Mathematical Machines and Systems. 2023 #4

ABSTRACTS


COMPUTER SYSTEMS

UDC 681.3

This article examines the current aspects of the use of intelligent systems in the military sphere and their role in decision-making in crisis situations. In particular, systems such as JADE, ALPHA, and R-Plan designed to plan the deployment of armed forces, control combat aircraft, and make decisions at the operational level are analyzed. The article also describes the decision-making technology in automatic and automated control systems, as well as the state of modern military technologies. Particular attention is paid to the role of decision-making technologies in military operations, and the challenges and obstacles faced by such systems are identified. To effectively overcome these obstacles, promising directions for development and technology improvement are considered. The article provides an overview of the current state and prospects of the use of intelligent systems for decision support in the military sphere and identifies the key factors influencing their effective application. The paper discusses an innovative approach to the creation of smart autonomous robots based on the new technology of neural-like growing networks (mren-RS). Robots created using this technology function based on knowledge, associative connections, and logical inference, constantly improving their intelligence. Such robots do not require complex computing systems due to the simple structure of neural-like elements. Their high efficiency is ensured by the massive parallelism of information processing. Robots based on mren-RS can learn independently, make logical decisions, and dynamically adjust their actions. Their advantages include high intelligence, efficient power consumption, reliability, and resistance to obstacles. Such robots have the potential to become reliable assistants in solving complex problems, make a significant contribution to the development of society, and change the idea of a future civilization. Refs.: 10 titles.


UDC 623.764

Sapaty P.S. Managing distributed systems with spatial grasp patterns. Mathematical machines and systems. 2023. N 4. P. 11–25.

The pattern is everything around us. It can represent the world’s regularity, a human-made design, a model, plan, diagram, a standard way of modeling, acting and thinking, a distinctive style or form, a combination of qualities and tendencies, etc. That is why the theory, research, and practical works on patterns are so important for different scientific and technological fields, having also stimulated the preparation and writing of the current paper. The paper reviews existing works on patterns, grouping them by different categories, and briefs the developed Spatial Grasp Model and Technology (SGT) and its Spatial Grasp Language (SGL) with the distributed networked implementation, which provide effective distributed solutions in systems management, control, and simulation by active self-spreading patterns. The article shows how practical patterns can be expressed in SGL, including regular patterns, patterns of concrete objects, and different pattern-based management solutions like coordinating transport columns, finding distributed zone coordinates, and spatial tracking of mobile objects. It also gives network examples of distributed pattern recognition and matching with the use of self-propagating active network templates reflecting images to be found. The paper provides a classified summary of the investigated use of SGL for pattern operations in different areas, which includes descriptive patterns, creative patterns, patterns as spatial processes, pattern recognition, self-matching patterns, combined patterns, cooperating and conflicting patterns, psychological patterns, and recursive patterns. The work concludes with the belief that SGL can be used as a real, very effective, and compact language for pattern representation and operations, and SGT should contribute to the pattern theory and resultant technologies. Figs.: 12. Refs.: 44 titles.


  
      INFORMATION AND TELECOMMUNICATION TECHNOLOGY

 

UDC 004.056.5

Lysetskyi Yu.M., Kalbazov D.Y. Approaches to ensuring information security. Mathematical machines and systems. 2023. N 4. P. 26–32.

