• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.363-374
• /
• 2015

Instrumentation and control(I&C) system has been mainly designed and operated based on analog technologies in existing Nuclear Power Plants(NPPs). However, As the development of Information Technology(IT), digital technologies are gradually being adopted in newly built NPPs. I&C System based on digital technologies has many advantages but it is vulnerable to cyber threat. For this reason, cyber threat adversely affects on safety and reliability of I&C system as well as the entire NPPs. Therefore, the software equipped to NPPs should be developed with cyber security attributes from the initiation phase of software development life cycle. Moreover through cyber security assessment, the degree of confidence concerning cyber security should be measured and if managerial, technical and operational work measures are implemented as intended should be reviewed in order to protect the I&C systems and information. Currently the overall cyber security program, including cyber security assessment, is not established on I&C systems. In this paper, we propose cyber security assessment methods in the Software Development Life Cycle by drawing cyber security activities and assessment items based on regulatory guides and standard technologies concerned with NPPs.

• Journal of Korean Society of Steel Construction
• /
• v.10 no.3 s.36
• /
• pp.369-381
• /
• 1998

This paper is intended to show some new approaches and concepts for the development of system model and prototype software for computer-aided Monitoring and Assessment(M&A) of grand bridges. The system model that incorporates optimal strategies for M&A of grand bridges is suggested. Reliability models are developed and a reliability-based capacity rating method is established for the evaluation of the bridge safety and reliability based on the real responses measured from a series of field load tests. Based on the proposed models, an integrated prototype software is then developed for computer-aided M&A of grand bridges under the environment of the graphic user interface, which is successfully applied to the M&A of an existing cable-stayed bridge. It may be stated that the system model and prototype software developed in this paper can be utilized and implemented in the development of the computer-aided M&A system for cable-stayed and suspension bridges.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.6
• /
• pp.223-234
• /
• 2019

Cyber attacks are an important factor that determines the victory and defeat of Network-centric wars in which advanced weapon systems are highly interlinked. In addition the increasing dependability on software as its develop as the latest fighter is demanding enhanced security measures for fighter software to Cyber attacks. In this paper, we apply the DO-326A, which is an airworthiness security certification standard, to design a risk-based security threat assessment process by reflecting characteristics and operational environment of fighter aircraft. To do this, we add the following steps in security threat assessment stage of DO-326A's airworthiness security certification process. First, we derive security threats of fighter. And then, we scored the security threat in terms of possibility and impact on the fighter. Finally, we determine the security risk severity.

• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.69-76
• /
• 2020

In this paper, the problem of determining the optimal time to market of software was studied using error correction time, an indicator of error correction difficulty. In particular, it was intended to modify the assumption that error detection time and correction time are independent in the software reliability growth model considering the existing error correction time, and to establish a general framework model that expresses the correlation between error detection time and correction time to determine when the software will be released. The results showed that it was important from an economic perspective to detect errors that took time to correct early in the test. It was concluded that it was very important to analyze the correlation between error detection time and error correction time in determining when to release the optimal software.

• Journal of Software Assessment and Valuation
• /
• v.16 no.1
• /
• pp.13-19
• /
• 2020

It can be seen that the infringement of copyright cases is increasing as the society becomes more complex and advanced. During the software copyright dispute, there may be a dispute over whether the software is duplicated and made into upgraded software. In this paper, we intend to propose an analysis method for determining whether to upgrade software. For the software upgrade analysis, a software similarity analysis technique was used. The analysis program covers servers, management programs, and Raspberry PC programs. The first analysis confirms the correspondence between program creation information and content. In addition, it analyzes the similarity of functions and screen composition between the submitted program and the program installed in the field. The second comparative analysis compares and analyzes similarities by operating two programs in the same environment. As a result of comparative analysis, it was confirmed that the operation and configuration screens of the two programs were identical. Thus, minor differences were found in a few files, but it was confirmed that the two programs were mostly made using the same or almost similar source code. Therefore, this program can be judged as an upgrade program.

