• International Journal of Internet, Broadcasting and Communication
• /
• v.14 no.3
• /
• pp.17-21
• /
• 2022

In this study, we wanted to examine the new vulnerability 'Dirty Pipe' that is founded in Linux kernel. how it's exploited and what is the limitation, where it's existed, and overcome techniques and analysis of the Linux kernel package. The study of the method used the hmark[1] program to check the vulnerabilities. Hmark is a whitebox testing tool that helps to analyze the vulnerability based on static whitebox testing and automated verification. For this purpose of our study, we analyzed Linux kernel code that is downloaded from an open-source website. Then by analyzing the hmark tool results, we identified in which file of the kernel it exists, cvss level, statistically depicted vulnerabilities on graph which is easy to understand. Furthermore, we will talk about some software we can use to analyze a vulnerability and how hmark software works. In the case of the Dirty Pipe vulnerability in Linux allows non-privileged users to execute malicious code capable of a host of destructive actions including installing backdoors into the system, injecting code into scripts, altering binaries used by elevated programs, and creating unauthorized user profiles. This bug is being tracked as CVE-2022-0847 and has been termed "Dirty Pipe"[2] since it bears a close resemblance to Dirty Cow[3], and easily exploitable Linux vulnerability from 2016 which granted a bad actor an identical level of privileges and powers.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.3-9
• /
• 2022

The role of the integrated development environment is very important in software development of a development project. After many developers develop different modules, software product is completed through compile, debugging, integration, testing, and distribution. However, bugs and various issues in the development process cause problems such as quality deterioration of software product and dissatisfaction with requirements. So the need for automated testing to avoid these problems and improve quality has increased. In this study, we propose test automation modules of four perspectives to improve quality throughout the test automation in an integrated development environment. Each automation module operates through the tool chain of an integrated build framework implemented on the devops.

• Journal of the Korean Society for Nondestructive Testing
• /
• v.28 no.5
• /
• pp.436-442
• /
• 2008

Graphite material has been recognized as a very competitive candidate for reflector, moderator, and structural material for very high temperature reactor (VHTR). Since VHTR is operated up to $900-950^{\circ}C$, small amount of impurity may accelerate the oxidation and degradation of carbon graphite, which results in increased porosity and lowered fracture toughness. In this study, ultrasonic wave propagation properties were investigated for both as-received and degradated material, and the feasibility of ultrasonic testing (UT) was estimated based on the result of ultrasonic property measurements. The ultrasonic properties of carbon graphite were half, more than 5 times, and 1/3 for velocity, attenuation, and signal-to-noise (S/N) ratio respectively. Degradation reduces the ultrasonic velocity slightly by 100 m/s, however the attenuation is about 2 times of as-receive state. The results of probability of detection (POD) estimation based on S/N ratio for side-drilled-hole (SDHs) of which depths were less than 100 mm were merely affected by oxidation and degradation. This result suggests that UT would be reliable method for nondestructive testing of carbon graphite material of which thickness is not over 100 mm. In accordance with the result produced by commercial automated ultrasonic testing (AUT) system, human error of ultrasonic testing is barely expected for the material of which thickness is not over 80 mm.

• Journal of the Korean Society for Nondestructive Testing
• /
• v.34 no.1
• /
• pp.60-67
• /
• 2014

In this study, an automated cable non-destructive testing(NDT) system was developed to monitor the steel cables that are a core component of cable-stayed bridges. The magnetic flux leakage(MFL) method, which is suitable for ferromagnetic continuum structures and has been verified in previous studies, was applied to the cable inspection. A multi-channel MFL sensor head was fabricated using hall sensors and permanent magnets. A wheel-based cable climbing robot was fabricated to improve the accessibility to the cables, and operating software was developed to monitor the MFL-based NDT research and control the climbing robot. Remote data transmission and robot control were realized by applying wireless LAN communication. Finally, the developed element techniques were integrated into an MFL-based cable NDT system, and the field applicability of this system was verified through a field test at Seohae Bridge, which is a typical cable-stayed bridge currently in operation.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.11
• /
• pp.479-486
• /
• 2015

Model checking method is able to check all possible cases automatically and is applicable to specifications or design before actual implementation so that some critical systems have adopted this method actively. However, the current practice of software verification is largely dependant on basic methods such as manual testing because of lack of understanding about this rigorous method and high verification cost. In this paper we conducted an experimental research for the automated verification using the SPIN model checker on an online-game server to study the applicability of the technique in this domain. The results show that we could verify major features of the online-game server party system with 5~7 GB memory and within 10 minutes execution time, and also found a hidden system error that passed existing testing process. This result shows the possibility of rigorous and effective verification with reasonable cost in comparison to manual testing.

