• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.829-831
• /
• 2002

최근 들어 보안에 대한 관심이 높아지고 있으며, 많은 보안 관련 프로그램이 사용되고 있는 상황이다. 하지만 안전성을 예측하기 어려운 보안 기능을 완벽하게 구현하기 위해서 현재의 테스팅 방법론만으로는 완전성을 보장할 수 없으므로 보다 안전한 보안 기능을 구현하기 위해서 정형명세 방법은 반드시 필요하다. 또한 실제로 시스템들이 개발되는 과정에 있어서 설계될 당시와는 달리 결함을 가질 수 있다. 시스템에 대한 명세가 정확하다 하더라도 개발자인 사람의 개입으로 인해서 개발하는 도중에 명세와 다른 결과를 초래하여 결함이 발생할 수 있다. 이러한 결함은 개발자나 사용자에 의해 쉽게 발견되기 어렵다. 만일 보안 시스템이 알져지지 않은 결함이 있다면 비밀 정보가 쉽게 누설될 수 있다는 큰 문제가 발생할 수 있다. 통신망을 사용하는 인구의 확대와 더불어 다양한 형태의 통신 서비스가 제공됨에 따라 시스템의 특성이 복잡해지고 불법적인 자료 접근의 위험도 많이 노출되고 있다. 따라서 명확한 정형명세 보안기능으로부터 자동 코드 생성은 반드시 필요하다. 본 논문에서는 여러 정형 도구를 사용해서 보안기능에 대한 정형명세를 작성한 후에 소스코드 생성한 후, 정형명세를 이용하여 설계 및 구현한 프로그램에 대한 명세와 소스코드간 일치성 검토 방법을 개발하여, 정형명세를 통해 생성된 보안기능 소스코드의 보안성 측면과 성능적 측면의 Teade-Off 분석하는 것이다. 논문에서는 인증 관련 보안 기능인 S/KRY에 대해서 4개(STATEMATE MAGMUM, Rational Rose 98, SPEAR, VDM-SL)의 정형도구를 사용하여 명세 후, 소스 코드를 생성하여 생성된 각 코드에 대하여 비교하였으며, 현재 상용화 되어있는 Bellcore 의 S/KEY 시스템과의 비교를 수행하였다. 분석에서는 제품의 효율성뿐만 아니라 보안성을 중요하게 생각하였으며, 앞으로 보안 관련 소프트웨어 개발에 사용될 수 있는 도구들이 가이드 라인에 대한 정보를 제공한다.

• The KIPS Transactions:PartD
• /
• v.13D no.1 s.104
• /
• pp.117-124
• /
• 2006

Hardware and software codesign framework called PeaCE(Ptolemy extension as a Codesign Environment) was developed. It allows to express both data flow and control flow which is described as fFSM which extends traditional finite state machine. While the fFSM model provides lots of syntactic constructs for describing control flow, it has a lack of their formality and then difficulties in verifying the specification. In order to define the formal semantics of the fFSM, in this paper, firstly the hierarchical structure in the model is flattened and then the step semantics is defined. As a result, some important bugs such as race condition, ambiguous transition, and circulartransition can be formally detected in the model.

• Journal of KIISE:Software and Applications
• /
• v.31 no.9
• /
• pp.1218-1225
• /
• 2004

S/KEY system was proposed to guard against intruder's password replay attack. But S/KEY system has vulnerability that if an attacker derive passphrase from his dictionary file, he can acquire one-time password required for user authentication. In this paper, we propose a correct S/KEY system mixed with EKE to solve the problem. Also, we specify a new S/KEY system with Casper and CSP, verify its secrecy and authentication requirements using FDR model checking tool.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.1
• /
• pp.38-57
• /
• 2016

Service discovery is one of the major challenges in cloud computing environment with a large number of service providers and heterogeneous services. Non-uniform naming conventions, varied types and features of services make cloud service discovery a grueling problem. With the proliferation of cloud services, it has been laborious to find services, especially from Internet-based service repositories. To address this issue, services are crawled and clustered according to their similarity. The clustered services are maintained as a catalogue in which the data published on the cloud provider's website are stored in a standard format. As there is no standard specification and a description language for cloud services, new efficient and intelligent mechanisms to discover cloud services are strongly required and desired. This paper also proposes a key-value representation to describe cloud services in a formal way and to facilitate matching between offered services and demand. Since naïve users prefer to have a query in natural language, semantic approaches are used to close the gap between the ambiguous user requirements and the service specifications. Experimental evaluation measured in terms of precision and recall of retrieved services shows that the proposed approach outperforms existing methods.

• The KIPS Transactions:PartA
• /
• v.12A no.7 s.97
• /
• pp.563-570
• /
• 2005

Hardware and software codesign framework called PeaCE(Ptolemy extension as a Cod sign Environment) allows to express both data flow and control flow. To formally verify an fFSM specification which expresses control flow in PeaCE, the step semantics of the model was defined. In this paper, we introduce the automatic verification tool developed by formal semantics of previous work. This tool uses the SMV as inner model checker md, through our tool, users can formally verify some important bugs such as race condition, ambiguous transition, and circulartransition without directly writing logical formulae.

