• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1407-1417
• /
• 2012

In order to protect a software system from security attacks, it is important to remove the software security weaknesses through the entire life cycle of software development. To remove the software weaknesses more effectively, software weaknesses are prioritized and sorted continuously. In this paper, we introduce the existing scoring systems for software weakness and software vulnerability, and propose a new quantitative standard for the scoring system, which helps evaluate the importance of software weakness objectively. We also demonstrate the practicability of the proposed standard by scoring 2011 CWE/SANS Top 25 list with the proposed standard and comparing it to the original score of MITRE.

• Proceedings of the KSR Conference
• /
• 2007.05a
• /
• pp.959-963
• /
• 2007

After the year of 2000, the need of safety increases in field of railroad. The project for developing Integrated Centralized Traffic Control(CTC) center started at 2002 to control the full domestic railroad network. A traffic control software was required the safety activity and assessment, according to 'KORAIL Instruction number 2001-49'. There were many trials and errors to perform safety activity because the technology and recognition of safety activity is in primary stage. However the safety activities are gradually stabilized. This paper describes the safety life-cycle and development life-cycle of Integrated CTC S/W and a suitable life-cycle of safety to develop S/W of Integrated CTC.

• Journal of KIISE:Software and Applications
• /
• v.30 no.5_6
• /
• pp.503-514
• /
• 2003

In conventional development methodologies, requirements are considered to be not changing after analysis phase, and requirements specifications are used for the next step system design purpose. But in the real world, requirements can be changed and modified throughout the development life cycle according to end-user's more understanding about the target system, new IT technologies, changes of customer environment and market situation, and so on. So there needs a requirements change management process that can extend requirements management over the entire development life cycle and can support managing changes to the requirements after design phase. In this paper, a requirements change management process that can be integrated into conventional development methodologies is proposed to support the extension of requirements life cycle and managing changes to the requirements after design phase. This process was evaluated through an verification test with a widely used development methodology‘MaRMI’.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.6
• /
• pp.33-40
• /
• 2009

In this thesis, for the assessment of software development process for project complexity and project size : one of digital watermarking algorithm is selected and examined. Digital watermarking provides a solution to illegal copying of digital contents and has many other useful applications, including web broadcast monitoring, transaction tracking, authentication, copy control and device control. This thesis focused on the method for customizing software development path, considering the project environments and characteristics. The selection standard of software development path is composed of process items, based on the ISO/IEC 15721 Information Technology Guide for ISO/IEC 12207 (Software Life Cycle Process) and ISO/IEC 15504 Information technology - Process assessment. To evaluate the algorithm, a system for selecting development path, which reflected algorithm, was examined.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.22 no.53
• /
• pp.99-109
• /
• 1999

The International Organization for Standardization(ISO) is a worldwide federation of national standards bodies. Through ISO Technical Committees(TC), various International Standards are being carried out. Each member body interested in a subject for which a TC has been established has the right to be represented on that committee. ISO collaborates closely with the International Electro-technical Commission(IEC) on all matters of electro-technical standardization. ISO established the ISO 9000 Family standard in 1987, and International Standard ISO 9000-3 was worked by ISO/TC 176, Quality management and quality assurance, Subcommittee 2(SC 2), Quality systems, in accordance with the ISO/IEC Directives, Part 3: 1997 Rules for the structure and drafting of International Standards, Many organizations have applied the ISO 9000-3 for their quality system standard in the software sector. That means that ISO 9000-3: 1991 and ISO 9000-3: 1997 have been used successfully by the software industry as the internationally accepted interpretation of ISO 9001 for the development and maintenance of computer software. Additionally ISO 9000-3: 1997 involved how the software life cycle processes defined in ISO/IEC 12207: 1995, Information Technology - Software Life Cycle Processes related to the requirements of ISO 9001:1994. After having performed full reviews of the WD3, CD1, CD2 and DIS drafts of the future ISO 9001:2000, this document will partly replace the part of ISO 9000-3: 1997 for measurement analysis and improvement of quality management system in computer software industry, as an interpretation for organizations and certification bodies, which will be withdrawn when ISO 9001:1994 is replaced by ISO 9001:2000,.

