• Journal of the Society of Disaster Information
• /
• v.16 no.4
• /
• pp.784-795
• /
• 2020

Purpose: This study intends to review the risk assessment procedures specified in the corporate disaster management standard. Method: The requirements for each stage of risk assessment stipulated in the corporate disaster management standard were identified, the case of application of the organization'A' and the partner companies were reviewed, and the risk assessment procedure in line with the requirements was reviewed. Result: It was reviewed that it was necessary to clearly define the method and procedure for deriving risk scenarios, which are the requirements of the corporate disaster management standard, and to introduce a standardized procedure for deriving risk scenarios. Conclusion: A method of deriving risk scenarios was implemented by applying the STPA technique based on the system theory for power generation fuel supply and demand, and it was suggested that the STPA technique be reflected in corporate disaster management standards as a risk scenario derivation technique for the establishment of a disaster reduction activity plan.

• Journal of Internet Computing and Services
• /
• v.20 no.3
• /
• pp.1-11
• /
• 2019

Today's software systems are becoming larger and more complicated, and the risk of accidents and failures have also grown larger. Software failures and accidents in industrial fields such as automobiles, nuclear power plants, railroad industries, etc. may lead to severe damage of property and human life. The safety-related international standards, such as IEC 61508 have been established and applied to industries for decades. The safety life cycle specified in the standards emphasize the activities to develop safety requirements through hazard and risk analysis in the early stage of software development. In this paper, we propose 'Hazard Analysis Process based on STPA using SysML' in order to ensure the safety of software at the early stage of software development. The proposed hazard analysis can be effectively performed minimizing the loss of hazard by using the BDD and the IBD of SysML to define the control structure of a system. The proposed method also improves the specification of the safety constraints(requirement) by using SD. As a result, it is possible to identify the hazard without missing and identify the hazard scenarios in detail, and safety can be sufficiently ensured in the early stage of software development.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.59-69
• /
• 2021

Malfunctions and failures linked to medical devices may result in significant damage for human being. Thus, in order to ensure that safety of medical device is achieved, it should be established and applied the international standard. It is required to integrate and customize activities at standards, owing to reference relationship between standards, especially, activities based safety analysis is too expensive. This paper proposes a integration process that integrate activities of development lifecycle and safety process. Additionally, we derived a guidance based on STPA for integration process. As a result, we can be performed systematically from early stage of the development and increased effectiveness of integration process by the guidance.

• Journal of the Korea Safety Management & Science
• /
• v.25 no.3
• /
• pp.45-53
• /
• 2023

In order to solve the rapidly increasing domestic delivery volume and various problems in the recent metropolitan area, domestic researchers are conducting research on the development of "Urban Logistics System Using Underground Space" using existing urban railway facilities in the city. Safety analysis and scenario analysis should be performed for the safe system design of the new concept logistics system, but the scenario analysis techniques performed in previous studies so far do not have standards and are defined differently depending on the domain, subject, or purpose. In addition, it is necessary to improve the difficulty of clearly defining the control structure and the omission of UCA in the existing STPA safety analysis. In this study, an improved scenario table is proposed for the AGV horizontal transport device, which is a key equipment of an urban logistics system using underground space, and a process model is proposed by linking systematic STPA safety analysis and scenario analysis, and UCA and Control Structure Guidelines are provided to create a safety analysis.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• Nuclear Engineering and Technology
• /
• v.54 no.5
• /
• pp.1635-1643
• /
• 2022

STPA (System-Theoretic Process Analysis) is a widely used safety analysis technique to identify UCAs (Unsafe Control Actions) resulting in potential losses. It is totally dependent on the experience and ability of analysts to construct an information model called Control Structures, upon which analysts try to identify unsafe controls between system components. This paper proposes a formal approach to support the manual identification of UCAs, effectively and systematically. It allows analysts to mechanically extract Process Model, an important element that makes up the Control Structures, from a formal requirements specification for a software controller. It then concisely constructs the contents of Context Tables, from which analysts can identify all relevant UCAs effectively, using a software fault tree analysis technique. The case study with a preliminary version of a Korean nuclear reactor protections system shows the proposed approach's effectiveness and applicability.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.169-177
• /
• 2021

Recently, the use of electric and electronic control systems is increasing in the automobile industry. This increase in the electric and electronic control system greatly increases the complexity of designing a vehicle, which leads to an increase in the malfunction of the system, and a safety problem due to the malfunction is becoming an issue. Based on IEC 61508 relating to the functional safety of electrical/electronic/programmable electronics, the ISO 26262 standard specific to the automotive sector was first established in 2011, and a revision was published in 2018. Malfunctions due to system failure are covered by ISO 26262, but ISO/PAS 21448 is proposed to deal with unintended malfunctions caused by changes in the surrounding environment. ISO 26262 sets out safety-related requirements for the entire life cycle. Functional safety analysis includes FTA (Fault Tree Analysis), FMEA (Failure Mode and Effect Analysis), and HAZOP (Hazard and Operability). These analysis have limitations in dealing with failures or errors caused by complex interrelationships because it is assumed that a failure or error affecting the risk occurs by a specific component. In order to overcome this limitation, it is necessary to apply the STPA (System Theoretic Process Analysis) technique.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.2
• /
• pp.129-143
• /
• 2019

As the importance of autonomous vehicle safety is emphasized, the application of ISO-26262, a development verification guideline for improving safety and reliability, and the safety verification of autonomous vehicles are becoming increasingly important, in particular, SAE standard level 3 or higher level autonomous vehicles detect and decision the surrounding environment instead of the human driver. Therefore, if there is and failure or malfunction in the autonomous driving function, safety may be seriously affected. So autonomous vehicles, it is essential to apply and verity the safety concept against failure and malfunctions. In this study, we study the fault injection scenarios for safety evaluation and verification of autonomous vehicles using ISO-26262 part3 process and STPA were studied and safety measures for safety concept design were studied through simulation bases fault injection test.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.133-145
• /
• 2018

Medical systems incurred accidents may result in significant damage for human being. Therefore, performing hazard analysis is important for medical system which is to identify hazard for preventing the accidents and minimizing the potential harm. Hazard analysis that is applied medical systems are difficult to apposite selected, because difference of analysis methods and applied development lifecycle is caused by objective of hazard analysis. It is required to select appropriate hazard analysis at concept phase during development lifecycle, owing to basic requirement elicitation to mitigate or prevent hazard based on identified hazard at concept phase. In this paper, hazard analysis methods, PHA and STPA, are compared at concept phase in which both methods have been applied on the medical system. As a result of compared methods, hazard analyst can be selected optimized hazard analysis methods for concept phase of the medical systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.