• International Journal of Contents
• /
• v.5 no.3
• /
• pp.71-78
• /
• 2009

Recently, interest has heightened over 'critical infrastructures' and their reliability in the face of potential terrorist attack. Assault on any of the critical infrastructures as transportation, power, water, telecommunications, and financial services, entails great consequences for their users as well as the other interdependent critical infrastructures. How to protect our vital critical infrastructures is the key question in this paper. The purpose of this article is to suggest the implications for crisis and emergency management to protect the critical infrastructures in our society. For achieving the purpose, we examined the concept of comprehensive security, national crisis, and critical infrastructure and, using the holistic approach, we examined the comprehensive emergency management for suggesting the implications for establishing the critical infrastructure protection system; building up the high reliability organization, organizing and partnering, assessing the risk, preparing first responders, working with private owners of critical infrastructures, working with communities, improving the administrative capacity.

• Journal of Digital Contents Society
• /
• v.18 no.4
• /
• pp.795-802
• /
• 2017

If the function of the national infrastructure is suspended due to natural disasters and social disasters, the damage of the national infrastructure can be a serious threat to the national security as well as the life, body and property damage of the people. In this paper, we examine the domestic and overseas trends of the national system protection system and examine the domestic and overseas trends of the national system protection system. The detailed function of the essential function continuity, essential function, succession order, authority delegation, continuity facility, continuity communication, We examined the specific issues related to testing, education and training, transferring control and directing authority, analyzing the system related to the national infrastructure protection plan, and examined the specific problems and suggested an effective improvement plan for the critical infrastructure protection system.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.24 no.8
• /
• pp.781-790
• /
• 2013

Nowadays, national critical infrastructures have been known to be highly vulnerable to the EMP threats which are internationally growing. But their realistic solutions have been not made by the lack of detailed rules and regulations in current laws, however, which cover most of cyber threats. This paper takes a look at the domestic and overseas trends on the EMP protections, and proposes the revision directives of relevant laws and the contents included into the proposed legislation. Among them, the amendment of the current "Information Infrastructure Protection Act" is considered to be the most effective, including provisions on protected informations, industrial promotions, R&D supports, education, etc. Anyway, this paper is expected to be helpful for introducing an effective legal scheme on the CIP against EMP threats. domestic rule.

• Journal of the Korean Society of Environmental Restoration Technology
• /
• v.25 no.6
• /
• pp.65-75
• /
• 2022

Urban flood management(UFM) strategy ought to consider the connections and interactions between existing and new infrastructures to manage stormwater and improve the capacity to treat water. It is also important to demonstrate strategies that can be implemented to reduce the flow at flooding sources and minimize flood risk at critical locations. Although the general theory of spatial impact is popular, modeling guidelines that can provide information for implementation in real-world plans are still lacking. Under such background, this study conducted a modeling research based on an actual target site to confirm the hypothesis that it is appropriate to install green infrastructure(GI) in the source area and to take structural protection measures in the impact area, as summarized in previous studies. The results of the study proved the hypothesis, but the results were different from the hypothesis depending on which hydrological performance indicators were targeted. This study will contribute to demonstrating the effectiveness of strategies that can be implemented to reduce the flow at flooding sources and minimize the risk of flooding in critical locations in terms of spatial planning and regeneration.

• Journal of Convergence for Information Technology
• /
• v.10 no.8
• /
• pp.1-6
• /
• 2020

The government is carrying out information security consulting support projects to solve the difficulties of SME information protection activities. Since the information security consulting methodology applied to SMEs does not apply the proven methodology such as the critical information and communication infrastructure(CIIP), ISMS, ISO27001, etc. It applies various methods for each consulting provider. It is difficult to respond appropriately depending on the organizational situation such as the type and size of SMEs. In order to improve such problems of SME information security consulting and to improve more effective, effective and standard methodology, the information security consulting methodology applied in the current system was compared and analyzed. Through the improvement plan for SME information security consulting method suggested in this study, it is possible to provide information security consulting suitable for all enterprises regardless of SME size or business type.

