• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.11-17
• /
• 2022

Cyber attacks on national infrastructure, including large-scale power outages in Ukraine, have continued in recent years. As a result, ICS-CERT vulnerabilities have doubled compared to last year, and vulnerabilities to industrial control systems are increasing day by day. Most control system operators develop vulnerability countermeasures based on the vulnerability information sources provided by ICS-CERT in the United States. However, it is not applicable to the security of domestic control systems because it does not provide weaknesses in Korean manufacturers' products. Therefore, this study presents a vulnerability analysis framework that integrates CVE, CWE, CAPE, and CPE information related to the vulnerability based on ICS-CERT information (1843 cases). It also identifies assets of nuclear facilities by using CPE information and analyzes vulnerabilities using CVE and ICS-CERT. In the past, only 8% of ICS-CERT's vulnerability information was searched for information on any domestic nuclear facility during vulnerability analysis, but more than 70% of the vulnerability information could be searched using the proposed methodology.

• Journal of Korea Water Resources Association
• /
• v.55 no.1
• /
• pp.85-97
• /
• 2022

In this study, a method for an integrated flood risk mapping was proposed that simultaneously considers the flood inundation map indicating the degree of risk and the disaster vulnerability index. This method creates a new disaster map that can be used in actual situations by providing various and specific information on a single map. In order to consider the human, social and economic factors in the disaster map, the study area was divided into exposure, vulnerability, responsiveness, and recovery factors. Then, 7 indicators for each factor were extracted using the GIS tool. The data extracted by each indicator was classified into grades 1 to 5, and the data was selected as a disaster vulnerability index and used for integrated risk mapping by factor. The risk map for each factor, which overlaps the flood inundatoin map and the disaster vulnerability index factor, was used to establish an evacuation plan by considering regional conditions including population, assets, and buildings. In addition, an integrated risk analysis method that considers risks while converting to a single vulnerability through standardization of the disaster vulnerability index was proposed. This is expected to contribute to the establishment of preparedness, response and recovery plans for providing detailed and diverse information that simultaneously considers the flood risk including social, humanistic, and economic factors.

• Journal of Ocean Engineering and Technology
• /
• v.28 no.1
• /
• pp.69-76
• /
• 2014

Survivability assessments and vulnerability reductions are required in warship design. A warship's survivability is assessed by its susceptibility, vulnerability, and recoverability. In this paper, an integrated survivability assessment for a warship subjected to multiple hits is introduced. The methodology aims at integrating a survivability assessment into an early stage of warship design. The hull surface is idealized using typical geometries for RCS (Radar Cross Section) detection probability and susceptibility. The Vulnerability is evaluated by using the shot-line. The recoverability is estimated using a survival time analysis. This enables the variation of survivability to be assessed. Several parameters may be varied to determine their effects on the survivability. The susceptibility is assessed by the probability of detecting the radar cross section of the subject and the probability of being hit based on a probability density function. The vulnerability is assessed by the kill probability based on the vulnerable area of critical components, according to the component's layout and redundancy. Recoverability is assessed by the recovery time for damaged critical components.

• Journal of the Society of Naval Architects of Korea
• /
• v.50 no.6
• /
• pp.383-389
• /
• 2013

Analysis and review of survivability is one of the most important aspects when naval vessels are designed. Because aiming points of threat towards the naval vessels in the battle field could not be estimated exactly, probabilistic and statistic approach is frequently introduced to evaluate and enhance the vessel survivability. Some commercial survivability analysis programs are used to perform the analysis for enhancement of susceptibility, vulnerability and recoverability but, they are usually classified and impossible to be exported to other countries because of their national security. In this paper, a simplified vulnerability analysis program is developed to evaluate the vulnerability of the warship in aspects of structure, redundancy and its mission capability at the conceptual design stage. To verify the developed program, the analysis results were compared with those of the commercial program MOTISS(Measure of Total Integrated System Survivability).

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1623-1631
• /
• 2016

There are many researches which analyze vulnerability for combat systems, have been progressing, and apply the analyzed result to reflect on design phase. Recently, there have been requirements for integrating the previous module based researches which conducted independently. In this paper, we propose an integrated vulnerability analysis method for the combat system considering characteristics of threats and protection performance of armors through an analysis of the advanced research. In addition, by applying the proposed method improves the existing hit probability analysis program and we are verified based on scenarios for improving survivability of PKM (Petrol Killer Medium) for vulnerability analysis confirmed the results. The proposed method improves reliability of vulnerability analysis by considering threats and defense ability. Also it able to satisfied with the integration requirements. Furthermore, we became buildup for the development of applied system and the method and integrated vulnerability analysis method for combat systems.

