• Nuclear Engineering and Technology
• /
• v.49 no.3
• /
• pp.484-494
• /
• 2017

In industrial plants such as nuclear power plants, system operations are performed by embedded controllers orchestrated by Supervisory Control and Data Acquisition (SCADA) software. A targeted attack (also termed a control aware attack) on the controller/SCADA software can lead a control system to operate in an unsafe mode or sometimes to complete shutdown of the plant. Such malware attacks can result in tremendous cost to the organization for recovery, cleanup, and maintenance activity. SCADA systems in operational mode generate huge log files. These files are useful in analysis of the plant behavior and diagnostics during an ongoing attack. However, they are bulky and difficult for manual inspection. Data mining techniques such as least squares approximation and computational methods can be used in the analysis of logs and to take proactive actions when required. This paper explores methodologies and algorithms so as to develop an effective monitoring scheme against control aware cyber attacks. It also explains soft computation techniques such as the computational geometric method and least squares approximation that can be effective in monitor design. This paper provides insights into diagnostic monitoring of its effectiveness by attack simulations on a four-tank model and using computation techniques to diagnose it. Cyber security of instrumentation and control systems used in nuclear power plants is of paramount importance and hence could be a possible target of such applications.

• KEPCO Journal on Electric Power and Energy
• /
• v.6 no.3
• /
• pp.321-322
• /
• 2020

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.6
• /
• pp.839-847
• /
• 2011

Instrumentation & Control(I&C) System in NPP(Nuclear Power Plant) plays a important role as the brain of human being, it performs protecting, controling and monitoring safety operation of NPP. Recently, the I&C system is digitalized as digital technology such as PLC, DSP, FPGA. The different aspect of digital system which use digital communication to analog system is that it has potential vulnerability to cyber threat in nature. Possibility that digital I&C system is defected by cyber attack is increasing day by day. The result of cyber attack can be adverse effect to safety function in NPP. Therefore, I&C system required cyber security counter-measures that protect themselves from cyber threat efficiently and also cyber security design should be taken into consideration at concept stage in I&C system development process. In this study, we proposed the digital asset analysis method for cyber security assessment of I&C system design in NPP and we performed digital asset analysis of I&C system by using the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.445-457
• /
• 2013

This paper is about the study to build a quantitative methodology to assess cyber threats and vulnerabilities on control systems. The SCADA system in power industry is one of the most representative and biggest control systems. The SCADA system was originally a local system but it has been extended to wide area as both ICT and power system technologies evolve. Smart Grid is a concept to integrate energy and IT systems, and therefore the existing cyber threats might be infectious to the power system in the integration process. Power system is operated on a real time basis and this could make the power system more vulnerable to the cyber threats. It is a unique characteristic of power systems different from ICT systems. For example, availability is the most critical factor while confidentiality is the one from the CIA triad of IT security. In this context, it is needed to reflect the different characteristics to assess cyber security risks in power systems. Generally, the risk(R) is defined as the multiplication of threat(T), vulnerability(V), and asset(A). This formula is also used for the quantification of the risk, and a conceptual methodology is proposed for the objective in this study.

• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.59-68
• /
• 2021

The Future Battlefield includes the main areas of modern warfare, including the ground, sea, and air, as well as cyberspace and space. Cyberspace consists of computers, wired and wireless networks, and spans the ground, sea, air, and space domains. Cyber warfare takes place in cyberspace, so it is not easy for people without expertise in cyber to recognize the cyber situation. Therefore, training personnel with professional knowledge and skills in cyber is paramount in preparation for cyber warfare. In particular, the results of cyber warfare will vary greatly depending on the ability of cyber combatants to carry it out, the performance of cyber systems, and the proficiency of cyber warfare procedures. The South Korean military has power to respond to cyber warfare at various levels, centering on the Cyber Operations Command, but there is a limit to defending all the rapidly expanding cyberspace. In this paper, to overcome these limitations, we looked at the changes in Germany's cyber warfare response policy. Based on them, the organization structure, weapon system, and education and training system of future Korean military cyber forces are presented separately.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.4
• /
• pp.127-138
• /
• 2008

To study about core capability which becomes the kernel of sustainable competitive advantage (SCA) in cyber university which confronts competition-deepening circumstance, the value and importance of brand and educational services of cyber universities which stand on the basis of offline university were examined. Moreover, core capability based on the importance of cyber university service was searched, and its strategic course were suggested. Within research processes, competition environment of cyber university was forecasted, and importance to build up its core capability was examined. Moreover, conjoint analysis was carried out for three offline cyber universities. As a result of survey analysis, effectiveness of cyber university brand showed greater influence than other characteristics in terms of the influence which affects consumer preference for cyber university. Therefore, to overcome weaknesses of brand asset in low brand power cyber university, establishment of strong core capability which reflects consumer preference is needed to carry out differentiation strategy or concentration strategy, and it is necessary to consider the introduction of new competitiveness structure.

• Journal of Information Technology Services
• /
• v.15 no.1
• /
• pp.67-79
• /
• 2016

This study aims to present the necessary elements that should be part of South Korea's National Defense Strategy against the recent North Korean cyber-attacks. The elements proposed in this study also reflect the recent trend of cyber-attack incidents that are happening in the Unites States and other countries and have been classified into the three levels of cyber incidents: cyberwarfare, cyberterrorism and cybercrime. As such, the elements proposed are presented in accordance with this classification system. In order to properly take into account the recent trend of cyber-attacks perpetrated by North Korea, this paper analyzed the characteristics of recent North Korean cyber-attacks as well as the countermeasures and responses of South Korea. Moreover, by making use of case studies of cyber-attack incidents by foreign nations that threaten national security, the response measures at a national level can be deduced and applied as in this study. Thus, the authors of this study hope that the newly proposed elements here within will help to strengthen the level of Korea's cyber security against foreign attacks, specifically that of North Korea such as the KHNP hacking incidents and so on. It is hoped that further damage such as leakage of confidential information, invasion of privacy and physical intimidation can be mitigated.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.561-568
• /
• 2013

Instrumentation and control system in nuclear power plant performs protecting, controling and monitoring safety operation of Nuclear Power Plant. As cyber attack to the control equipment of instrumentation and control system can cause reactor shutdown and radiation release, it is required to design the instrumentation and control system considering cyber security in accordance with regulatory guides and industrial standards. In this paper, we proposed a design method of uni-directional communication structure which is required in the design of defense-in-depth model according to regulatory guides and industrial standards and we implemented a communication board with the proposed method. This communication board was tested in various test environments and test items and we concluded it can provide uni-directional communication structure required to design of defense-in-depth model against cyber attack by analyzing the results. The proposed method and implemented communication board were applied in the design of SMART (system-integrated modular advanced reactor) I&C (instrumentation and control) systems.

• International Journal of Advanced Culture Technology
• /
• v.8 no.1
• /
• pp.188-198
• /
• 2020

In the cyber space represented by Sns, the problem of cyber verbal violence, which sends slander messages such as abusive messages through chats, bulletin boards, malicious comments, and messages, is getting worse. Leveraging the power of cyberspace's anonymity, people can't hesitate to say what they can't say in the real world. In extreme cases, cyber verbal violence can lead to the death of a person. This paper focuses on the creation of media content that helps to inform and prevent the seriousness of cyber verbal violence prevalent on the Internet through interactive art. The nature of Interact art goes beyond the work and the audience to the people in the relationship between the work and the participants, allowing participants to directly and indirectly feel the seriousness of cyber verbal viol.