Background: One of the communication characteristics is the availability of information
system for critical use (ISCU), which provides the allocation of computational resources in a finite
volume, limited by the concept of a virtual machine (VM) to the authorized person (AP) in response
to his input request and access to critical data in accordance with the created control schemes, taking
into account privileges of AP in the form of system security policy rules.
Objective: The objective of the article is to optimize the communication capabilities of the information
system for critical use, to synthesize a mathematical concept of availability oriented to practical
Methods: The article presents new mathematical models for controlling the availability of ISCU,
which, unlike the existing ones, take into account the features of the ISCU topology, the rules, and
the essence of its service operations while controlling the access process of APs to the information
environment (IE) of the system. These models also formalize the connection of the set of service operations
with the set of system responses to the input requests from the APs in the form of a controlled
semi-Markov process with reserving resources for the self-security of a system from the consequences
of the actions of the APs. On the basis of suggested models, the mathematical programming
task was formulated that allows to identify the optimal strategy for managing the availability of
the ISCU by minimizing the costs of its functioning and to obtain a stochastic estimation of the
availability of the system at any stage of its life cycle.
Results: Based on the created mathematical models, simulation of the availability of ISCU was performed
using the Matlab software environment. The research results showed that the rules for responding
to incoming requests from APs based on the proposed models, depending on the system
load and service operations performed in the system IE, make it possible to maintain the probability
of incoming requests being rejected from APs within specified limits, minimizing the cost of functioning
the ISCU. However, analysis of empirical results showed that during the time of construction
of the system security policy rules based on the proposed model of availability of ISCU with reserving
resources to ensure the security of the system IE from the actions of APs with the rapidly increasing
intensity of incoming requests from APs with high values of the danger characteristic, the number
of access rejections starts to increase quadratically. In general, the obtained experimental results
confirmed the adequacy of the proposed mathematical models for the availability of ISCU.
Conclusion: The study proposes the mathematical models of the availability of the information system
for critical use to optimize control of its communication capabilities. Studies have shown that to
neutralize the consequences of the above situation leading to a decrease in the availability of ISCU, it
is necessary to lay a 20% reserve of system resources at the design stage.