A methodology for development for distributed computer network (DCN) information security system (IS) for an informatization object (OBI) was proposed. It was proposed to use mathematical modeling at the first stage of the methodology. In particular, a mathematical model was presented based on the use of the apparatus of probability theory to calculate the vulnerability coefficient. This coefficient allows one to assess the level of information security of the OBI network. Criteria for assessing the acceptable and critical level of risks for information security were proposed as well. At the second stage of the methodology development of the IS DCN system, methods of simulation and virtualization of the components of the IS DCN were used. In the course of experimental studies, a model of a protected DCN has been built. In the experimental model, network devices and DCN IS components were emulated on virtual machines (VMs). The DCN resources were reproduced using the Proxmox VE virtualization system. IPS Suricata was deployed on RCS hosts running PVE. Splunk was used as SIEM. It has been shown that the proposed methodology for the formation of the IS system for DCN and the model of the vulnerability coefficient makes it possible to obtain a quantitative assessment of the levels of vulnerability of DCN OBI.

An information security audit method (ISA) for a distributed computer network (DCN) of an informatization object (OBI) has been developed. Proposed method is based on the ISA procedures automation by using Bayesian networks (BN) and artificial neural networks (ANN) to assess the risks. It was shown that such a combination of BN and ANN makes it possible to quickly determine the actual risks for OBI information security (IS). At the same time, data from sensors of various hardware and software information security means (ISM) in the OBI DCS segments are used as the initial information. It was shown that the automation of ISA procedures based on the use of BN and ANN allows the DCN IS administrator to respond dynamically to threats in a real time manner, to promptly select effective countermeasures to protect the DCS.

Additions were proposed to the method of organizing the information security (IS) event management process of companies. Unlike existing solutions, the algorithm of the "Event handling" subprocess was detailed. This detailing is a complex, which includes the IS event processing substage. In addition, the proposed detailing of the "Event Handling" subprocess allows for covering the entire life cycle of an IS event. The performed research allows in practice to fill in potential gaps in information when creating a company's ISMS. An additional advantage of the proposed solution is the possibility of using this sub-process as an independent one. The proposed approach makes it possible to simplify the procedure for managing the information security of a company as a whole, as well as potentially reduce the costs of its construction for small companies and enterprises. Also, this subprocess can be considered as an independent information security management process, for example, for a company's CIS. The proposed solutions and additions, in contrast to similar studies, are characterized by invariance with respect to the methods of implementing the company's IS infrastructure solutions, and in particular its CIS. This ultimately allows, without changing the methodological tools, to scale this approach and adapt it to the ISMS of various companies.

A hardware-software system has been implemented to monitor the environmental state (EnvState) at the site of railway (RY) accidents and disasters. The proposed hardware-software system consists of several main components. The first software component, based on the queueing theory (QT), simulates the workload of emergency response units at the RY accident site. It also interacts with a central data processing server and information collection devices. A transmitter for these devices was built on the ATmega328 microcontroller. The hardware part of the environmental monitoring system at the RY accident site is also based on the ATmega328 microcontroller. In the hardwaresoftware system for monitoring the EnvState at the RY accident site, the data processing server receives information via the MQTT protocol from all devices about the state of each sensor and the device's location at the RY accident or disaster site, accompanied by EnvState contamination. All data is periodically recorded in a database on the server in the appropriate format with timestamps. The obtained information can then be used by specialists from the emergency response headquarters.

A methodology is proposed for modifying computer ontologies (CO) for electronic courses (EC) in the field of information and communication technologies (ICT) for universities, schools, extracurricular institutions, as well as for the professional retraining of specialists. The methodology includes the modification of CO by representing the formal ontograph of CO in the form of a graph and using techniques for working with the graph to find optimal paths on the graph using applied software (SW). A genetic algorithm (GA) is involved in the search for the optimal CO. This will lead to the division of the ontograph into branches and the ability to calculate the best trajectory in a certain sense through the EC educational material, taking into account the syllabus. An example is considered for the ICT course syllabus in terms of a specific topic covering the design and use of databases. It is concluded that for the full implementation of this methodology, a tool is needed that automates this procedure for developing EC and/or electronic textbooks. An algorithm and a prototype of software tools are also proposed, integrating machine methods of working with CO and graphs.