Infrastructural conflict of critical information infrastructure software in the context of destructive effects of cyber attacks

Cover Page

Cite item

Full Text

Open Access Open Access
Restricted Access Access granted
Restricted Access Subscription Access

Abstract

The paper considers the phenomenon of infrastructural conflict of critical information infrastructure software, which occurs under the influence of cyber attacks. It is shown that the software environment of the critical information infrastructure is one of the most vulnerable levels, since it combines technological, architectural and organizational dependencies, forming a complex of vulnerabilities of infrastructural origin. The author’s concept of infrastructural conflict is presented as a state of uncoordinated functioning of software, hardware and protective components, leading to degradation, cascading failures and loss of controllability of technological processes. A structural model of an infrastructure software conflict is formulated, including the interaction of three key actors: the source of destructive influences, the software of critical information infrastructure, and information security systems. A classification of destructive influences on software components is performed, the mechanisms of conflict occurrence are described, and the factors of its escalation in SCADA/PLC environments are highlighted. The infrastructure conflict theorem for critical information infrastructure software has been developed, which makes it possible to analyze the dynamics of attacks, the likelihood of transition to a conflict state, the sensitivity of the software infrastructure to loads, and the response efficiency of the information security management system. The influence of infrastructure dependencies on the cyberimmunity of the software environment and the survivability of critical information infrastructure is shown. The results can be used to build monitoring systems, develop response strategies, assess the resilience of software architecture, and model cyberattack scenarios based on the presented model of infrastructural conflictology.

About the authors

Sergey S. Kochedykov

National Research University of Electronic Technology (MIET); MIREA – Russian Technological University

Author for correspondence.
Email: infosec36@mail.ru
ORCID iD: 0000-0001-8382-3026
SPIN-code: 2264-2975

Cand. Sci. (Eng.), Associate Professor, associate professor Department of Information Security, associate professor Department KB-4 “Intelligent Information Security Systems”

