{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,8]],"date-time":"2026-05-08T16:10:25Z","timestamp":1778256625305,"version":"3.51.4"},"reference-count":62,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2022,8,29]],"date-time":"2022-08-29T00:00:00Z","timestamp":1661731200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Education and Science of Ukraine","award":["0122U001065"],"award-info":[{"award-number":["0122U001065"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>This paper suggests a strategy (C5) for assessing cloud and IoT system (CIS) dependability, availability, and cybersecurity based on the continuous collection, comparison, choice, and combination of Markov and semi-Markov models (MMs and SMMs). It proposes the systematic building of an adequate and accurate model to evaluate CISs considering (1) continuous evolution of the model(s) together with systems induced by changes in the CIS or physical and cyber environment parameters; (2) the necessity of collecting data on faults, failures, vulnerabilities, cyber-attacks, privacy violations, and patches to obtain actual data for assessment; (3) renewing the model set based on analysis of CIS operation; (4) the possibility of choice and utilizing \u201coff-the-shelf\u201d models with understandable techniques for their development to assure improved accuracy of assessment; (5) renewing the models during application of CIS by time, component or mixed combining, taking into consideration different operation and maintenance events. The results obtained were algorithms for data collection and analysis, choice, and combining appropriate MM and SMMs and their different types, such as multi-fragmental and multiphase models, considering changing failure rates, cyber-attack parameters, periodical maintenance, etc. To provide and verify the approach, several private and public clouds and IoT systems were researched and discussed in the context of C5 and proposed algorithms.<\/jats:p>","DOI":"10.3390\/cryptography6030044","type":"journal-article","created":{"date-parts":[[2022,8,29]],"date-time":"2022-08-29T21:01:31Z","timestamp":1661806891000},"page":"44","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":25,"title":["Combining Markov and Semi-Markov Modelling for Assessing Availability and Cybersecurity of Cloud and IoT Systems"],"prefix":"10.3390","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5352-077X","authenticated-orcid":false,"given":"Vyacheslav","family":"Kharchenko","sequence":"first","affiliation":[{"name":"Department of Computer Systems, Networks and Cybersecurity, National Aerospace University \u201cKhAI\u201d, 17, Chkalov Str., 61070 Kharkiv, Ukraine"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6856-2013","authenticated-orcid":false,"given":"Yuriy","family":"Ponochovnyi","sequence":"additional","affiliation":[{"name":"Department of Information Systems and Technologies, Poltava State Agrarian University, 1\/3, Skovorody Str., 36003 Poltava, Ukraine"}]},{"given":"Oleg","family":"Ivanchenko","sequence":"additional","affiliation":[{"name":"Department of Computer Systems Software, Dnipro University of Technology, Dmytra Yavornytskogo Ave. 19, 49005 Dnipro, Ukraine"}]},{"given":"Herman","family":"Fesenko","sequence":"additional","affiliation":[{"name":"Department of Computer Systems, Networks and Cybersecurity, National Aerospace University \u201cKhAI\u201d, 17, Chkalov Str., 61070 Kharkiv, Ukraine"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4672-6400","authenticated-orcid":false,"given":"Oleg","family":"Illiashenko","sequence":"additional","affiliation":[{"name":"Department of Computer Systems, Networks and Cybersecurity, National Aerospace University \u201cKhAI\u201d, 17, Chkalov Str., 61070 Kharkiv, Ukraine"}]}],"member":"1968","published-online":{"date-parts":[[2022,8,29]]},"reference":[{"key":"ref_1","unstructured":"National Institute of Standards and Technology (2022, July 09). NIST SP 500-291, Available online: https:\/\/tsapps.nist.gov\/publication\/get_pdf.cfm?pub_id=909024."