• Journal of the Korean Society for Nondestructive Testing
• /
• v.36 no.3
• /
• pp.195-201
• /
• 2016

Eddy current testing (ECT) is commonly applied for the inspection of automated production lines of metallic products, because it has a high inspection speed and a reasonable price. When ECT is applied for the inspection of a metallic object having an uneven target surface, such as the spline gear of a spline shaft, it is difficult to distinguish between the original signal obtained from the sensor and the signal generated by a defect because of the relatively large surface signals having similar frequency distributions. To facilitate the detection of defect signals from the spline gear, implementation of high-order filters is essential, so that the fault signals can be distinguished from the surrounding noise signals, and simultaneously, the pass-band of the filter can be adjusted according to the status of each production line and the object to be inspected. We will examine the infinite impulse filters (IIR filters) available for implementing an advanced filter for ECT, and attempt to detect the flaw signals through optimization of system design parameters for detecting the signals at the system level.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06b
• /
• pp.156-158
• /
• 2011

최근 많은 테스트 방법론이 연구되고, 자동화 툴이 개발되었지만 아직까지도 실제 프로젝트 현장에서는 개발자 혹은 테스터의 노동력으로 테스트가 진행되고 있다. 빠르게 발전하는 기술, 짧은 개발 주기, 잦은 요구사항 추가 및 변경 등의 어려운 SI 프로젝트 환경 속에서 현재 개발/배포된 자동화 툴 들을 적극적으로 활용한다면 소프트웨어 품질 향상에 도움을 받을 수 있다. 따라서 본 연구에서는 현재 개발/배포된 오픈소스 중 SI프로젝트에서 적용 가능한 툴들의 종류 및 활용 가능한 시스템 구성, 도입 시 효과 등에 대해 연구한다. 프로젝트 현장의 상황을 고려한 테스트 자동화 기술 도입은 개발자가 노동력으로 테스트하는 것 보다 빠른 시간 안에 다양한 테스트를 수행할 수 있도록 도와주고, 완성된 소프트웨어의 품질을 향상시켜 사용자들에게 오류로 인한 불편을 감소하는 역할을 할 것이다. 또한 수치화된 품질 자료를 획득할 수 있어 향후 품질 정책을 수립하는데 기초가 되는 자료로 활용 될 수 있을 것으로 기대한다.

• Proceedings of the Microbiological Society of Korea Conference
• /
• 2005.05a
• /
• pp.205.4-205
• /
• 2005

• Proceedings of the Safety Management and Science Conference
• /
• 2006.04a
• /
• pp.1-8
• /
• 2006

By the effect of globalism and information the workplace environment is complicated and diversified little by little. The job stress due to the life style, the idea and culture, and the automated facility system etc. is to a tendency which compared to increase more. It will not be able to prevent a industrial accident basically because the oriental and western life style is different. Therefore this paper presents the Korean life change unit model through statistical testing in order to minimize industrial accident with the proposed life change unit factors on the workers living In the middle area. Finally, the analytical result of this paper can be easily used in order to minimize the industrial accidents by the job stress with the worker and the occupational safety & health manager in real fields.

• Journal of Korean Society for Quality Management
• /
• v.36 no.4
• /
• pp.77-86
• /
• 2008

Due to the rapid growth in automated testing and manufacturing systems, screening inspection becomes very attractive. In this paper, we investigate the effects of limited capacity on screening inspection using a surrogate variable. The model is developed under the assumption that the reprocessed and nonreprocessed items are produced by the same manufacturing process and therefore their quality characteristics are independently and identically distributed. Profit models are constructed which involve four price/cost components; selling price, cost incurred by imperfect quality, reprocessing and quality inspection costs. Methods of finding the optimal screening limits are presented, and a numerical example is given. Sensitivity analyses are also performed to study the effect of a process standard deviation on this model.