SITUATION-ORIENTED SECURITY MANAGEMENT SYSTEMS BASED ON A UNIFIED MATRIX MODEL: A LOGICAL-LINGUISTIC AND INTERDISCIPLINARY APPROACH
DOI: 10.31673/2409-7292.2025.030762
DOI:
https://doi.org/10.31673/2409-7292.2025.030762Abstract
The article substantiates the concept of using a unified matrix model as a basis for creating situation-oriented security
management systems (SMS) in conditions of complex multi-level threat dynamics. A methodology for formalizing the structural and functional components of the SMS is developed based on logical-linguistic constructs and inter-sectoral matrices that reflect
the relationships between management entities, security objects, types of threats, forms of risk, response policies and tools for
implementing protective measures. Five stages of situational management are distinguished - threat detection, risk assessment,
identification of alternatives, decision-making and performance control - which are presented in the form of a typical cycle of
management action. An architecture for information integration of the unified model into decision support systems (DSS) and
situational centers as part of the nationwide response network is proposed. An example of practical implementation of the model
for a scenario of an inter-sectoral threat in the critical infrastructure sector with a multidimensional assessment of effectiveness
is demonstrated. The results obtained confirm the feasibility of further development of a systemic approach to situational
management, focused on proactive threat detection and adaptive response in conditions of hybrid danger and increasing
complexity of the security environment.
Keywords: situational management, unified matrix model, security system, critical infrastructure, inter-sectoral threat.
References
1. Domarev, V. V. (2004). Bezpeka informatsiinykh tekhnolohii: Systemnyi pidkhid [Information-technology
security: A systems approach]. TID “Diasoft”. https://nvd.luguniv.edu.ua/archiv/NN9/10plvvas.pdf (arxiv.org).
2. Domarev, V. V. (2002). Bezpeka informatsiinykh tekhnolohii: Metodolohiia stvore nnia system zakhystu
[Information-technology security: Methodology for building protection systems]. TID “DS”. https://www.
bsut.by/images/MainMenuFiles/Obrazovanie/Studentam/eumkd/et/euk_56_029/ch1/ch1_1/ch1_1_1.pdf (bsut.by).
3. Domarev, V. V., & Domarev, D. V. (2012). Upravlinnia informatsiinoiu bezpekoiu v bankivskykh ustanovakh:
Teoriia i praktyka vprovadzhennia standartiv serii ISO 27k [Information-security management in banking institutions:
Theory and practice of ISO 27k implementation]. Velstar. https://www.old.nas.gov.ua/siaz/ Ways_of_development_of_
Ukrainian_science/article/12068.001.pdf.
4. National Bank of Ukraine. (2010). DSTU SUIB 1.0/ISO/IEC 27001:2010. Informatsiini tekhnolohii. Metody
zakhystu. Systema upravlinnia informatsiinoiu bezpekoiu. Vymohy (ISO/IEC 27001:2005, MOD). https://kyianyn.files.
wordpress.com/2010/12/nbu-27001.pdf (scispace.com).
5. National Bank of Ukraine. (2010). DSTU SUIB 2.0/ISO/IEC 27002:2010. Informatsiini tekhnolohii. Metody
zakhystu. Zvid pravyl dlia upravlinnia informatsiinoiu bezpekoiu (ISO/IEC 27002:2005, MOD). https://sbyte.com/useful/27002.pdf (scispace.com).
6. National Bank of Ukraine. (2011, March 3). Lyst № 24112/365: Metodychni rekomendatsii shchodo
vprovadzhennia systemy upravlinnia informatsiinoiu bezpekoiu ta metodyky otsinky ryzykiv vidpovidno do standartiv
NBU [Letter No. 24112/365: Guidelines for ISMS implementation and risk assessment]. https://bank.gov.ua
(bank.gov.ua).
7. Domarev, V. V. (2004). Otsinka efektyvnosti system zakhystu informatsii [Evaluation of the effectiveness of
information-protection systems]. Problemy zakhystu informatsii. Retrieved from https://pgf.udpu.edu.ua/wpcontent/uploads/2019/12/РП-Інформаційна-безпека.pdf (pgf.udpu.edu.ua).
