1 |
Keun-Hee Han, "Smart Factory based convergence security issue and solution," KISA REPORT, vol. 08, pp. 53-61, Aug. 2018.
|
2 |
KISA, "Cyber-treat Trends Report," Jul. 2018.
|
3 |
National Institute of Standards and Technology, "Notional Supply Chain Risk Management Practices for Federal Information Systems," NIST IR 7622, Oct. 2012.
|
4 |
National Institute of Standards and Technology, "Supply Chain Risk Management Practices for Federal Information Systems and Organizations," NIST SP 800-161, Apr. 2015.
|
5 |
National Law Information Center, "Additional Special Conditions for Network Equipment-Building and Operation Projects," Procurement Service Directive No.5538, Last modified Jun. 2018.
|
6 |
National Law Information Center, "ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, ETC," Law No. 16021, Last modified Dec. 2018.
|
7 |
Dong-Won Kim, Keun-Hee Han, "Automotive-Software & Supply Chain Assurance," Review of KIISC, 25(1), pp. 39-46, Feb. 2015.
|
8 |
Dong-Won Kim, Keun-Hee Han, In-Seok Jeon, Jin-Yung Choi, "A Study on Supply Chain Risk Management of Automotive," Journal of The Korea Institute of Information Security & Cryptology, 25(4), pp. 793-805, Aug. 2015.
DOI
|
9 |
Soo-Min Lim, A-Ram Kim, Ick-Hyun Shin, "Trends of Cyber Security Regulation of Digital Asset Supply Chain of International Nuclear Power Plants," Review of KIISC, 26(1), pp. 54-60, Feb. 2016.
|
10 |
KISA, "Cyber-treat Trends Report," Jan. 2019.
|
11 |
Symantec, "Internet Security Threat Report," Mar. 2018.
|
12 |
Symantec, "Internet Security Threat Report," Feb. 2019.
|
13 |
Nuclear Regulatory Commission, "Cyber Security Programs for Nuclear Facilities," NRC Regulatory Guide 5.71, Jan. 2010.
|
14 |
Wired, "NotPetya" https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/, Oct. 2019.
|
15 |
Nuclear Regulatory Commission, "Criteria for use of computers in safety systems of nuclear power plants Rev 3," NRC Regulatory Guide 1.152, Jul. 2011.
|
16 |
National Institute of Standards and Technology, "Security and Privacy Controls for Federal Information Systems and Organizations," NIST SP 800.53, Feb. 2014.
|
17 |
International Atomic Energy Agency, "Procurement Engineering and Supply Chain Guidelines in Support of Operation and Maintenance of Nuclear Power Plants," IAEA-TECDOC-919, Dec. 1996.
|
18 |
International Atomic Energy Agency, "Managing Suspect and CounterFeit Items in the Nuclear Industry," IAEA-TECDOC-1169, Aug. 2000.
|
19 |
Wikipedia, "Petya malware" https://en.wikipedia.org/wiki/2017_cyberattacks_on_Ukraine, Oct. 2019.
|
20 |
NetSarang, "NetSarang" https://www.netsarang.com/ko/, Oct. 2019.
|
21 |
Kaspersky, "ShadowPad" https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world, Oct. 2019.
|
22 |
Kye-Geun Kim, "Smart Factory Security," 2019 KISA REPORT, vol. 05, pp. 27-35, Jun. 2019.
|
23 |
National Institute of Standards and Technology, "Standards for Security Categorization of Federal Information and Information Systems," FIPS 199, Feb. 2004.
|
24 |
U.S. Department of Homeland Security, "Supply Chain Risk Management" https://www.dhs.gov/, Feb. 2019.
|
25 |
National Institute of Standards and Technology, "Guide for Conducting Risk Assessments," NIST SP 800-30 Rev.1, Sep. 2012.
|
26 |
National Institute of Standards and Technology, "Guide for Applying the Risk Management Framework to Federal Information Systems," NIST SP 800-37 Rev.1, Feb. 2010
|
27 |
National Institute of Standards and Technology, "Managing Information Security Risk," NIST SP 800-39, Mar. 2011.
|
28 |
U.S. Department of Homeland Security, "ICT SCRM Task Force" https://www.dhs.gov/cisa/information-and-communications-technology-ict-supply-chain-risk-management-scrm-task-force, Mar. 2019.
|
29 |
U.S. Department of Homeland Security, "ICT Supply Chain Risk Management Task Force," Nov. 2018.
|