• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.53 no.9
• /
• pp.638-643
• /
• 2004

Middleware enables different networking devices and protocols to inter-operate in ubiquitous home network environments. The UPnP(Universal Plug and Play) middleware, which runs on a PC and is based on the IPv4 protocol, has attracted much interest in the field of home network research since it has versatility The UPnP, however, cannot be easily accessed via the public Internet since the UPnP devices that provide services and the Control Points that control the devices are configured with non-routable local private or Auto IP networks. The critical question is how to access UPnP network via the public Internet. The purpose of this paper is to deal with the non-routability problem in local private and Auto IP networks by improving the conventional Control Point used in UPnP middleware-based home networks. For this purpose, this paper proposes an improved Control Point for accessing and controlling the home network from remote sites via the public Internet, by adding a web server to the conventional Control Point. The improved Control Point is implemented in an embedded GNU/Linux system running on an ARM9 platform. Also this paper implements the security of the home network system based on the UPnP (Universal Plug and Play), adding VPN (Virtual Private Network) router that uses the IPsec to the home network system which is consisted of the ARM9 and the Embedded Linux.

• Proceedings of the KSR Conference
• /
• 2010.06a
• /
• pp.1255-1261
• /
• 2010

An operating information and fault recode of train is very important information for safety driving and maintenance. And these information is increased and need high speed as the number of trains is increased. Wireless LAN or CDMA network is efficient to report more complicated and various information from vehicle to server in control center. Existing wireless transmission system has weakness due to transmission system is separated with TDCS and standalone. At first, standalone system needs space to be installed and cost is increased. And data transmission capacity and speed is limited by complicated structure that transmission system receive data thru serial communication like RS232 and then data transmission system send data to server in control center. This article is study to develop embedded & wireless fault code transmission device to be installed in TDCS to overcome weakness of space and to have more cost effective and simple structure. It is adapted 802.11b/g WiFi for wireless communication and OS is used embedded Linux that can easily implement wireless communication environment and ensure TCP/IP communication’s security. We also implement simple server to test wireless communication between embedded & wireless fault code transmission device and server in control center.

• Transactions of the Korean Society of Automotive Engineers
• /
• v.14 no.3
• /
• pp.58-67
• /
• 2006

In this paper, fuzzy logic based active ventilation system with security function is proposed and implemented. We can easily experience the situation that inner air is so hot to get start immediately after parking at summer day. Hot temperature is enough to explode a gas lighter or to suffocate a little chid. Proposed system has 1 blower and 2 axial fans to ventilate inner air. Based on the fuzzy logic, speed and direction of each fan are controlled. In addition to controlling fans, controller put down windows and adjust the periods of open time. In order to prevent the theft and security problems, IR sensors are used to detect objects. On detecting objects, controller put up windows. Experimental result shows that implemented system can be effectively ventilate inner air and reduce temperature. Proposed system can be applicable to commercial automobiles.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.6
• /
• pp.9-17
• /
• 2021

In this paper, we propose a reversely using the "Man In The Middle Attack" attack technique as a way to introduce network security without changing the physical structure and configuration of the existing network, a Virtual Network Overlay is formed with only a single Ethernet Interface. Implementing In-line mode to protect the network from external attacks, we propose an integrated control method through a micro network security sensor and cloud service. As a result of the experiment, it was possible to implement a logical In-line mode by forming a Virtual Network Overlay with only a single Ethernet Interface, and to implement Network IDS/IPS, Anti-Virus, Network Access Control, Firewall, etc.,. It was possible to perform integrated monitor and control in the service. The proposed system in this paper is helpful for small and medium-sized enterprises that expect high-performance network security at low cost, and can provide a network security environment with safety and reliability in the field of IoT and embedded systems.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.7
• /
• pp.183-191
• /
• 2018

This paper evaluates the achievement of program outcomes using course-embedded assessment for information security programs. In the case study concerning the development of course-embedded assessment used in this paper, we evaluate program outcomes using various evaluation tools including the course evaluation data. In addition, we consider the evaluation rubric and evaluation procedure for course-embedded program outcomes, set performance criteria, select the probe course with high contribution to the program outcomes according to curriculum flowchart, set course objectives for the probe course, and explain the rubric for each assessment tool to measure achievement level. Subsequently, we perform course-embedded program outcomes assessment, based on tests and projectevaluation tool for each program objectives, and present the achievement levels based analysis results. These results prove the effectiveness of the proposed course-embedded assessment for program outcomes.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.304-310
• /
• 2021

