• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.3
• /
• pp.121-134
• /
• 2017

With rapid increasing the development and use of IoT Devices, requirements for safe IoT devices and services such as reliability, security are also increasing. In Security engineering, SDLC (Secure Development Life Cycle) is applied to make the trustworthy system. Secure Development Life Cycle has 4 big steps, Security requirements, Design, Implementation and Operation and each step has own goals and activities. Deriving security requirements, the first step of SDLC, must be accurate and objective because it affect the rest of the SDLC. For accurate and objective security requirements, Threat modeling is used. And the results of the threat modeling can satisfy the completeness of scope of analysis and the traceability of threats. In many countries, academic and IT company, a lot of researches about drawing security requirements systematically are being done. But in domestic, awareness and researches about deriving security requirements systematically are lacking. So in this paper, I described about method and process to drawing security requirements systematically by using threat modeling including DFD, STRIDE, Attack Library and Attack Tree. And also security requirements are described via Common Criteria for delivering objective meaning and broad use of them.

• Journal of Ginseng Research
• /
• v.41 no.3
• /
• pp.339-346
• /
• 2017

Background: In this study, we investigated how to convert the Panax ginseng DNA sequence code and chemical fingerprints into a two-dimensional code. In order to improve the compression efficiency, GATC2Bytes and digital merger compression algorithms are proposed. Methods: HPLC chemical fingerprint data of 10 groups of P. ginseng from Northeast China and the internal transcribed spacer 2 (ITS2) sequence code as the DNA sequence code were ready for conversion. In order to convert such data into a two-dimensional code, the following six steps were performed: First, the chemical fingerprint characteristic data sets were obtained through the inflection filtering algorithm. Second, precompression processing of such data sets is undertaken. Third, precompression processing was undertaken with the P. ginseng DNA (ITS2) sequence codes. Fourth, the precompressed chemical fingerprint data and the DNA (ITS2) sequence code were combined in accordance with the set data format. Such combined data can be compressed by Zlib, an open source data compression algorithm. Finally, the compressed data generated a two-dimensional code called a quick response code (QR code). Results: Through the abovementioned converting process, it can be found that the number of bytes needed for storing P. ginseng chemical fingerprints and its DNA (ITS2) sequence code can be greatly reduced. After GTCA2Bytes algorithm processing, the ITS2 compression rate reaches 75% and the chemical fingerprint compression rate exceeds 99.65% via filtration and digital merger compression algorithm processing. Therefore, the overall compression ratio even exceeds 99.36%. The capacity of the formed QR code is around 0.5k, which can easily and successfully be read and identified by any smartphone. Conclusion: P. ginseng chemical fingerprints and its DNA (ITS2) sequence code can form a QR code after data processing, and therefore the QR code can be a perfect carrier of the authenticity and quality of P. ginseng information. This study provides a theoretical basis for the development of a quality traceability system of traditional Chinese medicine based on a two-dimensional code.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.11
• /
• pp.96-104
• /
• 2018

Military vessels are complex weapon systems consisting of various integrated onboard equipment. Since their acquisition of military equipment takes a long period of time and a prototype ship is deployed and tested, vessel development has relied on its proprietary process. However, due to the growing complexity of onboard equipment technology, application of systems engineering (SE) process has become indispensable. Nonetheless, an effective design process complementing the existing design with the SE has not yet been developed. As such, we have studied an improved basic design process for submarines based on SE. To do so, we analyzed the processes for the basic design, technical review, and requirement management. Included reviews and requirements are SRR, SFR and PDR, and SSRS, SSS, and SSDD. By combining the results in the SE framework, we built an improved basic design process that can be applied in parallel with the SE-based technical review and requirement management. To assess the process, we applied our proposed model to the submarine development undergoing the basic design phase. It is possible to effectively manage the requirements, design artifacts and improve traceability, and also utilize them as test and evaluation materials. The SE-based basic design process is expected to be useful in other kinds of vessel design.

• Journal of the Korea Safety Management & Science
• /
• v.15 no.4
• /
• pp.161-169
• /
• 2013

Due to the recent advances in technology, the systems are becoming more demanding in terms of functionality and implementation complexity. Therefore, when system failures are involved in such complex systems, the effects of the related safety issues can also be more serious, thereby causing in the worst case irrecoverable hazards on both human being and properties. This fact can be witnessed in the recent rail systems accidents. In general, the accidents can be attributed to the systematic failure or the random failure. The latter is due to the aging or unsatisfied quality of the parts used in implementation or some unexpected external cause that would otherwise result in accidents whereas the former is usually related to incomplete systems design. As the systems are becoming more complex, so are the systematic failures. The objective of the paper is to study an approach to solving the systematic failure. To do so, at first the system design process is augmented by the functional safety activities that are suggested in the standard IEC 61508. Analyzing the artifacts of the integrated process yields the traceability, which satisfies the requirements for reduction of systematic failure as provided in ISO 26262. In order to reduce systematic failure, the results are utilized in the conceptual design stage of systems development in which systems requirements are generated and functional architecture is developed.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.10
• /
• pp.107-115
• /
• 2013

Recently, the RFID technology is combined with a u-healthcare services is an emerging trend in the field of medical services. u-healthcare service, as covering the field of personal health information beyond the level of simple health screening and treatment of life are closely related. Considering security, invasion of privacy, as well as life may be threatened even if your personal health information to be exposed or exploited illegally u-Healthcare services certification is essential. In 2012, Jeong proposed J-L patient authentication protocol that Initialization process, and patients using RFID technology separates the certification process. Jeong, such as the claim that the proposed protocol for reuse attacks, spoofing attacks, prevent information disclosure and traceability fire safety, but raises issues of security and operations efficiency. Therefore, in this paper, Jeong, such as the security of the proposed protocol and to prove the computational efficiency issues, and to enhance the safety and efficiency of RFID technology based on practical u-Healthcare services authentication protocol is proposed.