},{"key":"ref_2","unstructured":"European Union Agency for Cybersecurity (ENISA) (2022, July 09). EUCS\u2014Cloud Services Scheme (December 2020). Available online: https:\/\/www.enisa.europa.eu\/publications\/eucs-cloud-service-scheme."},{"key":"ref_3","unstructured":"IEEE Standard Association (2022, July 09). Industry Connections Cybersecurity in Agile Cloud Computing. Available online: https:\/\/standards.ieee.org\/wp-content\/uploads\/2022\/06\/Cybersecurity_Standards_Cloud_Access.pdf."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"6704","DOI":"10.1109\/JIOT.2020.2993216","article-title":"Reliability in Internet of Things: Current status and future perspectives","volume":"7","author":"Xing","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"28078","DOI":"10.1109\/ACCESS.2020.2971007","article-title":"Architectural Resilience in Cloud, Fog and Edge Systems: A Survey","volume":"8","author":"Prokhorenko","year":"2020","journal-title":"IEEE Access"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"133","DOI":"10.32620\/reks.2021.1.12","article-title":"Vulnerability analysis and method of selection of communication protocols for information transfer in Internet of Things systems","volume":"1","author":"Kolisnyk","year":"2021","journal-title":"Radioelectron. Comput. Syst."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10723-016-9381-z","article-title":"Redundant Eucalyptus Private Clouds: Availability Modeling and Sensitivity Analysis","volume":"15","author":"Matos","year":"2017","journal-title":"J. Grid Comput."},{"key":"ref_8","first-page":"70","article-title":"Analysis of Approaches Providing Security of Cloud Sevices","volume":"1","author":"Frolov","year":"2020","journal-title":"Radioelectron. Comput. Syst."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Junejo, A.K., Jokhio, I.A., and Jan, T. (2022). A Multi-Dimensional and Multi-Factor Trust Computation Framework for Cloud Services. Electronics, 11.","DOI":"10.3390\/electronics11131932"},{"key":"ref_10","first-page":"1149","article-title":"Models for Cloud System Availability Assessment Considering Attacks on CDN and ML Based Parametrization","volume":"3171","author":"Ponochovnyi","year":"2022","journal-title":"CEUR Workshop Proc."},{"key":"ref_11","first-page":"154","article-title":"Availability modelling of fault tolerant cloud computing system","volume":"10","author":"Mani","year":"2017","journal-title":"Int. J. Intell. Eng. Syst."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1109\/TCC.2014.2310737","article-title":"Scalable Analytics for IaaS Cloud Availability","volume":"2","author":"Ghosh","year":"2014","journal-title":"IEEE Trans. Cloud Comput."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"621","DOI":"10.1007\/s00607-018-0588-7","article-title":"A hierarchical approach for availability and performance analysis of private cloud storage services","volume":"100","author":"Torres","year":"2018","journal-title":"Computing"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Mengistu, T.M., Che, D., Alahmadi, A., and Lu, S. (2018, January 2\u20137). Semi-Markov Process Based Reliability and Availability Prediction for Volunteer Cloud Systems. Proceedings of the 2018 IEEE 11th International Conference on Cloud Computing (CLOUD), San Francisco, CA, USA.","DOI":"10.1109\/CLOUD.2018.00052"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1298","DOI":"10.1093\/comjnl\/bxx116","article-title":"Survivability modeling and analysis of cloud service in distributed data centers","volume":"61","author":"Chen","year":"2018","journal-title":"Comput. J."},{"key":"ref_16","first-page":"55","article-title":"A novel VM migration algorithm based on Markov model under the cloud environment","volume":"82","author":"Zhou","year":"2020","journal-title":"U.P.B. Sci. Bull. Ser. C"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"823","DOI":"10.1108\/IJQRM-08-2019-0254","article-title":"Reliability and Availability analysis of a cloud computing transition system under multiple failures","volume":"37","author":"Manglik","year":"2020","journal-title":"Int. J. Qual. Reliab. Manag."