• Review of KIISC
• /
• v.24 no.5
• /
• pp.7-14
• /
• 2014

국가기반시설 제어시스템은 독립망 운영 정책 적용과 독자적 제어시스템 통신 프로토콜 사용으로 안전하다고 여겨져 왔다. 하지만 최근 국가기반시설 제어시스템을 대상으로 한 최초의 사이버 무기인 스턱스넷(Stuxnet) 악성코드의 발견 이래로 현재까지도 지속적인 사이버 위협 및 사고사례가 보고되고 있다. 이에 따라 사회경제적으로 큰 혼란을 야기할 수 있는 제어시스템 대상 사이버공격에 대응하기 위해 일반 IT 환경과는 다른 제어시스템만의 특성이 반영된 보안기술이 요구되고 있다. 본 논문에서는 제어시스템 보안기술 중 침입탐지 시스템 기술 연구 동향을 분석하고 해당 기술이 적용되는 제어시스템 영역과 제어시스템 통신 프로토콜별 특성에 따른 기술들의 특징을 분석한다. 또한, 탐지 기법에 따른 제어시스템 공격 탐지 성능을 비교 및 분석한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1223-1234
• /
• 2016

The Industrial control system is adopted by various industry field and national infrastructure, therefore if it received cyber attack, the serious security problems can be occured in the public sector. For this reason, security requirements of the industrial control system have been proposed, in accordance with the security guidelines of the electronic control system, and it is operated by separate from the external and the internal network. Nevertheless, cyber attack by malware (such as Stuxnet) targeting to control system have been occurred continuously, and also the real-time detection of untrusted traffic is very difficult because there are some difficulty of keeping up with quickly evolving the advent of new-variant malicious codes. In this paper, we propose the traffic analysis architecture for providing secure industrial control system based on the analyzed the security threats, the security requirements, and our proposed architecture.

• Journal of the Korea Society for Simulation
• /
• v.18 no.4
• /
• pp.67-79
• /
• 2009

Because a product in the car industry has a short life cycle in recent years, the process planning and the manufacturing lines have to be changed frequently. Most of time, repositioning an existing facility and modifying used control information are faster than making completely new process planning. However, control information and control code such as PLC code are difficult to understand. Hence, industries prefer writing a new control code instead of using the existing complex one. It shows the lack of information reusability in the existing process planning. As a result, to reduce this redundancy and lack of reusability, we propose a SOS-Net modeling method. SOS-Net is a standard methodology used to describe control information. It is based on the Device Structure which consists of sensor information derived from device hardware information. Thus, SOS-Net can describe a real control state for automated manufacturing systems. The SOS-Net model is easy to understand and can be converted into PLC Code easily. It also enables to modify control information, thus increases the reusability of the new process planning. Proposed model in this paper plays an intermediary role between the process planning and PLC code generation. It can reduce the process planning and implementation time as well as cost.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 1992.06a
• /
• pp.254-257
• /
• 1992

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2008.06a
• /
• pp.79-80
• /
• 2008

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.2
• /
• pp.199-208
• /
• 2014

Code division multiple access (CDMA) is one of the promising medium access control (MAC) schemes for underwater acoustic sensor networks because of its robustness against frequency-selective fading and high frequency-reuse efficiency. As a way of performance evaluation, sea or lake experiment has been employed along with computer simulation.. In this study, we design the underwater CDMA forward-link transceiver and evaluate the feasibility aginst harsh underwater acoustic channel in water-tank first. Then, based on the water-tank experiment results, we improved the transceiver and showed the improvements in a lake experiment. A pseudo random noise code acquisition process is added for phase error correction before decoding the user data by means of a Walsh code in the receiver. Interleaving and convolutional channel coding scheme are also used for performance improvement. Experimental results show that the multiplexed data is recovered by means of demultiplexing at receivers with error-free in case of two users while with less than 15% bit error rate in case of three and four users.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.42 no.6 s.336
• /
• pp.67-74
• /
• 2005

Crypto-systems have difficulties in designing hardware due to the various standards. We propose a programmable and configurable architecture for cryptography coprocessors to accommodate various crypto-systems. The proposed architecture has a 32 bit I/O interface and internal bus width, and consists of a programmable finite field arithmetic unit, an input/output unit, a register file, and a control unit. The crypto-system is determined by the micro-codes in memory of the control unit, and is configured by programming the micro-codes. The coprocessor has a modular structure so that the arithmetic unit can be replaced if a substitute has an appropriate 32 bit I/O interface. It can be used in many crypto-systems by re-programming the micro-codes for corresponding crypto-system or by replacing operation units. We implement an elliptic curve crypto-processor using the proposed architecture and compare it with other crypto-processors

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1235-1242
• /
• 2019

While several machine learning technique has been implemented for Android malware categorization, there is still difficulty in analyzing due to overfitting problem and including of un-executable code, etc. In this paper, we introduce our implemented tool to address these problems. Tool is consists of approximately 1,500 lines of Java code, and perform Flow analysis on set of APIs, or on control flow graph. Our tool groups all the API by its relationship and only perform analysis on actually executing code. Using our tool, we grouped 39032 APIs into 4972 groups, and 12123 groups with result of including class names. We collected 7,000 APKs from 7 families and evaluated our feature reduction technique, and we also reduced features again with selecting APIs that have frequency more than 20%. We finally reduced features to 263-numbers of feature for our collected APKs.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.27-35
• /
• 2008

The CTOC framework was implemented to efficiently perform analysis and optimization of the Java bytecode that is often being used lately. In order to analyze and optimize the bytecode from the CTOC, the eCFG was first generated. Due to the bytecode characteristics of difficult analysis, the existing bytecode was expanded to be suitable for control flow analysis. and the control flow graph was drawn. We called eCFG(extended Control Flow Graph). Furthermore, the eCFG was converted into the SSA Form for a static analysis. Many loops were found in the conversion program. The previous CTOC performed conversion directly into the SSA Form without processing the loops. However, processing the loops prior to the SSA Form conversion allows more efficient generation of the SSA Form. This paper examines the process of finding the loops prior to converting the eCFG into the SSA Form In order to efficiently process the loops, and exhibits the procedures for generating the loop tree.

• Journal of Energy Engineering
• /
• v.16 no.3
• /
• pp.103-112
• /
• 2007

Flood issue for nuclear power plants designed and built in 1970 is extremely severe for main steam header compartment and main feedwater line region of intermediate building and lower floor. A calculation for flood level at the main feedwater line isolation compartment is now performing by hand calculation. But, this methodology is quite conservative assumption. The goal of this study was to develop method to analyze flowrate using the RETRAN-3D computer code, and the developed method was applied to flood level analysis following main feedwater line break. As a result of analysis, flood level was low remarkably.