل صنعتی در تهدیدات سایبری، چهارمین کنفرانس بین المللی تحقیقات حوزه اقتصاد و مدیریت.
    • Annarelli, A.; Nonino, F.; Palombi, G. Understanding the management of cyber resilient systems. Comput. Ind. Eng. 2020, 149, 106829.
    • Armenia, S.; Angelini, M.; Nonino, F.; Palombi, G.; Schlitzer, M.F. A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs. Decis. Support Syst. 2021, 147, 113580.
    • Benz, M.; Chatterjee, D. Calculated risk? A cybersecurity evaluation tool for SMEs. Bus. Horiz. 2020, 63, 531–540.
    • Carias, J.F.; Borges, M.R.S.; Labaka, L.; Arrizabalaga, S.; Hernantes, J. The Order of the Factors DOES Alter the Product: Cyber Resilience Policies’ Implementation Order. In Conference on Complex, Intelligent, and Software Intensive Systems; Springer: Burgos, Spain, 2020; pp. 306–315.
    • Center for Internet Security (CIS). CIS Controls V 7.1; Center for Internet Security (CIS): East Greenbush, NY, USA, 2019.
    • Colbert, E. J. M., & Kott, A. (2016). Cyber-security of SCADA and Other Industrial Control Systems. Advances in Information Security, 63. doi:10.1007/978-3-319-32125-7
    • Conklin, W. A., & Shoemaker, D. (2017). Cyber-Resilience: Seven Steps for Institutional Survival. EDPACS, 55(2), 14-22.
    • DSB (2013), Defense Science Board. Task force report: resilient military systems and the advanced cyber threat.
    • Deutscher, S.A.; Bohmayr, W.; Asen, A. Building a Cyberresilient Organization; BCG Perspectives: Boston, MA, USA, (2017).
    • Financial Stability Institute(FSI), 2018, Cyber resilience practices, Insights, no. 21, avalible in fsicmigration@bis.org.
    • DHS (2016), Department of Homeland Security, Cyber Resilience Review, Carnegie Mellon University’s Software Engineering Institute for managing operational resilience. Retrieved from http://www.cert.org/resilience/rmm.html
    • Gourisetti, S.N.G.; Mix, S.; Mylrea, M.; Bonebrake, C.; Touhiduzzaman, M. Secure Design and Development Cybersecurity Capability Maturity Model (SD2-C2M2). In Proceedings of the Northwest Cybersecurity Symposium 2019, New York, NY, USA, 8 April 2019; ACM Press: New York, NY, USA, 2019; pp. 1–9.
    • Internet Security Threat Report; Symantec: Sunnyvale, CA, USA, 2019; Volume 24.
    • Kott, Alexander; Linkov, Igor; (2019). Cyber Resilience of Systems and Networks, springer.
    • Linkov, I.; Eisenberg, D. A.; Plourde, K.; Seager P. (2013). Resilience metrics for cyber systems. Springer Science+Business Media New York (outside the USA) DOI:10.1007/s10669-013-9485-y.
    • NIST (2021), National Institute of Standards and Technology. Developing Cyber-Resilient Systems: A Systems Security Engineering Approach, (SP) 800-160 Volume2, Revision1, Retrieved from https://csrc.nist.gov/publications/detail/sp/800-160/vol-2-rev-1/final
    • Ross, R.; Graubart, R.; Bodeau, D. & Mcquaid, R. (2018), Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems, (NIST) National Institute of Standards and Technology.
    • Sharkov, G. From cybersecurity to collaborative resiliency. In Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense, Vienna, Austria, 24–28 October 2016; pp. 3–9.