BUILDING MODELS FOR CREATING AND EVALUATING THE EFFECTIVENESS OF SYSTEMS THAT PROVIDE SECURITY WHEN WORKING WITH INFORMATION AND MEASUREMENT SYSTEMS

2017, vol. 17, no. 4, pp. 54–65 54


Introduction
The use of new information technologies provides an increase in labor productivity. However, professional activities in the information society can be dangerous and lead to economic losses. The damage resulting from the use of new information technologies is commensurate with the annual growth of the gross domestic product. The problem of providing technogenic safety is 70 % associated with the human factor [1].
In recent years, there have been more accidents of large-scale failures in large power systems in the world. For example, 14 Aug 2003, in the US there was a cascade failure when the output of one power system element led to its termination due to overload and damage of other elements. As a result, mass power outage covered the largest cities in the north-eastern United States and Canada. The total load loss amounted to 61,800 MW. In the issue, 50 million consumers did not receive electricity on the average about 4 days. The damage in the US alone equaled to about $ 10 billion, and in Canada -more than 2 billion Canadian dollars [2]. This situation is due to a number of reasons. First, energy equipment, communications and means of measuring energy flows in power systems have a sufficiently long period of operation, which leads to the need to increase the number of energy-saving measures aimed at maintaining the operating regime within specified reliability limits.
At the same time, there is a need for frequent disconnections of individual sections of energy flows for routine preventive repairs of equipment, communications, and replacement of measuring instruments. In addition, during the implementation of these measures, the time of finding personnel in the areas of possible electric shock or energy or vibration is increased, which increases the threat to its safety.
Secondly, the error in the measurement of electricity and energy in traditional conditions is quite a large amount, depending on the subjective component associated with the characteristics of the work of the staff. In addition, it is difficult to determine the economically feasible value of peak power. Therefore, in practice, for reasons of reliability, its overestimated value is stated.
Thirdly, failures and damages in the measuring system can distort commercial measurements of energy resources and lead to financial risks of energy supplying organizations. In addition, errors in measurements can be associated with deliberate distortion of measurements to reduce fees for the use of energy resources from the consumer, which leads to the emergence of commercial energy losses.
This situation creates an energy barrier to economic growth, associated with the need to attract additional funds for the implementation of activities aimed at energy security and energy conservation.
The main problem, the solution of which is promoted by the "State Program for Energy Saving and Increasing Energy Efficiency for the Period to 2020", is to overcome the energy barriers to economic growth, including by saving the funds released as a result of the implementation of energy-saving measures, Volumes of inputs of expensive power capacities. One of the main targets for the long-term socio-economic development of the Russian Federation for the period until 2020 is the security of citizens and society [3].
To solve this problem, it is necessary to improve and ensure the highest possible level of automation of electricity generation and transmission and distribution technologies. An effective means for solving the above tasks is the use of automated process control systems and automated information and measuring systems, including automated systems for integrated energy accounting.
However, automation, in addition to increasing the effectiveness of professional activities, is accompanied by the strengthening of traditional and the emergence of new risks to the safety of professional activities [4,5].
Topical issues of initiatives of academic excellence are management models and the role of the state, methods for assessing the effectiveness and distribution of funding between universities [6].