},{"key":"ref_18","first-page":"21","article-title":"Availability analysis of vehicular cloud computing","volume":"Volume 4","author":"Anand","year":"2020","journal-title":"De Gruyter Series on the Applications of Mathematics in Engineering and Information Sciences"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"292","DOI":"10.1108\/JQME-01-2020-0001","article-title":"Reliability modelling and sensitivity analysis of IoT based flood alerting system","volume":"27","author":"Tyagi","year":"2020","journal-title":"J. Qual. Maint. Eng."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Nguyen, T.A., Min, D., and Choi, E. (2020). A hierarchical modeling and analysis framework for availability and security quantification of IoT infrastructures. Electronics, 9.","DOI":"10.3390\/electronics9010155"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"264","DOI":"10.1007\/978-3-030-76773-0_26","article-title":"Semi-Markov Model of Processing Requests Reliability and Availability in Mobile Cloud Computing Systems","volume":"Volume 1389","author":"Zamojski","year":"2021","journal-title":"Advances in Intelligent Systems and Computing"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"310","DOI":"10.3390\/iot2020016","article-title":"Availability Modeling and Performance Improving of a Healthcare Internet of Things (IoT) System","volume":"2","author":"Tang","year":"2021","journal-title":"IoT"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Ivanchenko, O., Kharchenko, V., Moroz, B., Ponochovnyi, Y., and Degtyareva, L. (2021, January 22\u201325). Availability Assessment of a Cloud Server System: Comparing Markov and Semi-Markov Models. Proceedings of the 2021 11th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Cracow, Poland.","DOI":"10.1109\/IDAACS53288.2021.9661052"},{"key":"ref_24","first-page":"726","article-title":"Workflow Scheduling and Offloading for Service-based Applications in Hybrid Fog-Cloud Computing","volume":"12","author":"Altowaijri","year":"2021","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"439","DOI":"10.1007\/978-981-16-1781-2_40","article-title":"Cloud Accountability Method: Towards Accountable Cloud Service-Level Agreements","volume":"Volume 216","author":"Yang","year":"2022","journal-title":"Lecture Notes in Networks and Systems"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"2734","DOI":"10.1109\/TII.2021.3090719","article-title":"Toward Proactive and Efficient DDoS Mitigation in IIoT Systems: A Moving Target Defense Approach","volume":"18","author":"Zhou","year":"2022","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"303","DOI":"10.1007\/978-3-030-96772-7_28","article-title":"Reinforcement Learning-Based Auto-scaling Algorithm for Elastic Cloud Workflow Service","volume":"Volume 13148","author":"Sang","year":"2022","journal-title":"Parallel and Distributed Computing, Applications and Technologies"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"21290","DOI":"10.1109\/ACCESS.2019.2898316","article-title":"Context-Awareness Enhances 5G Multi-Access Edge Computing Reliability","volume":"7","author":"Han","year":"2019","journal-title":"IEEE Access"},{"key":"ref_29","first-page":"37","article-title":"A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security","volume":"7","author":"Le","year":"2019","journal-title":"J. Telecommun. Digit. Econ."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"e4127","DOI":"10.1002\/dac.4127","article-title":"Dependability analysis for characterizing Google cluster reliability","volume":"32","author":"Mesbahi","year":"2019","journal-title":"Int. J. Commun. Syst."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"123","DOI":"10.1007\/978-3-030-44372-6_11","article-title":"Security- and Location-Aware Optimal Virtual Machine Management for 5G-Driven MEC Systems","volume":"Volume 51","author":"Woungang","year":"2020","journal-title":"Lecture Notes on Data Engineering and Communications Technologies"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"500","DOI":"10.1109\/TIFS.2019.2924555","article-title":"Predictability of IP Address Allocations for Cloud Computing Platforms","volume":"15","author":"Almohri","year":"2020","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Samir, A., and Pahl, C. (2020). Detecting and Localizing Anomalies in Container Clusters Using Markov Models. Electronics, 9.","DOI":"10.3390\/electronics9010064"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"3403","DOI":"10.1109\/JSYST.2020.3005201","article-title":"Optimal Security-Aware Virtual Machine Management for Mobile Edge Computing Over 5G Networks","volume":"15","author":"Carvalho","year":"2020","journal-title":"IEEE Syst. J."