• KEPCO Journal on Electric Power and Energy
• /
• 제4권1호
• /
• pp.1-7
• /
• 2018

Objective signs are everywhere that the stationary energy storage market is growing up quickly. The use of distributed resources such as solar photovoltaics and electric vehicles are expanding at a rapid pace, creating technical challenges for the distribution system that will require energy storage and a new generation of software to address. This paper is intended for distribution utility managers and executives and makes the following points: ${\bullet}$ Utility-integrated (as opposed to merely grid-connected) energy storage projects represent a distinct, new wave of industry growth that is just getting underway and is required to manage distributed energy resources moving forward. ${\bullet}$ Utilities and the energy storage industry have important roles to lower risk in adopting this technology - thereby enabling this wave of growth. ${\circ}$ The industry must focus on engineering energy storage for adoption at scale - including the creation and support of software open standards -both to drive down costs and to limit technology and supplier risk for utilities. ${\circ}$ Utilities need to take a program-based, rather than a project- based, approach to this resource to best balance cost and risk as they procure and implement energy storage. By working together to drive down costs and manage risk, utilities and their suppliers can lay the energy storage foundation for a new, more digital distributed electricity system.

• Nuclear Engineering and Technology
• /
• 제53권10호
• /
• pp.3319-3326
• /
• 2021

As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

• Archives of Plastic Surgery
• /
• 제48권3호
• /
• pp.295-304
• /
• 2021

Clinical photography is an essential component of patient care in plastic surgery. The use of unsecured smartphone cameras, digital cameras, social media, instant messaging, and commercially available cloud-based storage devices threatens patients' data safety. This paper Identifies potential risks of clinical photography and heightens awareness of safe clinical photography. Specifically, we evaluated existing risk-mitigation strategies globally, comparing them to industry standards in similar settings, and formulated a framework for developing a risk-mitigation plan for avoiding data breaches by identifying the safest methods of picture taking, transfer to storage, retrieval, and use, both within and outside the organization. Since threats evolve constantly, the framework must evolve too. Based on a literature search of both PubMed and the web (via Google) with key phrases and child terms (for PubMed), the risks and consequences of data breaches in individual processes in clinical photography are identified. Current clinical-photography practices are described. Lastly, we evaluate current risk mitigation strategies for clinical photography by examining guidelines from professional organizations, governmental agencies, and non-healthcare industries. Combining lessons learned from the steps above into a comprehensive framework that could contribute to national/international guidelines on safe clinical photography, we provide recommendations for best practice guidelines. It is imperative that best practice guidelines for the simple, safe, and secure capture, transfer, storage, and retrieval of clinical photographs be co-developed through cooperative efforts between providers, hospital administrators, clinical informaticians, IT governance structures, and national professional organizations. This would significantly safeguard patient data security and provide the privacy that patients deserve and expect.

• Journal of Multimedia Information System
• /
• 제8권4호
• /
• pp.259-266
• /
• 2021

Security vulnerabilities have been reported in major design software systems such as Adobe Photoshop and Illustrator, which are recognized as de facto standard design tools in most of the design industries. Companies need to evaluate and manage their risk levels posed by those vulnerabilities, so that they could mitigate the potential security bridges in advance. In general, security vulnerabilities are discovered throughout their life cycles repeatedly if software systems are continually used. Hence, in this study, we empirically analyze risk levels for the three major graphical design software systems, namely Photoshop, Illustrator and GIMP with respect to a software vulnerability discovery model. The analysis reveals that the Alhazmi-Malaiya Logistic model tends to describe the vulnerability discovery patterns significantly. This indicates that the vulnerability discovery model makes it possible to predict vulnerability discovery in advance for the software systems. Also, we found that none of the examined vulnerabilities requires even a single authentication step for successful attacks, which suggests that adding an authentication process in software systems dramatically reduce the probability of exploitations. The analysis also discloses that, for all the three software systems, the predictions with evenly distributed and daily based datasets perform better than the estimations with the datasets of vulnerability reporting dates only. The observed outcome from the analysis allows software development managers to prepare proactively for a hostile environment by deploying necessary resources before the expected time of vulnerability discovery. In addition, it can periodically remind designers who use the software systems to be aware of security risk, related to their digital work environments.

