### Terms and definitions

• Assets – the pieces of the valuable information? Process? Humans e.t.c (may be subject or object)
• bridge - an list of edges along which a right can be passed.
• Security level (level) - gradation of security protection with associated sets of requirements, assigned to a system according to the maximum consequences of a successful cyber attack on this system in terms of plant safety and performance
• Security graph - a finite, weighted , directed graph called a protection graph represent a system to be modeled. A protection graph has two distinct kinds of vertices, called subjects and objects.
• Subjects - the active vertices, and (for example) can represent users; they can pass information and authority by invoking graph rewriting rules.
• Objects -on the other hand, are completely passive; they can (for example) represent files, buffers and do nothing.
• In protection graphs, the subjects are represented by and objects by .
• The edges of a protection graph are labeled with subsets of a finite set R of rights. Suppose that {r,w,t,g} , where r, w, t, and g represent read, write, take, and grant rights, respectively. When written as labels on a graph, the set braces are normally omitted. The edges have color coding as {r,w,t,g}.
• Edge's weight . The weight in range 0-1 (default 1.0) may be assigned to the edge. The weight shows subjective probability that corresponding to the edge relation will be realized in a system.

Inf:The assigned weight to the edge is not affected the result but instead affecting the way how the result is showning, pushing more reliable result on the top of the list.
• An island - a maximal tg-connected subject-only subgraph in protection graph.
• can_share(a, x, y) -if x can acquire a rights to y, then is true
• can_steal(a, x, y) - if the right can be transferred without any vertex which has that right applying a rule, the right is said to be stolen. (in beta)
• can_know(x, y,) -if x can pass (acquire) information by a to y, then is true
• Zones - a logical and physical concept for grouping computer systems for administration, communication and application of protective measures.
The assets belonging to one zone have equal selected access right to the information within zone.
• Security degree (level) - gradation of security protection with associated sets of requirements, assigned to a system according to the maximum consequences of a successful cyber attack on this system in terms of plant safety and performance [adopted from iec 62645]. The levels may be also thinked as the entire set of subjects that are being arranged hierarchically basing on the number of incoming edges.
More formally, the security level for security graph G(E,V) else may be viewed as partion of the vertex set L = {L 0, L1, . . . , Lh} of security graph into h ≥ 1 subsets such that if (u, v) ∈ E with u ∈ Lj and v ∈ Li then i < j. L is called a layering of G and the sets L0, L 0, . . ., L0 are called layers.

A layered security graph with 4 layers (1) - highest and 4-th lowers is shown on the figure.
• Risk levels - risk assessment is done on a base of the computing the incoming access paths for an every asset from the other ones in system and ordering them.

Inf:The risk is higher for risk level with smaller number

### The basic security “take-grant” model

• Cybersecurity should be considered from the point of view of the possibility of acquiring the specific right of access from subject S to the object O (did not exist in an initial security graph G ) during the sequence of elementary transformation of the initial graph. The rights may be acquired through authorized or unauthorized procedure.
• Main security axiom: A system is secure if : its initial state is secure Each action that starts in a secure state results in a secure state
• Basic security theorem: All security problems are related to access from the subject to the object
• E = O ∪ S - assets, where O - objects, S - subjects; Ra = {Read+, Write+, Take, Grant, Read, Write} - access rights; G = (S, E, Ra ) – security protection graph G(t) – state of the system at time t; G* set of all possible state of the system; OP ={Create, Remove, Find, Post, Pass, Spy, Find} - set of elementary transitional rules. G(t) ├ op G(t+1) ∑(G*, OP) – system representation