• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.757-770
• /
• 2020

Industrial Control System(ICS) is a system that measures, monitors, and controls various distributed assets, and is used in industrial facilities such as energy, chemical, transportation, water treatment, and manufacturing plants or critial infrastructure. Because ICS system errors and interruptions can cause serious problem and asset damage, research on prevention and minimization of security threats in industrial control systems has been carried out. Previously wireless communication was applied in limited fields to minimize security risks, but the demand for industrial wireless communication devices is increasing due to ease of maintenance and cost advantages. In this paper, we analyzed the security threats of industrial wireless communication devices supporting WirelessHART and ISA100.11a. Based on the analysis results, we proposed the security requirements for adopting and operating industrial wireless communication devices. We expect that the proposed requirements can mitigate security threats of industrial wireless devices in ICS.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.317-320
• /
• 2024

최근 이미지 분류, 자율 주행 등 다양한 분야에 인공지능 기술이 접목됨에 따라 인공지능 기술을 이용한 새로운 위협이 등장하고 있다. 적대적 공격 중 단일 픽셀 공격은 이미지의 픽셀 하나를 왜곡하여 인공지능의 올바른 분류를 방해하는 공격 기법이다. 본 논문은 단일 픽셀 공격을 완화하는 이미지 처리 기법을 제안한다. 실험 결과에 따르면 제안한 방법을 적용하면 이미지의 사이즈를 27×27 로 조절하였을 때 100 개의 단일 픽셀 공격 이미지 중 94 개를 복구하였으며, 이미지의 신뢰도를 68.89% 개선하였다.

• 월간 기계설비
• /
• s.259
• /
• pp.50-57
• /
• 2012

기업의 경제위기 고통을 덜기 위한 정부의 '건설업계 행정제재조치 해제'가 단행됐다. 법무부는 지난 1월 12일 건설경기 진작 차원에서 건설분야 행정제재 3,742건을 해제하고 건설 관련법 위반으로 제재를 받은 건설업자도 특별사면했다. 이번 사면에서는 부실시공과 입찰담합, 금품수수는 제외됐다. 이번 행정제재조치 해제로 경영난에 시달려 온 건설사들의 제약이 다소 해소되고 건설업 관련 근로자들의 생계 위협이 완화될 것으로 기대된다.

• Review of KIISC
• /
• v.32 no.5
• /
• pp.7-14
• /
• 2022

2021년에 발생한 일련의 소프트웨어 공급망 공격으로 미국 연방 정부의 사이버보안 개선 정책이 가속됐다. 이중 소프트웨어 구성 정보를 유통하는 SBOM 정책은 SW 구성요소의 투명성을 강화하여, 이를 활용하는 공급자와 수요자의 보안 인식 개선에도 도움을 줄 것이 기대된다. 다만 SBOM으로 공급망 보안 위협을 완화하려면 해결해야 할 기술적 이슈가 있고, SBOM 수집자를 위한 구체적인 가이드도 마련되지 않아 제도 정착에는 시간이 걸린다. SW 공급망 문제는 SW 개발 관행에 대한 지속적인 개선이 요구되며, 글로벌 연쇄 위험으로 결코 혼자서는 해결할 수 없다. 따라서 우리는 실태조사, 실증사업 등을 시작으로 현실에 맞는 정책을 먼저 적용하고, 제도적 조화를 위한 국제협력에도 힘써야 한다.

• Transactions of the Korean Society of Mechanical Engineers A
• /
• v.41 no.11
• /
• pp.1065-1075
• /
• 2017

In this study, high velocity impact tests along with modeling of material behavior and numerical analyses were conducted to predict the dispersion behavior of the debris resulting from a high velocity impact fracture. For the impact tests, two different materials were employed for both the projectile and the target plate - the first setup employed aluminum alloy while the second employed steel. The projectile impacts the target plate with a velocity of approximately 1 km/s were enforced to generate the impact damages in the aluminum witness plate through the fracture debris. It was confirmed that, depending on the material employed, the debris dispersion behavior as well as the dispersion radii on the witness plate varied. A numerical analysis was conducted for the same impact test conditions. The smoothed particle hydrodynamics (SPH)-finite element (FE) coupled technique was then applied to model the fracture and damage upon the debris. The experimental and numerical results for the diameters of the perforation holes in the target plate and the debris dispersion radii on the witness plate were in agreement within a 5％ error. In addition, the impact test using steel was found to be more threatening as proven by the larger debris dispersion radius.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1167-1188
• /
• 2017