• Journal of Smart Tourism
• /
• 제4권1호
• /
• pp.31-38
• /
• 2024

This study investigates the adoption of technology in smart tourist destinations, with a focus on the Baby Boomer generation. The objective is to analyze the perceived utility, intention to use, and risk perception of this generation regarding Information and Communication Technologies (ICT) in the context of smart tourist destinations. Data were collected through questionnaires administered to elderly groups belonging to the Baby Boomer generation in two Brazilian cities. Data analysis was conducted using statistical tools such as SPSS and Microsoft Excel, with an emphasis on regression analysis with moderation. The results indicate that when Baby Boomer tourists feel insecure about technology, they tend to not perceive its utility, impacting its acceptance. On the other hand, lower risk perceptions lead to an increase in perceived utility and, consequently, a greater intention to use technology in travel planning. The moderating role of risk perception in the relationship between perceived utility and intention to use is emphasized. The findings highlight the need for managers of smart destinations to consider the risks perceived by tourists, focus on diverse age groups, and implement strategies that address digital exclusion.

• 인터넷정보학회논문지
• /
• 제14권3호
• /
• pp.23-33
• /
• 2013

최근 IT분야에서 클라우드 컴퓨팅 기술은 유연성, 효율성, 비용절감이라는 특징을 갖고 있어 현 사회에 빠르게 보급되고 있다. 그러나 클라우드 컴퓨팅 시스템은 보안의 취약점을 크게 갖고 있다. 본 연구에서는 클라우드 컴퓨팅 시스템 보안의 취약점 해결을 위해, 가상머신의 취약점에 대한 유형 및 영향분석 타입(impact type)을 정하고, 가상머신의 취약점에 대한 위험도 평가에 따른 우선순위를 정하였다. 취약점 분석을 위해서는 오픈프레임워크인 CVSS2.0을 기반으로 취약점에 대한 위험도 측정 기준을 정의하고 해당 취약점마다 점수를 매겨 위험도 측정을 체계화하였다. 제시된 취약점 위험도 기준은 취약점의 근본적인 특징을 제시하고 취약점에 대한 위험도를 제공하여 취약점 최소화를 위한 기술적 가이드를 작성하는 데에 활용 가능할 것으로 판단된다. 또한 제시된 취약점 위험도 기준은 연구내용 자체로 의미가 있으며 향후 추진될 기술 정책프로젝트에서 활용될 수 있다.

• 한국안전학회지
• /
• 제37권4호
• /
• pp.120-128
• /
• 2022

Printed circuit boards (PCBs) are a basic component in the electronics industry and are widely used in nearly all electronic products, such as mobile phones, tablet computers, and digital cameras, as well as in electric equipment. PCB manufacturing involves the use of many chemicals and chemical processes and therefore has more risks than other manufacturing sectors. This study aims to identify the causes of possible accidents during PCB manufacturing through risk assessment, develop and implement safety measures, and evaluate the effectiveness of these measures. Note that the safety measures developed to mitigate the risks of a certain process were also implemented for other similar processes. The risk assessments conducted over seven years, from 2015 to 2021, at a PCB manufacturing company identified 361 hazardous processes. Between 2016 and 2019, 41-56 hazardous processes were identified per year; such processes decreased to fewer than 20 per year after 2020. Application of the risk assessment results to the improvement of the hazardous processes with the similar characteristics seems to be effective in decreasing the risks. Equipment-related factors such as lack of appropriate maintenance, low work standards, and defective protection devices were responsible for 59.8% of all possible accidents. Because PCB manufacturing involves many chemicals, skin contact with hazardous substances, electric shock, fire, and explosion were the most common types of possible accidents (81.7%). In total, 505 safety measures were implemented, including 157 related to purchase and improvement of equipment and devices for safety (31.1%), 147 related to the installation/modification of fire prevention facilities (29.1%), and 69 related to the use of standard electrical appliances (13.7%). Risk assessment conducted after implementing the safety measures showed that these measures significantly decreased risk; 247 processes (68.4%) had a risk level of 3, corresponding to "very low," and 114 processes (31.6%) showed a risk level of 4, corresponding to "low." In particular, risk assessment of 104 processes with risk scores of 12 and 10 other processes with risk score of 16 showed that the risk decreased to 4 after implementing the safety measures. Thus, implementing these measures in similar manufacturing sectors that involve chemical processes can mitigate risk.