• Journal of Software Assessment and Valuation
• /
• v.14 no.2
• /
• pp.1-9
• /
• 2018

The proportion of users and companies using open source continues to grow. The size of open source software market is growing rapidly not only in foreign countries but also in Korea. However, compared to the continuous development of open source software, there is little research on open source software subject classification, and the classification system of software is not specified either. At present, the user uses a method of directly inputting or tagging the subject, and there is a misclassification and hassle as a result. Research on open source software classification can also be used as a basis for open source software evaluation, recommendation, and filtering. Therefore, in this study, we propose a method to classify open source software by using machine learning model and propose performance comparison by machine learning model.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.607-620
• /
• 2018

The problem surrounding methods of implementing the software testing process has come under the spotlight in recent times. However, as compliance with the software testing process does not necessarily bring with it immediate economic benefits, IT companies need to pursue more aggressive efforts to improve the process, and the software industry needs to makes every effort to improve the software testing process by evaluating the Test Maturity Model integration (TMMi). Furthermore, as the software test process is only at the initial level, high-quality software cannot be guaranteed. This paper applies TMMi model to Automobile control software testing process, including test policy and strategy, test planning, test monitoring and control, test design and execution, and test environment goal. The results suggest improvement of the automobile control software testing process based on Test maturity model. As a result, this study suggest IT organization's test process improve method.

• The Journal of Engineering Geology
• /
• v.34 no.2
• /
• pp.173-191
• /
• 2024

Landslides pose significant threats to many countries globally, yet the development and implementation of effective landslide early warning systems (LEWS) remain challenging due to multifaceted complexities spanning scientific, technological, and political domains. Addressing these challenges demands a holistic approach. Technologically, integrating thresholds, such as rainfall thresholds, with real-time data within accessible, open-source software stands as a promising solution for LEWS. This article introduces LandScient_EWS, a PHP-based program tailored to address this need. The software facilitates the comparison of real-time measured data, such as rainfall, with predefined landslide thresholds, enabling precise calculations and graphical representation of real-time landslide advisory levels across diverse spatial scales, including regional, basin, and hillslope levels. To illustrate its efficacy, the program was applied to a case study in Medellin, Colombia, where a rainfall event on August 26, 2008, triggered a shallow landslide. Through pre-defined rainfall intensity and duration thresholds, the software simulated advisory levels during the recorded rainfall event, utilizing data from a rain gauge positioned within a small watershed and a single grid cell (representing a hillslope) within that watershed. By identifying critical conditions that may lead to landslides in real-time scenarios, LandScient_EWS offers a new paradigm for assessing and responding to landslide hazards, thereby improving the efficiency and effectiveness of LEWS. The findings underscore the software's potential to streamline the integration of rainfall thresholds into both existing and future landslide early warning systems.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.15-27
• /
• 2004

Most software projects inevitably involve various types and degrees of uncertainty. Without proper risk assessment and coordination, software projects can easily run out of control and consume significant additional resource. Thus, risk management techniques are critical issues to information system researchers. Previous empirical studies of U.S. software firms support the adoption of development standardization and user requirement analysis techniques in risk-based software project management. Using data collected from software projects developed in Korea during 1999-2000, we conduct a comparative study to determine how risk management strategies impact software product and process performance in countries with dissimilar IT capabilities. In addition, we offer an alternative conceptualization of residual performance risk. We show that the use of residual performance risk as an intervening variable is inappropriate in IT developing countries like Korea where the role of late stage risk control remedies are critical. A revised model is proposed that generates more reliable empirical implications for Korean software projects.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.58 no.2
• /
• pp.108-115
• /
• 2009

Recent advances in computer technology have brought more dependence on software to train control systems. Hence, the safety assurance of the vital software running on the railway system is very critical task and yet, not many works have been done. While much efforts have been reported to improve electronic hardware's safety, not so much systematic approaches to evaluate software's safety, especially for the vital software running on board train controllers. In this paper, we have developed the static software testing tool for railway signaling, especially Fagan Inspection module and checklists supporting module. This static testing tool for railway signaling can be utilized at the assessment phase, and also usefully at the software development stage also. It is anticipated that it will be greatly helpful for the evaluation on the software for railway signalling system.