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Zheng, K., Yao, X., Zhang, Z., Fang, L., and Huang, X. (2021, January 10\u201312). Model checking the Efficiency of Blockchain-based Edge Computing Network. Proceedings of the 2021 IEEE 20th International Symposium on Distributed Computing and Applications for Business Engineering and Science (DCABES), Nanning, China.","DOI":"10.1109\/DCABES52998.2021.00049"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"2177","DOI":"10.1007\/s10586-021-03257-9","article-title":"Availability and reliability analysis of cloud computing under economic denial of sustainability (EDoS) attack: A semi-Markov approach","volume":"24","author":"Lalropuia","year":"2021","journal-title":"Cluster Comput."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"3685","DOI":"10.32604\/cmc.2022.019502","article-title":"Cross-layer hidden Markov analysis for intrusion detection","volume":"70","author":"Venkatachalam","year":"2022","journal-title":"CMC"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"4421","DOI":"10.1007\/s11227-021-04033-7","article-title":"Availability model for edge-fog-cloud continuum: An evaluation of an end-to-end infrastructure of intelligent traffic management service","volume":"78","author":"Pereira","year":"2022","journal-title":"J. Supercomput."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"e3915","DOI":"10.1002\/ett.3915","article-title":"Probabilistic analysis of security attacks in cloud environment using hidden Markov models","volume":"33","author":"Gawanmeh","year":"2022","journal-title":"Trans. Emerg. Telecommun. Technol."},{"key":"ref_40","first-page":"273","article-title":"Cloud Computing Security Modeling and Analysis based on a Self-Cleansing Intrusion Tolerance Technique","volume":"11","author":"Kim","year":"2016","journal-title":"J. Inf. Assur. Secur."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Liu, Q., Xing, L., and Wang, C. (2017, January 26\u201329). Framework of Probabilistic Risk Assessment for Security and Reliability. Proceedings of the 2017 IEEE 2nd International Conference on Data Science in Cyberspace (DSC), Shenzhen, China.","DOI":"10.1109\/DSC.2017.35"},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1109\/TNSM.2016.2640297","article-title":"Analytical Model for Elastic Scaling of Cloud-Based Firewalls","volume":"14","author":"Salah","year":"2017","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1504\/IJAACS.2017.082734","article-title":"How to shutdown a cloud: A DDoS attack in a private infrastructure-as-a-service cloud","volume":"10","author":"Liu","year":"2017","journal-title":"Int. J. Autonom. Adapt. Commun. Syst."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1109\/TDSC.2004.2","article-title":"Basic concepts and taxonomy of dependable and secure computing","volume":"1","author":"Laprie","year":"2004","journal-title":"IEEE Trans. Depend. Secur. Comput."},{"key":"ref_45","first-page":"43","article-title":"Dependability Assurance Methodology of Information and Control Systems Using Multipurpose Service Strategies","volume":"3","author":"Ponochovnyi","year":"2020","journal-title":"Radioelectron. Comput. Syst."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Butpheng, C., Yeh, K.-H., and Xiong, H. (2020). Security and Privacy in IoT-Cloud-Based e-Health Systems\u2014A Comprehensive Review. Symmetry, 12.","DOI":"10.3390\/sym12071191"},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Hofman, D., Duranti, L., and How, E. (2017). Trust in the Balance: Data Protection Laws as Tools for Privacy and Security in the Cloud. Algorithm, 10.","DOI":"10.3390\/a10020047"},{"key":"ref_48","first-page":"77","article-title":"Cybernetic Approach to Developing Resilient Systems: Concept, Models and Application","volume":"47","author":"Kharchenko","year":"2020","journal-title":"Inform. Secur. Int. J."