• 디지털융복합연구
• /
• 제14권5호
• /
• pp.485-491
• /
• 2016

본 연구의 목적은 도시 거주 노인을 대상으로 낙상과 관련된 위험 요인들을 찾아 비교하는 것이다. D 광역시에 거주하는 65세 이상 노인 62명을 대상으로, 과거 1년 동안의 낙상 경험을 토대로 낙상군과 비낙상군으로 분류하였다. 일반적 특성, 낙상관련 생활습관 및 만성질환, 균형과 관련된 신체적(BBS), 심리적 검사도구(K-ABC)와 우울증 평가(SGDS)를 통해 그룹 간의 차이를 비교하고, 유의한 차이를 보인 변수들의 상관관계를 확인하였다. 연구 결과, BBS와 K-ABC, 그리고 SGDS 점수는 그룹 간에 통계학적으로 유의한 차이를 나타내었다(p<0.05). 또한, BBS와 K-ABC 점수는 양의 상관관계를 보였으며, K-ABC와 SGDS 점수는 음의 상관관계를 보였다(r=-0.472). 결과에 기초하여, SGDS와 함께 ABC와 BBS는 낙상 평가 도구로써 추천할 만한 도구임을 확인할 수 있었다.

• 디지털융복합연구
• /
• 제10권8호
• /
• pp.149-157
• /
• 2012

개인정보보호법이 새로 제정이 되어 기업 및 기관에서 이에 대한 준비와 대책 마련이 활발히 전개되고 있다. 개인정보를 취급하는 정보시스템에 대하여 개인정보 침해의 위협을 사전에 예방 및 점검을 수행하는 개인정보영향평가를 K병원의 분석 사례를 통해 연구하였다. 결론적으로 K병원의 개인정보 영향평가 분석을 수행한 결과 평가영역별로는 대상기관관리체계는 79.0, 대상시스템의 보호수준은 97.9, 개인정보처리단계의 결과는 67.4이고 CCTV는 90.0으로 나타났다. 개인정보보호수준이 가장 낮은 항목은 개인정보생명주기관리 항목의 저장 및 보유단계 50.0, 이용 및 제공 64.1 및 파기 단계 66.7로 나타났다. 위험도 분석결과 고위험도 항목은 개인정보처리구역 항목 11.0과 개인정보생명주기 영역의 저장 및 보유단계 항목이12.5, 파기단계 항목이 13.0으로 높은 수치가 나왔다. 종합적으로 보면 고위험도이면서 저보호수준인 항목은 저장 및 보유단계와 파기단계로 파악이 되었다.

• 디지털융복합연구
• /
• 제10권5호
• /
• pp.89-103
• /
• 2012

본 연구는 컨설턴트의 학습동기 및 의지가 기업가정신과 역량에 미치는 영향 및 기업가 정신의 매개효과에 대하여 분석하였다. 검증결과 학습동기 및 학습의지는 기업가정신의 혁신성과 진취성에 역량의 능력과 지식에 영향이 있었으나 기업가정신의 위험감수성, 컨설턴트 역량의 자세와는 영향이 없거나 미미했다. 기업가정신중 혁신성과 진취성이 컨설턴트의 역량에 긍정적인 영향이 있었으며 위험감수성은 무의미 했다 한편 기업가정신의 매개효과 검증결과 혁신성과 진취성은 학습동기가 능력에 미치는 영향을 완전매개, 지식에 미치는 영향은 부분매개하였으며 학습의지가 컨설턴트의 능력 또는 지식에 미치는 영향에는 혁신성은 부분매개효과가, 진취성은 매개효과가 없었다. 연구결과 학습동기와 의지관리를 통해 기업가정신과 컨설턴트의 역량 함양이 가능하며 특히 컨설턴트 역량 함양을 위해서는 기업가정신의 혁신성 진취성 교육이 중요한 것으로 나타났다.