• Korean Chemical Engineering Research
• /
• v.60 no.4
• /
• pp.492-498
• /
• 2022

Process control systems used in most domestic petrochemical corporates today are based on the Windows platforms. As technology leans toward opened environment, the exposure risk of control systems is increasing. However, not many companies are preparing for various cyberattacks due to lack of awareness and misunderstanding of cyber intrusion. This study investigated the extent of how much exposed the petrochemical process control system is to security threats and suggested practical measures to reduce OT cybersecurity vulnerabilities. To identify the cyber threat status of process control systems, vulnerabilities of the Windows platform, a principal cyber threat factor, have been analyzed. For research, three major DCS providers in Korea and the discontinuation of Windows platform of 635 control systems were investigated. It was confirmed that 78% of the survey subjects were still operating in the discontinued windows platforms, and those process control systems were operated in a state vulnerable to cyber intrusions. In order to actively cope with these cyber threats, legal regulations such as designation of critical infrastructure for major petrochemical facilities which is implemented in advanced countries such as the United States are needed. Additionally, it is necessary to take the initiative in eradicating security threats to the process control systems by aggressively introducing security solutions provided from existing DCS suppliers. This paper was submitted to Professor Ko JaeWook's retirement anniversary issue.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.113-127
• /
• 2014

The use of mobile devices offers a variety of services to the individuals and companies. On the other hand, security threats and new mobile security threats that exist in IT infrastructure to build the environment for mobile services are present at the same time. Services such as mobile and vaccine management services, such as MDM (Mobile Device Management) has attracted a great deal of interest in order to minimize the threat of security in mobile environment. These solutions can not protect an application that was developed for the mobile service from the threat of vulnerability of mobile application itself. Under these circumstances, in this paper, we proposed mobile application security checklists based on application security review items in order to prevent security accidents that can occur in a mobile service environment. We collected and analyzed Android applications, we performed a total inspection of the applications for verification of the effectiveness of the check items. And we checked that the check items through a survey of experts suitability was verified.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.4
• /
• pp.77-82
• /
• 2016

IoT technology was selected as one of IT 10 strategic technologies by gartner from 2013 to 2015, and implements advanced smart society while enabling interaction between people and things. Because IoT devices are connected to the Internet, they are involved in issues including exposure of private lives, for example, hacking to result in wireless signal interference, data theft, data modification and forgery and service denial, and critical security issues including threat to national confidential information and facilities. This study aims to suggest a method for examining threats to security through IP exposure of IoT devices and examining related problems to minimize threats to security through IP exposure including exposure of private lives or damages to the national infrastructure system.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.25 no.7
• /
• pp.757-766
• /
• 2014

In this paper, economic loss due to high power electromagnetic pulse is estimated and the methodology used for calculating its impacts is suggested using a macro approach. In order to investigate the most critical infrastructure for the high power electromagnetic pulse assault, the vulnerability assessment that provides information on the threats of concern is conducted. As a result, this study concentrates on the electric power networks. The presented assessment model is considered with gross domestic product (GDP) and energy consumption when the electric power networks are damaged due to high power electromagnetic pulse. In addition, economic losses are calculated by the extent of damages considering different types of the high power electromagnetic pulse assault generated by nuclear and man-made weapon. Through the estimation of these damages, the resulted economic loss will be compared with the protection cost. Consequently, protection of the vulnerable infrastructures can be prepared against electromagnetic pulse attack.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2011.05a
• /
• pp.21-21
• /
• 2011

Many Asian countries are suffered from various problems on water, which include the need for increased access to improves water supplies and sanitation through investments in infrastructure and capacity building, the balances water management system between development and ecosystem, and the need to reduce the human populations'vulnerability to water-related disasters, in particular, from climate variability and evolution. Decison makers are the most influential people in policy making and solving global water problems is central issue in eradicating poverty and achieving sustainable development (MDG). They across the world form an integral part of the architecture of national or regional governance. Their role covers a range of decision-making processes including passing legislation, scrutinizing government policy, and representing citizen through the election. We must ensure that these quiet but important issues get the political space, financial priority and public attention they deserve. Regional bodies such as the EU have also enacted legislation which introduces rules on water quality and other enforceable mattera across state boundaries. With this growing body of laws and policies on water issues, the role of decision makers is growing. Recognizing this role, decison makers' platform is essential to provide an opportunity to discuss crucial water issues in each country or region and for the purpose "2010 Parliaments for Water in Asia" has planned and organized to investigate our common issues and goals. During the meeting, we have an opportunity to observe water policy of Bangladesh, Bhutan, China, Mongolia, New Zealand and the Philippines and share the views on what needs to be done to move forward by decision makers for the future of water. In conclusion, the process of developing the decision makers' platform in each region would be ultimately essential point to increase the awareness of the developed and developing countries' roles, knowledge to clarify roles and responsibilities of each stake holders and finally be a major actor for resolving not only water challenges also issues of human settlements.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.227-230
• /
• 2013

