• Review of KIISC
• /
• v.25 no.5
• /
• pp.67-73
• /
• 2015

한국형 계통운영시스템인 전력거래소(KPX)의 EMS(Energy Management System)와 한국전력공사(이하 한전)의 급전소 SCADA시스템은 서로 ICCP(Inter-Control Center Protocol)를 통한 데이터 교환을 하고 있다. 현재의 ICCP는 데이터 교환에 있어서 보안 기능이 고려되어 있지 않기 때문에 본 논문에서는 안전하고 신뢰성 있는 계통운영시스템 간 데이터 교환을 위한 ICCP/TASE.2의 보안 통신 기능 개발을 소개하고자 한다.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.55 no.9
• /
• pp.376-383
• /
• 2006

In this paper, autonomous information exchange methodology is studied between IEDs using SOAP protocol based on XML and PtP communication to archive the safety and reliability of large-scale system operation. The SOAP protocol has the advantages in the independency Problem for operating systems, using language, platforms and the security problem because it is XML-based RPC protocol. Inference-based solution of the IED is designed as rule-based solution so that the IED internal status, the system status or the faulted zone can be inferred autonomously using the internal data as well as information data obtained from free information exchange among other IEDS, Also, it is designed so that the inference results and the operation information are transmitted to the above SCADA system, and determined autonomously whether the commands from the SCADA are executed or not. Finally, The inference-based solution of IED and information exchange system among IEDS is implemented using MS Visual C++ MFC, MS SOAP and MS XML. Availability and accuracy of the proposed methodology and the design is verified from diversity simulation reviews for typical distribution substation.

• Proceedings of the KIEE Conference
• /
• 1996.07b
• /
• pp.883-886
• /
• 1996

Instead of point-to-point hard wiring between substation yard equipments and SCADA RTU(Remote Terminal Unit), fibre optic cable will be used in the portion between Local Units and Central Unit in the future KEPCO 765kV substation. The connections between substation yard equipments and nearby Local Unit remain the same hard wiring. The new fibre optic system will provide security especially during ground faults and is immune to electrical noise. A prototype system will be manufactured and installed in the existing 154kV Yeosan Substation by the end of July this year and operated for one year. By incorporating the operation experiences acquired in the system, an improved system will be commercially applied to 765kV Shin-An-Seong Substation where 345kV GIS will be installed initially and act as the switching station in the year 1998. The system is composed of one Central Unit and several Local Units. The Central Unit is composed of two workstation level computers, one is in operation and the other backup, and a Communication Control Unit. The Local Unit uses the existing SCADA RTU technology and takes the form of a distributed one. Between the Communication Control Unit and Local Units, the fibre optic system with star-coupler is used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.329-337
• /
• 2013

Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.

• Review of KIISC
• /
• v.25 no.1
• /
• pp.47-52
• /
• 2015

보안에서 인적보안(Personal Security)의 예방통제 중 하나로 개발/운영을 분리하는 직무분리(Separation of Duty)를 해오고 있다. 고의적인 시스템의 오용을 줄이기 위한 방법이며, 많은 국제 표준과 국내 표준(COBIT, ISMS, 등)에서 직무분리를 명시하고 있다. 하지만 무중단 시스템이면서, 운영자가 특정 전문가 집단으로 한정되고, 수 많은 변경이 발생하는 무중단 환경에서 개발/운영이 분리 됨으로 인한 여러 가지 문제점이 발생 하고 있다. 체계를 운영하면서 전문지식을 기반으로 한 요구사항을 명확하게 이해하지 못하면, 추가적인 요구사항이 발생한다. 이는 체계의 품질저하와 위험(Risk)증가로 이어지게 된다. 따라서 본 연구에서는 개발운영조직 통합관리(DevOps) 방법론을 SCADA와 같이 운영자가 해당 분야의 전문성을 가지고, 무중단으로 운영되며, 수많은 변경이 반영되는 시스템에서 개발 및 운영을 통합하였을 때, 발생할 수 있는 문제점과 개선방안을 제시하고자 한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.3
• /
• pp.130-138
• /
• 2023

The Smart grids are considered as multi-disciplinary power systems where the communication networks are highly employed. This paper presents optimal wide area measurement system (WAMS) configuration in Nordic power system. The transition from SCADA to WAMS becomes now trend in all power systems to ensure higher reliability and data visibility. The optimization applied in this research considered the geographical regions of the Nordic power system. The research considered all the devices of WAMS namely phasor measurement units (PMUs), phasor data concentrators (PDCs) and communication links. The study also presents two scenarios for optimal WAMS namely base case and N-1 contingency as different operating conditions. The result of this research presents technical and financial results for WAMS configuration in a real power system. The optimization results are performed using MATLAB 2017a software application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.139-148
• /
• 2008

Information technology have led to change the automation of large industrial control system as well as business system and environments. Industrial control system(ICS) is vital components of most nation's critical infrastructures such as electricity, natural gas, water, waste treatment, transportation and communication that are based of national security, safety of citizen and development of national economy According to the change of business environment, organizational management pushed integration all of the system include MIS and ICS. This situation led to use standard information technologies for ICS, this transition has been to expose ICS to the same vulnerabilities and threats that plague business system. Recently government obliged owners of the public information system to audit for safety, efficiency and effectiveness, and also obliged the owners of national infrastructure to improve their system security as a result of vulnerability analysis. But there doesn't prepare a security architecture and information security auditing framework of ICS fur auditing. In this paper, I suggested the security architecture and information security auditing framework for ICS in order to prepare the base of industrial system security auditing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.645-656
• /
• 2019

As the number of cyber threats to control systems increases, the need for control system cyber security is also increasing. Currently, various cyber security related education and control system education are being conducted. However, it does not fully reflect the characteristics of the control system and the characteristics of the participants. In this paper, we propose a training system and technique to enhance the control system cyber security capability. To this end, we analyze the limitations of existing security education. Based on the results, we develop a control system training environment model based on the IEC62443 Standard and develop an ARCH based training method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.331-346
• /
• 2019

Global cyber threats to industrial control systems are increasing. As a result, related research and cooperation are actively underway. However, we are focusing on strengthening security for physical network separation and perimeter. Internal threats are still vulnerable. This is because the easiest and strongest countermeasure is to enhance border security, and solutions for enhancing internal security are not easy to apply due to system availability problems. In particular, there are many vulnerabilities due to the large number of legacy systems remaining throughout industrial control systems. Unless these vulnerable systems are newly built according to the security framework, it is necessary to respond to these vulnerable systems, and therefore, a security solution considering availability has been verified and suggested. Using Sysmon and ELK, security solutions can detect Cyber-threat that are difficult to detect in unstructured ICS.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.26 no.7
• /
• pp.99-109
• /
• 2012

Sub-station, key equipment in electric power infrastructure, are being exposed to increasing risk of hacking. For this, soft redundancy sub-station system needs to be formulated with automatic restoration mechanism. For this it is important to assess the reliability of the applicable range of data that are used in actual system operation, as well as the methods and findings of the tests. At the same time performance of soft redundancy system and total security mechanism, which are aligned for the protection of the sub-station, need to be tested. For testing the above-mentioned, this paper presented a viable formation of a soft redundancy practical VPN system within a panel to protect the latter from hacking or cracking incidences, and conducts a test to check if the considered system actually serves the protection function in the actual operation setting, gathering evidence from the data from the testing of the actual performance of the system as well as of emergency scenario simulation operations. Because tested soft-redundancy & restorative sub-station system is expected to be widely applicable for various cases such as Smart-grid or electricity IT system, where VPN with enhanced level of security is required.