Methods for assessing the level of security of software of automated systems of internal affairs bodies and directions for their improvement

Methods for assessing the level of security of software of automated systems of internal affairs bodies and directions for their improvement

Objective. The purpose of the article is to analyze existing methods and procedures used to assess the level of software security of automated systems, based on a study of scientific literature, international and industry standards of the Russian Federation on information security of automated syste...

Full description

Saved in:
Bibliographic Details
Main Authors: I. G. Drovnikova, A. D. Popova
Format: Article
Language:Russian
Published: Dagestan State Technical University 2024-01-01
Series:Вестник Дагестанского государственного технического университета: Технические науки
Subjects:
automated system
software
vulnerability
vulnerability criticality
security level
security level assessment
Online Access:https://vestnik.dgtu.ru/jour/article/view/1394
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Objective. The purpose of the article is to analyze existing methods and procedures used to assess the level of software security of automated systems, based on a study of scientific literature, international and industry standards of the Russian Federation on information security of automated systems, guidelines and methodological documents of the Federal Service for Technical and Export Control Russia, as well as departmental orders on the protection of information from unauthorized access at informatization facilities of internal affairs bodies. Method. To achieve this goal, the method of system analysis of approaches used in assessing the level of software security in automated systems was used. Result. The results of an analysis of the main approaches to assessing the level of software security in automated systems are presented. The expediency of combining the considered approaches to carry out a quantitative assessment of the level of software security at informatization facilities of internal affairs bodies in real time, taking into account vulnerabilities in the software used, is substantiated. Conclusion. The results obtained can be used to generate indicators of the level of software security in automated systems of internal affairs bodies and to develop methods for their calculation taking into account the time factor.
ISSN:2073-6185
2542-095X

Similar Items