Financial transactions using a mobile terminal and the Internet is activated, it is a stock exchange enabled using mobile devices and the Internet. Koscom in charge of IT operations of securities transaction-related in (securities ISAC), to analyze the vulnerability of information security related to securities transactions, which corresponds to running the integrated security control system. Online stock trading is a subject to the Personal Information Protection Act, electronic systems of related, has been designated as the main information and communication infrastructure to, damage financial carelessness of the user, such as by hacking is expected to are. As a result, research on the key vulnerabilities of information security fields related to securities business cancer decoding of the Securities and Exchange packet, through the analysis of security events and integrated security control is needed.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.1-16
• /
• 2011

A digital certificate mandated by the Electronic Signature Act has become familiar in our daily lives as 95% of the economically active population hold certificates. Due to upgrades to 256 bit level security that have become effective recently, the security and reliability of digital certificates are expected to increase. Digital certificates based on Public Key Infrastructure (PKI) have been known as "no big problem," but the possibility of password exposure in cases of leaked digital certificates still exists. To minimize this vulnerability, various existing studies have introduced alternative password methods, expansion of certificate storage media, and multiple certification methods. These methods perform enhanced functions but also have limitations including the fact that the secureness of passwords is not guaranteed. This study suggests an alternative method for enhancing the level of password secureness as a way to improve password security. This new method improves security management and enhances the convenience of using digital technologies. The results may be used for developing digital certificate related security technologies and research in the future.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.37 no.4
• /
• pp.759-764
• /
• 2017

The paper is intended to explore the spatial relations between flooded buildings and urban expansion phenomena by employing urban expansion intensity index and hotspot analysis methods for the case of Gangneung. Two major results are as followed; first, flooding susceptible areas are found in the regions where the highly intense development occurs within a short period of time, so called pseudo-urbanization. Second, less flooded buildings exist in old towns where it is believed that there is the lack of urban infrastructure services. This study indicates the possibility that the highly intense development and pseudo-urbanization with a relatively short time period relate to flooded building events. In addition, the possibility leads to another issue that new developments might be increasing the flooding vulnerability worse than before, particularly, to the adjacent old towns. For the better understanding, it is desirable to have further related case studies in the near future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.291-294
• /
• 2011

4G WiBro service in Korea, the world's fourth-generation communication is standardized. VoIP service has been activated one of the application in WiBro communications infrastructure. When using VoIP in the WiBro service, complementing the existing VoIP vulnerabilities in the encryption and authentication technology is a need for research. In this paper, fourth-generation WiBro, LTE, and the definition, 1G, 2G, 3G and 4G compares. And, WiBro service in the VoIP edaehan technical, administrative, physical, and hacker attacks and vulnerability analysis is the study of security measures. Enhanced security measures for the WiBro service to VoIP security through encryption and authentication technologies are studied.

• Journal of Soil and Groundwater Environment
• /
• v.22 no.6
• /
• pp.66-73
• /
• 2017

Empirical erosion models like Universal Soil Loss Equation (USLE) models have been widely used to make spatially distributed soil erosion vulnerability maps. Even if the models detect vulnerable sites relatively well utilizing big data related to climate, geography, geology, land use, etc within study domains, they do not adequately describe the physical process of soil erosion on the ground surface caused by rainfall or overland flow. In other words, such models are still powerful tools to distinguish the erosion-prone areas at large scale, but physics-based models are necessary to better analyze soil erosion and deposition as well as the eroded particle transport. In this study a physics-based soil erosion modeling system was developed to produce both runoff and sediment yield time series at watershed scale and reflect them in the erosion and deposition maps. The developed modeling system consists of 3 sub-systems: rainfall pre-processor, geography pre-processor, and main modeling processor. For modeling system validation, we applied the system for various erosion cases, in particular, rainfall-runoff-sediment yield simulation and estimation of probable maximum sediment (PMS) correlated with probable maximum rainfall (PMP). The system provided acceptable performances of both applications.