• The Journal of Society for e-Business Studies
• /
• v.2 no.1
• /
• pp.21-37
• /
• 1997

As the complexity in design and manufacturing activities of distributed virtual enterprises rapidly increases, the issue of process management becomes more critical to shorten the time-to-market, reduce the manufacturing cost and improve the product quality. This paper proposes a unified framework to manage design and manufacturing processes in a distributed environment. We present a methodology which utilizes process flow graphs to depict the hierarchical structure of workflows and process grammars to represent various design processes and design tools. To implement the proposed concept, we develop a process management system which mainly consists of a cockpit and manager programs, and we finally address a preliminary implementation procedure based on the Object Modeling Technique. Since the proposed framework can be a formal approach to the process management by providing formalism, parallelism, reusability, and flexibility, it can be effectively applied to further application domains of distributed virtual enterprises.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.2
• /
• pp.219-226
• /
• 2013

Against the global eavesdropping in wireless sensor networks, tremendous amount of dummy packets for faking are likely to be continuously generated in order to keep the location privacy of the communication source and destination. In our approach only certain disk-shaped zones of encompassing sources and destination are allowed to issue dummy packets during the data transfer so that the amount of generated packets is reduced while the location privacy of the source and destination remains secret. To this end we design a routing protocol and propose a detailed formal specification of it, and verify major characteristics.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.575-578
• /
• 2000

소프트웨어 개발 초기 단계에서의 부정확에 기인한 에러들을 줄이기 위한 노력이나 기술이 절실하다. [1][2] 정형 명세 기법은 명세 단계에서 기인하는 에러들을 줄이기 위해 Z 나 VDM 과 같은 정형 표기법(formal notation)에 의해 쓰여지며, 정형성(formality)과 추상화(abstraction)의 제공 등 두 가지 사항에 대한 요구사항을 충족시켜 준다. [3][4] 그러나, Z 표기법의 병행성 표현 능력의 부족으로 병행성을 요구하는 시스템의 명세에서 사용할 수 없거나, Process Algebra의 CSP (Communicating Sequence Processes)등과 같은 다른 정형 언어와 함께 명세해야 하는 단점이 있다. 본 논문은 이를 보완하기 위해 범용 목적의 명세 언어인 기존의 Z 를 확장하여 병행성을 명세 가능하도록 하고자 한다. 이를 위해서 병행 프로세스(concurrent process) 개념을 도입하며, 이를 나타내는 표기를 정의하고 사용한다. 또한, 병행성의 제어를 위해서 프로시듀어 기술부(procedure description)의 도입 및 관련 스키마(schema)들을 정의한다. 아울러, 확장된 Z 로 작성된 명세서를 목적 언어로 자동 변환(translate)하기 위한 변환기(translator)를 Lex 와 Yacc을 이용하여 구현하고, 변환된 목적 언어 파일을 실행하여 확장된 Z 가 모호성을 포함하지 않는지 시뮬레이션을 통해 검증한다.

• Journal of Internet Computing and Services
• /
• v.6 no.2
• /
• pp.49-57
• /
• 2005

Connector's role between components is very important in the CBD(Component Based Development). The most connector has process ADL based rrethod was choosing FIFO method by component request. But in case many component's with various characteristics request It is difficult that this method operate efficiently, In this research, I did design and implement priority connector considering component's processing time, Also, I used Wright architecture for formal specification. Application result of proposed connector was spend more 388ms compares with existent FIFO method in total processing time. But this method could handle preferentially from components that have short processing time. Also, in case of component's waiting time in connector, existent FIFO method is 23323,1 ms and proposal method is 12731.27ms, So, proposal method could reduce waiting time for component process.

• Journal of Electrical Engineering and Technology
• /
• v.1 no.4
• /
• pp.513-519
• /
• 2006

As a very important part in development of the protocol, verifications for developed protocol specification are complementary techniques that are used to increase the level of confidence in the system functions by their specifications. Using the informal method for specifying the protocol, some ambiguity may be contained therein. This indwelling ambiguity in control systems can cause the occurrence of accidents, especially in the case of safety-critical systems. To clear the vagueness contained in the designed protocol, we use the LTS (Labeled Transition System) model to design the protocol for railway signaling. And then, we verify the safety and the liveness properties formally through the model checking method. The modal ${\mu}$-calculus, which is an expressive method of temporal logic, has been applied to the model checking method. We verify the safety and liveness properties of Korean standard protocol for railway signaling systems. To perform automatic verification of the safety and liveness properties of the designed protocol, a communication verification tool is implemented. The developed tools are implemented by C++ language under Windows XP. It is expected to increase the safety and reliability of communication protocol for signaling systems by using the developed communication verification tool.