Аннотации:
This article addresses the issue of information security in the Industrial Internet of Things
(IIoT) environment. Information security risk assessment in the IIoT is complicated by several factors:
the complexity and heterogeneity of the system, the dynamic nature of the system, the distributed
network infrastructure, the lack of standards and guidelines, and the increased consequences of
security breaches. Given these factors, information security risk assessment in the IIoT requires
a comprehensive approach adapted to the peculiarities and requirements of a particular system
and industry. It is necessary to use specialized risk assessment methods and to take into account
the context and peculiarities of the system. The method of information security risk assessment
in the IIoT, based on the mathematical apparatus of fuzzy set theory, is proposed. This paper
analyzes information security threats for IIoT systems, from which the most significant criteria
are selected. The rules, based on which decisions are made, are formulated in the form of logical
formulas containing input parameters. Three fuzzy inference systems are used: one to estimate
the probability of threat realization, another to estimate the probable damage, and a final one to
estimate the information security risk for the IIoT system. Based on the proposed method, examples
of calculating the information security risk assessment in the IIoT environment are provided. The
proposed scientific approach can serve as a foundation for creating expert decision support systems
for designing IIoT systems.