Russian Federation, Zelenograd, Moscow; Moscow

References

  1. Yazov Yu.K. On the definition of the concept of “cybersecurity” and related terms. Cybersecurity Issues. 2025. No. 1 (65). Pp. 2–6. (In Rus.). doi: 10.21681/2311-3456-2025-1-2-6.
  2. Kochedykov S.S., Grechishnikov E.V., Dushkin A.V., Orlova D.E. The mathematical model of cyber attacks on the critical information system. Journal of Physics. Conference Series. 2019. Vol. 1202. P. 12013. doi: 10.1088/1742-6596/1202/1/012013.
  3. Maksimova E.A. Analysis of the life cycle of a critical information infrastructure entity in the context of infrastructure destructivism. Information Protection. Insider. 2021. No. 5 (101). Pp. 4–10. (In Rus.)
  4. Gaskova D.A. Technology of cyber threat analysis and assessment of cybersecurity risks in critical infrastructure. Cybersecurity Issues. 2019. No. 2 (30). Pp. 42–49. (In Rus.). doi: 10.21681/2311-3456-2019-2-42-49.
  5. Makarenko S.I. Methodology for justifying test information and technical actions that ensure rational completeness of the security audit of a critical information infrastructure object. Cybersecurity Issues. 2021. No. 6 (46). Pp. 12–25. (In Rus.). doi: 10.21681/2311-3456-2021-6-12-25.
  6. Lavrova D.S., Zegzhda D.P., Zaitseva E.A. Modeling the network infrastructure of complex objects to solve the problem of countering cyberattacks. Cybersecurity Issues. 2019. No. 2 (30). Pp. 13–20. (In Rus.). doi: 10.21681/2311-3456-2019-2-13-20.
  7. Parshutkin A.V. Conceptual model of interaction of conflicting information and telecommunication systems. Cybersecurity Issues. 2014. No. 5 (8). Pp. 2–6. (In Rus.)
  8. Evnevich E.L., Fatkieva R.R. Modeling of information processes in the context of conflicts. Cybersecurity Issues. 2020. No. 2 (36). Pp. 42–49. (In Rus.). doi: 10.21681/2311-3456-2020-2-42-49.
  9. Dushkin A.V., Kochedykov S.S., Novoseltsev V.I. Analysis of conflict interaction of executive devices of automated control systems. Industrial ACS and Controllers. 2017. No. 10. Pp. 8–16. (In Rus.)
  10. Izrailov K.E., Buinevich M.V. A method for detecting attacks of various origins on complex objects based on state information. Part 1. Prerequisites and scheme. Cybersecurity Issues. 2023. No. 3 (55). Pp. 90–100. (In Rus.). doi: 10.21681/2311-3456-2023-3-90-100.
  11. Izrailov K.E., Buinevich M.V. A method for detecting attacks of various origins on complex objects based on state information. Part 2. Algorithm, model, and experiment. Cybersecurity Issues. 2023. No. 4 (56). Pp. 80–93. (In Rus.). doi: 10.21681/2311-3456-2023-4-80-93.
  12. Kotenko I.V., Saenko I.B., Zakharenko R.I., Velichko D.V. Subsystem for preventing computer attacks on critical information infrastructure: analysis of functioning and implementation. Cybersecurity Issues. 2023. No. 1 (53). Pp. 13–27. (In Rus.). doi: 10.21681/2311-3456-2023-1-13-27.
  13. Kubarev A.V., Lapsar A.P., Asyutikov A.A. Synthesis of a model of a critical information infrastructure object for the safe functioning of a technical system under destructive information influence. Cybersecurity Issues. 2020. No. 6 (40). Pp. 48–56. (In Rus.). doi: 10.21681/2311-3456-2020-06-48-56.
  14. Devitsyna S.N., Pilkevich P.V. Ensuring the compatibility of technical components when creating an information security incident monitoring system. Cybersecurity Issues. 2024. No. 4 (62). Pp. 38–44. (In Rus.). doi: 10.21681/2311-3456-2024-4-38-44.
  15. Voevodin V.A. On the problem of assessing the stability of critical information infrastructure. Cybersecurity Issues. 2025. No. 1 (65). Pp. 41–49. (In Rus.). doi: 10.21681/2311-3456-2025-1-41-49.
  16. Gurina L.A. Improving the cyber resilience of SCADA and WAMS in the event of cyberattacks on the information and communication subsystem of the electric power system. Cybersecurity Issues. 2022. No. 2 (48). Pp. 18–26. (In Rus.). doi: 10.21681/2311-3456-2022-2-18-26.
  17. Maksimova E.A., Buinevich M.V. Method for assessing the infrastructure sustainability of critical information infrastructure subjects. Bulletin of the Ural Federal District. Information Security. 2022. No. 1 (43). Pp. 50–63. (In Rus.). doi: 10.14529/secur220107.
  18. Maksimova E.A. Axiomatics of the subject of critical information infrastructure’s infrastructure destructivism. Informatization and Communication. 2022. No. 1. Pp. 68–74. (In Rus.). doi: 10.34219/2078-8320-2022-13-1-68-74.
  19. Bochkov M.V., Vasinev D.A. Method for assessing the security of critical information infrastructure. Cybersecurity Issues. 2025. No. 4 (68). Pp. 17–29. (In Rus.). doi: 10.21681/2311-3456-2025-4-17-29.
  20. Maksimova E.A., Buinevich M.V., Shestakov A.V. Proactive management of information security of critical information infrastructure subjects as complex organizational systems with dynamically changing structure. Bulletin of the Voronezh Institute of the Ministry of Internal Affairs of Russia. 2023. No. 2. Pp. 49–59. (In Rus.)

Supplementary files

Supplementary Files
Action
1. JATS XML
Download


License URL: https://www.urvak.ru/contacts/

Согласие на обработку персональных данных

 

Используя сайт https://journals.rcsi.science, я (далее – «Пользователь» или «Субъект персональных данных») даю согласие на обработку персональных данных на этом сайте (текст Согласия) и на обработку персональных данных с помощью сервиса «Яндекс.Метрика» (текст Согласия).