• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.449-450
• /
• 2020

최근 블록체인이 많은 분야에서 활용되고 있다. 본 연구에서는 블록체인과 관련된 개발 도구에 포함된 보안약점을 분석하고 그 보안약점을 진단하기 위한 정보를 기반으로 분류한다. 또한 일부 보안약점의 예를 통하여 진단하기 위한 알고리즘을 llvm의 Clang 도구에 적용하기 위한 방법을 연구한다. 이를 통하여 블록체인과 관련된 보안약점을 분류하고 그에 대한 진단 방법을 연구하였다. 향후 기존 정적 분석 도구를 확장함으로써 진단 성능을 높일 수 있을 것이며, 줄리엣 코드와 같은 벤치마크 테스트를 통해 그 결과를 비교해볼 수 있을 것이다.

• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2022.10a
• /
• pp.227-228
• /
• 2022

전통적인 HRA(Human Reliability Analysis)방법은 특정 애플리케이션 또는 산업을 염두에 두고 있으며. 또한 이러한 방법은 종종 복잡하며, 시간이 많이 걸리고 적용하는 데 비용이 많이 들며 직접 비교하기에는 적합하지 않다. 제안된 HFHM(Human Factors Hazard Model: 인적 요인 위험 모델)은 기검증되고 시간 테스트를 거친 FTA(Fault Tree Analysis:결함 트리 분석)및 ETA(Event Tree Analysis:이벤트 트리 분석)의 확률 분석 도구 및 새로 개발된 HEP(Human Error Probability:인적 오류 확률)예측 도구와 통합되고, 인간과 관련된 PSF(Performance Shaping Factors:성능 형성 요인)를 중심으로 새로운 접근 방식으로 개발되었다. 인간-시스템은 상호작용으로 인한 재난사고 가능성을 모델링하는 위험분석 접근법 HFHM은 다음과 같은 상용 소프트웨어 도구 내에서 예시되고 자동화된다. HFHM에서 생성된 데이터는 SE 분석가 및 설계에 대한 표준화된 가이드로 사용될 수 있다. 본 연구에서는 인적 위험을 예측하는 이 새로운 접근 방식을 통해, 전체 시스템에 대한 포괄적인 재난안전 분석을 가능하게 한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.9
• /
• pp.399-404
• /
• 2013

MSEC(Microsoft Security Engineering Center) performed fuzz testing Windows Vista with 350 million test cases for 14 months before launching it. They analyzed crashes resulted from the testing and developed crash analyzer !exploitable based on the data used to determine exploitability. In this paper, we describe how MS crash analyzer determines exploitability of crashes. Besides, we suggest an improvement to overcome the limitations found in the MS crash analyzer during the analysis.

• Journal of Internet Computing and Services
• /
• v.2 no.4
• /
• pp.25-32
• /
• 2001

The CAD tools for ASIC design, which are already developed or will be developed in the future, have their own functions and different working environments in many cases. Therefore, it would be more effective in achieving the final design goal, if we have a system called CAD framework in which these CAD tools are systematically integrated. In this paper, we introduce same novel techniques for integrating systematically such the CAD tools, which are usually developed under UNIX shell environments, into the CAD framework with the standard graphics interface such as X-windows. Some meta languages and script file formats are developed for flexible specification of the system MENU hierarchy and the data dependencies among executable programs. We integrated two existing CAD tools into our CAD framework using the techniques and find out the integrated protype system is working well under the new system environments.

• Journal of Digital Convergence
• /
• v.15 no.9
• /
• pp.241-248
• /
• 2017

There are various problems in the process of developing the game. Especially, there is a lot of problems in testing the balance of the value of each object. This causes problems such as an increase in development cost and a delay in development time. Therefore, if there is a tool or simulator that can test the mutual value balance of each object in advance, this problem can be solved. However, currently there are few simulators, tools, and platforms that can analyze and evaluate the mutual value balance between these objects. In this paper, I designed a platform to evaluate and test the mutual value balance between these objects based on mock battle. The designed platform tests and evaluates the abilities of each object according to their attack and defense strengths. So, this reduces development costs and shortens development time.