Terms of reference
Using traditional measurement method, we manipulate only daily electric power consumptions that do not allow analyzing the energy consumption dynamics of bad actor by hourly average value. Therefore, a necessary criterion for a decision in relation to the bad actor is the use of automated information measurement system (AIMS), which afford to preserve the value of electricity consumption with discreteness less than one hour.
AIMS of commercial and technical energy audit for all types of energy products allow the company to:  monitor compliance of actual and allowable power consumption imbalances at the substations and the enterprise as a whole;  control quickly the electric power utilization degree;  select and modify the normal scheme of enterprises power supply to minimize the losses of electricity when needed;  identify the sources of non-normative losses of electricity in the structural units and while power transmission;  control reactive power on line, to develop measures to derate it in order to decrease technical losses, reduce load of power equipment, increase maintenance periods;  set energy limits (hour, daily and monthly) for the structural subdivisions of the enterprise and monitor their implementation;  obtain operational control over the reliability of commercial utility metering;  make the control over the observance of specific norms of energy consumption in the production process, taking into account the volume of output and quality;  analyze the efficiency of energy use;  provide information and to monitor the implementation of energy conservation measures;  perform analysis to identify cases of inefficient use of energy resources and their causes. Hardware-software system "Energy" intended for the construction of automated information and measuring systems (AIMS) of commercial and technical electric power record-keeping -electric and thermal energy, natural and technical gases, steam, hot and cold water, is widely practiced in the industry and energy companies in the Russian Federation. Scientific-Technical Undertaking "Energocontrol", a developer and maker of "Energy", brought more than 1,000 such enterprises on its website [7].
There are various approaches to solving the problems of ensuring the safety of professional activity in the information society. The first approach is based on the use of experience, the second -on the use of mathematical models.
Examples of the first approach include the experience of implementing a distributed information system in a multi-branch organization using the example of FSUE Russian Post [8] and information and measuring systems at Chelyabinsk CHPP-2 [9][10][11][12][13][14].
The second approach is based on comparing the actual state of the system with an estimate obtained using its mathematical model, which can be developed on the basis of theoretical laws or experimental data. To create mathematical models from experimental data, the methods of principal components and eigenstates are used [15], as well as multidimensional interpolation and approximation based on the theory of random functions [16].
A promising area for the mathematical models construction is the use of methods based on the state estimation theory, assuming the availability of automated information measurement system (AIMS), which forms a system of equations describing its condition or treatment. Measurements of the system regime parameters have information errors, which result in residuals and outs-of-balance in the state equations containing "raw" measurements. The basic idea of state estimation associated with obtaining settlement analogues for all available measurements. The difference between the measurement and its imputed analog is called a residue evaluation. Significant values of residue estimations are a sign of big errors of specific measurements. The method, presented in the article [17], makes it possible to implement a number of useful features of perspective measuring system:  to improve the accuracy of the measurement of energy, which transportation is carried out with the help of the network infrastructure; The result is the creation of a unified Automated Informational-Measuring System of energy resources control and accounting and the unification of computational parts of systems;  to choose the best point of the energy measurement installation based on state estimation theory;  to smooth the measurement uncertainty and minor inconsistencies in the testimony of a measuring system group for ensuring compliance;  to detect invalid data with the possibility of repeated request, as well as a source of unreliable information and indicate a fault in the system;  to assess the level of commercial losses and localize them. With this method, it is possible to identify and eliminate false measurement channels or power leakage and to determine the current state of the power system, which is determined by the readings of generated or consumed electricity of its members. This state may differ from its safe condition.
Based on the application of mathematical models, the problems of automated diagnostics of measuring channels and search for unacceptable energy losses as a result of the introduction of information and measurement systems are solved [18][19][20][21][22].
In addition, with the help of models for the safe state of the electric power system, an algorithm and a program for monitoring the observance of a safe operating regime have been developed, which has made it possible to improve the efficiency of measures to ensure the safe operation of equipment and the objectivity of working with personnel [23].
Each specialist in his own way solves the problem of providing security and uses his methods and methods to achieve the set goals. In this case, each of them in its specific case finds its correct solutions. However, as practice shows, the totality of such correct decisions does not give a positive result in sumthe security system as a whole works inefficiently [24].
The guarantee of safe work with information and measuring systems is the implementation of necessary measures that minimize all existing risks, taking into account their degree of influence on safety. These requirements are determined by the need to take into account all risks and interests involved in the process of implementing new information technologies.
Therefore, the goal of the study is to build models for creating and evaluating the effectiveness of systems that provide security when working with information and measurement systems based on a systematic approach to the accounting of the impact of risks. The subjects of the study are models for creating and evaluating the effectiveness of systems that provide security when working with information and measurement systems.

Building models for creating and evaluating the efficiency of systems providing safety in work with information-measuring systems
The practical task of ensuring security is to develop a model of a system of professional activity processes that, based on the scientific and methodological apparatus, would solve the tasks of creating, using and assessing security for the projected and existing systems.
Such models must satisfy a number of requirements. First, the model should be used as:  Guidelines for establishing a security system;  Methods of forming indicators and system requirements;  Methodologies for assessing the system;  Model of the system for conducting research. Secondly, the model must have the properties of universality, complexity, ease of use, visibility and practical focus. Thirdly, the model should be self-taught and function in conditions of uncertainty of the initial information. Fourth, the model should:  Allow to establish the relationship between the indicators;  Set different levels of protection;  Receive quantitative estimates;  Monitor the state of the system;  Apply different evaluation methods;  Promptly respond to changes in operating conditions;  To unite the efforts of different specialists with a single plan. The model of the information security system -IIS.
The practical task of ensuring information security is to develop an appropriate model that, based on the scientific and methodological apparatus, would solve the tasks of creating, using and evaluating its effectiveness for the projected and existing unique IP. In a simplified form, the IIS model is shown in Fig. 1.

