• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.60 no.10
• /
• pp.1804-1810
• /
• 2011

It is necessary to adopt some logical techniques and methods of alarm processing for a large complex plant such as nuclear power plants in order to present the occurred alarm messages properly and concisely. Among such alarm processing techniques, the alarm suppressing function is a strong tool to avoid alarm flooding during the sudden transients of plant output power such as turbine trips, reactor trips and other incidents. Unless any suppression or representation technologies are used in an alarm message listing system, it cannot provide quick assistance to plant operators or supervisors during plant upsets because too many alarm messages are presented in an alarm list window. This paper presents the key suppression methods and analysis processes developed for implementing a suppressed alarm message listing function of an integrated alarm system called LogACTs which has been applied to a CANDU nuclear power plant. A simulation testing of the suppressing function conducted with the real plant alarm message list data has demonstrated an effective performance of the developed logics with the high suppression rate.

• Nuclear Engineering and Technology
• /
• v.55 no.12
• /
• pp.4408-4425
• /
• 2023

Alarm flood due to abnormality propagation is the most difficult alarm overloading problem in nuclear power plants (NPPs). Root-cause analysis is suggested to help operators in understand emergency events and plant status. Multilevel Flow Modeling (MFM) has been extensively applied in alarm management by virtue of the capability of explaining causal dependencies among alarms. However, there has never been a technique that can identify the actual root cause for complex alarm situations. This paper presents an automated root-cause analysis system based on MFM. The causal reasoning algorithm is first applied to identify several possible root causes that can lead to massive alarms. A novel root-cause ranking algorithm can subsequently be used to isolate the most likely faults from the other root-cause candidates. The proposed method is validated on a pressurized water reactor (PWR) simulator at HAMMLAB. The results show that the actual root cause is accurately identified for every tested operating scenario. The automation of root-cause identification and ranking affords the opportunity of real-time alarm analysis. It is believed that the study can further improve the situation awareness of operators in the alarm flooding situation.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.9
• /
• pp.55-66
• /
• 2009

In this paper, I will discuss how the Internet has spread rapidly in our lives. Large portals and social networks experience service attacks that access personal customers' databases. This interferes with normal service through DDoS (Distribute Denial of Service Attack), which is the topic I want to discuss. Among the types of DDoS, TCP SYN Flooding attacks are rarely found because they use few traffics and its attacking type is regular transaction. The purpose of this study is to find and suggest the method for accurate detection of the attacks. Through the analysis of TCP SYN Flooding attacks, we find that these attacks cause Backscatter effect. This study is about the algorithm which detects the attacks of TCP SYN Flooding by the study of Backscatter effect.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.247-249
• /
• 2004

IDS에서 발생되는 경보의 수는 최근 인터넷 애플리케이션의 발달로 인하여 급격히 증가하고 있으며. 그로 인해 오 경보의 수도 함께 증가하고 있다. 발생된 경보들은 침입탐지 시스템의 성능저하와 alert flooding 의 원인이 된다. 따라서 이 논문에서는 다량의 경보 중에서 오 경보(False Alarm)의 발생을 감소시킬 수 있는 오 경보 분류 모델을 제안한다. 제안된 오 경보 분류 모델은 데이터 마이닝 기법들 중에서 분류 기법을 기반으로 구현되었다. 실험 을 통해서 IDS에서 발생하는 경보 중에서 정상데이터이나 공격으로 잘못 판단하여 발생하는 False Positive의 발생율이 현저히 감소됨을 확인할 수 있었다. 제안된 오 경보 분류 모델은 경보메시지 축약의 효과가 있으며 침입탐지 시스템의 탐지율을 높이는데 활용될 수 있다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.1
• /
• pp.801-806
• /
• 2015

The incidence of flood damage by global climate change has increased recently. Because of the increased frequency of flooding in Korea, the technology of flood prediction and prevalence has developed mainly for large river watersheds. On the other hand, there is a limit on predicting flooding through the most present flood forecasting systems because local floods in small watersheds rise quite quickly with little or no advance warning. Therefore, this study estimated the flood warning rainfall using a flood forecasting model at the two alarm trigger points in the Suamcheon basin, which is an urban basin with backwater effects. The flood warning rainfall was estimated to be 25.4mm/120min ~ 78.8mm/120min for the low water alarm, and 68.5mm/120min ~ 140.7mm/120min for the high water alarm. The frequency of the flood warning rainfall is 3-years for the low water alarm, and 80-years for the high water alarm. The results of this analysis are expected to provide a basic database in forecasting local floods in urban watersheds. Nevertheless, more tests and implementations using a large number of watersheds will be needed for a practical flood warning or alert system in the future.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.4
• /
• pp.545-550
• /
• 2019

