• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1539-1552
• /
• 2018

The necessity of establishing a more secure cyber security system is emerging to protect NPP against cyber attacks as nuclear facilities become increasingly reliant on digital system. Proper security measures should be established through periodic analysis and evaluation of vulnerabilities. However, as Nuclear facilities has safety characteristics as their top priority and it requires a lot of time and cost to construct regarding the activities for vulnerability analysis, it is difficult to apply the existing vulnerability analysis environment and analysis tools. In this study, We propose a analytical vulnerability assessment method to overcome the limitations of existing vulnerability analysis methods through analysis the existing vulnerability analysis methods and the issues to be considered when applying the vulnerability analysis method.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.51-58
• /
• 1995

The importance of the risk analysis tool has been recognized and its use also has been emphasized by a number of researchers recently The methodology were examined but neither algorithms nor practical applications have been implemented or practiced in Korea. In this paper, the architecture of the Buddy System, one of the automated risk assessment tools. is analyzed in depth to provide the algorithmic understanding and to promote the development of the risk analysis methodology. The Buddy System mainly uses three main factors of vulnerability, threat and countermeasures as a nucleus of the qualatative analysis with the modified loss expectancy value. These factors are identified and assessed by the separation of duties between the end user and security analyst. The Buddy System uses five axioms as its bases of assessment algorithm and the assessed vulnerability level is strictly within these axioms. Since the In-place countermeasures reduce the vulnerability level up to a certain level. the security analyst may use "what if " model to examine the impact of additional countermeasures by proposing each to reduce the vulnerability level further to within the acceptable range. The emphasis on the qualitative approach on vulnerability leveling is very well balanced with the quantitative analysis that the system performance is prominent.prominent.

• Journal of Environmental Science International
• /
• v.20 no.6
• /
• pp.789-798
• /
• 2011

Climate change assessment, together with climate change adaptation process, would be one of the worldwide important issues, and the study on climate change vulnerability indicator has been an essential problem for climate change adaptation. Vulnerability indicator can be used as a good tool to estimate the impact of climate change and to map out the distribution of its vulnerability over the given area both in Korea and other countries. This study addressed the conceptual summary on the assessment of climate change and its adaptation process. Previous studies on how to yield the vulnerability indicators of climate change are reviewed and several previous results of vulnerability indicators applied to Korean provinces are also discussed here.

• Journal of the Society of Naval Architects of Korea
• /
• v.49 no.3
• /
• pp.254-263
• /
• 2012

The survivability of warship is assessed by susceptibility, vulnerability and recoverability. Essentially, a vulnerability assessment is a measure of the effectiveness of a warship to resist hostile weapon effects. Considering the shot line and its penetration effect on the warship, present study introduces the procedural aspects of vulnerability assessments of warship. Present study also considers the prediction of penetration damage to a target caused by the impact of projectiles. It reflects the interaction between the weapon and the target from a perspective of vulnerable area method and COVART model. The shotline and tracing calculation have been directly integrated into the vulnerability assessment method based on the penetration equation empirically obtained. A simplified geometric description of the desired target and specification of a threat type is incorporated with the penetration effect. This study describes how to expand the vulnerable area assessment method to the penetration effect. Finally, an example shows that the proposed method can provide the vulnerability parameters of the warship or its component under threat being hit through tracing the shotline path thereby enabling the vulnerability calculation. In addition, the proposed procedure enabling the calculation of the component's multi-hit vulnerability introduces a propulsion system in dealing with redundant Non-overlapping components.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2018.05a
• /
• pp.50-50
• /
• 2018

As the frequency of drought due to climate change is increasing and the severity of drought becomes severe, it is urgent to prepare measures against extreme drought. Despite the significant impacts of drought on the coupled human-environment system, we have not fully understood the consequences of extreme droughts affecting all parts of the environment and our communities, and there is no system to assess environmental droughts quantitatively. Even if a drought disaster occurs on the same scale, the severity of the drought depends on the vulnerability of the region. Therefore, this study proposes environmental drought assessment based on water quality vulnerability to extreme drought for the resilient proactive response.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.69-79
• /
• 2003

We analyze key business process by using IDEF method in the perspective of business continuity, identify key information assets by using Skandia model, and use Nessus Version 1.4.2 to assess vulnerability about the sever of library information system according to OCTAVE(The Operationally Critical Threat, Asset, and Vulnerability Evaluation) approach. We suggest the vulnerability assessment case for introducing improved OCTAVE method including IDEF method and Skandia model.