• Nuclear Engineering and Technology
• /
• v.52 no.12
• /
• pp.2687-2698
• /
• 2020

Most of the machine learning-based intrusion detection tools developed for Industrial Control Systems (ICS) are trained on network packet captures, and they rely on monitoring network layer traffic alone for intrusion detection. This approach produces weak intrusion detection systems, as ICS cyber-attacks have a real and significant impact on the process variables. A limited number of researchers consider integrating process measurements. However, in complex systems, process variable changes could result from different combinations of abnormal occurrences. This paper examines recent advances in intrusion detection algorithms, their limitations, challenges and the status of their application in critical infrastructures. We also introduce the discussion on the similarities and conflicts observed in the development of machine learning tools and techniques for fault diagnosis and cybersecurity in the protection of complex systems and the need to establish a clear difference between them. As a case study, we discuss special characteristics in nuclear power control systems and the factors that constraint the direct integration of security algorithms. Moreover, we discuss data reliability issues and present references and direct URL to recent open-source data repositories to aid researchers in developing data-driven ICS intrusion detection systems.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.674-681
• /
• 2021

Cyber attacks targeting critical infrastructure are on the rise. Critical infrastructure is defined as core infrastructures within a country with a high degree of interdependence between the different structures; therefore, it is difficult to sufficiently protect it using outdated cybersecurity techniques. In particular, the distinction between the physical and logical risks of critical infrastructure is becoming ambiguous; therefore, risk management from a comprehensive perspective must be implemented. Accordingly, as a means of further actively protecting critical infrastructure, major countries have begun to apply their security and cybersecurity systems by design, as a more expanded concept is now being considered. This proactive security approach (CSbD, Cybersecurity by Design) includes not only securing the stability of software (SW) safety design and management, but also physical politics and device (HW) safety, precautionary and blocking measures, and overall resilience. It involves a comprehensive security system. Therefore, this study compares and analyzes security by design measures towards critical infrastructure that are leading the way in the US, Europe, and Singapore. It reflects the results of an analysis of optimal cybersecurity solutions for critical infrastructure. I would like to present a plan for applying by Design.

• Korean Security Journal
• /
• no.10
• /
• pp.387-407
• /
• 2005

Thanks to the developments of IT technologies, such critical infrastructures as fundamental structures of energies, material circulations, monetary circulations, and living necessaries are intertwined as well as mutually dependent. In this respect, the fact that national infrastructures are closely related to IT infrastructures implies not only expected benefits to provide diverse information-based services, but also anticipated costs to bring about new dangers. However, in spite of these threats, traditional researchers have not put enough interests in these indirect danger, which yield the damages in broad areas through paralyzing risk management systems, although they have investigated such direct threats as nuclear accidents, conflagrations, traffic troubles, and gasoline accidents. Considering that the tendency to depend on electricity, so-called electrification, which is caused by automation and informationalization, is intensified in all parts of society, the breakout problem as a factor to inhibit securities in information-oriented society is significant. Thus, the problems of large-scale power blackout should be treated as national crises. Also, preparation systems for large-scale power blackout have to be provided quickly. In this paper, with analyzing various cases of large-scale power blackout and investigation the causes of them, researches on the blackout management systems of Korea are to be present, on the basis of national crisis management states which are comprised of protection (mitigating and preparing), responding, and recovering(rewarding).

• Nuclear Engineering and Technology
• /
• v.44 no.8
• /
• pp.919-928
• /
• 2012

The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the lifecycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

• Journal of the Earthquake Engineering Society of Korea
• /
• v.7 no.1
• /
• pp.17-29
• /
• 2003

This paper preliminarily investigates the effectiveness of various control systems, such as passive, active, semiactive and hybrid control, for seismic protection of cable-stayed bridges by examining the ASCE first generation benchmark problem for a cable-stayed bridge. This benchm.0.00000ark problem considers the cable-stayed bridge that is scheduled for completion in Missouri, USA In 2003. Seismic considerations were strongly considered in the design of this bridge due to location of the bridge and its critical role as a principal crossing of the Mississippi River. Based on detailed drawings of this cable-stayed bridge, a three-dimensional linearized evaluation model has been developed to represent the complex behavior of the bridge. A set of eighteen evaluation criteria has been developed to evaluate the capability of each control system. In this study, four passive control systems, one active control system, two semiactive control systems and three hybrid control systems are considered. Numerical simulation results show that all the control systems are effective in reducing the responses of the benchmark cable-stayed bridge under the historical earthquakes. To get good performance, however, the passive control systems need quite large control forces compared to other control systems. The simulation results also demonstrate that the passive, semiactive and hybrid control systems are robust to the stiffness uncertainty of the structure. Therefore, the semiactive and hybrid control systems are more appropriate in real applications for full-scale civil infrastructures.