Fig. 1. The IIS Model
The main task of the model is the scientific provision of the process of creating a security system when working with information and measurement systems by assessing the security of decisions taken and choosing a rational option for implementing a security system.
As the object of research, a security system was chosen for working with information and measuring systems at Chelyabinsk CHPP-2.
The model of the security system when working with information and measurement systems seems to be worth considering in a three-dimensional dimension: risks, stages and activities to minimize the impact of risks.
Risks are formed on the basis of specific features of the implementation of distance courses of additional education. In general, they are suggested to be associated with threats of an economic, informational, didactic, psychological and social nature.
Stages (sequence of steps) of the system creation must be implemented for each risk.
The basis for activities that reduce the impact of the risks of any complex system, including security systems for the implementation of distance courses of additional education are:  Legislative, regulatory and scientific basis;  Structure and tasks of bodies and units that provide security;  Organizational-technical and regime measures and methods;  Software and hardware.  For each risk and stage, an event that increases safety is defined. The proposed model of security system representation in the form of a three-dimensional matrix ( Table 1) allows not only to strictly monitor mutual relations between security elements, but can act as a guide to the creation of a security system. As the object of research, a security system was chosen for working with information and measuring systems at Chelyabinsk CHPP-2. For the selected object a security system model is generated (Table 2).
It is also possible to evaluate the effectiveness of an established or already functioning security system on the basis of a three-dimensional matrix. Only now on the indicators (elements of the matrix) must be put appropriate estimates.
The methodology for assessing the degree of influence on the security of various components of threats is based on determining the weighting factors for each activity. For example, each step is associa-ted with the value of the degree of risk on a three-point scale ("1" -the influence is not significant, "2"medium, "3" -strong).
The results of using the methodology for assessing the safety management system when working with information and measuring systems at Chelyabinsk CHPP-2 are shown in Table 3. Table 2 Model of the representation of the security system when working with information and measuring systems at Chelyabinsk CHPP-2

Stage
Preventive measure Economic risks 1

Designing the security system for working with information-measuring systems
The design of a security system for working with information and measurement systems is performed according to the following algorithm: 1. On the basis of knowledge and experience, the expert group creates a model of a security system for working with information and measurement systems, which includes a list of possible risks and preventive measures that minimize them in accordance with Table 1. An example of a security system model for working with information-measuring systems is given in Table 2. 2. On the basis of knowledge and experience, each expert creates a model for assessing the security system when working with information and measurement systems, which include lists of possible risks and their weighting factors. For example, each risk is associated with the value of its weight on a three-point scale ("1" -an insignificant effect, "2" is an average, "3" is a strong one). An example of a security assessment model for working with information and measurement systems is given in Table 3. 3. On the basis of models for assessing the security system when working with information and measurement systems of all experts, a final safety assessment model is created, in which the weight of each risk is defined as the sum of the risk weights from the expert models. An example of the formation of a final model of a security system assessment for working with information and measurement systems is given in Table 4. 4. Based on the final model for assessing the security system when working with information and measuring systems, a plan for creating a security system is developed, in which the deadlines for the implementation of activities are determined by the weights of the corresponding risks of the final model.
Consider the results of the implementation of this algorithm at Chelyabinsk CHPP-2.
In order to determine the full range of measures to ensure security and the implementation of the principle of social justice, the group of experts included both department heads and specialists with higher and secondary vocational education. Therefore, the results of the formation of the final model for the assessment of the security system when working with information and measurement systems reflect the interests of all participants in the process of introducing new information technologies (see Table 4). Table 4 The final model for assessing the security system when working with information and measuring systems at Chelyabinsk CHPP-2

Stage
Weight of risk 1 2 3 4 5 As a result of the design of the security system, when working with information and measuring systems, the necessary set of measures for ensuring security is determined, the principle of social justice is implemented and an effective plan for creating a security system is built, by involving representatives of all new information technologies participating in the process of implementation.

Conclusion
The guarantee of safe work with information and measuring systems is the implementation of necessary measures that minimize all existing risks, taking into account their degree of influence on safety. These requirements are determined by the need to take into account all risks and interests involved in the implementation of new information technologies To determine the necessary set of measures to ensure security, a model for creating a security system was built.
To take into account the interests of all those involved in the process of implementing new information technologies, a model for assessing the effectiveness of the security system has been built.
The requirements for the creation and evaluation of the security system are fulfilled by attracting representatives of all the new information technologies involved in the implementation process to the expert group.
On the example of Chelyabinsk CHPP-2, which operates an automated system of integrated energy accounting, describes the process of building models for creating and evaluating the effectiveness of systems that provide security when working with information and measurement systems.
The developed algorithm and the program for designing a system that provides security when working with information and measuring systems have made it possible to improve the efficiency of measures to ensure safe operation at Chelyabinsk CHPP-2.