• Journal of Multimedia Information System
• /
• v.4 no.2
• /
• pp.57-64
• /
• 2017

Numerous software vulnerabilities have been found in the popular operating systems. And recently, robust linear behaviors in software vulnerability discovery process have been noticeably observed among the many popular systems having multi-versions released. Software users need to estimate how much their software systems are risk enough so that they need to take an action before it is too late. Security vulnerabilities are discovered throughout the life of a software system by both the developers, and normal end-users. So far there have been several vulnerability discovery models are proposed to describe the vulnerability discovery pattern for determining readiness for patch release, optimal resource allocations or evaluating the risk of vulnerability exploitation. Here, we apply a linear vulnerability discovery model into Windows operating systems to see the linear discovery trends currently observed often. The applicability of the observation form the paper show that linear discovery model fits very well with aggregate version rather than each version.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.11-17
• /
• 2013

All u-Health system has security vulnerabilities. This vulnerability locally(local) or network(network) is on the potential risk. Smart environment of health information technology, Ad-hoc networking, wireless communication environments, u-health are major factor to increase the security vulnerability. u-health care information systems user terminal domain interval, interval public network infrastructure, networking section, the intranet are divided into sections. Health information systems by separating domain specific reason to assess vulnerability vulnerability countermeasure for each domain are different. u-Healthcare System 5 layers of security risk assessment system for domain-specific security vulnerability diagnosis system designed to take the security measures are needed. If you use this proposed model that has been conducted so far vaguely USN-based health information network security vulnerabilities diagnostic measures can be done more systematically provide a model.

• Structural Engineering and Mechanics
• /
• v.64 no.2
• /
• pp.213-223
• /
• 2017

Bridges are lifeline and integral components of transportation system that are susceptible to seismic actions, their vulnerability assessment is essential for seismic risk assessment and mitigation. The vulnerability assessment of bridges common in Pakistan is very important as it is seismically very active region and the available code for the seismic design of bridges is obsolete. This research presents seismic vulnerability assessment of three real case simply supported multi-span reinforced concrete bridges commonly found in northern Pakistan, having one, two and three bents with circular piers. The vulnerability assessment is carried through the non-linear dynamic time history analyses for the derivation of fragility curves. Finite element based numerical models of the bridges were developed in MIDAS CIVIL (2015) and analyzed through with non-linear dynamic and incremental dynamic analyses, using a suite of bridge-specific natural spectrum compatible ground motion records. Seismic responses of shear key, bearing pad, expansion joint and pier components of each bridges were recorded during analysis and retrieved for performance based analysis. Fragility curves were developed for the bearing pads, shear key, expansion joint and pier of the bridges that first reach ultimate limit state. Dynamic analysis and the derived fragility curves show that ultimate limit state of bearing pads, shear keys and expansion joints of the bridges exceed first, followed by the piers ultimate limit state for all the three bridges. Mean collapse capacities computed for all the components indicated that bearing pads, expansion joints, and shear keys exceed the ultimate limit state at lowest seismic intensities.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.21 no.5
• /
• pp.608-616
• /
• 2015

In this study, we have estimated the storm surge heights using numerical modeling on coastal area, and then evaluated the vulnerability index by applying the vulnerability assessment techniques. Surge modelling for 27 typhoons affected from 2000 to 2014 were simulated by applying the ADCIRC model. The results of validation and verification was in significant agreement as compared with observations for the top 6 ranking typhoons affected. As results, the storm surge heights in Jinhae Bay, Sacheon Bay, Gwangyang Bay, Cheonsu Bay and Gyeonggi Bay were higher than other inner coastal areas, then storm surge vulnerability assessment was performed using a standardization, normalization and gradation of storm surge heights. According to results of storm surge vulnerability assessment, index of Jinhae Bay, Sacheon Bay, Gwangyang Bay etc. are estimated to be vulnerable(4~5) because of the characteristics of storm surge such as inner bay are vulnerable compared with exposed to the open sea areas. However, index in the inner bay of western Jeonnam are not vulnerable(1~3) relatively. It may not appear the typhoons affected significantly for the past 15 years. So, the long-term vulnerability assessment with the sensitivity of geomorphology are necessary to reduce the uncertainty.