Browse > Article
http://dx.doi.org/10.5762/KAIS.2019.20.4.470

Derivation of Anti-Tamper System Requirements Based on CMVP Standard for Technology Protection of Weapon Systems  

Lee, Min-Woo (Dept. of Systems Engineering, Ajou University)
Lee, Jae-Chon (Dept. of Systems Engineering, Ajou University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.20, no.4, 2019 , pp. 470-478 More about this Journal
Abstract
As the growth of the domestic defense industry is remarkable regarding technology level and export size, technology protection is necessary. Particularly, there is a need to apply anti-tamper measures to prevent critical technologies from illegally being taken out of weapon systems. However, there is no security protection strategy and system built yet in ROK. Precedent studies discussed the trend analysis and technical research for specific protective techniques, and the application of anti-tamper using limited procedures was provided. Recently, methods of how to select the technology for protection were studied based on risk management. Nonetheless, these studies cannot be associated with the acquisition process for the whole life-cycle, having difficulty with actual development and evaluation of the weapon systems. The objective of our study is to derive the system requirements of the weapon system for which anti-tamper measures have been determined to apply. Specifically, requirements items suitable for the development of anti-tamper weapon systems were derived based on ISO/IEC 19790, the CMVP standard for the development and verification of cryptographic modules. Also, its utilization in technical reviews and test & evaluations was presented. The usefulness of the research results was confirmed through inductive inference and comparative evaluation. The result can be expected to play a role in initiating extensive activities needed for technology protection of the weapon systems.
Keywords
Anti-Tamper; Technology Protection; Weapon Systems R&D; Systems Engineering; Requirement Engineering;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 H. J. Lee, "On the development of an Effective Defense Technology Security System," Defense & Technology, Korea Defense Industry Association, Nov. 2017, vol. 465.
2 Department of Defense DIRECTIVE : Anti-Tamper(AT), DoD Directive 5200.47E, 2015.
3 M. C. Park, W. K. Koo, D. G. Suh, I. S. Kim, D. H. Lee, “Two-stage tamper response in tamper-resistant software,” IET Software, Vol. 10, No. 3, pp. 81-88, 2016. DOI : http://dx.doi.org/10.1049/iet-sen.2014.0231   DOI
4 M. H. Jang, Y. S. Ryu, H. K. Park, "A FPGA-Based scheme for protecting weapon system software technology," in Proc. ICCSA 2018, Melbourne, VIC, Austrailia, Jul. 2-5, 2018, pp. 148-157. DOI : https://doi.org/10.1007/978-3-319-95174-4_12
5 Mikhail J. Atallah, Eric D. Bryant, and Martin R. Stytz, "A survey of anti-tamper technologies," CROSSTALK : The Journal of Defense Software Engineering, vol. 17, no. 11, pp. 12-16, 2004.
6 H. K. Lee, W. S. Lee, Y. J. Oh, S. S. Park, “A Trend Analysis and Technology Application of Defense Technology Protection,” Journal of the KIMST, Vol. 20, No. 4, pp. 579-586, 2017. DOI : http://dx.doi.org/10.9766/KIMST.2017.20.4.579
7 H. S. Chae, C. S. Lee, T. R. Kim, T. H. Kim, "The Design of the Response Method in Anti-tampering for UGV," in Proc. 2017 KIMST Fall Symposium, Daejeon, Republic of Korea, Nov. 14-15, 2017, pp. 819-820.
8 M. W. Lee, J. C. Lee, "Risk Management-Based Application of Anti-Tampering Methods in Weapon Systems Development," Journal of KAIS, Vol. 19, No. 12, pp. 99-109, 2018. DOI : https://doi.org/10.5762/KAIS.2018.19.12.99
9 Security requirements for cryptographic modules, FIPS PUB 140-2, 2001
10 Information technology - Security techniques - Security requirements for cryptographic modules, ISO/IEC Standard, 19790, 2012.
11 S. J. Ahn, C. K. Jung, K. S. Oh, J. Y. Lee, "A Study on the Development of Defence Technology Protection System," Sungkyunkwan Univ. Univ-Industry Collabo, Director General for Defense Technology Control of DAPA, Oct. 2016.
12 Department of Defense Instruction : Critical Program Information(CPI) Protection Within the Department of Defense, DoD Instruction 5200.39, 2008.
13 United States Government Accountability Office, "DoD Needs to Better support program managers' implementation of AT protection," GAO-04-302, Mar. 2004.
14 United States Government Accountability Office, "Department-wide Direction Is Needed for Implementation of the Anti-tamper Policy," GAO-08-91, Jan. 2008.
15 Statement of Anti-Tamper(AT) Measures in the Letter of Offer and Acceptance(LOA), DSCA 00-07, 2000.
16 M. G. Choi, J. H. Jeong, “A Study on the Policy of Cryptographic Module Verification Program,” Journal of KAIS, Vol. 12, No. 1, pp. 255-262, 2011. DOI: https://doi.org/10.5762/KAIS.2011.12.1.255
17 K. S. Kou, I. W. Bae, S. J. Choi, G. S. Lee, “Analysis on New Cryptographic Module Validation Standard FIPS PUB 140-3 Changes,” Review of KIISC, Vol. 17, No. 6, pp. 41-56, 2007.