Modeling the Development of Energy Network Software, Taking into Account the Detection and Elimination of Vulnerabilities

Igor Kotenko (), Konstantin Izrailov, Mikhail Buinevich, Igor Saenko and Rajeev Shorey
Additional contact information
Igor Kotenko: Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia
Konstantin Izrailov: Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia
Mikhail Buinevich: Department of Applied Mathematics and Information Technologies, Saint-Petersburg University of State Fire Service of EMERCOM of Russia, 196105 Saint-Petersburg, Russia
Igor Saenko: Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia
Rajeev Shorey: University of Queensland-IIT Delhi Academy of Research (UQIDAR), New Delhi 110016, India

Energies, 2023, vol. 16, issue 13, 1-40

Abstract: This paper solves the problem of modeling the scheme for developing software systems, which can be used in building solutions for secure energy networks. A development scheme is proposed in a set of representations through which each program of the software complex passes, namely the following representations: idea, conceptual model, architecture, algorithm, source code, graphic code, abstract syntax tree, assembler code, machine code, byte code, executed code. The main properties of each representation are indicated, such as the form (text, graphic, programming language, binary, and decoded), development (transformation) methods, as well as vulnerabilities that are detected in it. An example of each representation is given, particularly as applied to the energy networks. The scheme elements (representations, vulnerabilities, forms, etc.) and the main operations for working with their elements (representation transformation, vulnerability injection, and detection) are presented in an analytical form. An example of a development scheme for a simple software complex of energy networks is given. The classification of vulnerabilities is introduced; it divides the vulnerabilities according to the structural level, functioning disruption, and information impact. The vulnerabilities in each of the views are substantiated using the common vulnerabilities and exposures (CVE) database. An experiment was conducted to demonstrate the vulnerability spread across representations during the development of a software complex example for the energy network. The features of the applications of the obtained results for energy networks are taken into account. The advantages, disadvantages, and limitations of the study, as well as ways to eliminate them, are discussed.

Keywords: information security; energetics; software engineering; software representation; analytical modeling; cyber resilience (search for similar items in EconPapers)
JEL-codes: Q Q0 Q4 Q40 Q41 Q42 Q43 Q47 Q48 Q49 (search for similar items in EconPapers)
Date: 2023
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
https://www.mdpi.com/1996-1073/16/13/5111/pdf (application/pdf)
https://www.mdpi.com/1996-1073/16/13/5111/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jeners:v:16:y:2023:i:13:p:5111-:d:1185250

Access Statistics for this article

Energies is currently edited by Ms. Agatha Cao

More articles in Energies from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().