8. Domarev, D. V., & Domarev, V. V. (2011). Information security management system “Matrix” based on system
approach. Problemy informatyzatsii ta upravlinnia, 2(34), 36-39. https://doi.org/10.18372/22255036.19.4706.
9. Moroz, O. Ya. (1972). Lohiko-hnoseolohichnyi analiz pryntsypiv kybernetychnoho modeliuvannia [Logicalgnoseological analysis of cybernetic-modeling principles]. Naukova dumka. https://iino.knuba.edu.ua/.../Філософія.pdf
(iino.knuba.edu.ua).
10. Shengeriy, L. M. (2007). Ihrova skhema ratsionalnosti: Lohiko-analitychne modeliuvannia vzaiemodii
subiektiv [The game scheme of rationality: A logical-analytical modeling of subject interaction]. Filosofski obryi, 18,
129-141. https://harvester.nas.gov.ua/Record/irk-123456789-73475 (harvester.nas.gov.ua).
11. Bezshtanko, V. (2006). Tsykl vprovadzhennia systemy upravlinnia informatsiinoiu bezpekoiu [Cycle of
information-security management system implementation]. Pravove, normatyvne ta metrologichne zabezpechennia
systemy zakhystu informatsii v Ukraini, 2(13), 123–126. https://ela.kpi.ua/handle/123456789/10974 (ela.kpi.ua).
12. Kharchenko, V., Pechevysty, R., Alexeiev, O., & Karapetyan, S. (2020). Selection of a system of indicators
characterizing the effectiveness of the flight safety management system. Proceedings of the National Aviation University,
84(3), 14–18. https://doi.org/10.18372/2306-1472.84.14948 (jrnl.nau.edu.ua).
13. Ostriakova, V. Yu. (2017). Formuvannia systemy upravlinnia informatsiinoiu bezpekoiu pidpryiemstv
[Formation of the enterprise information-security management system] (Candidate’s thesis). Kyiv National University of
Technologies and Design. https://er.knutd.edu.ua/handle/123456789/8187 (er.knutd.edu.ua).
14. Ananchenko, O. Ye. (2016). Pytannia formuvannia orhanizatsiinoi struktury systemy upravlinnia
informatsiinoiu bezpekoiu pidpryiemstva [Issues of forming the organizational structure of an enterprise informationsecurity management system]. Suchasnyi zakhyst informatsii, 1, 79-83. https://journals.dut.edu.ua/index.php/ dataprotect/
article/view/536 (journals.dut.edu.ua).
15. Lysenko, S. O. (2023). Rozvytok systemy derzhavnoho upravlinnia informatsiinoiu bezpekoiu na suchasnomu
etapi [Development of the state information-security management system at the present stage]. Law and Public
Administration, (1), 53-60. https://doi.org/10.32782/pdu.2023.1.53 (researchgate.net).
16. Medvid, V. Yu., Pravdyvets, O. M., & Kryvchun, R. Yu. (2023). Teoretyko-metodychni zasady formuvannia
systemy upravlinnia informatsiinoiu bezpekoiu pidpryiemstva [Theoretical and methodological principles for forming an
enterprise information-security management system]. Agrosvit, 1, 24–30. https://doi.org/10.32702/2306-6792.2023.1.24
(dspace.krok.edu.ua).
17. Mykolaychuk, M., & Popov, M. (2025). Udoskonalennia systemy instrumentiv upravlinnia bezpekoiu Ukrainy
na rehionalnomu rivni [Improvement of the system of management tools for Ukraine’s security at the regional level].
Natsionalni Interesy Ukrainy, 3(8), 232–251. https://doi.org/10.52058/3041-1793-2025-3(8)-232-251 (researchgate.net).
18. Koryeeva, N. H. (2020). Formuvannia suchasnoi systemy upravlinnia informatsiinoiu bezpekoiu viiskovoi
chasty [Formation of the modern information-security management system of a military unit] (Master’s thesis). Chernihiv
National Technological University. https://ir.stu.cn.ua/handle/123456789/19964 (ir.stu.cn.ua).
19. Baranova, O. A., Shtefan, D. Yu., & Shvetsov, V. M. (2013). Informatsiina model avtomatyzovanoi systemy
upravlinnia informatsiinoiu bezpekoiu sudna [Information model of an automated ship information-security management
system]. Proceedings of the III All-Ukrainian Scientific-Practical Conference “Modern Problems of Information Security
in Transport” (pp. 1–5). Mykolaiv: National University of Shipbuilding. https://eir.nuos.edu.ua/handle/123456789/1218
(eir.nuos.edu.ua).
