• Journal of KIISE:Computing Practices and Letters
• /
• v.5 no.4
• /
• pp.457-466
• /
• 1999

원자력 발전소 계측 제어 시스템, 의료 관련 시스템, 항공 관련 시스템 등 실생활과 밀접한 시스템에 소프트웨어의 사용이 점차 증가하고 있다. 이러한 시스템에서 소프트웨어의 오류는 예기치 않는 사고를 유발하여 인명, 재산상의 심각한 타격을 줄 수 있다. 그러므로 고신뢰도 소프트웨어의 개발 시에는 반드시 시스템의 안전성을 보장해 주어야 한다. 역방향 안전성 분석 방법은 시스템의 안전성을 분석하는 한가지 방법으로서 시스템의 위험 상태를 정의하고 그 위험의 원인들을 추적, 분석함으로써 안전성에 대한 효율적인 분석을 수행할 수 있는 장점을 갖는다. 이 논문에서는 소프트웨어 개발 초기 단계에서 안전성을 분석할 수 있는 방법으로 Colored Petri Nets(CPN)에 기반을 둔 역방향 안전성 분석 방법을 제시한다. 또한 CPN 역방향 안전성 분석 도구인 SAC(Safety Analyzer for CPN)의 설계 및 구현에 대해 언급한다. SAC은 기존의 상용 CPN 모델링 도구인 Design/CPN과 연계하여 사용될 수 있으므로 CPN으로 모델링된 시스템의 안전성을 분석할 수 있다는 장점이 있다. 이 논문에서는 예제로 자동 교통 제어 시스템의 일부를 CPN으로 모델링하고 SAC을 이용한 분석 과정을 기술한다.Abstract In safety-critical systems such as nuclear power plants, medical machines, and avionic systems which are closely related with our livings, the usage of software in the controlling part is growing rapidly. Since software errors in safety-critical systems may cause serious accidents leading to financial or human damages, system safety should be ensured during and after development of a system. A backward safety analysis technique defines system hazards and tries to trace their causes by analyzing system states backward. In this paper, we provide a backward safety analysis technique based on Colored Petri Nets(CPN), which is applicable to the early software development phase. Also Safety Analyzer for CPN(SAC), the supporting tool, is designed and implemented. Since SAC is compatible with Design/CPN, a commercial tool for supporting CPN, it can be applicable to analyze safety in practical problems. As an example, we model a part of the traffic light control system using CPN and analyze safety properties of the model using the SAC tool.

• Proceedings of the KIEE Conference
• /
• 1999.07c
• /
• pp.1221-1223
• /
• 1999

The safety loads in a nuclear power plant perform a critical function to plant safety. The design of the electrical auxiliary system should ensure the availability and adequacy of the power supply, and therefore, the frequency and voltage relaying schemes should be installed on the system to monitor and protect against the degraded system condition. If unforeseen contingencies degrade the switchyard frequency and voltage to below the minimum values, the safety related bus should properly be transferred to alternate power source. This paper presents guidelines associated with the protection of nuclear power plants during frequency/voltage decay and the steady-state and dynamic analysis of auxiliary power system that should be performed to support the degraded voltage relay(second level undervoltage relay) setting.

• Proceedings of the KSR Conference
• /
• 2009.05a
• /
• pp.2044-2049
• /
• 2009

Recent advances in computer technology have brought more dependence on software to railway signaling systems. Hence, the safety assurance of the vital software running on the railway signaling system is very critical task and yet, not many works have been done. While much efforts have been reported to improve electronic hardware's safety, not so much systematic approaches to evaluate software's safety. In this paper, we suggested an automated analysis tool for S/W change impact in railway signaling system, and presented its result of implementation. The analysis items in the implemented tool had referred to the international standards in relation to the software for railway signaling system, such as IEC 61508 and IEC 62279. In these international standards, 'change impact analysis' for railway signaling system S/W has to be required mandatorily. The proposed tool can be utilized at the assessment stage and also the software development stage.

• Journal of the Korea Safety Management & Science
• /
• v.10 no.1
• /
• pp.83-90
• /
• 2008

Development of human-system interfaces (HSI) supporting the interaction between human and automation-based systems, particularly safety-critical sociotechnial systems, entails a wide range of design and evaluation problems. To help HSI designers deal with these problems, many methodologies from traditional human-computer interaction, software engineering, and systems engineering have been applied; however, they have been proved inadequate to develop cognitively well engineered HSI. This paper takes a viewpoint that HSI development is itself a cognitive process consisting of various decision making and problem solving activities and then proposes a design requirements-driven process for developing HSI. High-level design problems and their corresponding design requirements for visual information display are explained to clarify the concept of design requirements. Lastly, conceptual design of software system to support the requirements-driven process and designers' knowledge management is described.