• IE interfaces
• /
• v.24 no.2
• /
• pp.139-150
• /
• 2011

The EPCglobal Network is a computer network used to share product data among trading partners. It provides the supply chain with improved visibility and traceability by using Electronic Product Code (EPC), which is stored on an RFID tag. Although this network model is widely accepted as a global standard and the growth of EPCglobal-subscriber base is considerable, the EPC technology adoption process is still in its infancy. This is because some of the critical issues on this model still remain to be verified such as scalability, data management, security, privacy and the economic value of data sharing. In this paper, we focus on scalability issue among the challenges to overcome and we regard performance of the EPCglobal Network only as a track and trace query-processing cost in the network. We developed performance models consisting of three elements of the EPCglobal Network : Discovery Services (DS), EPC Information Services (EPCIS), Object Naming Services (ONS). Then we abstracted out the track and trace query execution model to evaluate performance of the overall EPCglobal Network. Finally using the proposed models, we carried out simulation analysis based on an RFID-based inbound logistics process of automobile parts. This work is an important step towards the EPC technology diffusion and provides guidelines for businesses looking to buy or build the EPCglobal Network-based systems.

• Journal of KIISE:Computer Systems and Theory
• /
• v.35 no.8
• /
• pp.394-406
• /
• 2008

Even though context is the most important feature in context-aware systems, the existing requirements engineering cannot support methodology for elicitation and specification of contexts. In this paper, we propose a requirements elicitation method and a requirements specification method for context-aware systems. Our requirements elicitation method is a 6-stepped, incremental, and iterative process. At the beginning steps in the process, we identify the requirements for business logic. Afterwards, we gather the requirements for context logic, model contexts, and identify subsystems. For requirements specification, we suggest a context-aware use case diagram, a context diagram for context modeling, and a context-type-use-case-dependency diagram for the traceability of use cases on the change of context types. We also introduce a case study that we apply our approaches to a real system, and a qualitative evaluation of our approaches. Our study will help stakeholders to efficiently elicit requirements for context-aware systems and to specify them clearly.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.7
• /
• pp.57-67
• /
• 2013

This study suggests for effective operation of systematic analysis method for human factors which is based on the requirement architecture framework a requirement process to manage requirements for improvement is discussed, such as in requirements generation, database construction, management of experimental design, and management of the design traceability. For the objectives, we analyzed the method construct of the starting point views of user requirement which is adopted the requirement architecture concept to cover the whole activities required to do and the human factors guidelines and standards are suggested for verification and validation of the develop requirements. It is getting more attention as the operation of the enabling systems goes up these days. Throughout the propose of this study, human factors requirement database design presented in operational environment system for enabling system which is based on case study using a computer aided se tool. This study will be contributed to how the operational requirement database for the enabling system and operational human factors can be constructed in an integrated system design fashion.

• Journal of KIISE:Software and Applications
• /
• v.31 no.10
• /
• pp.1286-1303
• /
• 2004

Component-based Development is gaining a wide acceptance as an economical software development paradigm to develop applications by utilizing reusable software components. Well-defined interface manages coupling and cohesion between components, minimizes the effect on the user in case of component evolvement, and enhances reusability, extendibility and maintainability. Therefore, study on systematic development process and design guidelines for component interface has been required since the component has been introduced. In this paper, we propose three types of interfaces based on software architecture layers and functionality types； Provided Interface which provides functionality of a component, Required Interface which specifies required functionality that is provided by other components, and Customize Interface which tailors the component to customer's requirement. In addition, we suggest design criteria for well-designed interface, and systematic process and instructions for designing interface. We firstly cluster operations extracted from use case model and class model to identify Provided interfaces, and design Customize interfaces based on artifacts for variability. We also specify Required interfaces by identifying dependency among interfaces. Proposed interface design method provides traceability, throughout the component interface design. And furthermore, proposed guidelines support practical design for high quality component based on a case study.

• The KIPS Transactions:PartD
• /
• v.11D no.2
• /
• pp.407-414
• /
• 2004

The US DoD architecture framework defines architecture Products according to three viewpoints : operational view, system view, and technical view. But, its coarse-grained development process causes leakage of the details In transforming among different views. It also uses different methods for architecture products development, so that the levels of those products are not consistent. So. we propose MND AF(Ministry of National Defense Architecture Framework) for military environment to solve those problems. We propose additional architecture products to achieve consistency, including “architecture disciplines definition description,”“organization-to-activity relationships matrix,” “system definition description,” and “technical reference model,” etc. We also propose the architecture development process in more detail through seven steps. In addition, we propose the applicability of those products to the life cycle processes of the acquisition management. MND AF can provide consistency and traceability of architecture products, provide the basis for sl·stem integration and interoperability. Also, architecture developers can construct architecture in a more effective and efficient way through MND AF.