• Journal of KIISE:Software and Applications
• /
• v.30 no.10
• /
• pp.925-937
• /
• 2003

The input of digital TV software is the Transport Stream, which utilizes the moving picture compression technique, MPEC-2 (Moving Picture Experts Groups-2). MPEG-2 TS consists of the complicated table hierarchy and internal relationships, as well as the various restrictions with regards to system standard of digital TV software in determining the field values of transport stream. However, the general MPEG-2 TS generation tool produces transport streams solely based on the MPEG-2 TS specification itself, and does not consider the interaction between modulo features or modules themselves, which construct digital TV software. In this paper, we propose a method to systematically generate MPEG-2 TS test data, namely‘Test Stream’, for digital TV software. We present the experiment result where the test stream derived from our developed tool according to the proposed method was applied to the actual digital TV software settop-box, and then analyze the result. Apart from other existing MPEG-2 TS generation tools, the advantage of our method is that not only is it capable of generating various levels of test streams including digital TV software module, integration, and system testing, but also detecting errors and analyzing their causes.

• Journal of KIISE:Software and Applications
• /
• v.37 no.7
• /
• pp.536-547
• /
• 2010

Relative importance and complexity of recent software is getting increased because the software is needed to provide considerable amount of functions and high performance. Therefore, developing reliable software is importantly issued. In order to develop reliable software, it is necessary to manage software reliability at the early phases, but most reliability estimation models are used at system or operational test phases. In order to develop highly reliable software, it is necessary to manage software reliability at the early test phases based on characteristic of the phases that is developers and testers are not separated and developers perform test and debug activities together. Therefore, a new reliability estimation model considering test and debug time together is necessarily needed. In this paper, we propose a new reliability estimation model to manage reliability of individual units from the early test phases and in order to show how to fit the model to actual data and usefulness, we collected industrial data and used it for the experiment.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.6
• /
• pp.1-9
• /
• 2010

This paper proposes a test method for compliance of SMS encoder and decoder modules with 3GPP (3rd Generation Partnership Project) specification on SMS PDU (Protocol Data Unit). The existing tools have focused on providing an SMS gateway and on helping to view and edit a single SMS PDU, which rarely help to resolve the compliance test problem. The proposed compliance test method is based on an automatic generation of SMS PDUs fully compliant with the 3GPP specification by using QuickCheck library written in Haskell. By applying the proposed method to a C-based SMS encoder and decoder in Linux Mobile platform, we have found out several critical bugs such as wrong interpretation of time stamps in BCD format. The automatic SMS PDU generator is reusable in that it only depends on the 3GPP SMS specification. The QuickCheck library is also applicable for testing other network protocol data encoders and decoders, as used in this paper.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.242-250
• /
• 2014

Conventional researches of standard tool validating cryptographic algorithm have been studied for the internet environment, for the mobile internet. It is important to develop the validation tool for establishment of interoperability and convenience of users in the information systems. Therefore, this paper presents the validation tool of Elliptic Curve Cryptography algorithm that can test if following X9.62 technology standard specification. The validation tool can be applied all information securities using DES, SEED, AES, SHA-1/256/384/512, RSA-OAEP V2.0, V2.1, ECDSA, ECKCDSA, ECDH, etc. Moreover, we can enhance the precision of validation through several experiments and perform the validation tool in the online environment.

• The KIPS Transactions:PartB
• /
• v.12B no.1 s.97
• /
• pp.1-8
• /
• 2005

The importance of software is getting high in development of the digital device (digital camcoder, digital camera, mp3 player, ....). And because the sire of software becomes larger and complicated, the necessity of software configuration management (to solves a software crisis) is increased. The general software configuration management system shows lack of the property and features of software development environment for image processing algorithm due to its wide range to be covered. Image processing algorithm development environment has properties like repetitive analysis and simulation using visual programming environment where, beside support of elementary development functions. component(or library) can be combined and tested interactively. Moreover, the method to look fast and effectively for component having similar function is required. In this paper, we present the system which supports the software configuration management method for a simulation tool and the property in the visual programming environment. And we relate our system to real simulation tool so as to check its ability as the software configuration management system for image processing algorithm development environment.