• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.209-217
• /
• 2022

Naval CMS(Combat Management System) is linked to various sensors and weapon equipment and use DDS(Data Distribution Service) for efficient data communication between ICU(Interface Control Unit) Node and IPN(Information Processing Node). In order to use DDS, software in the system communicates in an PUB/SUB(Publication/Subscribe) based on DDS topic. If the DDS messages structure in this PUB/SUB method does not match, problems such as incorrect command processing and wrong information delivery occur in sending and receiving application software. To improve this, this paper proposes a DDS message structure integrity verification method. To improve this, this paper proposes a DDS message structure integrity verification method using a hash tree. To verify the applicability of the proposed method to Naval CMS, the message integrity verification rate of the proposed method was measured, and the integrity verification method was applied to CMS and the initialization time of the existing combat management system was compared and the hash tree generation time of the message structures was measured to understand the effect on the operation and development process of CMS. Through this test, It was confirmed that the message structure verification method for system stability proposed in this paper can be applied to the Naval CMS.

• Journal of the Institute of Convergence Signal Processing
• /
• v.13 no.4
• /
• pp.211-219
• /
• 2012

In this paper, we described the software development for verifying the integrity of output data of TCP/IP for VLBI Correlation Subsystem (VCS) correlation block and proposed the performance improvement method in order to prevent the data loss of correlation output. The VCS correlation results are saved at the Data Archive system through TCP/IP packet transmission. In this paper, the integrity verification software is developed so as to confirm the integrity of correlation result saved at the data archive system using TCP/IP packet information of VCS. The 3-step integrity verification process is proposed by using the developed software, its effectiveness was confirmed in consequence of correlation experiments. In addition, TCP/IP packet transmission must be completed within minimum integration period. However, there is not only TCP/IP packet loss occurred but also the problem of correlation result integrity affected in account of a large quantity of packets and data during short integration time. In this paper, the reason of TCP/IP packet loss is analyzed and the modified methods for FPGA(Field Programmable Gate Array) of VCS are proposed, the integrity problem of correlation results will be solved.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.42 no.5
• /
• pp.398-405
• /
• 2014

Recently the embedded software has been widely applied to the safety-critical systems in aviation and defense industries, therefore, the higher level of reliability, availability and fault tolerance has become a key factor for its implementation into the systems. The integrity of the software can be verified using the static analysis tools. And recent developed static analysis tool can evaluate code integrity through the mathematical analysis method. In this paper we detect the autocode error and violation of coding rules using the formal verification tool, Polyspace(R). And the fundamental errors on the flight control law model have been detected and corrected using the formal verification results. As a result of verification process, FBW helicopter control law autocode can ensure code integrity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.987-997
• /
• 2012

A Point-of-Sales (POS) terminal manages the selling process by a salesperson accessible interface in real time. Using a POS system makes a business and customer management much more efficient. For these reasons, many store install POS terminal and used it. But it has many problem that stealing personal information by hacking and insider corruption. Because POS system stored payment information like that sales information, card valid period, and password. In this paper, I proposed software integrity verification technique in POS system based on White list. This method can prevent accidents that personal information leak by hacking and POS system forge and falsification. This proposed method provides software integrity, so it can prevent inside and outside threats in advance.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.49 no.10
• /
• pp.871-877
• /
• 2021

Aircraft defects are important matters directly related to the operation of the aircraft and the life of the pilot. The defects in the mission software that occur during aircraft control seriously affect the pilot's mission performance and safety. Therefore, the organization in charge of aircraft development or software defects are reinforced in the process to identify and eliminate defects in the early stages of development, and a lot of labor and time are spent, but due to the nature of the mission software, strong functional coupling with other avionics and high complexity, so there are restrictions on the identification and removal of software defects through the existing test method. This study analyzes the effect of securing mission software integrity and reducing test cost through data integrity verification by developing a tool that automates the verification of expected value of feedback data among communication data of mission computer interlocking equipment.

