• Nuclear Engineering and Technology
• /
• v.51 no.1
• /
• pp.138-145
• /
• 2019

With the application of digital technology to safety-critical infrastructures, cyber-attacks have emerged as one of the new dangerous threats. In safety-critical infrastructures such as a nuclear power plant (NPP), a cyber-attack could have serious consequences by initiating dangerous events or rendering important safety systems unavailable. Since a cyber-attack is conducted intentionally, numerous possible cases should be considered for developing a cyber security system, such as the attack paths, methods, and potential target systems. Therefore, prior to developing a risk-informed cyber security strategy, the importance of cyber-attacks and significant critical digital assets (CDAs) should be analyzed. In this work, an importance analysis method for cyber-attacks on an NPP was proposed using the probabilistic safety assessment (PSA) method. To develop an importance analysis framework for cyber-attacks, possible cyber-attacks were identified with failure modes, and a PSA model for cyber-attacks was developed. For case studies, the quantitative evaluations of cyber-attack scenarios were performed using the proposed method. By using quantitative importance of cyber-attacks and identifying significant CDAs that must be defended against cyber-attacks, it is possible to develop an efficient and reliable defense strategy against cyber-attacks on NPPs.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2019.11a
• /
• pp.134-136
• /
• 2019

The International Maritime Organization (IMO) issued 2017 Guidelines on maritime cyber risk management. In accordance with IMO's maritime cyber risk management guidelines, each flag State is required to comply with the Safety Management System (SMS) of the International Safety Management Code (ISM) that the cyber risks should be integrated and managed before the first annual audit following January 1, 2021. In this paper, to identify cyber security management targets and risk factors in the maritime sector and to conduct vulnerability analysis, we catagorized the cyber security sector in management, technical and physical sector in maritime sector based on the industry guidelines and international standards proposed by IMO. In addition, the Risk Matrix was used to conduct a qualitative risk assessment according to risk factors by cyber security sector.

• Proceedings of the KIEE Conference
• /
• 2008.10b
• /
• pp.209-210
• /
• 2008

In the case of unauthorized individuals, systems and entities or process threatening the instrumentation and control systems of nuclear facilities using the intrinsic vulnerabilities of digital based technologies, those systems may lose their own required functions. The loss of required functions of the critical systems of nuclear facilities may seriously affect the safety of nuclear facilities. Consequently, digital instrumentation and control systems, which perform functions important to safety, should be designed and operated to respond to cyber threats capitalizing on the vulnerabilities of digital based technologies. To make it possible, the developers and licensees of nuclear facilities should perform appropriate cyber security program throughout the whole life cycle of digital instrumentation and control systems. Under the goal of securing the safety of nuclear facilities, this paper presents the KINS' regulatory position on cyber security program to remove the cyber threats that exploit the vulnerabilities of digital instrumentation and control systems and to mitigate the effect of such threats. Presented regulatory position includes establishing the cyber security policy and plan, analyzing and classifying the cyber threats and cyber security assessment of digital instrumentation and control systems.

• Journal of Digital Contents Society
• /
• v.16 no.1
• /
• pp.79-83
• /
• 2015

This paper suggested a cyber collaboration platform based on web for food safety service. We implemented the cyber collaboration platform for food safety service so that the users participated in collaborative work may refer shared media objects as the same view to others. In this paper, we discussed a model for increasing reliability of food safety data through N screen server and client model. This paper explained a performance analysis of a system with function comparison running on multimedia collaboration work based on web and N screen techniques.

• International journal of advanced smart convergence
• /
• v.11 no.3
• /
• pp.56-63
• /
• 2022

Cyber-physical systems (CPSs) can solve real problems by utilizing closely connected resources in the cyber world. Most problems arise because the physical world is uncertain and unpredictable. To address this uncertainty, information pouring from numerous devices must be collected in real-time, and each interconnected device must share the information. At this time, CPS must meet timing-related techniques and strict timing constraints that can deliver accurate information within predefined deadlines in order to interact closely beyond simply connecting the cyber and physical worlds. Timing errors in safety-critical systems, such as automobiles, aviation, and medical systems, can lead to catastrophic disasters. In this paper, we classify timing problems into two types: real-time delay and synchronization problems. The results of this study can be used in the entire process of CPS system design, implementation, operation, verification, and maintenance. As a result, it can contribute to securing the safety and reliability of CPS.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2019.05a
• /
• pp.238-239
• /
• 2019

Cyber attacks can be caused by all equipment that perform communication functions, and the link between ship and land due to the development of communication technology means that the ship sector as well as the land sector can be easily exposed to cyber threat vulnerability. In this paper, we analyze cyber threat trend changes to identify cyber security vulnerabilities in the maritime sector and propose measures to enhance cyber security through other industry case studies.

• Journal of Electrical Engineering and Technology
• /
• v.12 no.2
• /
• pp.495-501
• /
• 2017

The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. In other words, The Energy Management System (EMS) and other communication networks interact with the power system on a real time basis, so it is important to understand the interaction between two layers to protect the power system from potential cyber threats. This paper aims to identify and clarify the cyber security risks and their interaction with the power system in Smart Grid. In this study, the optimal power flow (OPF) and Power Flow Tracing are used to assess the interaction between the EMS and the power system. Through OPF and Power Flow Tracing based analysis, the physical and economic impacts from potential cyber threats are assessed, and thereby the quantitative risks are measured in a monetary unit.

• Journal of the Korea Safety Management & Science
• /
• v.3 no.3
• /
• pp.165-174
• /
• 2001

Internet is a global network and it produces many terminologies involved in Electronic Commerce. Among many terms people very much talked about Cyber Shopping Mall. Under situation customers and sellers paid attention to Cyber Shopping Mall which is beyond time and space. This study deals with two subjects to enlarge the competitive power of Mall & Malls which is integration of multiple Cyber Shopping Mall. First subject is constructing the Automated Mall Wizard which is efficiently and effectively building Cyber Shopping Mall Site. And second subject is to differentiate from other shopping malls. Automated Mall Wizard is composed of three stages which are decomposed into several descriptive steps. And descriptive steps takes form of independent module, so it is considered to maximize Cyber Shopping Mall differentiation. Additional functions are making the goods category, related goods to be simultaneously ordered, price comparison with other sites within the Mall & Malls, best seller goods, store advertisement, substitutive goods, and mileage policy. As a result of that, we can respect SuperMall is better than other Mall & Mall as to diversity and flexibility of constructed Cyber Shopping Mall.

• Journal of the Korea Safety Management & Science
• /
• v.5 no.2
• /
• pp.187-197
• /
• 2003

In 21st century, According to development of Information Technology, It is clear that the importance of tourism information is extended increasingly. For this reason, It should be needed to realize a general system which make it possible to enjoy cyber tourism based on knowledge information system to recover a local potential growth power, catch a jumping chance again, and hold a new competitive power. But to discuss a tourism information system, the matters of hard ware, software and information mediating system should be reviewed generally, this research is likely to provide a cyber tourism information system through internet as a way of cyber tours through multimedia technology and stereoscopic image technique using GIS (Geographic Information System) centering on the networking system of tourism information. Constructing $\ulcorner$cyber touristy city$\lrcorner$ on internet, foster a new industry, to go balanced with a present tourism industry and experience a virtual reality, various theme tours create high profit to shrunken tourism industry.