• Proceedings of the KIEE Conference
• /
• 2000.07d
• /
• pp.2498-2500
• /
• 2000

차세대 신형원전에서는 디지털 기술의 적용을 기본 설계 요건으로 제시하고 있다. 차세대 원전의 노심보호계통 (Core Protection Calculator Systems; CPCS)은 원전의 안전성을 보장하기 위한 부분으로 이 부분이 올바르게 작성되고, 검증되어야 함은 분명하다. 현재 이부분은 소프트웨어로 개발 중에 있으며 개발 단계에 있어서 시작단계인 요구명세 단계에 있다. 요구 명세 단계의 오류는 소프트웨어 개발 단계 중 소프트웨어의 품질에 가장 영향을 많이 미치는 단계로 알려져 있으므로 이 단계를 정확하게 수행하여야 한다. 안전성이 중요한 소프트웨어를 명세하는 데 있어서 우선 정의되어야 하는 것은 어떤 절차를 통해서 어떤 방법으로 할지를 결정하여 그 절차를 정하여야 한다. 기존에 소프트웨어 요구 명세에 대한 표준안이 존재하기는 하지만, 이러한 표준안들은 개념적인 언어들로 쓰여져 있기 때문에 실제 소프트웨어의 개발 과정에 사용하기 위해서는 구체적인 언어들로 다시 작성하여야 한다. 따라서, 소프트웨어 명세를 작성하기 위해서 절차와 방법에 대해서 정의하여야 한다. 본 논문에서는 개략적인 명세 절차와 명세 방법등을 기술하였다.

• Journal of Software Engineering Society
• /
• v.24 no.1
• /
• pp.9-17
• /
• 2011

Software reuse the concept of developing software by using existing software assets, rather than developing it from scratch. Developers may face difficulties of reusing existing software assets because existing assets are normally developed by other developers for different purposes. Developers tend to seek appropriate knowledge about effectively reusing software assets from the developers who have faced and solved similar problems in reusing software assets previously. In other words, the reuse-related knowledge of domain experts or other developers usually provides important clues to solve reuse-related problems. Such reuse-relalted knowledge can help developers to reduce the time and effort to identify and solve the difficulties and problems that may arise in reusing software assets and in minimizing the risks of reusing them by allowing them to reuse reliable software assets in an appropriate way and by recognizing similar requirements or constraints of resuing the assets. In this paper, we describe a model to represent reuse-related knowledge in a formal way, and explain the architecture and a prototype implementation of Software Reuse Wiki (SRW) that enables collaborative organization and sharing of software reuse-related knowledge. We have conducted an experiment pertaining to problem solving in reusing assets based on reuse-related knowledge. We also discuss about our evaluation plan for showing the benefits and contributions of reuse knowledge representation model and management methods in SRW. We expect that SRW can contribute to facilitate users' participations and make efficient sharing and growing of reuse-related knowledge. In addition, the representation model of reuse-related knowledge and management methods can make developers acquire more reliable and useful reuse-related knowledge in a straightforward manner without spending additional efforts to find solutions to solve reuse-related problems.

• Journal of KIISE:Software and Applications
• /
• v.29 no.12
• /
• pp.860-872
• /
• 2002

Fault tree analysis is the most widely used saftly analysis technique in industry. However, the analysis is often applied manually, and there is no systematic and automated approach available to validate the analysis result. In this paper, we demonstrate that a real-time model checker UPPAAL is useful in formally specifying the required behavior of safety-critical software and to validate the accuracy of manually constructed fault trees. Functional requirements for emergency shutdown software for a nuclear power plant, named Wolsung SDS2, are used as an example. Fault trees were initially developed by a group of graduate students who possess detailed knowledge of Wolsung SDS2 and are familiar with safety analysis techniques including fault tree analysis. Functional requirements were manually translated in timed automata format accepted by UPPAAL, and the model checking was applied using property specifications to evaluate the correctness of the fault trees. Our application demonstrated that UPPAAL was able to detect subtle flaws or ambiguities present in fault trees. Therefore, we conclude that the proposed approach is useful in augmenting fault tree analysis.

• Journal of Energy Engineering
• /
• v.7 no.1
• /
• pp.96-102
• /
• 1998

The use of computers as part of nuclear safety systems elicits additional requirements-software verification and validation (v/v), hardware qualification-not specifically addressed in general industry fields. The computer used in nuclear power plants is a system that includes computer hardware, software, firmware, and interfaces. To develop the computer systems graded with nuclear safety class, the developing environments have to be required in advance and the developed software have to be verified and validated in accordance with nuclear code and standards. With this requirements, the test facility for Inadequate Core Cooling Monitoring System (ICCMS) as one of safety systems in the nuclear power plants was developed. The test facility consists of three(3) parts such as Input/Output (I/O) simulator, Plant Data Acqusition System (PDAS) cabinets and supervisory computer. The performance of the system was validated by manual test procedure.

