• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.793-805
• /
• 2015

Due to the rise of automotive security problems following automotive safety and the progress of the internet technology leading to a hyper-connected society, guaranteeing the safety of automotive requires security plans in the supply chain assurance and automotive software, and risk management plans for identifying, evaluating, and controlling the risks that may occur from the supply chain since the modern automotive is a Safety Critical system. In this paper, we propose a study on Automotive Supply Chain Risk Management (A-SCRM) procedures by person interested within the automotive Life-Cycle.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.6
• /
• pp.435-439
• /
• 2009

Software used in safety-critical system must have high dependability. Software testing and V&V (Verification and Validation) activities are very important for assuring high software quality. If we can predict the risky modules of safety-critical software, we can focus testing activities and regulation activities more efficiently such as resource distribution. In this paper, we classified the estimated risk class which can be used for deep testing and V&V. We predicted the risk class for each module using support vector machines. We can consider that the modules classified to risk class 5 and 4 are more risky than others relatively. For all classification error rates, we expect that the results can be useful and practical for software testing, V&V, and activities for regulatory reviews.

• Asia pacific journal of information systems
• /
• v.12 no.4
• /
• pp.101-120
• /
• 2002

Risk management or risk-based approach of software project management was developed to explain the effects of requirement uncertainty, control standardization, interactions on software quality. Based on a prior theory, five hypotheses were derived and empirically tested using a survey design. Data from 117 members in 3 SI companies support for the path model, and three of five hypotheses. The results showed that decreases in requirement uncertainty and increases in control standardization were directly associated with increases in the interactions between user and project teams, which, in turn, led to increases software quality. The findings suggested that the direct effect on software quality is primarily due to the interactions between user and project teams, rather than requirement uncertainty and control standardization.

• Advances in Computational Design
• /
• v.2 no.2
• /
• pp.121-131
• /
• 2017

Collapse was one of the typical common geological hazards during the construction of tunnels. The risk assessment of collapse was an effective way to ensure the safety of tunnels. We established a prediction model of collapse based on Bayesian Network. 76 large or medium collapses in China were analyzed. The variable set and range of the model were determined according to the statistics. A collapse prediction software was developed and its veracity was also evaluated. At last the software was used to predict tunnel collapses. It effectively evaded the disaster. Establishing the platform can be subsequent perfect. The platform can also be applied to the risk assessment of other tunnel engineering.

• Journal of the Korean Society of Safety
• /
• v.17 no.3
• /
• pp.66-72
• /
• 2002

During the last ten years, effort has been made for reducing maintenance cost for aged equipments and ensuring safety, efficiency and profitability of petrochemical and refinery plants. Hence, it was required to develop advanced methods which meet this need. RBI(Risk Based Inspection) methodology is one of the most promising technology satisfying the requirements in the field of integrity management. In this study, a qualitative assessment algorithm for RBI based on the API 581 code was reconstructed for developing an RBI software. The user-friendly realRBI software is developed with a module for evaluating qualitative risk category using the potential consequence factor and the likelihood factor.

• Nuclear Engineering and Technology
• /
• v.50 no.8
• /
• pp.1255-1265
• /
• 2018

The need for a PSA (Probabilistic Safety Assessment) for a multi-unit at a site is growing after the Fukushima accident. Many countries have been studying issues regarding a multi-unit PSA. One of these issues is the problem of many combinations of accident sequences in a multi-unit PSA. This paper deals with the methodology and software to quantify a PSA scenarios for a multi-unit site. Two approaches are developed to quantify a multi-unit PSA. One is to use a minimal cut set approach, and the other is to use a Monte Carlo approach.

• Proceedings of the KSME Conference
• /
• 2003.04a
• /
• pp.598-603
• /
• 2003

During the last ten years, the need has been increased for reducing maintenance cost for aged equipments and ensuring safety, efficiency and profitability of petrochemical and refinery plants. RBI (Risk Based Inspection) methodology is one of the most promising technologies satisfying the need in the field of integrity management. In this study, a user-friendly software, realRBI for RBI based on the API 581 code was developed and a quantitative analysis was performed for over 500 equipments in a domestic plant whose operating time reaches about 13 years. Current risks for each equipment parts were evaluated and risk based prioritization were determined as a conclusion.

• Journal of Korea Multimedia Society
• /
• v.17 no.12
• /
• pp.1494-1502
• /
• 2014

Since smartphones are utilized in the ranges from personal usages to governmental data exchanges, known but not patched vulnerabilities in smartphone operating systems are considered as major threats to the public. To minimize potential security breaches on smartphones, it is necessary to estimate possible security threats. So far, there have been numerous studies conducted to evaluate the security risks caused by mobile devices qualitatively, but there are few quantitative manners. For a large scale risk evaluation, a qualitative assessment is a never ending task. In this paper, we try to calculate relative risk levels triggered by software vulnerabilities from unsecured smartphone operating systems (Android and iOS) among 51 Asian countries. The proposed method combines widely accepted risk representation in both theory and industrial fields. When policy makers need to make a strategic decision on mobile security related agendas, they might find the presented approach useful.

• Journal of Information Technology Applications and Management
• /
• v.13 no.4
• /
• pp.237-255
• /
• 2006

This study was exploratively performed to demonstrate the management behavior of the public software project in korea. In this study, 167 auditing reports on the public software project which were carried out during $1999{\sim}2003$, were employed and surveyed. Survey reveals that quality management was the most neglected in process of software project management relative to other 12 management areas. And configuration management, risk management, time management, and scope management follow up in order in its vulnerability in software project management.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.541-552
• /
• 2013

Recently software security of the smart phone is an important issue in the field of information science and technology due to fast propagation of smart technology in our life. The smart phone as the security critical systems which are utilizing in terminal systems of the banking, ubiquitous home management, airline passengers screening, and so on are related to the risk of costs, risk of loss, risk of availability, and risk by usage. For the security issues, software hazard analysis of smart phone is the key approaching method by use of observed failures. In this paper, we propose an efficient integrative framework for software security analysis of the smart phone using Fault Tree Analysis (FTA) and Failure Mode Effect Analysis (FMEA) to gain a convergence security and reliability analysis technique on hand handle devices. And we discuss about that if a failure mode effect analysis performs simpler, not only for improving security but also reducing failure effects on this smart device, the proposed integrative framework is a key solution.