• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.89-100
• /
• 2021

The National Cyber Capability Assessment(NCCA) could be used as meaningful information for improving national cyber security policy because it provides information on the elements necessary for strengthening national cyber capabilities and the level of each country. However, there were few studies on improving cyber capabilities using the NCCA result in Korea. Therefore, we analyzed the result of National Cyber Power Index(NCPI) conducted by Belfer Center of Harvard Univ. by applying modified-IPA method to derive cybersecurity policy agendas for Korea. As a result, the need to set agendas on surveillance and offensive cyber capability and improve the effectiveness of policy implementation for intelligence and defense was drawn. Moreover, we suggested need for in-depth study of each policy agenda deduced from preceding research data as a future tasks. And it is expected to increase practical use of NCCA for domestic policy analysis by developing and using our own NCCA model which considered analysis framework proposed in this study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.561-570
• /
• 2014

Nuclear Power Plant Instrumentation and Control System(NPP I&C) which is used to operate safely is changing from analog technology to digital technology. Ever since NPP Centrifuge of Iran Bushehr was shut down by Stuxnet attack in 2010, the possibility of cyber attacks against the NPP has been increasing. However, the domestic and international regulatory guidelines that was published to strengthen the cyber security of the NPP I&C describes security requirements and method s to establish policies and procedures. These guidelines are not appropriate for the development of real applicable cyber security technology. Therefore, specialized cyber security technologies for the NPP I&C need to be developed to enhance the security of nuclear power plants. This paper proposes a cyber security technology development system which is exclusively for the development of nuclear technology. Furthermore, this method has been applied to the ESF-CCS developed by The KINCS R&D project.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.264-266
• /
• 2015

Currently as cyber threats grow up targeting nuclear power plants(NPP), licensees must guarantee that computer and information systems of nuclear facilities can be adequately protected against cyber attack. Especially critical system that cause illegal transfer of nuclear material and adverse impact to public safety need protecting. In this paper, we surveying the cyber threat examples targeted at NPP, and taxonomy the method of cyber security for NPPs in korea through analyzing the methodology to identify critical system and address cyber security controls for nuclear facilities.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1137-1142
• /
• 2017

Cyber hacking attacks and cyber terrorism are damaging to the lives of the people, and in the end, national security is threatened. Cyber-hacking attacks leaked nuclear power cooling system design drawings, cyber accidents such as hacking of Cheongwadae's homepage and hacking of KBS stations occurred. The Act on Information and Communication Infrastructure Protection, Promotion of Information and Communication Network Utilization and Information Protection, and the Personal Information Protection Act remove the responsibility for cyber attacks, but it is difficult to prevent attacks by hackers armed with new technologies. This paper studies the development of cyber security experts for cyber security. Build a Knowledge Data Base for cyber security professionals. Web hacking, System hacking, and Network hacking technologies and evaluation. Through researches on the operation and acquisition of cyber security expert certification, we hope to help nurture cyber security experts for national cyber security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.363-374
• /
• 2015

Instrumentation and control(I&C) system has been mainly designed and operated based on analog technologies in existing Nuclear Power Plants(NPPs). However, As the development of Information Technology(IT), digital technologies are gradually being adopted in newly built NPPs. I&C System based on digital technologies has many advantages but it is vulnerable to cyber threat. For this reason, cyber threat adversely affects on safety and reliability of I&C system as well as the entire NPPs. Therefore, the software equipped to NPPs should be developed with cyber security attributes from the initiation phase of software development life cycle. Moreover through cyber security assessment, the degree of confidence concerning cyber security should be measured and if managerial, technical and operational work measures are implemented as intended should be reviewed in order to protect the I&C systems and information. Currently the overall cyber security program, including cyber security assessment, is not established on I&C systems. In this paper, we propose cyber security assessment methods in the Software Development Life Cycle by drawing cyber security activities and assessment items based on regulatory guides and standard technologies concerned with NPPs.