The frequency of natural disasters and the scale of damage are increasing due to the abnormal weather phenomenon occurring all over the world. As a result, as the hydrological aspect of the urban watershed changes, the increase in impervious area leads to serious domestic flood damage due to increased rainfall. In order to minimize the damage of life and property, domestic flooding prediction system is needed. In this study, we developed a flood nomogram capable of predicting flooding only by rainfall intensity and duration. This study suggests a method to set the internal water immersion alarm criterion by analyzing the characteristics of the flooding damage in the flooded area in the metropolitan area where flooding is highly possible and the risk of flooding is high. In addition, based on the manhole and the pipe, the water level was set as follows under the four conditions. 1) When manhole overflows, 2) when manhole is full, 3) when 70% of the pipe is reached, and 4) when 60% of the pipe is reached. Therefore, it can be used as a criterion and a predictive measure to cope with the pre-preparation before the flooding starts, through the rainfall that causes the flooding and the flooding damage.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.928-931
• /
• 2002

Network based intrusion detection system is a computer network security tool. In this paper, we present an intrusion detection system based on Self-Organizing Maps (SOM) and Resilient Propagation Neural Network (RPROP) for visualizing and classifying intrusion and normal patterns. We introduce a cluster matching equation for finding principal associated components in component planes. We apply data from The Third International Knowledge Discovery and Data Mining Tools Competition (KDD cup'99) for training and testing our prototype. From our experimental results with different network data, our scheme archives more than 90 percent detection rate, and less than 5 percent false alarm rate in one SYN flooding and two port scanning attack types.

• Journal of Korea Water Resources Association
• /
• v.54 no.5
• /
• pp.347-354
• /
• 2021

In the past few years, various damages have occurred in the vicinity of rivers due to flooding. In order to alleviate such flood damage, structural and non-structural measures are being established, and one of the important non-structural measures is to establish a flood warning system. In general, in order to establish a flood warning system, the water level of the flood alarm reference point is set, the critical flow corresponding thereto is calculated, and the warning precipitation amount corresponding to the critical flow is calculated through the Geomorphological Instantaneous Unit Hydrograph (GIUH) rainfall-runoff model. In particular, when calculating the critical flow, various studies have calculated the critical flow through the Manning formula. To compare the adequacy of this, in this study, the critical flow was calculated through the HEC-RAS model and compared with the value obtained from Manning's equation. As a result of the comparison, it was confirmed that the critical flow calculated by the Manning equation adopted excessive alarm precipitation values and lead a very high flow compared to the existing design precipitation. In contrast, the critical flow of HEC-RAS presented an appropriate alarm precipitation value and was found to be appropriate to the annual average alarm standard. From the results of this study, it seems more appropriate to calculate the critical flow through HEC-RAS, rather than through the existing Manning equation, in a situation where various river projects have been conducted resulting that most of the rivers have been surveyed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1050-1061
• /
• 2009

The Tactical Internet(TI) managed by Infantry Brigades is used for the purpose of sharing information of Command Control and Situation Awareness. When there are more than two destinations to transmit data in the TI system, a multicasting is utilized based on pre-defined multicast groups. However even in the case when a source node needs to send some messages like weathercast and attack alarm etc to only a part of Battalion or Brigades in a specific geographical region (destination region), the current TI multicasting protocol is designed to transmit the messages to the pre-defined group or all of the Battalion/Brigade nodes, resulting in inefficiency in terms of end-to-end delay and overhead. In this paper, we propose more efficient protocol for such cases, named as "Tactical Internet Geocasting (TIG)". The proposed scheme firstly checks whether the destination region belongs to one Battalion region or more than two Battalion regions using location information, and then performs a greedy forwarding from the source node to the destination region, followed by a local flooding inside of the destination region. With performance analysis and simulations using NS-2, TIG is compared to the current TI multicasting protocol (i.e., Simplified MDP) and the LBM (Location-based Multicast). The simulation results show that the proposed TIG is more efficient than both in terms of delay and network overhead.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.6
• /
• pp.122-130
• /
• 2008

In many applications of wireless sensor networks, sensed data can be classified either normal or urgent data according to its time criticalness. Normal data such as periodic monitoring is loss and delay tolerant, but urgent data such as fire alarm is time critical and should be transferred to a sink with reliable. In this paper, by exploiting these data characteristics, we propose a novel energy-efficient data-aware routing protocol for wireless sensor networks, which provides a high reliability for urgent data and energy efficiency for normal data. In the proposed scheme, in order to enhance network survivability and reliability for urgent data, each sensor node forwards only urgent data when its residual battery level is below than a threshold. Also, the proposed scheme uses different data delivery mechanisms depending on the data type. The normal data is delivered to the sink using a single-path-based data forwarding mechanism to improve the energy-efficiency. Meanwhile, the urgent data is transmitted to the sink using a directional flooding mechanism to guarantee high reliability. Simulation results demonstrate that the proposed scheme could significantly improve the network lifetime, along with high reliability for urgent data delivery.