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"188","DOI":"10.1016\/j.ress.2017.03.003","article-title":"Multilevel Monte Carlo for Reliability Theory","volume":"165","author":"Aslett","year":"2017","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_50","unstructured":"Lu, J. (2022, July 09). Hierarchical Performance and Availability Analysis Methodology for Multi-Tiered Web Applications. Dissertation (July 2008). Available online: https:\/\/www.researchgate.net\/publication\/27401653_Hierarchical_performance_and_availability_analysis_methodology_for_multi-tiered_Web_applications."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Trivedi, K.S., and Bobbio, A. (2017). Reliability and Availability Engineering\u2014Modeling, Analysis, and Applications, Cambridge University Press.","DOI":"10.1017\/9781316163047"},{"key":"ref_52","first-page":"16","article-title":"The Mercury Environment: A Modeling Tool for Performance and Dependability Evaluation","volume":"29","author":"Pinheiro","year":"2021","journal-title":"Ambient Intell. Smart Environ."},{"key":"ref_53","unstructured":"(2022, July 09). National Vulnerability Database (NVD), Available online: https:\/\/nvd.nist.gov."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"1725","DOI":"10.1109\/JIOT.2021.3088417","article-title":"A Fault-Tolerant Model for Performance Optimization of a Fog Computing System","volume":"9","author":"Zhang","year":"2022","journal-title":"IEEE Internet Things J."},{"key":"ref_55","unstructured":"(2022, July 09). Solve Stiff Differential Equations and DAEs\u2014Variable Order Method\u2014MATLAB ode15s. Available online: https:\/\/www.mathworks.com\/help\/matlab\/ref\/ode15s.html."},{"key":"ref_56","first-page":"13","article-title":"Models for dependability analysis of cloud computing architectures for eucalyptus platform","volume":"8","author":"Dantas","year":"2012","journal-title":"Int. Trans. Syst. Sci. Appl."},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"225","DOI":"10.1002\/qre.1305","article-title":"Non-markovian state-space models in dependability evaluation","volume":"29","author":"Distefano","year":"2013","journal-title":"Qual. Rel. Eng. Int."},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Boulanger, J. (2013). Safety of Computer Architectures, Wiley-ISTE.","DOI":"10.1002\/9781118600696"},{"key":"ref_59","doi-asserted-by":"crossref","unstructured":"Razaque, A., Shaldanbayeva, N., Alotaibi, B., Alotaibi, M., Murat, A., and Alotaibi, A. (2022). Big Data Handling Approach for Unauthorized Cloud Computing Access. Electronics, 11.","DOI":"10.3390\/electronics11010137"},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Koo, J., Kang, G., and Kim, Y.-G. (2020). Security and Privacy in Big Data Life Cycle: A Survey and Open Challenges. Sustainability, 12.","DOI":"10.3390\/su122410571"},{"key":"ref_61","doi-asserted-by":"crossref","first-page":"527","DOI":"10.3390\/jcp2030027","article-title":"Cybersecurity Threats and Their Mitigation Approaches Using Machine Learning\u2014A Review","volume":"2","author":"Ahsan","year":"2022","journal-title":"J. Cybersecur. Priv."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"174","DOI":"10.1007\/978-3-030-94583-1_9","article-title":"Verifying Pufferfish Privacy in Hidden Markov Models","volume":"Volume 13182","author":"Finkbeiner","year":"2022","journal-title":"Verification, Model Checking, and Abstract Interpretation"}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/6\/3\/44\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T00:19:30Z","timestamp":1760141970000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/6\/3\/44"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,8,29]]},"references-count":62,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2022,9]]}},"alternative-id":["cryptography6030044"],"URL":"https:\/\/doi.org\/10.3390\/cryptography6030044","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,8,29]]}}}