The article analyzes situational, integration, and integration and innovation approaches that have emerged among domestic enterprises in today's market to ensure information security. The        following differences between them have been identified: the situational approach involves the point implementation of information security systems, decentralized management, the lack of a unified approach to system design, and inertia in system implementation; the integration approach involves the presence of planning and information security provisioning services, the formulation of unified requirements for information security, analysis of the criticality of information assets, risk and threat management, and the design of information security from business processes of the enterprise; the integration and innovation approach includes the presence of security operation centers, operational response centers, centralized information security monitoring systems, the creation of Business Continuity Plans and Disaster Recovery Plans, and the formation of fault-tolerant protection systems. Some existing problems in choosing methods and information protection technologies are presented in the paper. The ways and means for ensuring effective information security in an enterprise are discussed. These are next-generation network firewalls, SIEM systems, DLP systems, as well as a cloud access security broker – CASB. Using CASB to ensure information security in the cloud allows for addressing the following tasks: access control; data protection; detection and response to threats; compliance with regulatory requirements; monitoring and auditing; and security policy management. Analyzing the approaches to ensuring information security in domestic enterprises, we can conclude that it should be based on a comprehensive approach and effective integration of all elements of IT infrastructure at different levels of their interaction. Figs.: 3. Refs.: 15 titles.


UDC 621.37:637.142

Event logging in distributed systems is one of the most important factors for ensuring proper monitoring and management of IT systems, and the use of log information is an important area of activity of DevOps and DevSecOps teams that ensure effective interaction between developers, testers, and IT security professionals. The article discusses some possible approaches to prototyping solutions for the implementation of a centralized LMS (Log Management System) in the National Network of Situation Centers of Public Authorities (SCPA). As part of the first approach, which consists in the use of ready-made market products, a review of the declared capabilities, advantages, and disadvantages of popular free open-source systems and individual LMS tools (ELK Stack, Graylog, Grafana Loki, Logstash, Fluentd, LOGalyze, Filebeat, etc.) is carried out. In the context of the formulated basic requirements for a centralized LMS, taking into account the existing experience of using the tools under consideration, the expediency of choosing solutions among two complex, full-featured systems, namely the ELK Stack (Elasticsearch + Logstash + Kibana complex) and the complete, self-sufficient Graylog package, is substantiated. The advantages and disadvantages of each system are considered, and the generalized data on the implementation of ELK – Graylog, their use and evaluation by real users, formed on the basis of materials presented by the research company Gartner, are provided. An example of the possible implementation of the second approach to creating a prototype of LMS, which consists in creating new tools, is the developed specialized system for diagnosing errors registered in log files. The structure of the system, the functions of the main components, and the results of testing in a corporate banking network are described. Таbl.: 1. Figs.: 6. Refs.: 16 titles.


UDC 004.457

Kovalenko O.Ye. Security models of the Internet of Things. Mathematical machines and systems. 2023. N 4. P. 43–50.

The IoT is a cyber-convergent system that includes things, means of communication, target applications, and data analysis tools that support the unique identification of each object. IoT technologies play a vital role in the creation of cyber-convergent systems due to their wide usage in various spheres of life such as industry, social sphere, health care, and creating a comfortable environment. The IoT security model method ensures the confidentiality, integrity, and availability of data that is transferred between devices and also guarantees the privacy and security of end users. The creation and use of IoT systems directly affect the security and privacy of the involved and connected components. The presented study introduces an analysis of IoT architecture models with end-to-end security support. The conducted literature review reveals the challenges of various aspects of security faced by the IoT environment. Some models implementing different security strategies at different layers of the IoT are described. These include the perception layer which provides the authentication process for identifying IoT entities, the network layer which focuses on the security processes of cloud platforms, and the application layer which provides authentication and authorization for end users. The results of the analysis show that building secure IoT systems is based on three main strategies: proper configuring and ensuring the protection of all IoT devices; using secure wireless networks to connect IoT devices to corporate or global networks; constant situational awareness of security threats to IoT devices; and implementing appropriate security solutions to protect them from attacks. The maturity model of the IoT security system based on the ISA/IEC 62443 document package is also described. Figs.: 2. Refs.: 19 titles.


