• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.29-35
• /
• 2020

The cyber attacks targeting the systems of national and public organizations in the front line of cyber security have been advanced, and the number of cyber attacks has been on the constant rise. In this circumstance, it is necessary to develop the security evaluation technology to prevent cyber attacks to the systems of national and public organizations. Most of the studies of the vulnerability analysis on the information systems of national and public organizations almost focus on automation. In actual security inspection, it is hard to automate some parts. In terms of security policies for threats, many different plans have been designed and applied in the managerial, physical, and technical fields, giving particular answers no matter how they are subjective or situational. These tendencies can be standardized in OCIL(Open Checklist Interactive Language), and partial automation can be achieved. Therefore, this study tries to implement XML Converter in order for OCIL based security level evaluation with typical evaluation questions.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.77-83
• /
• 2013

As the network composed of numerous sensor nodes, sensor network conducts the function of sensing the surrounding information by sensor and of the sensed information. The concept of the battlefield is also changing to one that includes not only physical spaces but all areas including the networks of the nation's key industries and military facilities, energy facilities, transportation, and communication networks. In light of the changing warfare in terms of how it is conducted and what form it takes, the Korea military has to seek ways to effectively respond to threats of cyber warfare. In the past, although partial strategies on cyber warfare were studied, no research was done through the overall system flow. In this paper, key variables related to cyber warfare security are classified into personnel, management, and technology. A simple model and an extended model are suggested for each area, and based on the technology area of the extended model, formal methods are used to verify the validity and a detailed response strategy is suggested according to the identified leverage.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.7 no.5
• /
• pp.241-246
• /
• 2012

As the convergence between the conventional physical systems and IT computing resource is increased, the new paradigm of embedded system called Cyber Physical System (CPS) emerged. CPSs have many sensors, actuators and computing devices to understand and to control the physical system. As these all components are tightly coupled each other, standardized middleware such as Data Distribution Service (DDS) is considered to be deployed. But DDS takes too long time to discover each other in the large-scal CPS environment and has not precise specification of its execution architecture to provide efficient data exchange. In this paper, we design the efficient DDS architecture for development with interoperability to provide the high reliable data distribution. in real-time and propose the communication entity discovery procedure.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.6
• /
• pp.1320-1326
• /
• 2011

National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.

• Journal of Arbitration Studies
• /
• v.14 no.1
• /
• pp.61-101
• /
• 2004

Information and communications technologies are affecting an economic and social transformation of all countries. Without exception international commercial dispute resolution systems are faced with change its mechanism to online technology. Dispute parties can seek redress through arbitration other than litigation or mediation. Traditional dispute resolutions do not match the cyber trade environment which is basically pursuit the speed and efficiency in cyberspace. Arbitration other than resolution methods have been considered to be match with the online environment which is including party autonomy, speed and internationally accepted and binding awards. Traditional arbitration, however is lack of time and different physical location relating all parties. So we now think cyberspace as for the resolving place which is online arbitration. Even the parties exist in different space and time they may meet in the same time and space without moving or trips. Nowadays there are many online arbitration service provider serving the resolution of dispute arising with online transaction. In this paper we study the tendency for online arbitration, the recognize uncertain matters and avoiding programs its matters when use the online arbitration between disputing parties under cyber trade environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.867-875
• /
• 2019

Security awareness and training are becoming more important as cyber security incidents tend to increase in industrial control systems, including nuclear power plants. For effective cyber security awareness and training for the personnel who manage and operate the target facility, a TEST-BED is required that can analyze the impact of cyber attacks from the sensor level to the operation status of the nuclear power plant. In this paper, we have developed an HIL system for nuclear power plant cyber security training. It includes nuclear power plant status simulations and specific system status simulation together with physical devices. This research result will be used for the specialized cyber security training program for Korean nuclear facilities.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1516-1539
• /
• 2022

This article shows a set of physical information fusion IoT systems that we designed for smart buildings. Its essence is a computer system that combines physical quantities in buildings with quantitative analysis and control. In the part of the Internet of Things, its mechanism is controlled by a monitoring system based on sensor networks and computer-based algorithms. Based on the design idea of the agent, we have realized human-machine interaction (HMI) and machine-machine interaction (MMI). Among them, HMI is realized through human-machine interaction, while MMI is realized through embedded computing, sensors, controllers, and execution. Device and wireless communication network. This article mainly focuses on the function of wireless sensor networks and MMI in environmental monitoring. This function plays a fundamental role in building security, environmental control, HVAC, and other smart building control systems. The article not only discusses various network applications and their implementation based on agent design but also demonstrates our collaborative information fusion strategy. This strategy can provide a stable incentive method for the system through collaborative information fusion when the sensor system is unstable in the physical measurements, thereby preventing system jitter and unstable response caused by uncertain disturbances and environmental factors. This article also gives the results of the system test. The results show that through the CPS interaction of HMI and MMI, the intelligent building IoT system can achieve comprehensive monitoring, thereby providing support and expansion for advanced automation management.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.115-127
• /
• 2021

With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.

• Journal of Information Technology and Architecture
• /
• v.9 no.4
• /
• pp.443-453
• /
• 2012

In order to minimize the damage from system failures, systems over various fields are requested to contain the safety-critical features. In this paper, we deliver the considerable issues, especially, in the cyber physical systems that is recently used as a safety-critical system, as well as we propose the model driven architecture based on time as its the important factor. Based on meta-modeling approach, we introduce the time-based architecture which is associated with deadline, transition state, and threshold, and also we work out a design for this by using model driven architecture. We propose a realizable safety-critical architecture by means of showing failure handling components with safety transaction model from the meta-model. In the detailed models and the example, we design a basic safety processing state, a multiple safety processing state, and a compound safety processing state for completing the safety-critical system architecture.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2255-2281
• /
• 2021

Channel characteristic-based physical layer authentication is one potential identity authentication scheme in wireless communication, such as used in a fog computing environment. While existing channel characteristic-based physical layer authentication schemes may be efficient when deployed in the conventional wireless network environment, they may be less efficient and practical for the industrial wireless communication environment due to the varying requirements. We observe that this is a topic that is understudied, and therefore in this paper, we review the constructions and performance of several commonly used test statistics and analyze their performance in typical industrial wireless networks using simulation experiments. The findings from the simulations show a number of limitations in existing channel characteristic-based physical layer authentication schemes. Therefore, we believe that it is a good idea to combine machine learning and multiple test statistics for identity authentication in future industrial wireless network deployment. Four machine learning methods prove that the scheme significantly improves the authentication accuracy and solves the challenge of choosing a threshold.