• 융합보안논문지
• /
• 제24권3호
• /
• pp.67-79
• /
• 2024

에너지 발전소 등을 포함한 주요 기반시설을 공격 대상으로 하는 공격자들은 지능적이고 정교화된 공격을 수행하는 동시에, 목표에 달성할 때까지 공격 흔적을 은닉한다. 특히 실제 물리적 환경과 연결되어 있는 사이버 물리 시스템의 운영 데이터를 조작하는 것은 사람의 안전에 직접적으로 영향을 줄 수 있다. 사이버 물리 시스템의 특성에 따라 일반적인 정보 기술 환경에서의 이상 식별 및 탐지 방법과는 차별적인 접근법이 필요하다. 이에 본 연구에서는 사이버 물리 시스템의 특성을 고려하기 위하여 재귀적 필터링을 수행하고, 악의적으로 조작된 운영 데이터를 식별하기 위한 엔트로피 기반의 접근법이 통합된 방법론을 제안한다. 공개된 산업제어시스템 보안 데이터셋을 기반으로 합성한 데이터에 제안하는 방법론을 적용한 결과, 조작된 운영 데이터를 효과적으로 식별할 수 있음을 검증하였다.

• Journal of Communications and Networks
• /
• 제17권6호
• /
• pp.558-567
• /
• 2015

In recent years, we have seen a proliferation of mobile-network-enabled smart objects, such as smart-phones and smart-watches, that form a cyber-physical integrated network to connect the cyber and physical worlds through the capabilities of sensing, communicating, and computing. Discovery of the relationship between smart objects is a critical and nontrivial task in cyber-physical integrated network applications. Aiming to find the most stable relationship in the heterogeneous and dynamic cyber-physical network, we propose a distributed and efficient relationship-discovery algorithm, called dynamically maximizing remaining unchanged time with minimum connected dominant set (DMRUT-MCDS) for constructing a backbone with the smallest scale infrastructure. In our proposed algorithm, the impact of the duration of the relationship is considered in order to balance the size and sustain time of the infrastructure. The performance of our algorithm is studied through extensive simulations and the results show that DMRUT-MCDS performs well in different distribution networks.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2016년도 춘계학술대회
• /
• pp.235-238
• /
• 2016

With the vision of Internet of Things (IoT), physical world itself is becoming a connected information system on the Internet and cyber world is computing as a physical act to sense and respond to real-world events collaboratively. The systems that tightly interlink the cyber and physical worlds are often referred to as Smart Systems or Cyber-Physical Systems. Smart IoT Clouds aim to provide a cyber-physical infrastructure for utility (pay-as-you-go) computing to easily and rapidly build, modify and provision auto-scale smart systems that continuously monitor and collect data about real-world events and automatically control their environment. Developing specifications for service interoperability is critical to enable to achieve this vision. In this paper, we bring an issue to extend Open Cloud Computing Interface for uniform, interoperable interfaces for Smart IoT Cloud Services to access services and build a smart system through orchestrating the cloud services.

• Nuclear Engineering and Technology
• /
• 제54권7호
• /
• pp.2467-2474
• /
• 2022

Nuclear Power Plants (NPPs) are the most protected facilities among all critical infrastructures (CIs). In addition to physical security, cyber security becomes a significant concern for NPPs since swift digitalization and overreliance on computer-based systems in the facility operations transformed NPPs into targets for cyber/physical attacks. Despite technical competencies, humans are still the central component of a resilient NPP to develop an effective nuclear security culture. Turkey is one of the newcomers in the nuclear energy industry, and Turkish Akkuyu NPP has a unique model owned by an international consortium. Since Turkey has limited experience in nuclear energy industry, specific multinational and multicultural characteristics of Turkish Akkuyu NPP also requires further research in terms of the Facility's prospective nuclear security. Yet, the link between "national cultures" and "nuclear security" is underestimated in nuclear security studies. By relying on Hofstede's national culture framework, our research aims to address this gap and explore possible implications of cross-national cultural differences on nuclear security. To cope with security challenges in the age of hybrid threats, we propose a security management model which addresses the need for cyber-physical security integration to cultivate a robust nuclear security culture in a multicultural working environment.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2016년도 춘계학술대회
• /
• pp.348-351
• /
• 2016

최근 IoT 환경에서 많은 디바이스들의 등장과 더불어 특정 사용자만 접근 가능한 보호된 네트워크가 필요하게 되었다. IoT 네트워크 환경에 OAuth 프로토콜을 적용하여 인증하게 되면 보다 쉽게 네트워크 인증 체계를 구축할 수 있으나 OAuth는 공격자가 Token을 가로채게 되면 쉽게 공격에 노출되는 단점이 있어 2차 인증이 필수적이라고 할 수 있다. 궁극적인 IoT는 Fog Computing이 필수적이다. Fog Computing은 Cloud를 확장시켜 network Core에서 뿐만 아니라 Edge에서도 Computing이 가능하게 하고, node간의 통신을 가능하게 하는 플랫폼이다. Fog Computing의 장점으로는 Location awareness나 Support for mobility 등을 들 수 있다. Fog Computing내에서 사용할 인증이 이런 Fog Computing의 장점을 살린다면, 더 IoT에 걸맞은 인증을 할 수 있을 것이다. 이에 2차 인증에 기존의 인증서나 id/password, 또는 group key같은 번거로운 것을 이용하지 않고 Cyber-Physical-Social System을 사용한다면 user의 편리성을 더 증가시킬 수 있을 것이다. 본 연구에서는 Cyber-Physical-Social System기반의 인증에 관한 연구를 진행하려 한다.

