• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.725-734
• /
• 2016

SCADA(Supervisory Control and Data Acquisition) system is widely used for remote monitoring and control throughout the domestic industry. Due to a recent breach of security on SCADA systems, such as Stuxnet, the need of correctly established secure certification of a control system is growing. Currently, EDSA-CRT (Embedded Device Security Assurance-Communication Robustness Test), which tests the ability to provide core services properly in a normal/abnormal network protocol, is only focused on the testing of IP-based protocols such as IP, ARP, TCP, etc. Thus, in this paper, we propose test requirements for DNP3 protocol based on EDSA-CRT. Our analysis show that the specific test cases provide plentiful evidences that DNP3 should follow based on its functional requirements. As a result, we propose 33 specific test case for DNP3 protocol.

• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.105-113
• /
• 2019

The purpose of this study is to analyze cyber security risk modeling of critical infrastructure, draw out limitations and improvement measures. This paper analyzed cyber security risk modeling of national critical infrastructure like as electricity sector, nuclear power plant, SCADA. This paper analyzed the 26 precedent research cases of risk modeling in electricity sector, nuclear power plant, SCADA. The latest Critical Infrastructure is digitalized and has a windows operating system. Critical Infrastructure should be operated at all times, it is not possible to patch a vulnerability even though find vulnerability. This paper suggest the advanced cyber security modeling characteristic during the life cycle of the critical infrastructure and can be prevented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.243-250
• /
• 2013

We have entered into an era of smart software system where the many kinds of embedded software, especially SCADA and Automotive software not only require high reliability and safety but also high-security. Removing software weakness during the software development lifecycle is very important because hackers exploit weaknesses which are source of software vulnerabilities when attacking a system. Therefore the coding rule as like core functions of MISRA-C should expand their coding focus on security. In this paper, we used CERT-C secure coding rules for nuclear-related software being developed to demonstrate high-safety software, and proposed how to remove software weakness during development.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.123-131
• /
• 2009

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. Recently, Nilsson et al. proposed a key management scheme for PCS/SCADA, which was claimed to provide forward and backward secrecies. In this paper, we define four different types of adversaries or attackers in wireless sensor network environments in order to facilitate the evaluation of protocol strength. We then analyze Nilsson et al. 's protocol and show that it does not provide forward and backward secrecies against any type of adversary model.

• Proceedings of the KIEE Conference
• /
• 1998.07g
• /
• pp.2445-2447
• /
• 1998

For increasing the quality of SCADA system, the application of image information is demanded from typical SCADA system based on data information. Until now, the remote control and monitoring systems combine data information but now gradually have trends to combine voice, data and image information. So multimedia technology is applied to realize new SCADA system. Depends on these requires, we apply new concepts of communication network and multimedia technology to the SCADA system for electric facility. In this paper, we aim at developing multi media supervisory control and data acquisition system based on data and image information, which used electric power system and security system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1245-1248
• /
• 2004

최근 SCADA 시스템은 국가기반시설의 중요한 시스템으로 인식됨에 따라 사이버상의 침해사고 대응 및 복구대책이 요구되고 있다. 일반적으로 기존에는 SCADA 시스템 설계시 공정 절차에 따라 이식성, 확장성, 가용성, 유연성을 고려하였으나 최근 안전하고 신뢰성있는 시스템 운영을 위하여 보안에 많은 관심을 갖게 되었다. 본 논문에서는 SCADA 시스템에 대한 보안 설계에 필요한 위험분석 절차를 제시함으로써 사이버테러에 의하여 발생될 국가적 재난 재해를 사전에 예방하고자 한다.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 2004.07a
• /
• pp.477-477
• /
• 2004

• KNOM Review
• /
• v.22 no.1
• /
• pp.11-19
• /
• 2019

As technology develops, the latest security threats on the network applied to users are increasing. By attacking industrial or corporate systems with malicious purposes, hackers cause many social problems such as confidential information leakage, cyber terrorism, infringement of information assets, and financial damage. Due to the complex and diversified threats, the current security personnel alone are not enough to detect and analyze all threats. In particular, the Supervisory Control And Data Acquisition (SCADA) used in industrial infrastructures that collect, analyze, and return static data 24 hours a day, 265 days a year, is very vulnerable to real-time security threats. This paper introduces security information and event management (SIEM), a powerful integrated security management system that can monitor the state of the system in real time and detect security threats. Next, we compare SIEM solutions from various companies with the open source SIEM (OSSIM) from AlienVault, which is distributed as an open source, and present cases using the OSSIM and how to utilize it.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.25 no.6
• /
• pp.90-99
• /
• 2011

As power industry evolves into Smart Grid scheme, previously closed power systems are being integrated into public communication networks. It increases the controllability and efficiency of the system, but also accompanies many cyber threats having existed in the Internet to the SCADA system. Therefore it is required to apply security countermeasures to the Smart Grid, which brings about investment costs. There have been few approaches to assess risks from cyber attack especially in electric power industry. So this paper proposes a methodology to assess quantitative impacts of various types of cyber attacks to a power system, and also shows the feasibility of the method through a case study.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.62 no.3
• /
• pp.332-341
• /
• 2013

SCADA RTU is a remote control unit equipped in substations for automatic operation of a power system. The RTU monitors and measures the operation status of remote substations to transmits the signals to upper SCADA system and receives control command signals from dispatch center to actuate corresponding apparatus. The RTU receives the standard time from GPS receiver to synchronize the times for all devices and acquires the status event of power apparatus using DIM. Without the time synchronization between GPS and RTU, stable operation of the power system and accurate analysis of the system fault are impossible due to the time error of SOE. In this paper, a test is performed to identify if the operation time of SCADA RTU DIM coincides with the standard time. And we tried to find the reason of error, to minimize the time discrepancy. Through this study, RTU operation time could be synchronized with the standard time within 10[ms] to improve the reliability of SOE data.