The paper presents problems of optimization of the synthesis of embedded systems, in particular Pareto optimization. The model of such a system for its design for high-level of abstract is based on the classic approach known from the theory of task scheduling, but it is significantly extended, among others, by the characteristics of tasks and resources as well as additional criteria of optimal system in scope structure and operation. The metaheuristic algorithm operating according to this model introduces a new approach to system synthesis, in which parallelism of task scheduling and resources partition is applied. An algorithm based on a genetic approach with simulated annealing and Boltzmann tournaments, avoids local minima and generates optimized solutions. Such a synthesis is based on the implementation of task scheduling, resources identification and partition, allocation of tasks and resources and ultimately on the optimization of the designed system in accordance with the optimization criteria regarding cost of implementation, execution speed of processes and energy consumption by the system during operation. This paper presents examples and results for multi-criteria optimization, based on calculations for specifying non-dominated solutions and indicating a subset of Pareto solutions in the space of all solutions.

• Journal of Digital Convergence
• /
• v.18 no.3
• /
• pp.163-169
• /
• 2020

A smart key has been used in a variety of embedded environments and there also have been attacks from a remote place by amplifying signals at a location of a user. Existing studies on defence techniques suggest multiple sensors and hash functions to improve authentication speed; these, however, increase the electricity usage and the probability of type 1 error. For these reasons, I suggest an embedded security controller based on client authentication and user movement information improving the authentication method between a controller and a host device. I applied encryption algorithm to the suggested model for communication using an Arduino board, GPS, and Bluetooth and performed authentication through path analysis utilizing user movement information for the authentication. I found that the change in usability was nonsignificant when performing actions using the suggested model by evaluating the time to encode and decode. The embedded security controller in the model can be applied to the system of a remote controller for a two-wheeled vehicle or a mobile and stationary host device; in the process of studying, I found that encryption and decryption could take less then 100ms. The later study may deal with protocols to speed up the data communication including encryption and decryption and the path data management.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.123-129
• /
• 2013

Android file system is vulnerable to the external access of system resources via its arbitrary access mode and need user's control for SD and UMS medias due to its open architecture. In response to the device control, there is a drawback that its controlability is valid only in the case of embedded linux kernel with VDC function. Hence the solution is to directly implement VDC through system call, with another security module for device storage than system module being added to android system. In this paper the new method of android storage access control for personal information is proposed via VDC for mount system of storage. The access method for SD and UMS were implemented using VDC and mount mechanism. This access control system has been designed to control the granted users in kernel level if files are flowed out by copying. As a result, it was proved through testing that the access control system has exactly detected the write access operation.

• The Journal of the Korea Contents Association
• /
• v.20 no.2
• /
• pp.15-26
• /
• 2020

Secure boot is security technology that verifies the integrity of the computer system in boot stage and controls the boot process accordingly. The computer system can establish a secure execution environment from the threat of various malwares by security boot and also supports the recovery when system in emergency case. Recently, Secure boot has been adopted by various modern computer manufacturers to protect users' information from hacker attacks and to prevent abuse of their products by malicious users. In this paper, we classify security boot developed by various companies and organizations by platform, and analyze the design and development purpose of each security boot and investigate the limitation of design. It can be used as a reference for system security designers in various information of security boot development method and security design of system.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.2
• /
• pp.31-42
• /
• 2014

Debugger systems are necessary to apply dynamic program analysis when evaluating security properties of embedded system software. It may be possible to make the use of software-based debugger and/or DBI framework if target devices support general purpose operating systems, however, constraints on applicability as well as environmental transparency might be incurred thereby hindering overall analyzability. Analysis with JTAG (IEEE 1149.1) debugging devices can overcome these difficulties in that no change would be involved in terms of internal software environment. In that sense, JTAG API can facilitate to practically perform dynamic program analysis for evaluating security properties of target device software. In this paper, we introduce an implementation of JTAG API to enable analysis of ARM core based embedded systems. The API function set includes the categories of debugger and target device controls: debugging environment and operation. To verify API applicability, we also provide example analysis tool implementations: our JTAG API could be used to build kernel function fuzzing and live memory forensics modules.