UDC 004.772

The article is dedicated to the analysis of data protection issues, particularly personal data, in medical institutions of various ownership forms. The necessity of implementing comprehensive data security systems is justified by the Bell-LaPadula model, which is considered a foundation for the development of a complex data security system within the enterprise. The Bell-LaPadula model represents an access control system based on a hierarchical data access structure. However, using a rigid hierarchical approach when building an information infrastructure of an enterprise based on this model, taking into account different levels of information confidentiality, might not account for the possibility of insider intervention at higher levels. The article analyzes the key aspects of this model, including assigning special security levels to all participants in data processing and to documents containing the protected data. To ensure security and access regulation based on an adapted model, individual access levels that correspond to each user’s responsibilities and confidentiality level are proposed for them. After implementing a comprehensive system for protecting confidential data and assigning special security levels to all participants in the processing of protected data and documents, a clear differentiation of ownership rights to information of different values emerged. This facilitates further expansion of the circle of employees with access to this information, reduces access time, and forms informational and analytical reports on access control system performance. The use of the hierarchical Bell-LaPadula access model allows for effective control over access to the information system and ensures overall enterprise security. Tabl.: 4. Refs.: 6 titles.


                                    
                              SIMULATION AND MANAGEMENT

UDC (658.012.011.56:681.3):621.771.23-413

In direct digital control (DDC) systems, computers replace traditional analog control devices. Direct digital control systems not only more efficiently perform the functions carried out by analog control devices but also provide new opportunities for increasing control flexibility, such as reprogramming to achieve the required control effects. The principles of developing direct digital control systems are described using the example of systems for regulating the technological parameters of rolling. Both analog and discrete automatic control systems (ACS) are used to control mechanisms and equipment at the lower level of the integrated automated control system (IACS) as well as to regulate the technological parameters of rolling. Direct digital control systems built on microprocessor computing technology are widely used. This is basic automation. With traditional control carried out using local automation tools at the lower level of the IACS, each executive mechanism is associated with a separate local system. In a DDC system, a computer operating in a multiplexed time-sharing mode simultaneously regulates several control loops. The computer works on the principle of step-by-step control with a short-term sequential connection to each of the serviced control circuits. It calculates and provides each control loop with new control input values. The main advantages of using DDC systems are listed in the paper. Some algorithms for direct digital control on heavy plate rolling mills and the structure of the algorithm and software of DDC are provided in the article. Some solutions regarding the development of DDC systems used for the creation of technological process automation systems at rolling mills are also described. Fig.: 1. Refs.: 5 titles.


UDC 504.3.054

In this paper, software tools for automating the inverse calculation of the atmospheric transport model were developed as a part of the pilot version of the system for analyzing unknown sources of atmospheric pollution in the case of their detection by monitoring networks. By minimizing the defined quality function, the probability of the source location at a certain geographical point, its duration, and time of onset depending on the location, together with the volume of the emission, can be analyzed. The source-receptor function is calculated by using the well-known atmospheric transport model FLEXPART in the inverse calculation mode. Automated calculations of the atmospheric transport model are carried out on the Cloud Computing Platform of the Ukrainian National Grid Infrastructure by creating a virtual machine for the series of FLEXPART calculations. In the future, it is planned to automate the creation and deletion of virtual machines performing calculations. Testing of the developed algorithms was carried out based on meteorological conditions during the wildfires in the Chornobyl Exclusion Zone in 2020 and data generated from measurements taken at one of the stations near Kyiv on April 1819, 2020. During the test simulation, the coordinates of the source and the amount of Cs-137 emissions were considered unknown. Satisfactory results were obtained by comparing the estimated coordinates of the source and the volume of emissions with the corresponding real values. It is shown that the system can timely and sufficiently accurately analyze the most important characteristics of possible unknown sources of atmospheric emissions. The results of the study confirm the potential importance of the obtained results for use in real-life situations and help in the identification and analysis of possible sources of radioactive contamination. The developed methods and algorithmic tools have no limitations regarding the geographical region of calculations and can be used both in the case of emissions in Ukraine and abroad. Figs.: 10. Refs.: 11 titles.


 

 
 
       Last modified: Oct 31, 2023