• Proceedings of the KIEE Conference
• /
• 2007.11b
• /
• pp.46-47
• /
• 2007

SCADA (Supervisory Control and Data Acquisition) system has been used fur remote measurement and control on the critical infrastructures as well as modem industrial facilities. As cyber attacks increase on communication networks. SCADA network has been also exposed to cyber security problems. Especially, SCADA systems of energy industry such as electric power, gas and oil are vulnerable to targeted cyber attack and terrorism. Recently, many research efforts to solve the problems have made progress on SCADA network security. In this paper, we introduce recent security issue of SCADA network and propose the application of encryption method to Korea SCADA network.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.5
• /
• pp.725-730
• /
• 2017

The use of general IT resources in the Instrumentation and Control system(I&C) for the safety of Nuclear Power Plants(NPPs) is increasing. As a result, potential security vulnerabilities of existing IT resources may cause cyber attack to NPPs, which may cause serious consequences not only to shutdown of NPPs but also to national disasters. In order to respond to this, domestic nuclear regulatory agencies are developing guidelines for regulating nuclear cyber security regulations and expanding the range of regulatory targets. However, it is necessary to take measures to cope with not only general security problems of NPPs but also attacks specific to NPPs. In this paper, we select 42 items related to the vulnerability inspection in the contents defined in R.G.5.71 and classify it into 5 types. If the vulnerability inspection tool is developed based on the proposed analysis, it will be possible to improve the inspection efficiency of the cyber security vulnerability of the NPPs.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3451-3457
• /
• 2010

Cyber security assessment is the process of determining how effectively an entity being assessed meets specific cyber security objectives. Cyber security assessment helps to measure the degree of confidence one has and to identify that the managerial, technical and operational measures work as intended to protect the I&C systems and the information it processes. Recently, needs for cyber security on digitalized nuclear I&C systems are increased. However the overall cyber security program, including cyber security assessment, is not established on those systems. This paper presents the methodology of cyber security assessment which is appropriate for nuclear I&C systems. This methodology provides the qualitative assessments that may formulate recommendations to bridge the security risk gap through the incorporated criteria. This methodology may be useful to the nuclear organizations for assessing the weakness and strength of cyber security on nuclear I&C systems. It may be useful as an index to the developers, auditors, and regulators for reviewing the managerial, operational and technical cyber security controls, also.

• Journal of Electrical Engineering and Technology
• /
• v.12 no.1
• /
• pp.19-28
• /
• 2017

False data injection attacks have recently been introduced as one of important issues related to cyber-attacks on electric power grids. These attacks aim to compromise the readings of multiple power meters in order to mislead the operation and control centers. Recent studies have shown that if a malicious attacker has complete knowledge of the power grid topology and branch admittances, s/he can adjust the false data injection attack such that the attack remains undetected and successfully passes the bad data detection tests that are used in power system state estimation. In this paper, we investigate that a practical false data injection attack is essentially a cyber-attack with uncertain information due to the attackers lack of knowledge with respect to the power grid parameters because the attacker has limited physical access to electric facilities and limited resources to compromise meters. We mathematically formulated a method of identifying the most vulnerable locations to false data injection attack. Furthermore, we suggest minimum topology changes or phasor measurement units (PMUs) installation in the given power grids for mitigating such attacks and indicate a new security metrics that can compare different power grid topologies. The proposed metrics for performance is verified in standard IEEE 30-bus system. We show that the robustness of grids can be improved dramatically with minimum topology changes and low cost.

• Journal of Digital Convergence
• /
• v.15 no.6
• /
• pp.51-59
• /
• 2017

The role of government is to defend its lands and people from enemies. The range of that defense has now extended into the cyber domain, regarded as the fourth domain of the conventional defense domains (i.e., land, sea, sky, and universe). Traditionally, a government's intelligence power overrides that of its civilians, and government is exclusively responsible for defense. However, it is difficult for government to take the initiative to defend in the cyber domain because civilians already have a greater means for collecting information, which is known as being "intelligence inverse" in the cyber domain. To this end, we first define the intelligence inverse phenomenon and then analyze its main features. Then we investigate foreign countries' efforts to overcome the phenomenon and look at the current domestic situation. Based on these results, we describe the appropriate role of the National Intelligence Agency to handle cyber threats and offer a cyber threat intelligence model to share with civilians to help protect against these threats. Using the proposed model, we propose that the National Intelligence Agency should establish a base system that will respond to cyber threats more effectively.