• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.2
• /
• pp.144-155
• /
• 2019

One of the issues of the automotive industry today is autonomous driving vehicles. In order to achieve level 3 or higher as defined by SAE International, harmonization of autonomous driving technology and connected technology is essential. Current vehicles have new features such as autonomous driving, which not only increases the number of electrical components, but also the amount and complexity of software. As a result, the attack surface, which is the access point of attack, is widening, and software security vulnerabilities are also increasing. However, the reality is that the essential security requirements for vehicles are not defined. In this paper, based on real attacks and vulnerability cases and trends, we identify the assets in the in-vehicle network and derive the threats. We also defined the security requirements and derived essential security requirements that should be applied at least to the safety of the vehicle occupant through risk analysis.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.91-102
• /
• 2023

The Energy Management System (EMS) communicates with power plants and substations, monitors the substations and plant operational status of the transmission and substation system for stability, continuity, real-time, and economy of power supply, and controls power plants and substations. Currently, the power exchange EMS communicates with power plants and substations based on the serial communication-based Distributed Network Protocol (DNP) 3.0 protocol. However, problems such as the difficulty of supply and demand of serial communication equipment and the lack of installation space for serial ports and modems are raised due to the continuous increase in new facilities to perform communication, including renewable power generation facilities. Therefore, this paper presents a TCP/IP-based communication method instead of the existing serial communication method of the power exchange EMS, and presents a security risk analysis that may occur due to changes in the communication method and a countermeasure to the security risk.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2021.11a
• /
• pp.72-73
• /
• 2021

As discussions of the International Maritime Organization for the introduction of the Marine Autonomous Surface Ship (MASS) began in earnest, discussions were conducted to prioritize cybersecurity (Cyber Risk Management) when developing a system to support MASS operation at the 27th ENAV Committee Working Group (WG2). Korea launched a technology development project for autonomous ships in 2020, and has been promoting detailed tasks for cybersecurity technology development since 2021. MASS operation in a digital maritime communication system environment requires network security of various digital equipment that was not considered in the existing maritime communication environment. This study introduces the basic concept of network security equipment to support MASS operation in the detailed task of cybersecurity technology development, and defines the network security equipment interface for MASS ship application in the basic stage.

• Journal of Digital Convergence
• /
• v.14 no.5
• /
• pp.67-75
• /
• 2016

This study focused on university students' risk perception of cybercrime through media exposure. For this purpose, I tried to figure out the results of risk perception on cybercrime with 8 factors. As a result, the lowest type of cybercrime was internet fraud, and it was caused by media type and degree of exposure, where university students get information about cybercrime. There's a difference of students' risk perception by media type, news media was the best. Depending on the media of the environment, even in the area of cyber crime there is a difference of perception of risk for each individual. And it can be confirmed that the risk perception in response to the exposure of the media has changed.

• Journal of the Society of Disaster Information
• /
• v.17 no.2
• /
• pp.226-235
• /
• 2021

Purpose: The risk assessment for earthquakes was conducted in accordance with the current design standard (KBC2016) for the Coalescer facility, which is a major facility of energy storage facilities. Method: The risk assessment for earthquakes was conducted in accordance with the current design standard (KBC2016) for the Coalescer facility, which is a major facility of energy storage facilities. Result: In this study, by statically loading earthquake loads and evaluating the level of collapse prevention of special-class structures, facility managers can easily recognize and evaluate the risk level, and this analysis result can be applied to future facility risk management. Earthquake analysis was performed so that. Conclusion: As a result of analyzing the Coalescer facility according to the current design standard KBC2016, the stress ratio of the main supporting members was found to be up to 4.7%. Therefore, the members supporting Coalescer were interpreted as being safe against earthquakes with a reproducibility period of 2400 years that may occur in Korea.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.947-950
• /
• 2014

The recent APT attacks including cyber terror are caused by a high level of malicious codes and hacking techniques. This implies that essentially, advanced security management is required, from the perspective of 5A. The changes of IT environment are represented by Mobile, Cloud and BYOD. In this situation, the security model needs to be changed, too into the Airport model which emphasizes prevention, and connection, security and integration of functions from the existing Castle model. This study suggested an application method of the risk-based Airport model to the cyber security environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.3
• /
• pp.1119-1139
• /
• 2021

Among the scientific literature, it has not been possible to find a consensus on the definition of the limits or properties that allow differentiating or grouping the cyber-physical systems (CPS) and the Internet of Things (IoT). Despite this controversy the papers reviewed agree that both have become crucial elements not only for industry but also for society in general. The impact of a malware attack affecting one of these systems may suppose a risk for the industrial processes involved and perhaps also for society in general if the system affected is a critical infrastructure. This article reviews the state of the art of the application of machine learning in the automation of malware detection in cyberphysical systems, evaluating the most representative articles in this field and summarizing the results obtained, the most common malware attacks in this type of systems, the most promising algorithms for malware detection in cyberphysical systems and the future lines of research in this field with the greatest potential for the coming years.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.1
• /
• pp.35-44
• /
• 2021

With the development of information technology, the cybersecurity threat continues as digital-related technologies are applied to the instrumentation and control system of nuclear power plants. The malfunction of the instrumentation and control system can cause economic damage due to shutdown, and furthermore, it can lead to national disasters such as radioactive emissions, so countering cybersecurity threats is an important issue. In general, the study of cybersecurity in instrumentation and control systems is concentrated on safety systems, and diverse protection systems perform protection and reactor shutdown functions, leading to reactor shutdown or, in the worst case, non-stop situations. To accurately analyze cyber threats in the diverse protection system, its linked facilities should be analyzed together. Risk analysis should be conducted by analyzing the potential impact of inter-facility cyberattacks on related facilities and the impact of cybersecurity on each configuration module of the diverse protection system. In this paper, we analyze the linkage of the diverse protection system and discuss the cybersecurity linkage threat by analyzing the availability of equipment, the cyber threat impact of the linked equipment, and the configuration module's cybersecurity vulnerability.

• Journal of the Society of Disaster Information
• /
• v.12 no.4
• /
• pp.342-349
• /
• 2016

The objectives of this study is analysis of the characteristics of fire risk and survey of narrow dwelling space(the Karaoke, Gosiwon etc). The narrow dwelling space has special structure characteristics; the narrow and the complex escape rote. Gosiwon have very separate and exclusive space room, so have the problem a suppression of fire. Furthermore almost Karaokes located in basement have a complex and limitary escape rote. Therefore we should research and development the exploration equipment that search a source of the fire and a emergency rescuer in the scene of the fire.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.67-74
• /
• 2011

In this paper, we presented a dynamic cyber attack tree which can describe an attack scenario flexibly for an active cyber attack model could be detected complex and transformed attack method. An attack tree provides a formal and methodical route of describing the security safeguard on varying attacks against network system. The existent attack tree can describe attack scenario as using vertex, edge and composition. But an attack tree has the limitations to express complex and new attack due to the restriction of attack tree's attributes. We solved the limitations of the existent attack tree as adding an threat occurrence probability and 2 components of composition in the attributes. Firstly, we improved the flexibility to describe complex and transformed attack method, and reduced the ambiguity of attack sequence, as reinforcing composition. And we can identify the risk level of attack at each attack phase from child node to parent node as adding an threat occurrence probability.