METHOD FOR OPTIMIZING THE PROTECTION SYSTEM OF CRITICAL INFRASTRUCTURE FACILITIES USING A WEIGHTED SUM OF CRITERIA

Abstract

The article considers the current scientific problem of multi-criteria optimization of the information protection system
at critical infrastructure facilities, where conflicting requirements are simultaneously present: the need to minimize risks, costs,
and delays while ensuring high availability and speed of response to cyber threats. The application of the weighted sum of
criteria method is proposed as an effective tool for reducing the vector objective function to a scalar form, which allows
integrating the subjective priorities of the infrastructure owner through setting weight coefficients. Special attention is paid to
the conditions for the correct application of the method, in particular, the assumption of the convexity of the Pareto front, which
guarantees obtaining a complete set of Pareto-optimal solutions. The need for pre-processing of criteria is justified - unification
of the optimization direction, normalization of values measured in different units, and formalization of constraints related to the
budget, latency, and availability level. Using the example of three key criteria – risk, cost and response time – the construction
of an objective function is demonstrated, which is minimized within realistic constraints typical for large infrastructure facilities.
The analysis of existing approaches (ε-constraints, AHP, TOPSIS, evolutionary algorithms) confirms the advantages of the
proposed method in the context of rapid prototyping and practical implementation due to its computational simplicity,
interpretability and compatibility with classical optimization methods. The results of the study emphasize the importance of the
weighted sum method as a scientifically sound and practically applicable approach to designing effective, economically feasible
and functionally stable cyber protection systems for critical sectors of the economy.
Keywords: information protection system, critical infrastructure facilities, multi-criteria optimization, weighted sum
method, Pareto optimality, cybersecurity, risks.

References
1. Almiani, M., et al. (2021). "Multi-objective optimization for security and QoS in IoT-based critical
infrastructure." Computers & Security, 103, 102167. DOI: 10.1016/j.cose.2021.102167.
2. Khan, R., et al. (2020). "A Pareto-based approach for cybersecurity resource allocation in smart grids." IEEE
Transactions on Smart Grid, 11(5), 4234–4245. DOI: 10.1109/TSG.2020.2985432.
3. Sharma, S., & Trivedi, M. C. (2022). "AHP-TOPSIS hybrid model for cybersecurity risk assessment in critical
infrastructure." Journal of Information Security and Applications, 68, 103235. DOI: 10.1016/j.jisa.2022.103235.
4. Wang, Y., et al. (2023). "Multi-objective optimization of intrusion detection systems using weighted sum and
machine learning." Expert Systems with Applications, 213, Part A, 118923. DOI: 10.1016/j.eswa.2022.118923.
5. García, J. M., et al. (2021). "Security-cost trade-off analysis in critical information infrastructures using Pareto
fronts." Reliability Engineering & System Safety, 216, 107923. DOI: 10.1016/j.ress.2021.107923.
6. Li, X., et al. (2024). "Dynamic multi-objective optimization for adaptive cybersecurity in industrial control
systems." IEEE Transactions on Industrial Informatics, 20(2), 1654–1665. DOI: 10.1109/TII.2023.3308765.
7. Chen, H., et al. (2020). "Weighted-sum based security-aware resource allocation in 5G-enabled critical
infrastructures." IEEE Access, 8, 134567-134579.
8. Лаптєв О.А., Собчук В.В., Савченко В.А. Метод підвищення завадостійкості системи виявлення,
розпізнавання і локалізації цифрових сигналів в інформаційних системах. Збірник наукових праць Військового
інституту Київського національного університету імені Тараса Шевченка. ВІКНУ, 2019. Вип. 66. С. 124-132.
9. Yevseiev, S., Khokhlachova, Yu., Ostapov, S., Laptiev, O., Korol, O., Milevskyi, S. et. al. 2023. "Models of
socio-cyber-physical systems security," Monographs, PC TECHNOLOGY CENTER, 168р. http://doi.org/10.15587/978-
617-7319-72-5.
10. O. Laptiev, V. Sobchuk, A. Ryzhov, A. Sobchuk, S. Kopytko and G. Shuklin. Harmonic Operators in
Mathematical Models of Sources of Detection of Unauthorized Access to Information, 6 International Congress on
Human-Computer Interaction, Optimization and Robotic Applications (HORA 2024), Istanbul, Turkiye, 2024, Р. 1-6.
https://doi.org/10.1109/HORA61326.2024.10550552. Scopus.
11. Олександр Лаптєв, Валентин Собчук, Олег Барабаш, Андрій Мусіенко. Метод визначення параметрів
радіозакладних пристроїв з використанням диференціальних перетворень. V Міжнародна науково-практична
конференція. “Проблеми кібербезпеки інформаційно-телекомунікаційних систем” (PCSIТS)”27-28 жовтня 2022
р. м. Київ, Україна. Збірник матеріалів доповідей та тез. С 63-65.
12. Лаптєв О.А., Марченко В.В. Застосування завад для захисту інформації від витоку радіоканалом.
Сучасний захист інформації. 2025. №1. С.89-97. https://doi.org/10.31673/2409-7292.2025.013057.