• Journal of Aerospace System Engineering
• /
• v.16 no.2
• /
• pp.13-24
• /
• 2022

As the scale of airborne system software increases, the use of OOT (Object-Oriented Technology) is increasing for functional expansion, efficient development, and code reuse, but the verification method for airborne object-oriented software is conducted from the perspective of the existing procedure-oriented program. The purpose of this paper was to analyze the characteristics of OOT and the vulnerabilities derived from the functional characteristics of OOT, and present a verification method applicable to each software development process (Design, Coding and Testing) to ensure the functional safety integrity of aviation software to which OOT is applied. Additionally, we analyzed the meaning of the static analysis results among the step-by-step verification measures proposed by applying LDRA, a static analysis automation tool, to PX4, an open source used to implement flight control software.

• Journal of Information Processing Systems
• /
• v.13 no.6
• /
• pp.1516-1526
• /
• 2017

Many organizations today use patch management systems to uniformly manage software vulnerabilities. However, the patch management system does not guarantee the integrity of the patch in the process of providing the patch to the client. In this paper, we propose a method to guarantee patch integrity through dual electronic signatures. The dual electronic signatures are performed by the primary distribution server with the first digital signature and the secondary distribution server with the second digital signature. The dual electronic signature ensures ensure that there is no forgery or falsification in the patch transmission process, so that the client can verify that the patch provided is a normal patch. The dual electronic signatures can enhance the security of the patch management system, providing a secure environment for clients.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.65 no.4
• /
• pp.242-249
• /
• 2016

The railway system is being converted to the computer system from the existing mechanical device, and the dependency on software is being increased rapidly. Though the size and degree of complexity of software for railway system are slower than the development speed of hardware, it is expected that the size will be grown bigger gradually and the degree of complexity will be increased also. Accordingly, the validation of reliability and safety of embedded software for railway system was started to become influential as the important issue. Accordingly, various software test and validation activities are highly recommended in the international standards related railway software. In this paper, we presented a software coding analysis tool using symbolic execution for railway system, and presented its result of implementation.

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.4
• /
• pp.167-176
• /
• 2017

There are increasing policies and safeguards to prevent various human resource losses with the development of automotive industry. Currently ISO26262 $1^{st}$ edition has been released in 2011 to ensure functional safety of electrical and electronic systems and the $2^{nd}$ edition will be released in the second half of 2016 as part of a trend. The E/E (Electrical & Electronics) system requirements verification is required through walk-through, 인스펙션, semi-formal verification and formal verification in ISO 26262. This paper describe the efficiency of model checking for the E/E system requirements verification by applying the product development project of ASIL (Automotive Safety Integrity Level) D for the electrical parking brake system.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.12 no.6
• /
• pp.359-368
• /
• 2017

As the BadUSB is a vulnerability, in which a hacker tampers the firmware area of a USB flash drive. When the BadUSB device is plugged into the USB port of a host system, a malicious code acts automatically. The host system misunderstands the act of the malicious behavior as an normal behaviour for booting the USB device, so it is hard to detect the malicious code. Also, an antivirus software can't detect the tampered firmware because it inspects not the firmware area but the storage area. Because a lot of computer peripherals (such as USB flash drive, keyboard) are connected to host system with the USB protocols, the vulnerability has a negative ripple effect. However, the countermeasure against the vulnerability is not known now. In this paper, we analyze the tampered area of the firmware when a normal USB device is changed to the BadUSB device and propose the countermeasure to verify the integrity of the area when the USB boots. The proposed method consists of two procedures. The first procedure is to verify the integrity of the area which should be fixed even if the firmware is updated. The verification method use hashes, and the target area includes descriptors. The second procedure is to verify the integrity of the changeable area when the firmware is updated. The verification method use code signing, and the target area includes the function area of the firmware. We also propose the update protocol for the proposed structure and verify it to be true through simulation.