• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.199-206
• /
• 2015

Since security vulnerabilities newly discovered in a popular Web browser immediately put a number of users at risk, urgent attention from developers is required to address those vulnerabilities. Analysis of characteristics in the Web browser vulnerabilities can be used to assess security risks and to determine the resources needed to develop patches quickly to handle vulnerabilities discovered. So far, being a new research area, the quantitative aspects of the Web browser vulnerabilities and risk assessments have not been fully investigated. However, due to the importance of Web browser software systems, further detailed studies are required related to the Web browser risk assessment, using rigorous analysis of actual data which can assist decision makers to maximize the returns on their security related efforts. In this paper, quantitative software vulnerability analysis has been presented for major Web browsers with respect to the Common Vulnerability Scoring System. Further, vulnerability discovery trends in the Web browsers are also investigated. The results show that, almost all the time, vulnerabilities are compromised from remote networks with no authentication required systems. It is also found that a vulnerability discovery model which was originally introduced for operating systems is also applicable to the Web browsers.

• Journal of the Korean Society of Safety
• /
• v.35 no.5
• /
• pp.15-21
• /
• 2020

Quantitative risk assessment (QRA) is used as a legal or voluntary safety management tool for the hazardous material industry and the utilization of the method is gradually increasing. Therefore, a leak frequency analysis based on reliable generic data is a critical element in the evolution of QRA and safety technologies. The aim of this paper is to derive the leak frequency function that can be applied more flexibly in QRA based on OGP report with high reliability and global utilization. For the purpose, we first reviewed the data on the 16 equipments included in the OGP report and selected the predictors. And then we found good equations to fit the OGP data using non-linear regression analysis. The various expectation functions were applied to search for suitable parameter to serve as a meaningful reference in the future. The results of this analysis show that the best fitting parameter is found in the form of DNV function and connection function in natural logarithm. In conclusion, the average percentage error between the fitted and the original value is very small as 3 %, so the derived prediction function can be applicable in the quantitative frequency analysis. This study is to contribute to expand the applicability of QRA and advance safety engineering as providing the generic equations for practical leak frequency analysis.

• Journal of Ocean Engineering and Technology
• /
• v.25 no.4
• /
• pp.54-58
• /
• 2011

The need and importance of developing and utilizing the oceans, not only as sources of renewable energy and mineral resources, but also as countermeasures to global warming such as for CCS (carbon capture and storage), have continued to increase, especially in countries with limited land areas and resources. Therefore, it is necessary to assess the sustainability of an ocean utilization technology or system not only from an economic point of view but also from an ecological one. For this purpose, it might be effective to develop a comprehensive evaluation method and/or index, by which the assessment of and decisions about a technology and system can be made more objectively. It would also be useful to have an environmental simulation model, which was developed and reported in a previous research. The aim of this study was to modify a reasonable and quantitative index, with which a comprehensive evaluation system can be established, to assess environmental sustainability and risk.

• Journal of the Korean Society of Safety
• /
• v.31 no.4
• /
• pp.48-54
• /
• 2016

The prediction of various emissions from coal combustion is an important subject of researchers and engineers because of environmental consideration. Therefore, the development of the models for predicting pollutants very fast has received much attention from international research community, especially in the field of safety assessment. In this work, response surface method was introduced as a design of experiment, and the database for RSM was set with the numerical simulation of a drop tube furnace (DTF) to predict the spatial distribution of pollutant concentrations as well as final ones. The distribution of carbon dioxide in DTF was assumed to have Boltzman function, and the resulted function with parameters of a high $R^2$ value facilitates predicting an accurate distribution of $CO_2$. However, CO distribution had a difference near peak concentration when Gaussian function was introduced to simulate the CO distribution. It might be mainly due to the anti-symmetry of the CO concentration in DTF, and hence Extreme function was used to permit the asymmetry. The application of Extreme function enhanced the regression accuracy of parameters and the prediction was in a fairly good agreement with the new experiments. These results promise the wide use of statistical models for the quantitative safety assessment.

• Nuclear Engineering and Technology
• /
• v.51 no.1
• /
• pp.138-145
• /
• 2019

With the application of digital technology to safety-critical infrastructures, cyber-attacks have emerged as one of the new dangerous threats. In safety-critical infrastructures such as a nuclear power plant (NPP), a cyber-attack could have serious consequences by initiating dangerous events or rendering important safety systems unavailable. Since a cyber-attack is conducted intentionally, numerous possible cases should be considered for developing a cyber security system, such as the attack paths, methods, and potential target systems. Therefore, prior to developing a risk-informed cyber security strategy, the importance of cyber-attacks and significant critical digital assets (CDAs) should be analyzed. In this work, an importance analysis method for cyber-attacks on an NPP was proposed using the probabilistic safety assessment (PSA) method. To develop an importance analysis framework for cyber-attacks, possible cyber-attacks were identified with failure modes, and a PSA model for cyber-attacks was developed. For case studies, the quantitative evaluations of cyber-attack scenarios were performed using the proposed method. By using quantitative importance of cyber-attacks and identifying significant CDAs that must be defended against cyber-attacks, it is possible to develop an efficient and reliable defense strategy against cyber-attacks on NPPs.

