Skip to main content
Springer Nature Link
Log in

Criticality Assessment of Critical Information Infrastructure Objects: A Category Based Methodology and Ukrainian Experience

  • Conference paper
  • First Online:
Multimedia Communications, Services and Security (MCSS 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1284))

  • 541 Accesses

Abstract

The paper outlines the basic principles and assumptions used to assess the criticality of critical infrastructure object (CIO) and critical information infrastructure objects (CIIO). Methods for assigning critical information infrastructure objects to the criticality levels are described. The sequence of carrying out the criticality assessment of CIOs is provided. The recommendations concerning evolving regulation in the field of critical information infrastructure objects protection are given. According to the results of the research, several drafts of the Ukrainian state-level normative documents were developed such as “Classification of critical information infrastructure objects by severity (criticality)” and “Criteria and procedure for assigning critical information infrastructure objects to one of the significance (criticality)”. The implementation of the developed documents is an important step in the construction of the Ukrainian state system of protection of critical information infrastructure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. European Commission: Communication from the Commission of 12 December 2006 on a European Programme for Critical Infrastructure Protection, COM (2006) 786 Final, Brussels, Belgium (2006)

    Google Scholar 

  2. European Commission: Proposal for a Directive of the Council on the Identification and Designation of European Critical Infrastructure and the Assessment of the Need to Improve Their Protection, COM (2006) 787 Final, Brussels, Belgium (2006)

    Google Scholar 

  3. Ministry of the Interior and Kingdom Relations: National Risk Assessment Method Guide 2008, The Hague, The Netherlands (2008)

    Google Scholar 

  4. U.S. Department of Homeland Security: National Infrastructure Protection Plan 2009, Washington, DC (2009)

    Google Scholar 

  5. Public Safety and Emergency Preparedness Canada: Selection Criteria to Identify and Rank Critical Infrastructure Assets, Ottawa, Canada (2004)

    Google Scholar 

  6. Kroger, W.: Critical infrastructures at risk: a need for a new conceptual approach and extended analytical tools. Reliabil. Eng. Syst. Saf. 93(12), 1781–1787 (2008)

    Article  Google Scholar 

  7. Brunner, E., Suter, M.: International CIIP Handbook 2008/2009: An Inventory of 25 National and 7 International Critical Infrastructure Protection Policies, Center for Security Studies, ETH Zurich, Zurich, Switzerland (2008)

    Google Scholar 

  8. Gritzalis, D., Stergiopoulos, G., Kotzanikolaou, P., Magkos, E., Lykou, G.: Critical infrastructure protection: a holistic methodology for Greece. In: Cuppens-Boulahia, N., Lambrinoudakis, C., Cuppens, F., Katsikas, S. (eds.) CyberICPS 2016. LNCS, vol. 10166, pp. 19–34. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61437-3_2

    Chapter  Google Scholar 

  9. Green paper on critical infrastructure protection in Ukraine. In: Proceedings of International Expert Meetings. National Institute for Strategic Studies, Kyiv, p. 176

    Google Scholar 

  10. Council Directive 2008/114/EC. (2008, 12 23): Official Journal of the European Union, vol. 51, p. 75 (2008)

    Google Scholar 

  11. EU Commission (2012, 6 22): Review of the European Programme for Critical Infrastructure Protection (EPCIP)

    Google Scholar 

  12. Rossella, M., Cedric, L.-B.: Methodologies for the identification of Critical Information Infrastructure assets and services. In: European Union Agency for Network and Information Security (ENISA), ENISA, Brussels (2015)

    Google Scholar 

  13. Bobro, D.G., Methodology of estimation of infrastructure objects criticality level, 3(40), 77–85 (2016)

    Google Scholar 

  14. Potii, O., Illiashenko, O., Komin, D.: Advanced security assurance case based on ISO/IEC 15408. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds.) Theory and Engineering of Complex Systems and Dependability. AISC, vol. 365, pp. 391–401. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19216-1_37

    Chapter  Google Scholar 

  15. Strielkina, A., Illiashenko, O., Zhydenko, M., Uzun, D.: Cybersecurity of healthcare IoT-based systems: regulation and case-oriented assessment. In: 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT), Kiev, pp. 67–73 (2018)

    Google Scholar 

  16. Kharchenko, V., Illiashenko, O.: Diversity for security: case assessment for FPGA-based safety-critical systems. In: MATEC Web Conference, vol. 76, p. 02051 (2016)

    Google Scholar 

  17. Illiashenko, O., Kharchenko, V., Brezhniev, E., Boyarchuk, A., Golovanevskiy, V.: Security informed safety assessment of industrial FPGA-based systems. In: Proceedings of Probabilistic Safety Assessment and Management Conference PSAM, 24–27 June 2014, Hololulu, Hawaii, USA, vol. 12, p. 11 (2014)

    Google Scholar 

  18. Kharchenko, V., Illiashenko, O.: Concepts of green IT engineering: taxonomy, principles and implementation. In: Kharchenko, V., Kondratenko, Y., Kacprzyk, J. (eds.) Green IT Engineering: Concepts, Models, Complex Systems Architectures. SSDC, vol. 74, pp. 3–19. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44162-7_1

    Chapter  Google Scholar 

  19. Harrington, E.C.: The desirability function. Ind. Qual. Control 21, 494–498 (1965)

    Google Scholar 

Download references

Acknowledgements

This work was supported by the ECHO project which has received funding from the European Union’s Horizon 2020 research and innovation programme under the grant agreement no 830943. The authors very appreciated to scientific society of consortium and in particular the staff of Department of Computer Systems, Networks and Cybersecurity of National aerospace university «Kharkiv Aviation Institute» for invaluable inspiration, hardworking and creative analysis during the preparation of this paper.

Author information

Authors and Affiliations

  1. JSC Institute of Information Technology, 12 Bakulina Street, Kharkiv, 61066, Ukraine

    Oleksandr Potii

  2. State Special Communications Service of Ukraine, 13 Solomianska Street, Kiev, 03110, Ukraine

    Yurii Tsyplinskyi

  3. Department of Computer Systems, Networks and Cybersecurity, National Aerospace University “KhAI”, 17 Chkalova Street, Kharkiv, 61070, Ukraine

    Oleg Illiashenko & Vyacheslav Kharchenko

Authors
  1. Oleksandr Potii
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yurii Tsyplinskyi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Oleg Illiashenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vyacheslav Kharchenko
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Oleg Illiashenko .

Editor information

Editors and Affiliations

  1. AGH University of Science and Technology, Kraków, Poland

    Andrzej Dziech

  2. Royal Military Academy, Brussels, Belgium

    Wim Mees

  3. Gdańsk University of Technology, Gdańsk, Poland

    Andrzej Czyżewski

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Potii, O., Tsyplinskyi, Y., Illiashenko, O., Kharchenko, V. (2020). Criticality Assessment of Critical Information Infrastructure Objects: A Category Based Methodology and Ukrainian Experience. In: Dziech, A., Mees, W., Czyżewski, A. (eds) Multimedia Communications, Services and Security. MCSS 2020. Communications in Computer and Information Science, vol 1284. Springer, Cham. https://doi.org/10.1007/978-3-030-59000-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-59000-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-58999-8

  • Online ISBN: 978-3-030-59000-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics