# Combining Markov and Semi-Markov Modelling for Assessing Availability and Cybersecurity of Cloud and IoT Systems

^{1}

^{2}

^{3}

^{*}

## Abstract

**:**

## 1. Introduction

- Cloud and IoT systems are complex, multi-component, distributed systems. Therefore, a certain level of generalization is necessary for the analysis and assessment of reliability and cybersecurity, which determines the risks to the accuracy of calculating indicators. Indeed, such systems consist of hundreds and thousands of software and hardware components that have different vulnerabilities and intensities of failures and different laws of distribution of time to failure and recovery, as well as their values. Cloud and IoT systems (CISs) have many common features: they are often combined in integrated cyber-physical systems and IT infrastructure; therefore, it is advisable to solve the problems of assessment and provision of reliability, availability, and cybersecurity from a single point of view.
- The peculiarity of CISs is that their structures and values of parameters affecting the evaluation of indicators are not fixed, although cloud providers providing relevant services use simplified methods based on determining the ratio of the time when the system is in an operational condition until the total time of its use, considering downtime. This is a simplified definition of the stationary value of the availability function, considering downtime for various reasons (failures, cyber-attacks, lack of information sources).
- CISs operate in conditions of uncertainty and changes in the parameters of the physical and informational environment. This factor is particularly influential, as it causes uncertainty in the assessment of dependability and cybersecurity parameters of individual components and systems as a whole.

- firstly, the possibility of the reliable selection and construction of sufficiently fixed models, that is, models selected and intended for the evaluation of systems throughout the entire life cycle, including the operation stage;
- secondly, the possibility of building such sufficiently fixed models in general, considering various factors that lead to changes in the system and environmental parameters.

- What approach can be utilized to provide accurate CIS dependability and availability assessments considering cybersecurity issues?
- Which model attributes are important to classify Markov, semi-Markov, and other derived models that are applied to assess CISs and formulate the tasks to choose appropriate models?
- What consequences should be accepted and combined with the different types of MMs and SMMs for CISs considering the features and parameters of the physical and cyber environment?
- How to apply the methodology of choice and combination of MMs, SMMs, and their modifications to assess the availability and cybersecurity of implemented CISs?

## 2. State of the Art

- Cloud and IoT systems were considered in 25 and 8 papers, respectively;
- Only Markov and semi-Markov models were utilized in 23 and 9 papers, respectively;
- Both Markov and semi-Markov models were utilized in 1 paper;
- Approaches to availability and reliability assessment of IoT/Cloud systems were presented in 17 papers;
- Twelve papers demonstrated approaches to cybersecurity assessment of IoT/Cloud systems;
- Four papers considered the intrusion tolerance issues related to IoT/Cloud systems.

## 3. Approach and Stages

#### 3.1. Selection of Models

- are (not only) selected in such a way that the peculiarities of systems, as well as physical and cyber environments during their development, are considered,
- (but also) vary (change) with the systems during their use, so that various events, changes in failure parameters, cyber-attacks, privacy violations, recovery, etc. are considered for improving the adequacy and accuracy of the assessment of availability and cybersecurity.

#### 3.2. Combination of Models

#### 3.3. Attributes and Indicators

- reliability as a continuity of correct functioning and delivery of service;
- availability as availability for correct functioning and delivery of service at any time;
- cybersecurity as a composite of the sub-attributes, first of all, integrity (absence of improper system alterations) and accessibility to services.

#### 3.4. Stages of Modelling and Assessment

_{A}considering different features of systems S

_{S}and factors S

_{E}of the environment. According to the combination of S

_{A}, S

_{S}, and S

_{E}(in general, their Cartesian product), a set of models S

_{M}is formed:

_{MM}, S

_{SMM}, S

_{MFM}, S

_{MPM}, and S

_{CM}are sets of Markov, semi-Markov, multi-fragmental, multi-phase, and combined models, correspondingly:

_{S}* ϵ S

_{S}and environment S

_{E}* ϵ S

_{E}, and choice of appropriate model S

_{M0}* ϵ S

_{M}or combining models S

_{CM0}* ϵ S

_{M}according to a block of algorithms that will be developed in Section 4.

_{M1}* ϵ S

_{M}or combining models S

_{CM1}* ϵ S

_{M}according to developed algorithms (Section 4).

## 4. Classification of the Models for Choice and Combining

- the degree of Markovity;
- the number and types of phases;
- the number and types of fragments;
- the possibility of combining models.

#### 4.1. The Degree of Markovity

_{MM}and S

_{SMM}).

#### 4.2. Multiphase Models

_{OPM}and S

_{MPM}). Multiphase models (MPM) are used to describe time-deterministic events that affect the values of system parameters. Figure 2 shows an example of a multiphase model of an imaginary single channel system with a scheduled maintenance procedure. During the time intervals (phases) between events that change the parameters of the system, its behavior is modelled by a Markov process (a letter within a phase in Figure 2).

_{1}changes (decreases). The oriented graph does not have transitions to the S2 state, since the service start event, which causes a change in the system parameters, occurs at some point in time (in Figure 2—after a time interval τ). At these moments linking matrix is used. The linking matrix [L] is used to calculate the initial conditions at the beginning of phase (i + 1), based on the probabilities of the conditions at the end of the phase (i), which are mathematically written in the form of Equation (3).

_{i}(τ) with the values obtained at the previous iteration determines the repetition of Equation (1), which allows one to set the initial conditions at the beginning of each online verification interval (model phase) calculation.

**type of period of change**, set S

_{MPM}can be divided into models with a fixed value of the period of change…, S

_{MPM, f.p.}and changed value of the period S

_{MPM, ch.p.}

#### 4.3. Multi-Fragmental Models

**the number of fragments**that describe the behavior of the CIS considering changing parameters of failure rate caused by detection and elimination of design faults and vulnerabilities, recovery rate caused by the increasing complexity of maintenance, etc. According to this attribute, it is distinguished by single and multi-fragmental models (the sets S

_{OFM}and S

_{MFM}).

_{MFM}can be divided into subsets of models according to the subattributes:

- the number of changed parameters: MFMs with one (S
_{MFM, 1 ch.p.}) and more (S_{MFM, m ch.p.}) changed parameters; - the presence of reverse transitions between fragments: MFMs without reverse transitions (S
_{MFM, r.t.}-) and MFMs with reverse transitions (S_{MFM, r.t.+}). Due to various types of faults and vulnerabilities for some of them, it is advisable to restart without deleting; for others, it is necessary to delete); - the number of steps of transitions between fragments: MFM with one (S
_{MFM, 1 s.t.}) and more (S_{MFM, n s.t.}) steps of transitions when several faults or vulnerabilities appear and/or are removed at once. In this case, additional distribution laws and their parameters should be identified (for example, for several simultaneously occurring/detected and eliminated design faults and vulnerabilities).

#### 4.4. Combined Models

_{CM, t.c}.) and component (S

_{CM, c.c.}) combining.

#### 4.5. General Classification

_{MM}and S

_{SMM}:

- one-phase and one-fragmental models M
_{M1}and M_{SM1}; - one-phase and multi-fragmental models MM2 and MSM2 with one changed parameter, one-step transition, and without reverse transitions;
- one-phase and multi-fragmental models MM3 and MSM3 with m changed parameters, one-step transition and without reverse transitions;
- one-phase and multi-fragmental models MM4 and MSM4 with one changed parameter, one-step transition, and reverse transitions;
- one-phase and multi-fragmental models MM5 and MSM5 with one changed parameter, n-step transitions and reverse transitions;
- one-phase and multi-fragmental models MM6 and MSM6 with m changed parameters, n-step transition and reverse transitions;
- one-fragmental and multi-phase models MM7 and MSM7 with a fixed value of the period of change;
- one-fragmental and multi-phase models MM8 and MSM8 with the changed value of the period.

_{CM}is a union of the set models of time and component combining ${S}_{CM}={S}_{CM,t.c.}{{\displaystyle \cup}}^{\text{}}{S}_{CM,c.c.}$ and is presented by the Cartesian product of the above-described sets: ${S}_{CM}=\left\{{S}_{MM1},\dots ,{S}_{MM8}\right\}\times \left\{{S}_{SMM1},\dots ,{S}_{SMM8}\right\}.$

## 5. Method of Model Choice and Combining

#### 5.1. General Algorithm

#### 5.2. Algorithm of Choice

#### 5.3. Algorithms of Data Analysis for Combining Models

- statistical studies of input parameters of the system, results of checking statistical hypotheses about compliance with the exponential distribution law (or other corresponding distribution laws);
- requirements of control documents, standards, norms, rules, contracts, and customer agreements if they indicate the type or class of the model;
- time and computational resources for modelling (a model that is too detailed may be incalculable due to a lack of resources);
- analysis of the work of other researchers, ease of use of the resulting indicators, and other secondary factors.

## 6. Implementation of Suggested Approach and Algorithms of Choice and Combining Models

#### 6.1. System 1: Cloud Server System

#### 6.1.1. General Description of the CSS

- the first option, when block 6 is involved and a Markov model is built;
- the second option, when block 7 of the selection algorithms for building a semi-Markov model is involved.

#### 6.1.2. Development of the CSS Model

#### Markov’s Availability Model

#### Semi-Markov Availability Model

#### 6.1.3. Research and Analysis of the Results

- the use of the Markov model allows obtaining the average result of the availability in comparison with the semi-Markov model for different distribution laws;
- if the statistical hypotheses for the input parameters assessment tend to the Weibull distribution with the parameter α = 0.5…1.5, using the MM is possible to simplify the modelling. However, such values of the Weibull parameter are rarely applicable for the assessment of cyber-attacks on the CIS, leading to the construction of more complex models.

#### 6.2. System 2: Cloud Video System

#### 6.2.1. General Description of the CVS

#### 6.2.2. Development of the CVS Model

#### RBD Availability Model

_{i}/(μ

_{i}+λ

_{i}), where the values of μ

_{i}and λ

_{i}are the input parameters averaged by the method in [51,52] for each element of the cloud system.

#### Multi-Fragment Availability Model Considering Attacks on CDN

_{CDN}

^{max}(because for technical reasons, the attacker cannot speed them up).

#### 6.2.3. Research and Analysis of the Results

_{CDNj}was taken, reasoned in [54] and summarized in Table 4.

_{CDNj}within the interval of Table 3.

_{CDN}equal to λ

_{CDN}

^{max}.

#### 6.3. System 3: Unmanned Robotic IoT System (URIS)

#### 6.3.1. General Description of URIS

#### 6.3.2. Development of the URIS Model

- operational (S0 and S1—with a detected failure of one hardware channel),
- inoperable (S2—with two detected hardware errors, S3 and S5—with detected software errors; S4 and S6—states of software patching).

_{VER}parameter (the intensity of the verification and patching procedures).

#### 6.3.3. Research and Analysis of the Results

_{SW}parameter when software errors are eliminated, which occurs after their manifestation and the arrival of the next verification time. However, this event is probable, and it is not possible to say exactly at which time interval Δλ

_{SW}will decrease with Δλ

_{SW}. The following technique was used when building a multiphase model of a robotic IoT system. At the start of a new phase, the probability of the manifestation of a software error is defined as the sum of the probabilities P

_{4}(τ) + P

_{6}(τ) of the previous phase. Then, the change in the intensity of software errors in the new phase is determined by the formula

_{VER}—the period of online verifications, during which the requirement to ensure that the system availability function is not lower than 0.98 for 2 years (20,000 h) of operation.

_{VER}= 7 days (168 h), which ensures that the value of the system unavailability function is not more than 0.02 for 2 years (20,000 h) of operation (Figure 15b).

#### 6.4. System 4: Web Service of Cloud System (WSC)

#### 6.4.1. General Description of the WSC

#### 6.4.2. Development of the WSC Model

_{Fai DNS}× λ

_{Fai DNS}), the system becomes inoperable, but can recover by restarting without remediation with conditional intensity (1 − D

_{R}) × μ

_{Fai DNS}, or with conditional intensity remediation by D

_{R}× μ

_{Fai DNS}intensity. With the intensity λ

_{PrT}, preventive measures (state S6) are performed in the system, whereby 0 to nv vulnerabilities can be detected and eliminated. After the manifestation and elimination of all vulnerabilities, the system continues to function under conditions of failure and restoration of its services (say S

_{7k}…S

_{7k+4}).

_{1}, α

_{2}, … α

_{j}, … α

_{nv}have a discrete distribution law. As a basis, the geometric law of the distribution of coefficients αj with the default parameters p = 0.7 (probability of detecting one vulnerability) and q = 1–p = 0.3 is adopted in the work.

#### 6.4.3. Research and Analysis of the Results

- the time when the multi-fragment model starts to show a gain in availability relative to the Markov model, which considers attacks Tup1 = 10,450.7 h.
- the time when the multi-frame model starts meeting the availability requirement of 0.999 Tup2 = 14,949.4 h.
- the greatest decrease in the level of availability of the multi-fragment model relative to the Markov single-fragment model ΔA = 0.0015.

_{PrT}significantly affects the value of the minimum of the availability function. This is explained by the fact that with an increase in the number of preventive security audits, the total time that the system is in a preventive state also increases. The value of the parameter λ

_{PrT}also affects the speed of crossing the availability function of the given required level of 0.999 (when the intensity of prevention is reduced by 4 times, the time of Tup “exit” to the level of 0.999 increases by 11%). Analysis of graphs in Figure 19b showed that the value of the μ

_{PrT}parameter affects the value of the minimum of the availability function of the multi-fragment model (increasing μ

_{PrT}by 2 times gives an increase in the Amin indicator by 0.07%). Additionally, from Figure 19b, the influence of the μ

_{PrT}parameter on the speed of the intersection with the availability function of the required level of 0.999 can be detected (with a decrease in the time of preventive maintenance, the system will begin to provide the necessary level of availability requirements earlier).

## 7. Discussion

- the first one postulates
**continuous**evolution of the model(s) together with the evolution of the system caused by (1) changing of its parameters and parameters of the physical and cyber environment, and (2) events that should be considered to assure more accurate calculation or prediction of CIS indicators; - the second “C” describes the necessity of
**collecting**data about faults, failures, vulnerabilities, cyber-attacks, violations of data privacy, applied patches, etc. to obtain as much actual data as possible for the assessment of CIS; - the third one provides
**comparing**and renewed classification of a model set based on analysis of CIS operation (or reengineering) data. It allows actualizing the model base and assuring completeness of the set of models that should be applied for assessment; - the fourth “C” creates the possibility of
**choice**and utilizing “off-the-shelf” models with understandable techniques for their development and implementation; - the last one provides a composition of different models during the application of CIS by time, component or mixed
**combining**.

^{–5}. In the second case, simulation results showed that the difference between the cloud system availability indicators determined by RBD and Markov models have differences not exceeding ΔA = 0.0034. Model multi-fragmentation considering the change in the CDN component failure rate caused by attacks allows for increasing the accuracy of the assessment by 3 × 10

^{−3}.

_{VER}= 7 days (168 h), which allows concluding that the value of the system unavailability function is not more than 0.02 for 2 years (20,000 h) of operation. The fourth case illustrates the increase in the accuracy of the availability indicator assessment by ΔA = 0.0015 relative to the Markov single-fragment model.

## 8. Conclusions and Future Directions

- development of the framework for C5 approach automation for different types of cloud and IoT systems. The results of the paper (schemes and algorithms) can be used for designing such a framework as a service or embedded technology for online support of operating systems;
- more detailed development of the techniques for combining models and analytical description of the combined once considering different reasons for switching and composition of the models. It requires the specification of all important events and conditions that should be taken into account and strong procedures of implementing options for combining;
- collection of the data for estimation and prediction of CIS models’ parameters. It concerns, first of all, information about vulnerabilities and cyber-attacks, and application of ML to calculate parameters;
- the C5 approach should be added by proactive techniques for assessment and assurance of CIS dependability, cybersecurity, privacy, and resilience based on Big Data analytics [59,60] and machine learning [61] methods to analyze data and support decision-making about choice and combining and recombining models;
- application of this approach for combining hidden MMs and SMMs to assess privacy [62] extending the model base.

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Acknowledgments

## Conflicts of Interest

## References

- National Institute of Standards and Technology. NIST SP 500-291. Cloud Computing Standards Roadmap (August 2011). Available online: https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=909024 (accessed on 9 July 2022).
- European Union Agency for Cybersecurity (ENISA). EUCS—Cloud Services Scheme (December 2020). Available online: https://www.enisa.europa.eu/publications/eucs-cloud-service-scheme (accessed on 9 July 2022).
- IEEE Standard Association. Industry Connections Cybersecurity in Agile Cloud Computing. Cybersecurity Standards for Cloud Access (June 2020). Available online: https://standards.ieee.org/wp-content/uploads/2022/06/Cybersecurity_Standards_Cloud_Access.pdf (accessed on 9 July 2022).
- Xing, L. Reliability in Internet of Things: Current status and future perspectives. IEEE Internet Things J.
**2020**, 7, 6704–6721. [Google Scholar] [CrossRef] - Prokhorenko, V.; Babar, M.A. Architectural Resilience in Cloud, Fog and Edge Systems: A Survey. IEEE Access
**2020**, 8, 28078–28095. [Google Scholar] [CrossRef] - Kolisnyk, M. Vulnerability analysis and method of selection of communication protocols for information transfer in Internet of Things systems. Radioelectron. Comput. Syst.
**2021**, 1, 133–149. [Google Scholar] [CrossRef] - Matos, R.; Dantas, J.; Araujo, J.; Trivedi, K.S.; Maciel, P. Redundant Eucalyptus Private Clouds: Availability Modeling and Sensitivity Analysis. J. Grid Comput.
**2017**, 15, 1–22. [Google Scholar] [CrossRef] - Frolov, V.V. Analysis of Approaches Providing Security of Cloud Sevices. Radioelectron. Comput. Syst.
**2020**, 1, 70–82. [Google Scholar] [CrossRef] - Junejo, A.K.; Jokhio, I.A.; Jan, T. A Multi-Dimensional and Multi-Factor Trust Computation Framework for Cloud Services. Electronics
**2022**, 11, 1932. [Google Scholar] [CrossRef] - Ponochovnyi, Y.; Ivanchenko, O.; Kharchenko, V.; Udovyk, I.; Baiev, E. Models for Cloud System Availability Assessment Considering Attacks on CDN and ML Based Parametrization. CEUR Workshop Proc.
**2022**, 3171, 1149–1159. [Google Scholar] - Mani, D.; Mahendran, A. Availability modelling of fault tolerant cloud computing system. Int. J. Intell. Eng. Syst.
**2017**, 10, 154–165. [Google Scholar] [CrossRef] - Ghosh, R.; Longo, F.; Frattini, F.; Russo, S.; Trivedi, K.S. Scalable Analytics for IaaS Cloud Availability. IEEE Trans. Cloud Comput.
**2014**, 2, 57–70. [Google Scholar] [CrossRef] - Torres, E.; Callou, G.; Andrade, E. A hierarchical approach for availability and performance analysis of private cloud storage services. Computing
**2018**, 100, 621–644. [Google Scholar] [CrossRef] - Mengistu, T.M.; Che, D.; Alahmadi, A.; Lu, S. Semi-Markov Process Based Reliability and Availability Prediction for Volunteer Cloud Systems. In Proceedings of the 2018 IEEE 11th International Conference on Cloud Computing (CLOUD), San Francisco, CA, USA, 2–7 July 2018; pp. 359–366. [Google Scholar] [CrossRef]
- Chen, Z.; Chang, X.; Han, Z.; Li, L. Survivability modeling and analysis of cloud service in distributed data centers. Comput. J.
**2018**, 61, 1298–1305. [Google Scholar] [CrossRef] - Zhou, Z.; Wei, H. A novel VM migration algorithm based on Markov model under the cloud environment. U.P.B. Sci. Bull. Ser. C
**2020**, 82, 55–68. [Google Scholar] - Manglik, M.; Rawat, N.; Ram, M. Reliability and Availability analysis of a cloud computing transition system under multiple failures. Int. J. Qual. Reliab. Manag.
**2020**, 37, 823–835. [Google Scholar] [CrossRef] - Gupta, S.; Gupta, V. Availability analysis of vehicular cloud computing. In De Gruyter Series on the Applications of Mathematics in Engineering and Information Sciences; Anand, A., Ram, M., Eds.; De Gruyter: Berlin, Germany, 2020; Volume 4, pp. 21–44. [Google Scholar] [CrossRef]
- Tyagi, V.; Rawat, N.; Ram, M. Reliability modelling and sensitivity analysis of IoT based flood alerting system. J. Qual. Maint. Eng.
**2020**, 27, 292–307. [Google Scholar] [CrossRef] - Nguyen, T.A.; Min, D.; Choi, E. A hierarchical modeling and analysis framework for availability and security quantification of IoT infrastructures. Electronics
**2020**, 9, 155. [Google Scholar] [CrossRef] - Martyna, J. Semi-Markov Model of Processing Requests Reliability and Availability in Mobile Cloud Computing Systems. In Advances in Intelligent Systems and Computing; Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J., Eds.; Springer International Publishing: Cham, Switzerland, 2021; Volume 1389, pp. 264–272. [Google Scholar] [CrossRef]
- Tang, S.; Xie, Y. Availability Modeling and Performance Improving of a Healthcare Internet of Things (IoT) System. IoT
**2021**, 2, 310–325. [Google Scholar] [CrossRef] - Ivanchenko, O.; Kharchenko, V.; Moroz, B.; Ponochovnyi, Y.; Degtyareva, L. Availability Assessment of a Cloud Server System: Comparing Markov and Semi-Markov Models. In Proceedings of the 2021 11th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Cracow, Poland, 22–25 September 2021; Volume 2, pp. 1157–1162. [Google Scholar] [CrossRef]
- Altowaijri, S.M. Workflow Scheduling and Offloading for Service-based Applications in Hybrid Fog-Cloud Computing. Int. J. Adv. Comput. Sci. Appl.
**2021**, 12, 726–735. [Google Scholar] [CrossRef] - Adjepon-Yamoah, D.E. Cloud Accountability Method: Towards Accountable Cloud Service-Level Agreements. In Lecture Notes in Networks and Systems; Yang, X.-S., Sherratt, S., Dey, N., Joshi, A., Eds.; Springer International Publishing: Singapore, 2022; Volume 216, pp. 439–458. [Google Scholar] [CrossRef]
- Zhou, Y.; Cheng, G.; Zhao, Y.; Chen, Z.; Jiang, S. Toward Proactive and Efficient DDoS Mitigation in IIoT Systems: A Moving Target Defense Approach. IEEE Trans. Ind. Inform.
**2022**, 18, 2734–2744. [Google Scholar] [CrossRef] - Lu, J.B.; Yu, Y.; Pan, M.L. Reinforcement Learning-Based Auto-scaling Algorithm for Elastic Cloud Workflow Service. In Parallel and Distributed Computing, Applications and Technologies; Hong Shen, H., Sang, Y., Zhang, Y., Xiao, N., Arabnia, H.R., Fox, G., Gupta, A., Malek, M., Eds.; Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Springer International Publishing: Cham, Switzerland, 2022; Volume 13148, pp. 303–310. [Google Scholar] [CrossRef]
- Han, B.; Wong, S.; Mannweiler, C.; Crippa, M.R.; Schotten, H.D. Context-Awareness Enhances 5G Multi-Access Edge Computing Reliability. IEEE Access
**2019**, 7, 21290–21299. [Google Scholar] [CrossRef] - Le, N.T.; Hoang, D.B. A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security. J. Telecommun. Digit. Econ.
**2019**, 7, 37–56. [Google Scholar] [CrossRef] - Mesbahi, M.R.; Rahmani, A.M.; Hosseinzadeh, M. Dependability analysis for characterizing Google cluster reliability. Int. J. Commun. Syst.
**2019**, 32, e4127. [Google Scholar] [CrossRef] - Carvalho, G.H.S.; Woungang, I.; Anpalagan, A.; Traore, I. Security- and Location-Aware Optimal Virtual Machine Management for 5G-Driven MEC Systems. In Lecture Notes on Data Engineering and Communications Technologies; Woungang, I., Dhurandher, S., Eds.; Springer International Publishing: Cham, Switzerland, 2020; Volume 51, pp. 123–134. [Google Scholar] [CrossRef]
- Almohri, H.M.J.; Watson, L.T.; Evans, D. Predictability of IP Address Allocations for Cloud Computing Platforms. IEEE Trans. Inf. Forens. Secur.
**2020**, 15, 500–511. [Google Scholar] [CrossRef] - Samir, A.; Pahl, C. Detecting and Localizing Anomalies in Container Clusters Using Markov Models. Electronics
**2020**, 9, 64. [Google Scholar] [CrossRef] - Carvalho, G.H.S.; Woungang, I.; Anpalagan, A.; Traore, I. Optimal Security-Aware Virtual Machine Management for Mobile Edge Computing Over 5G Networks. IEEE Syst. J.
**2020**, 15, 3403–3414. [Google Scholar] [CrossRef] - Zheng, K.; Yao, X.; Zhang, Z.; Fang, L.; Huang, X. Model checking the Efficiency of Blockchain-based Edge Computing Network. In Proceedings of the 2021 IEEE 20th International Symposium on Distributed Computing and Applications for Business Engineering and Science (DCABES), Nanning, China, 10–12 December 2021; pp. 168–171. [Google Scholar] [CrossRef]
- Lalropuia, K.C.; Khaitan (nee Gupta), V. Availability and reliability analysis of cloud computing under economic denial of sustainability (EDoS) attack: A semi-Markov approach. Cluster Comput.
**2021**, 24, 2177–2191. [Google Scholar] [CrossRef] - Venkatachalam, K.; Prabu, P.; Balaji, B.S.; Kang, B.G.; Nam, Y.; Abouhawwash, M. Cross-layer hidden Markov analysis for intrusion detection. CMC
**2022**, 70, 3685–3700. [Google Scholar] [CrossRef] - Pereira, P.; Melo, C.; Araujo, J.; Dantas, J.; Santos, V.; Maciel, P. Availability model for edge-fog-cloud continuum: An evaluation of an end-to-end infrastructure of intelligent traffic management service. J. Supercomput.
**2022**, 78, 4421–4448. [Google Scholar] [CrossRef] - Al-Karaki, J.N.; Gawanmeh, A.; Almalkawi, I.T.; Alfandi, O. Probabilistic analysis of security attacks in cloud environment using hidden Markov models. Trans. Emerg. Telecommun. Technol.
**2022**, 33, e3915. [Google Scholar] [CrossRef] - El Mir, I.; Kim, D.S.; Haqiq, A. Cloud Computing Security Modeling and Analysis based on a Self-Cleansing Intrusion Tolerance Technique. J. Inf. Assur. Secur.
**2016**, 11, 273–282. [Google Scholar] - Liu, Q.; Xing, L.; Wang, C. Framework of Probabilistic Risk Assessment for Security and Reliability. In Proceedings of the 2017 IEEE 2nd International Conference on Data Science in Cyberspace (DSC), Shenzhen, China, 26–29 June 2017; pp. 619–624. [Google Scholar] [CrossRef]
- Salah, K.; Calyam, P.; Boutaba, R. Analytical Model for Elastic Scaling of Cloud-Based Firewalls. IEEE Trans. Netw. Serv. Manag.
**2017**, 14, 136–146. [Google Scholar] [CrossRef] - Liu, M.; Dou, W.; Yu, S. How to shutdown a cloud: A DDoS attack in a private infrastructure-as-a-service cloud. Int. J. Autonom. Adapt. Commun. Syst.
**2017**, 10, 1–14. [Google Scholar] [CrossRef] - Avižienis, A.; Laprie, J.C.; Randell, B.; Landwehr, C. Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Depend. Secur. Comput.
**2004**, 1, 11–33. [Google Scholar] [CrossRef] - Ponochovnyi, Y.; Kharchenko, V. Dependability Assurance Methodology of Information and Control Systems Using Multipurpose Service Strategies. Radioelectron. Comput. Syst.
**2020**, 3, 43–58. [Google Scholar] [CrossRef] - Butpheng, C.; Yeh, K.-H.; Xiong, H. Security and Privacy in IoT-Cloud-Based e-Health Systems—A Comprehensive Review. Symmetry
**2020**, 12, 1191. [Google Scholar] [CrossRef] - Hofman, D.; Duranti, L.; How, E. Trust in the Balance: Data Protection Laws as Tools for Privacy and Security in the Cloud. Algorithm
**2017**, 10, 47. [Google Scholar] [CrossRef] - Kharchenko, V.; Dotsenko, S.; Ponochovnyi, Y.; Illiashenko, O. Cybernetic Approach to Developing Resilient Systems: Concept, Models and Application. Inform. Secur. Int. J.
**2020**, 47, 77–90. [Google Scholar] [CrossRef] - Aslett, L.; Nagapetyan, T.; Vollmer, S. Multilevel Monte Carlo for Reliability Theory. Reliab. Eng. Syst. Saf.
**2017**, 165, 188–196. [Google Scholar] [CrossRef] - Lu, J. Hierarchical Performance and Availability Analysis Methodology for Multi-Tiered Web Applications. Dissertation (July 2008). Available online: https://www.researchgate.net/publication/27401653_Hierarchical_performance_and_availability_analysis_methodology_for_multi-tiered_Web_applications (accessed on 9 July 2022).
- Trivedi, K.S.; Bobbio, A. Reliability and Availability Engineering—Modeling, Analysis, and Applications; Cambridge University Press: Cambridge, UK, 2017; pp. 1–730. [Google Scholar]
- Pinheiro, T.; Oliveira, D.; Matos, R.; Silva, B.; Pereira, P.; Melo, C.; Oliveira, F.; Tavares, E.; Dantas, J.; Maciel, P. The Mercury Environment: A Modeling Tool for Performance and Dependability Evaluation. Ambient Intell. Smart Environ.
**2021**, 29, 16–25. [Google Scholar] [CrossRef] - National Vulnerability Database (NVD). Available online: https://nvd.nist.gov (accessed on 9 July 2022).
- Zhang, P.; Chen, Y.; Zhou, M.; Xu, G.; Huang, W.; Al-Turki, Y.; Abusorrah, A. A Fault-Tolerant Model for Performance Optimization of a Fog Computing System. IEEE Internet Things J.
**2022**, 9, 1725–1736. [Google Scholar] [CrossRef] - Solve Stiff Differential Equations and DAEs—Variable Order Method—MATLAB ode15s. 2022. Available online: https://www.mathworks.com/help/matlab/ref/ode15s.html (accessed on 9 July 2022).
- Dantas, J.; Matos, R.; Araujo, J.; Maciel, P. Models for dependability analysis of cloud computing architectures for eucalyptus platform. Int. Trans. Syst. Sci. Appl.
**2012**, 8, 13–25. [Google Scholar] - Distefano, S.; Trivedi, K.S. Non-markovian state-space models in dependability evaluation. Qual. Rel. Eng. Int.
**2013**, 29, 225–239. [Google Scholar] [CrossRef] - Boulanger, J. Safety of Computer Architectures; Wiley-ISTE: London, UK, 2013; pp. 1–615. [Google Scholar]
- Razaque, A.; Shaldanbayeva, N.; Alotaibi, B.; Alotaibi, M.; Murat, A.; Alotaibi, A. Big Data Handling Approach for Unauthorized Cloud Computing Access. Electronics
**2022**, 11, 137. [Google Scholar] [CrossRef] - Koo, J.; Kang, G.; Kim, Y.-G. Security and Privacy in Big Data Life Cycle: A Survey and Open Challenges. Sustainability
**2020**, 12, 10571. [Google Scholar] [CrossRef] - Ahsan, M.; Nygard, K.E.; Gomes, R.; Chowdhury, M.M.; Rifat, N.; Connolly, J.F. Cybersecurity Threats and Their Mitigation Approaches Using Machine Learning—A Review. J. Cybersecur. Priv.
**2022**, 2, 527–555. [Google Scholar] [CrossRef] - Liu, D.; Wang, B.Y.; Zhang, L. Verifying Pufferfish Privacy in Hidden Markov Models. In Verification, Model Checking, and Abstract Interpretation; Finkbeiner, B., Wies, T., Eds.; Springer International Publishing: Cham, Switzerland, 2022; Volume 13182, pp. 174–196. [Google Scholar] [CrossRef]

**Figure 8.**The architecture of the cloud computing system (

**a**) and Markov graph of its component CSS (

**b**).

**Figure 9.**Comparative availability assessments for MMPs and SMMPs: (

**a**) 1—for MMPs; 2—for SMMPs with CDF Erlang (18, µ

_{j}); 3—for SMMPs with CDF Erlang (11, µ

_{j}). (

**b**) 1—for MMPs; 2—for SMMPs with CDF Weibull (0.5, β

_{3}); 3—for SMMPs with CDF Weibull (1.5, β

_{3}).

**Figure 12.**Results of RBD-based and Markov models (

**a**) and Markov model (

**b**) for different value λ

_{CDN}.

**Figure 13.**Results of Markov and multi-fragment models (

**a**), and multi-fragment model (

**b**) for different value α.

**Figure 15.**Unavailability functions of a robotic IoT system with periodic online software verification obtained using a multiphase model with time intervals (

**a**) [0…5000] hours and (

**b**) [0…90,000] hours.

**Figure 16.**RBD of web service support services and labeled graph of the operation of web service support services (one-fragment model).

**Figure 18.**The results of the evaluation of the availability of the web service under the condition of the basic values of the parameters.

**Figure 19.**Comparison of the resulting functions of the multi-fragment model at different values of the parameters λ

_{PrT}(

**a**) and μ

_{PrT}(

**b**).

Reference | Systems Considered | Models Utilized | Characteristics Assessed | ||||||
---|---|---|---|---|---|---|---|---|---|

Cloud | IoT | Markov | Semi-Markov | Availability | Reliability | Cyber Security | Dependability | Intrusion Tolerance | |

[11] | + | − | + | − | + | + | − | − | − |

[12] | + | − | + | − | + | + | − | − | − |

[13] | + | − | + | − | + | + | − | − | − |

[14] | + | − | − | + | + | + | − | − | − |

[15] | + | − | − | + | + | + | − | − | − |

[16] | + | − | + | − | + | + | − | − | − |

[17] | + | − | + | − | + | + | − | − | − |

[18] | + | − | − | + | + | + | − | − | − |

[19] | − | + | + | − | + | + | − | − | − |

[20] | − | + | + | − | + | + | − | − | − |

[21] | + | − | − | + | + | + | − | − | − |

[22] | − | + | + | − | + | + | − | − | − |

[23] | + | − | + | + | + | + | − | − | − |

[24] | + | − | + | − | + | + | − | − | − |

[25] | + | − | + | − | + | + | − | − | − |

[26] | − | + | + | − | + | + | − | − | − |

[27] | + | − | − | + | + | + | − | − | − |

[28] | − | + | + | − | − | − | + | − | − |

[29] | + | − | + | − | − | − | + | − | − |

[30] | + | − | + | − | − | − | + | − | − |

[31] | + | − | − | + | − | − | + | − | − |

[32] | + | − | + | − | − | − | + | − | − |

[33] | + | − | + | − | − | − | + | − | − |

[34] | − | + | − | + | − | − | + | − | − |

[35] | − | + | + | − | − | − | + | − | − |

[36] | + | − | − | + | − | − | + | − | − |

[37] | + | − | + | − | − | − | + | − | − |

[38] | + | − | + | − | − | − | + | − | − |

[39] | + | − | + | − | − | − | + | − | − |

[40] | − | + | − | + | − | − | − | + | + |

[41] | + | − | + | − | − | − | − | + | + |

[42] | + | − | + | − | − | − | − | + | + |

[43] | + | − | + | − | − | − | − | + | + |

Parameters | Value (1/Hour) | Parameters | Value (1/Hour) |
---|---|---|---|

${\lambda}_{P.P}$ | 0.0014 | ${\mu}_{P.P}$ | 0.1667 |

${\lambda}_{OS}$ | 0.0042 | ${\mu}_{OS}$ | 12 |

${\lambda}_{S.S}$ | 0…0.01 | ${\mu}_{S.S}$ | 20…70 |

${\lambda}_{T.P}$ | 0.0028 | ${\mu}_{T.P}$ | 30 |

No. | Name of Systems Component | Failure Rate | Value (1/h) | Repair Rate | Value (1/h) |
---|---|---|---|---|---|

1 | Desktop and Mobile (DSN) | λdsm | 0.000925926 | µdsm | 0.02083 |

2 | Content Delivery Network Service (CDN) | λcdn | 0.001388889 | µcdn | 1 |

3 | Wi-Fi | λwifi | 0.001488095 | µwifi | 0.04167 |

4 | Mobile Network (MNT) | λmnt | 0.000462963 | µmnt | 0.5 |

5 | App Service (API) | λaps1 | 0.002083333 | µaps1 | 1.5 |

6 | Queue Service (QS) | λqs | 0.001302083 | µqs | 1 |

7 | Load Balancer (LB) | λlb | 0.001190476 | µlb | 1 |

8 | SignalR Socket Service (SGR) | λsgr | 0.001666667 | µsgr | 1 |

9 | VPN Gateway | λvpn | 0.001736111 | µvpn | 1 |

10 | App Service (Calls) | λaps2 | 0.00245098 | µaps2 | 0.66667 |

11 | Autoscaling Service | λaps3 | 0.002777778 | µaps3 | 1 |

No. | Parameter | Variable | Value (1/h) |
---|---|---|---|

1 | The minimum value of CDN failure rate due to hacker attack | λcdn_min | 0.001388889 |

2 | The maximum value of CDN failure rate due to hacker attack | λcdn_max | 0.041666667 |

3 | Delta of change in CDN failure rate | Δλcdn | 0.004027778 |

4 | Probability of successful attack | α | 0…1 |

5 | Number of fragments in multi-fragment model | nf | 10 |

No. | Element of System | Markov Model Pi | RBD Model Ai | Δ |Pi − (1 − Ai)| |
---|---|---|---|---|

1 | - | 0.895362266 | - | - |

2 | dsm | 0.039793882 | 0.957446805 | 0.002759313 |

3 | cdn | 0.001243559 | 0.998613037 | 0.000143404 |

4 | wifi | 0.031977218 | 0.965517247 | 0.002505535 |

5 | wifi/mnt | 6.66 × 10^{−4} | 0.99929627 | 3.75376 × 10^{−5} |

6 | mnt | 0.018653381 | 0.979591837 | 0.001754783 |

7 | aps1 | 0.001243559 | 0.998613038 | 0.000143404 |

8 | qs | 0.001165836 | 0.99869961 | 0.000134554 |

9 | lb | 1.07 × 10^{−3} | 0.99881094 | 0.000123153 |

10 | sgr | 0.001492271 | 0.998336106 | 0.000171623 |

11 | sgr/vpn | 2.59 × 10^{−6} | 0.999997116 | 2.9295 × 10^{−7} |

12 | vpn | 0.001554448 | 0.998266898 | 0.000178654 |

13 | aps2 | 0.003291773 | 0.996336997 | 0.000371231 |

14 | aps3 | 0.002487118 | 0.997229917 | 0.000282966 |

A_{CVS} | CVS | 0.949039584 | 0.945631343 | 0.003408241 |

Symbol | Illustration | Value | Unit |
---|---|---|---|

λ_{HW} | failure rate of single hardware channel | 3 × 10^{−7} | 1/hour |

λ_{SW 0} | the initial software failure rate | 5 × 10^{−3} | 1/hour |

μ_{SW} | system recovery rate after the occurrence of software fault | 0.2 | 1/hour |

λ_{SW k} | software failure rate after fixing all faults is zero | 0 | 1/hour |

μ_{ver} | rate matches the average time verification procedure | 0.0667 | 1/hour |

Δλ_{SW} | additional limitation presents elimination of 10 undetected software defects and uniformity of load for their localization and elimination | λ_{SW 0}/10 | 1/hour |

T | The time interval for analysis of availability function behavior | 90,000 | hours |

No. | Parameter | Value | Unit |
---|---|---|---|

1 | Failure rate caused by DNS software design faults | 3 × 10^{−5} | 1/hours |

2 | Failure rate caused by Apache HTTP server software design faults | 1.5 × 10^{−5} | 1/hours |

3 | Failure rate caused by Oracle WebLogic application server software design faults | 5 × 10^{−4} | 1/hours |

4 | Failure rate caused by software design faults of MySQL DBMS | 3 × 10^{−4} | 1/hours |

5 | DNS service recovery rate | 1.49992 | 1/hours |

6 | Apache HTTP Web Server recovery rate | 1.71420 | 1/hours |

7 | Oracle WebLogic Application Server recovery rate | 0.99995 | 1/hours |

8 | MySQL DBMS server recovery rate | 1.09085 | 1/hours |

9 | Rate of attacks on the vulnerability of the DNS service | 6.3 × 10^{−3} | 1/hours |

10 | Criticality of attacks on the vulnerability of the DNS service | 0.77 | 1/hours |

11 | The frequency of DNS service restart after an attack | 5 | 1/hours |

12 | The probability of eliminating a vulnerability after it appears during an attack | 0.15 | 1/hours |

13 | The preventive information security audit test rate | 4.63 × 10^{−4}… 1.14× 10 ^{−4} | 1/hours |

14 | The recovery after an information security audit rate | 0.33…1 | 1/hours |

15 | The number of undetected vulnerabilities in the initial stage | 10 |

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |

© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Kharchenko, V.; Ponochovnyi, Y.; Ivanchenko, O.; Fesenko, H.; Illiashenko, O.
Combining Markov and Semi-Markov Modelling for Assessing Availability and Cybersecurity of Cloud and IoT Systems. *Cryptography* **2022**, *6*, 44.
https://doi.org/10.3390/cryptography6030044

**AMA Style**

Kharchenko V, Ponochovnyi Y, Ivanchenko O, Fesenko H, Illiashenko O.
Combining Markov and Semi-Markov Modelling for Assessing Availability and Cybersecurity of Cloud and IoT Systems. *Cryptography*. 2022; 6(3):44.
https://doi.org/10.3390/cryptography6030044

**Chicago/Turabian Style**

Kharchenko, Vyacheslav, Yuriy Ponochovnyi, Oleg Ivanchenko, Herman Fesenko, and Oleg Illiashenko.
2022. "Combining Markov and Semi-Markov Modelling for Assessing Availability and Cybersecurity of Cloud and IoT Systems" *Cryptography* 6, no. 3: 44.
https://doi.org/10.3390/cryptography6030044