Seryodkin S.P. The practice of using an automated method for modeling information security threats // Informacionnye tehnologii i matematicheskoe modelirovanie v upravlenii slozhnymi sistemami: elektronnyj nauchnyj zhurnal [Information technology and mathematical modeling in the man-agement of complex systems: electronic scientific journal], 2023. No. 1(17). P. 36-40. DOI: 10.26731/2658 3704.2023.1(17).36-40 [Accessed 31/03/23]
10.26731/2658-3704.2023.1(17).36-40
The paper proposes an approach to considering the trial operation of the simulated security threats section, which makes it possible to significantly facilitate the process of conducting a security threat methodology for information systems in accordance with the threat assessment methodology of the Federal Service for Technical and Export Control (FSTEC) of Russia dated February 5, 2021.
1. https://www.ptsecurity.com/ru-ru.
2. Decree of the President of the Russian Federation No. 250 dated 01.05.2022 "On additional measures to ensure information security of the Russian Federation".
3. Decree of the President of the Russian Federation No. 166 dated 30.03.2022 "On measures to ensure the Technological Independence and security of the Critical Information Infrastructure of the Russian Federation".
4. Information Message "On THE PROCEDURE FOR CONSIDERATION AND APPROVAL OF INFORMATION SECURITY THREAT MODELS AND TECHNICAL SPECIFICATIONS FOR THE CREATION OF STATE INFORMATION SYSTEMS" of the FSTEC of Russia dated June 22, 2017 N 240/22/3031 - https://fstec.ru.
5. Methodological document. Approved by the FSTEC of Russia on February 5, 2021, "METHODOLOGY for ASSESSING INFORMATION SECURITY THREATS"- https://fstec.ru.
7. Decree of the President of the Russian Federation No. 1085 dated 16.08.2004 "Issues of the Federal Service for Technical and Export Control".
8. Decree of the President of the Russian Federation No. 569 of 11/25/2017 "On Amendments to the Regulations on the Federal Service for Technical and Export Control, approved by Decree of the President of the Russian Federation No. 1085 of August 16, 2004".
9. The Order of the FSTEC of Russia of February 11, 2013 No. 17 "On approval of requirements for the protection of information not constituting a state secret contained in state information systems".
10. Federal Law No. 149-FZ of July 27, 2006 "On Information, Information Technologies and Information Protection".
11. https://attack.mitre.org/matrices/enterprise/
12. https://mitre-attack.github.io/attack-navigator/
13. https://apt.securelist.com
15. ttps://www.vesti.ru/hitech/article/2671915
16. https://www.corpsoft24.ru/about/blog/modelirovanie-ugroz-chto-novogo/?ysclid=ld2j6m7x9y320456447