• Journal of The Korean Society of Agricultural Engineers
• /
• v.64 no.2
• /
• pp.15-25
• /
• 2022

Idleness in rural areas is a very important issue with regard to national land space management. Previous studies have been conducted separately in terms of population housing and farmland. So, an integrated analysis considering population housing and farmland is required for rural spatial management. In this study, vulnerability indices were developed and spatial distribution of the vulnerable areas was analyzed by evaluating regional vulnerability on population, housing, and farmland. In addition, plans for rural space management plan were proposed considering the population hollowing out and the idle farmland. The results of this study would be helpful in preparing policies that take into account the vulnerability of idleness in rural areas.

• Computers and Concrete
• /
• v.30 no.2
• /
• pp.113-126
• /
• 2022

Reinforced concrete bearing walls (RCBWs) are one of the most applicable structural systems. Therefore, vulnerability analysis and rehabilitation of the RCBW system are of great importance. In the present study, in order to the more precise investigation of the performance of this structural resistant system, pushover and nonlinear time history analyses based on several assumptions drawing upon experimental research were performed on several models with different stories. To validate the nonlinear analysis method, the analytical and experimental results are compared. Vulnerability evaluation was carried out on two seismic hazard levels and three performance levels. Eventually, the need for seismic rehabilitation with the basic safety objective (BSO) was investigated. The obtained results showed that the studied structures satisfied the BSO of the seismic rehabilitation guidelines. Consequently, according to the results of analyses and the desired performance, this structural system, despite its high structural weight and rigid connections and low flexibility, has integrated performance, and it can be a good option for earthquake-resistant constructions.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.246-250
• /
• 2008

This paper presents the design of network vulnerability analysis system which can integrate various vulnerability assessment tools to improve the preciseness of the vulnerability scan result. Manual checking method performed by a security expert is the most precise and safe way. But this is not appropriate for the large-scale network which has a lot of systems and network devices. Therefore automatic scanning tool is recommended for fast and convenient use. The scanning targets may be different according to the kind of vulnerability scanners, or otherwise even for the same scanning target, the scanning items and the scanning results may be different by each vulnerability scanner, Accordingly, there are the cases in which various scanners, instead of a single scanner, are simultaneously utilized with the purpose of complementing each other. However, in the case of simultaneously utilizing various scanners on the large-scale network, the integrative analysis and relevance analysis on vulnerability information by a security manager becomes time-consumable or impossible. The network vulnerability analysis system suggested in this paper provides interface which allows various vulnerability assessment tools to easily be integrated, common policy which can be applied for various tools at the same time, and automated integrative process.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.83-89
• /
• 2019

In accordance with information security compliance and security regulations, there is a need to develop regular and real-time concepts for cyber-infringement attacks against network system vulnerabilities in branch and periodic forms. Vulnerability Analysis Analysis It is judged that it will be a countermeasure against new hacking attack in case of concept validation by interworking with TOOL. Vulnerability check module is standardized in event attribute management and ease of operation. Opening in terms of global sharing of vulnerability data, owasp zap / Angry ip Etc. were investigated in the SIEM system with interlocking design implementation method. As a result, it was proved that the inspection events were monitored and transmitted to the SIEM console by the vulnerability module of web and network target. In consideration of this, ESM And SIEM system In this paper, we propose a new vulnerability analysis method based on the existing information security consultation and the results of applying this study. Refer to the integrated interrelationship analysis and reference Vulnerability target Goal Hacking It is judged to be a new active concept against invasion attack.

• Journal of the Society of Naval Architects of Korea
• /
• v.49 no.3
• /
• pp.254-263
• /
• 2012

The survivability of warship is assessed by susceptibility, vulnerability and recoverability. Essentially, a vulnerability assessment is a measure of the effectiveness of a warship to resist hostile weapon effects. Considering the shot line and its penetration effect on the warship, present study introduces the procedural aspects of vulnerability assessments of warship. Present study also considers the prediction of penetration damage to a target caused by the impact of projectiles. It reflects the interaction between the weapon and the target from a perspective of vulnerable area method and COVART model. The shotline and tracing calculation have been directly integrated into the vulnerability assessment method based on the penetration equation empirically obtained. A simplified geometric description of the desired target and specification of a threat type is incorporated with the penetration effect. This study describes how to expand the vulnerable area assessment method to the penetration effect. Finally, an example shows that the proposed method can provide the vulnerability parameters of the warship or its component under threat being hit through tracing the shotline path thereby enabling the vulnerability calculation. In addition, the proposed procedure enabling the calculation of the component's multi-hit vulnerability introduces a propulsion system in dealing with redundant Non-overlapping components.