• Korean System Dynamics Review
• /
• v.3 no.1
• /
• pp.43-60
• /
• 2002

This paper describes the forecast of wholesale price in competitive Korean electricity market using the system dynamics approach. The system dynamics concepts have been implemented with the Ithink software. This software facilitates the development of stock and flow model with information feedback. Using this model, the future wholesale electricity price can be computed hour by hour, quarterly, and yearly. This model also gives the energy planner the opportunity to create different scenarios for the future of deregulated wholesale markets in Korea. Also It will lead to increased understanding of competitive wholesale market as a complex, dynamic system. Research results show that the plant construction appeared in waves of boom and bust in Korean electricity market like real estate construction. That is, the Korea wholesale market's new power plants and the market price will appear the Boom and Bust cycle. It is very similar behavior as real estate industry. In case of consideration of DSM program, The DSM savings lead to a somewhat different timing of the booms in construction and of price spikes. But the DSM programs do not eliminated the fundamental dynamics of the boom and bust. And the wholesale price is maintained at the lower level compared to the case of without DSM program. However, the unexpected result is found that due to the lower market price, Investor make significantly less investment in new CCs, which leads to the higher wholesale price after 2010. It suggests that the DSM Policy must be implemented with the dynamics of competitive Electricity Market.

• The Journal of Bigdata
• /
• v.4 no.2
• /
• pp.47-59
• /
• 2019

Recently, the RPA (Robotic Process Automation) solution, which has been spreading in Korea and overseas, allows users to easily automate their tasks with the application GUI (Graphic User Interface), and the number of Korean financial companies which Implemented for automating their business is increasing now. However, as the major supervisory regulations that financial institutions must comply with are based on the existing traditional SDLC (Software Development Life Cycle), it is not proper to be directly applied to RPA that automates end-user works on the level of user's system interface. Therefore, in this paper, we organized the important financial supervisory rules and control items that should be considered for RPA implementation, then surveyed 24 financial companies which have implemented RPA for checking how they applied them. Finally, we would like to present the necessity of revision of related compliance.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.2
• /
• pp.311-324
• /
• 2004

Software development undergoes a number of iterations and each iteration forms its own cycle going through requirement analysis, scheme and design, implementation and finally test and evaluation. In this iterated development process, executable releases are produced, improved and eventually developed to a complete system, going through this particular development cycle. Compared to the conventional process, the advantage of rapid iterative development process lies in reducing risk factors in early stage and responding to changes very flexibly. In addition, highly reusable, the process can improve capabilities of the development team while the project is being carried out. As a result, overall balance in quality is secured. The objective of this paper is the research of rapid development process and its case studies showing how to adapt the rapidly changing customer requirements and to transform those requirements into the project timely and adequately. The proposed process is focused on the common and core activities of NET-based MarMIIII, MSF/CD, XP, Agile, PSP and TSP

• Journal of Advanced Navigation Technology
• /
• v.15 no.3
• /
• pp.419-431
• /
• 2011

Design traceability has been widely recognized as being an integral aspect of software development. Also many projects for software application development have failed because that the projects did not analyze user requirements sufficiently and reflected them in the projects adequately. This thesis proposes a specification and tracing technique for object-oriented analysis and design. The subject of this study is the artifacts of UML development methodology. Therefore, to improve the quality of the software development cycle, in short, the system requirement of customers will be able to respond quickly.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.19 no.40
• /
• pp.29-36
• /
• 1996

In order to accomplish large-sized information systems successfully, one of the most important factor is the system integration(SI) of individual software projects which consist of the systems. Developers of each project should consider aspects of SI through the development cycle, and managers of the entire system should manage, control, and evaluate each from an SI point of view. In this research, management models for the system managers, development models for the developers of unit projects, and standardized output documents for the management and evaluation purpose are presented based on the SI concepts.