20. Tereshchenko, L. O. (2021). Upravlinnia ryzykamy informatsiinykh system: etapy protsesu upravlinnia
ryzykamy [Risk management of information systems: Stages of the risk-management process]. Ekonomika ta Suspilstvo,
(31), Article 12. https://doi.org/10.32782/2524-0072/2021-31-12 (economyandsociety.in.ua).
21. Beliachenko, V. V., Bobrov, S. V., & Utiushev, M. K. (2021). Upravlinnia ryzykamy stvorennia elementiv
avtomatyzovanykh system upravlinnia [Risk management in the development of automated control-system elements].
Zbirnyk naukovykh prats Tsentru voienno-stratehichnykh doslidzhen Natsionalnoho universytetu oborony Ukrainy im. I.
Cherniakhovskoho, 3(70), 101–106. https://doi.org/10.33099/2304-2745/2020-3-70/101-106.
22. Dodon, O. D., & Kovalenko, O. O. (2022). Modeli informatsiinykh system upravlinnia personalom [Models
of human-resource-management information systems]. Efektyvna ekonomika, (11). https://doi.org/10.32702/2307-
2105.2022.11.22.
23. Netreba, I. (2014). Etapy rozvytku informatsiinykh system upravlinnia pidpryiemstvom [Stages of
development of enterprise-management information systems]. Formuvannia rynkovoi ekonomiky v Ukraini, 31(2), 82–
85. https://irbis-nbuv.gov.ua/.../Nvmgu_eim_2015_10_27.pdf (irbis-nbuv.gov.ua).
24. Semenyuk, A. Ya. (2009). Rozvytok standartiv informatsiinykh system dlia upravlinnia pidpryiemstvom
[Development of standards for enterprise-management information systems]. Naukovyi visnyk Uzhhorodskoho
natsionalnoho universytetu. Seriia Ekonomika, 28(2), 143–148. https://dspace.uzhnu.edu.ua/jspui/handle/lib/52105
(dspace.uzhnu.edu.ua).
25. Netreba, I. O. (2013). Pidkhody do klasyfikatsii informatsiinykh system upravlinnia pidpryiemstvom
[Approaches to the classification of enterprise-management information systems]. Formuvannia rynkovykh vidnosyn v
Ukraini, (4), 137–140. https://irbis-nbuv.gov.ua/.../frvu_2013_4_33 (irbis-nbuv.gov.ua).
26. Bezborodova, T. V. (2007). Peredumovy ta etapy formuvannia korporatyvnykh informatsiinykh system
upravlinnia [Preconditions and stages of forming corporate-management information systems]. Ekonomika ta derzhava,
(10), 41–44. https://www.economy.nayka.com.ua/?op=1&z=674 (economy.nayka.com.ua).
27. Solovyiov, V. M., Serdiuk, O. A., & Danylychuk, G. B. (2016). Modeliuvannia skladnykh system [Modeling
of complex systems]. Vydavets O. Yu. Vovchok. https://doi.org/10.31812/0564/1065.
28. Solovyiov, V. M. (2017). Universalnyi instrumentarii modeliuvannia skladnykh system [Universal toolkit for
modeling complex systems]. New Computer Technology, 15, 10–14. https://doi.org/10.55056/nocote.v15i0.617.
29. Bratushka, S. M. (2009). Imitatsiine modeliuvannia yak instrument doslidzhennia skladnykh ekonomichnykh
system [Simulation modeling as a tool for studying complex economic systems]. Visnyk Ukrainskoi akademii bankivskoi
spravy, 2(27), 113–118. http://essuir.sumdu.edu.ua/handle/123456789/55242 (essuir.sumdu.edu.ua).
30. Khimich, O. M. (2018). Superkomp’iuterni tekhnolohii ta matematychne modeliuvannia skladnykh system
[Supercomputer technologies and mathematical modeling of complex systems]. Visnyk Natsionalnoi akademii nauk
Ukrainy, (5), 69–72. https://irbis-nbuv.gov.ua/.../vnanu_2018_5_21 (irbis-nbuv.gov.ua).