• 한국정밀공학회:학술대회논문집
• /
• 한국정밀공학회 2004년도 추계학술대회 논문집
• /
• pp.1053-1056
• /
• 2004

Research in Human Computer Interface (HCI) is towards development of an application environment able to deal with interactions of both human and computers that can be more intuitive and efficient. This can be achieved by bridging the gap between the synthetic virtual environment and the natural physical environment. Thus a project called Tangible Space Initiative (TSI) has been launched by KIST. TSI is subdivided into Tangible Interface (TI) which controls 3D cyber space with user's perspective, Responsive Cyber Space (RCS) which creates and controls the virtual environment and Tangible Agent (TA) which senses and acts upon the physical interface environment on behalf of any components of TSI or the user. This paper is a brief introduction to a new generation of Human Computer Interface that bring user to a new era of interaction with computers in the future.

• 대한공업교육학회지
• /
• 제30권1호
• /
• pp.84-95
• /
• 2005

With recent advancement in informational sciences, educational systems are undergoing a revolutionary facelift on how students attain their education. These developments have diminished the traditional method of teaching and learning and have improved the overall quality of the educational environment. They have also ignited the birth of cyber-education in which students have the flexibility and responsibility on what and when to study, thus providing a greater freedom to control one's education. Cyber-educational environment not only requires physical hardware but also an organizational structural component and most importantly, a software component that drives and gives the student management power to tailor their studies based upon their educational requirements. Due to the fact that individuals learn and develop at different rates, one of the important features of a cyber-educational program will be its ability to adjust and customized to individual needs and requirements. In this thesis, a novel software which encompasses these ideas was designed and developed. This program allows the individual more flexibility and management of courses based on their ability and needs. Because the software customizes to one's ability and it allows the student to advance at a more comfortable pace, it boosts the student's confidence and desire to learn. In the future, new and improved programs similar to the one developed here will further enhance the cyber-educational environment and will undoubtedly improve the overall quality of student's education.

• Journal of Information Processing Systems
• /
• 제14권6호
• /
• pp.1361-1384
• /
• 2018

Recently, Cyber Physical System (CPS) is one of the core technologies for realizing Internet of Things (IoT). The CPS is a new paradigm that seeks to converge the physical and cyber worlds in which we live. However, the CPS suffers from certain CPS issues that could directly threaten our lives, while the CPS environment, including its various layers, is related to on-the-spot threats, making it necessary to study CPS security. Therefore, a survey-based in-depth understanding of the vulnerabilities, threats, and attacks is required of CPS security and privacy for IoT. In this paper, we analyze security issues, threats, and solutions for IoT-CPS, and evaluate the existing researches. The CPS raises a number challenges through current security markets and security issues. The study also addresses the CPS vulnerabilities and attacks and derives challenges. Finally, we recommend solutions for each system of CPS security threats, and discuss ways of resolving potential future issues.

• 해양환경안전학회지
• /
• 제30권3호
• /
• pp.263-274
• /
• 2024

The digitization of ship environments has increased the risk of cyberattacks on ships. The smartization and automation of ships are also likely to result in cyber threats. The International Maritime Organization (IMO) has discussed the establishment of regulations at the autonomous level and has revised existing agreements by dividing autonomous ships into four stages, where stages 1 and 2 are for sailors who are boarding ships while stages 3 and 4 are for those not boarding ships. In this study, the level of a smart ship was classified into LEVELs (LVs) 1 to 3 based on the autonomous levels specified by the IMO. Furthermore, a risk assessment for smart ships at various LVs in different risk scenarios was conducted The cyber threats and vulnerabilities of smart ships were analyzed by dividing them into administrative, physical, and technical security; and mitigation measures for each security area were derived. A total of 22 cyber threats were identified for the cyber asset (target system). We inferred that the higher the level of a smart ship, the greater the hyper connectivity and the remote access to operational technology systems; consequently, the greater the attack surface. Therefore, it is necessary to apply mitigation measures using technical security controls in environments with high-level smart ships.

• 대한임베디드공학회논문지
• /
• 제9권4호
• /
• pp.211-217
• /
• 2014

Cyber-Physical Systems(CPS) that mostly provides safety-critical and mission-critical services requires high reliability, so that system testing is an essential and important process. Hardware-In-the-Loop Simulation(HILS) is one of the extensively used techniques for testing hardware systems. However, most conventional HILS has problems that it is difficult to support a distributed operating environment and to reuse a HILS platform. In this paper, we introduce EcoHILS(ETRI CPS Open Human-Interactive hardware-in-the-Loop Simulator) in order to test CPS effectively. Moreover, feasibility tests and performance tests of EcoHILS are performed to confirm its effectiveness.