• Journal of the Korea Safety Management & Science
• /
• v.7 no.3
• /
• pp.97-108
• /
• 2005

The issue of using information system to ensure competitive power in the market is rising. The outsourcing methods that entrust activities of information system of companies to other expert agencies are increasing as the enterprises make a lot of efforts to put their resources to their heart of business in the process of adopting information system. Recently, ASP (Application Service Provider) as new information technology outsourcing method appears due to development of network technology and spreading of peculating software. ASP defines as a software leasing service which is supplied through networks instead of purchasing application software with high price. For successful implementation of ASP, it is necessary to develop a certification program to ensure safety and reliability of ASP. This paper provides the safe and reliable certification program for ASP. In order to develop it, the critical issues related to service quality and certification of ASP are identified and then evaluation methodology for ASP certification program is proposed. This paper presents application certification as the part of ASP certification program.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.5A
• /
• pp.389-396
• /
• 2005

In this paper, we design AVTMRWFSV(All Voting Triple Modular Redundancy With Fail-Safe Voter) System with a fail-safe output voter architecture and analyze RAMS(Reliability, Availability, Maintainability, Safety) as system failure rate. This system is compared with AVTMR system for RAMS(Reliability, Availability, Maintainability, Safety) with Markov modeling, and we can see that the system safety of AVTMRWFSV is more profitable than that of AVTMR. The dependability of AVTMRWFSV system is higher than that of AVTMR. Especially, safety is very profitable. So, this kind of system can be applied to embedded communication system and life critical systems - railway, airplane, ship, nuclear control system and so on.

• Transactions of the Korean Society of Mechanical Engineers A
• /
• v.33 no.10
• /
• pp.1177-1186
• /
• 2009

High temperature steam pipes of thermal power plant are subject to a severe thermal range and usually operates well into the creep range. Cyclic operation of the plant subjects the piping system to mechanical and thermal fatigue damages. Also, poor or malfunctional supports can impose massive loads or stress onto the piping system. In order to prevent the serious damage and failure of the critical piping system, various inspection methods such as visual inspection, computational analysis and on-line piping displacement monitoring were developed. 3-dimensional piping displacement monitoring system was developed with using the aluminum alloy rod and rotary encoder sensors, this system was installed and operated on the high temperature steam piping of "Y" thermal power plant successfully. It is expected that this study will contribute to the safety of piping system, which could minimize stress and extend the actual life of critical piping.

• Nuclear Engineering and Technology
• /
• v.53 no.10
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• Culinary science and hospitality research
• /
• v.23 no.6
• /
• pp.20-26
• /
• 2017

To guarantee the safety of rice cake production, the Hazard Analysis Critical Control Points system was applied to the production process. The purpose of this study was to analyze the microbiological hazards of the manufacture of rice cakes, and establish critical limits in the process of the manufacturing rice cakes. To control the microbiological hazards, the sterilization process was set to a critical limit. The process of manufacturing rice cakes can reduce these microbiological hazards during the steaming process. A microorganism test for each specimen was conducted three times and compared with before and after steaming processes. The finished product was conducted by microbiology experiment and the validity of the steaming process was verified. The results were determined to be capable of reducing the biological element of Critical Control Point via the steaming process. Microbiology such as aerobic plate count, coliform, Escherichia coli(E. coli), Listeria monocytogenes, Enterohemorrhagic E. coli, Salmonella spp., Bacillus cereus, Staphylococcus aureus and Clostridium perfringens was evaluated by the experimental method of Korean Food Standards Codex. Aerobic plate count was reduced by steaming process, and no microorganism were detected. All rice cakes in the finished product were judged to be safe for both the Escherichia coli and general bacteria. In conclusion, it suggested that a HACCP plan was necessary for management standard and systematic approach in the establishment of critical limit, problem resolution, verification method, education, and records management. Based on this study, it is intended to provide a baseline for improving quality control standards and improving hygiene levels for small manufacturers.

• Journal of Aerospace System Engineering
• /
• v.11 no.2
• /
• pp.23-29
• /
• 2017

Since the flight-control system is critical for the safety of an aircraft, a fail-safe system is needed in a flight demonstrator used to test a new flight-control system. A backup control system is also needed to ensure safety in using a mechanical flight-control system. This paper presents a development of an MFCS (Mechanical Flight Control System) model for simulating control authority switching of a helicopter technical demonstrator, as well as the results of evaluating the developed MFCS model.