• Journal of KIISE:Software and Applications
• /
• v.26 no.12
• /
• pp.1428-1444
• /
• 1999

MSC는 ITU에 의해 표준화된, 병행 시스템의 명세를 기술하기 위한 그래픽 형태와 텍스트 형태를 제공하는 언어로서 실시간 시스템 특히 통신 교환 시스템의 특성을 기술하기 위해 자주 사용된다. 통신 시스템이 제대로 동작함을 보이기 위해서는 정형적인 방법을 사용하여 시스템 행위를 검증할 필요가 있다. 통신 소프트웨어를 검증하는 방법 중 하나의 방법으로 유한 상태를 기반으로 하는 방법이 있다. 유한 상태를 기반으로 하는 방법에서는 먼저 시스템 명세에 해당하는 전체 상태 전이 그래프를 생성한 후 이를 바탕으로 model-checking 등의 방법을 사용하여 시스템의 특성을 검증한다. 본 논문에서는 MSC로 기술된 통신 소프트웨어 명세로부터 전체 상태 전이 그래프를 생성하는 방법에 초점을 맞추었다. 시스템 명세에 해당하는 상태 전이 그래프를 생성하기 위해 보다 직관적으로 MSC의 의미론을 표현할 수 있고, 또한 쉽게 전체 상태 전이 그래프를 생성할 수 있는 행위 종속 그래프를 제안하였다. MSC 명세는 일단 행위 종속 그래프로 변환이 되고 이 행위 종속 그래프를 이용하여 전체 상태 전이 그래프가 생성된다.Abstract Message Sequence Chart (MSC) standardized by International Telecommunication Union is a graphical and textual language for describing the specification of concurrent systems. It is frequently used both formally and informally for specifying the behavior of real-time systems, in particular telecommunication switching systems. To ensure that a communication system operates properly, the verification process showing the correctness of system's behavior formally is necessary. One of the verification methods is a finite-state method. In the finite-state method, the global state transition graph (GSTG) is constructed and then safety and liveness properties of systems are verified through a well-known method such as model checking. In this paper, we forcus on the construction of GSTG from the specifications of telecommunication software written in MSC. We suggest Action Dependency Graph (ADG) which can present the semantics of MSC intuitively and also provide a GSTG construction method from ADG. MSC specifications are translated to ADGs and, in turns, the GSTGs are constructed by using these ADGs.

• Journal of Software Assessment and Valuation
• /
• v.10 no.1
• /
• pp.19-26
• /
• 2014

In this paper, we propose a method for protecting Android applications against reverse engineering attacks. In this method, the server encrypts the original executable code (DEX) included in an APK file, inserts into the APK file a stub code that decrypts the encrypted DEX later at run-time, and distributes the modified APK file. The stub code includes an integrity validation code to detect attacks on itself. When a user installs and executes the APK file, the stub code verifies the integrity of itself, decrypts the encrypted DEX, and loads it dynamically to execute. Since the original DEX is distributed as an encrypted one, we can effectively protect the intellectual property. Further, by verifying the integrity of the stub code, we can prevent malicious users from bypassing our method. We applied the method to 15 Android apps, and evaluated its effectiveness. We confirmed that 13 out of them operates normally.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.107-117
• /
• 2010

The feature models representing the common and variable concepts among the software products and the feature configurations generated by selecting the features to be included in the target product are the essential components in the software product lines methodology. Although the researches on the formal semantics and reasoning of the feature models and feature configurations are in progress, the researches on feature model ontologies and feature configuration validation using the semantic web technologies are yet insufficient. This paper defines the formal semantics of the feature models and proposes a feature configuration validation technique based on ontology and semantic web technologies. OWL(Web Ontology Language), a semantic web standard language, is used to represent the knowledge in the feature models and the feature configurations. SWRL(Semantic Web Rule Language), a semantic web rule languages, is used to define the rules to validate the feature configurations. The approach in this paper provides the formal semantic of the feature models, automates the validation of feature configurations, and enables the application of various semantic web technologies, such as SQWRL.

• Journal of IKEEE
• /
• v.25 no.3
• /
• pp.571-577
• /
• 2021

This paper describes ISO/TR 4804, an international standard to describe how to design and verify autonomous cars to ensure safety and cybersecurity. Goals of ISO/TR 4804 are (1) positive risk balance and (2) avoidance of unreasonable risk. It also 12 principles of safety and cybersecurity to achieve these goals. In the design procedures, it describes (1) 13 capabilities to achieve these safety and cybersecurity principles, (2) hardware and software elements to achieve these capabilities, and (3) a generic logical architecture to combine these elements. In the verification procedures, it describes (1) 5 challenges to ensure safety and cybersecurity, (2) test goals, platforms, and solutions to achieve these challenges, (3) simulation and field operation methods, and (4) verification methods for hardware and software elements. Especially, it regards deep neural network as a software component and it describe design and verification methods of autonomous cars.

• Journal of the Korea Society for Simulation
• /
• v.19 no.1
• /
• pp.153-160
• /
• 2010

Most part of errors in software development process are included during the stage of requirements definition and design. And correction or elimination of errors from those stages requires much more efforts and costs than those from the later part of software development process. However, despite of the importance of the validation of requirement definition and design stages, several kinds of problem have made it hard to be done successfully. Therefore, in this paper, we introduce a novel validation process for the preliminary design stage. The validation process is based on simulations of model and it can be used to validate requirements and model simultaneously. Models in the validation process will take only the behavior of software and be built on Ptolemy framework. The usability of our validation process is confirmed with a case study over DNS system environment. And the result of simulation shows well-known errors or vulnerabilities can be found with simulations of model which has the behavior of software. This means our validation process can be used as a process to validate requirements and models during the early stage of software development process.

• Aerospace Engineering and Technology
• /
• v.7 no.1
• /
• pp.83-90
• /
• 2008

The next generation LID satellite has 64KB PROM which contains the boot loader and the monitor software, and two 4MB NVMEMs which are used for flight software storage. The boot loader has two operation modes which are the flight software mode and the monitor mode. In the flight software mode, it checks CRC checksum of selected NVMEM and copies flight software image from NVMEM to RAM And then it starts VxWorks RTOS in RAM, creates flight software tasks, and starts execution of flight software. In the monitor mode, it activates monitor software which performs NVMEM reprogramming and board-level testing on the ground. This paper is to present the design of Boot ROM software and verification method using simulator.