Cyber attacks on technological systems (TS) of critical infrastructure, such as denial of service attacks, increased significantly in recent years. Therefore, there is an ever increasing need to improve protection of technological systems of critical infrastructure from such attacks.
The most popular methods of protecting technological systems of critical infrastructure are modeling and filtering of the control parameters acting on the technological objects of the critical infrustructure. There are diverse variants of implementation of these methods.
Some known methods discover anomalies (i.e., a deviation from normal operation) in the working of objects of critical infrastructure, such as falsification of control parameters used to control the objects of infrastructure. Anomalies may be detected based on modeling of normal activity of the objects and detecting deviations the norm in the functioning of a system.
However, known methods for protection of TS do not allow monitoring and controlling operation of different subsystems and levels of the TS at specified time.