The purpose of this study is to investigate the factors affecting cyber threat information provision in order to activate cyber threat information sharing in Korea. In particular, we looked at the intention to provide simple information and important information according to the importance of information. The research method was conducted on the information security practitioners' online survey in terms of users of information sharing system. And empirical analysis was conducted. As a result of the study, only the CEO's attitude influenced the intention to provide simple information. On the other hand, important information was influenced not only by the CEO's attitude but also by the information evaluation system, privatization, and mitigating legal penalties. The results of this study can identify the problems of the cyber threat information sharing system in Korea. And we can confirm the priority of improvement and the change of information providing intention before and after improvement of information sharing system.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.91-100
• /
• 2023

Vehicles are changing in the direction of utilizing various ICT technologies. Accordingly a number of software has been installed in vehicles, resulting in cybersecurity threats such as hacking. So each country is preparing legal regulations to secure vehicles cybersecurity. However, the enactment of legal regulations is bound to be relatively slow compared to the speed of development of vehicles technology, so it is necessary to revise the legal regulations by continuously monitoring of vehicles technology development trends. In this study, we search and analyze the latest vehicles cybersecurity patent applications to explore new technologies that require supplementation of vehicles cybersecurity. Threat technologies/security requirements for new technologies are presented through patent analysis

• Journal of Hospice and Palliative Care
• /
• v.22 no.3
• /
• pp.105-116
• /
• 2019

Purpose: Pediatric palliative care (PPC) is emphasized as standard care for children with life-limiting conditions to improve the quality of life. In Korea, a government-funded pilot program was launched only in July 2018. Given that, this study examined various PPC delivery models in other countries to refine the PPC model in Korea. Methods: Target countries were selected based on the level of PPC provided there: the United Kingdom, the United States, Japan, and Singapore. Relevant literature, websites, and consultations from specialists were analyzed by the integrative review method. Literature search was conducted in PubMed, Google, and Google Scholar, focusing publications since 1990, and on-site visits were conducted to ensure reliability. Analysis was performed on each country's process to develop its PPC scheme, policy, funding model, target population, delivery system, and quality assurance. Results: In the United Kingdom, community-based free-standing facilities work closely with primary care and exchange advice and referrals with specialized PPC consult teams of children's hospitals. In the United States, hospital-based specialized PPC consult teams set up networks with hospice agencies and home healthcare agencies and provide PPC by designating care coordinators. In Japan, palliative care is provided through several services such as palliative care for cancer patients, home care for technology-dependent patients, other support services for children with disabilities and/or chronic conditions. In Singapore, a home-based PPC association plays a pivotal role in providing PPC by taking advantage of geographic accessibility and cooperating with tertiary hospitals. Conclusion: It is warranted to identify unmet needs and establish an appropriate PPD model to provide need-based individualized care and optimize PPC in South Korea.

• Journal of Digital Convergence
• /
• v.18 no.12
• /
• pp.217-229
• /
• 2020

Globally, information protection of organization has become an essential management factor, and organizations continue to invest high-level resources for information security. Security threats from insiders are not decreasing. The purpose of this study is to present the antecedence factors to mitigate the role conflict that is the cause of the security avoid behavior. For the study, a survey was conducted for employees of organizations with information security policies, and structural equation modeling was conducted using a total of 383 samples for hypothesis verification. As a result of the analysis, role conflict increased avoid behavior, and goal difficulty, goal specificity, justice, and trust mitigated role conflict. In particular, justice influenced the reduction of role conflict and avoid behavior through trust. The implications were to present the causes and mitigation factors for avoid behavior of employee, and it is judged that it will help the organization to establish a security strategy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1067-1075
• /
• 2015

With the recent increase of the number of mobile game users, the side effects such as the manipulation of game points, levels and game speed and payment fraud are emerging. Especially, the emulators which make it possible for mobile applications to run on PC is a great threat to mobile game security since debugging specific game application or automating the game playing can be done easier with them. Therefore, we research the efficient ways to detect widely used Android Emulators such as BlueStacks, GenyMotion, Andy, YouWave and ARC Welder from the perspective of client(app), game server and network to reduce threat to mobile game security.