• Geomechanics and Engineering
• /
• v.27 no.6
• /
• pp.605-614
• /
• 2021

Water inrush from fault is one of the most severe hazards during tunnel excavation. However, the traditional evaluation methods are deficient in both quantitative evaluation and uncertainty handling. In this paper, a comprehensive methodology method combined intuitionistic fuzzy AHP with a Bayesian network for the risk assessment of water inrush from fault in the subsea tunnel was proposed. Through the intuitionistic fuzzy analytic hierarchy process to replace the traditional expert scoring method to determine the prior probability of the node in the Bayesian network. After the field data is normalized, it is classified according to the data range. Then, using obtained results into the Bayesian network, conduct a risk assessment with field data which have processed of water inrush disaster on the tunnel. Simultaneously, a sensitivity analysis technique was utilized to investigate each factor's contribution rate to determine the most critical factor affecting tunnel water inrush risk. Taking Qingdao Kiaochow Bay Tunnel as an example, by predictive analysis of fifteen fault zones, thirteen of them are consistent with the actual situation which shows that the IFAHP-Bayesian Network method is feasible and applicable. Through sensitivity analysis, it is shown that the Fissure development and Apparent resistivity are more critical comparing than other factor especially the Permeability coefficient and Fault dip. The method can provide planners and engineers with adequate decision-making support, which is vital to prevent and control tunnel water inrush.

• 한국지역지리학회:학술대회
• /
• 2009.08a
• /
• pp.108-115
• /
• 2009

An increase in oil and gas plants caused by development of process industry have brought into the increase in use of flammable and toxic materials in the complex process under high temperature and pressure. There is always possibility of fire and explosion of dangerous chemicals, which exist as raw materials, intermediates, and finished goods whether used or stored in the industrial plants. Since there is the need of efforts on disaster damage reduction or mitigation process, we have been conducting a research to relate explosion model on the background of real 3D terrain model. By predicting the extent of damage caused by recent disasters, we will be able to improve efficiency of recovery and, sure, to take preventive measure and emergency counterplan in response to unprepared disaster. For disaster damage prediction, it is general to conduct quantitative risk assessment, using engineering model for environmentaldescription of the target area. There are different engineering models, according to type of disaster, to be used for industry disaster such as UVCE (Unconfined Vapor Cloud Explosion), BLEVE (Boiling Liquid Evaporation Vapor Explosion), Fireball and so on, among them.we estimate explosion damage through UVCE model which is used in the event of explosion of high frequency and severe damage. When flammable gas in a tank is released to the air, firing it brings about explosion, then we can assess the effect of explosion. As 3D terrain information data is utilized to predict and estimate the extent of damage for each human and material. 3D terrain data with synthetic environment (SEDRIS) gives us more accurate damage prediction for industrial disaster and this research will show appropriate prediction results.

• Proceedings of the KSRS Conference
• /
• 2008.10a
• /
• pp.3-5
• /
• 2008

An increase in oil and gas plants caused by development of process industry have brought into the increase in use of flammable and toxic materials in the complex process under high temperature and pressure. There is always possibility of fire and explosion of dangerous chemicals, which exist as raw materials, intermediates, and finished goods whether used or stored in the industrial plants. Since there is the need of efforts on disaster damage reduction or mitigation process, we have been conducting a research to relate explosion model on the background of real 3D terrain model. By predicting the extent of damage caused by recent disasters, we will be able to improve efficiency of recovery and, sure, to take preventive measure and emergency counterplan in response to unprepared disaster. For disaster damage prediction, it is general to conduct quantitative risk assessment, using engineering model for environmental description of the target area. There are different engineering models, according to type of disaster, to be used for industry disaster such as UVCE (Unconfined Vapour Cloud Explosion), BLEVE (Boiling Liquid Evaporation Vapour Explosion), Fireball and so on, among them, we estimate explosion damage through UVCE model which is used in the event of explosion of high frequency and severe damage. When flammable gas in a tank is released to the air, firing it brings about explosion, then we can assess the effect of explosion. As 3D terrain information data is utilized to predict and estimate the extent of damage for each human and material. 3D terrain data with synthetic environment (SEDRIS) gives us more accurate damage prediction for industrial disaster and this research will show appropriate prediction results.

• Safety and Health at Work
• /
• v.9 no.1
• /
• pp.63-70
• /
• 2018

Background: Psychosocial risk management [Psychosocial Risk Management Approach (PRIMA)] has, through the years, been applied in several organizations in various industries and countries globally. PRIMA principles have also been translated into international frameworks, such as PRIMA-EF (European framework) and the World Health Organization Healthy Workplace Framework. Over the past 10 years, an oil and gas company has put efforts into adopting and implementing international frameworks and standards for psychosocial risk management. More specifically, the company uses a PRIMA. Methods: This study explores available quantitative and qualitative risk data collected through the PRIMA method over the past 8 years in order to explore specific and common psychosocial risks in the petroleum industry. Results: The analyses showed a significant correlation between job resources and symptoms of work-related stress, there was a significant correlation between job demands and symptoms of work-related stress, and there were differences in psychosocial risk factors and symptoms of work-related stress onshore and offshore. The study also offers recommendations on how the results can further be utilized in building a robust system for managing psychosocial risks in the industry. Conclusion: The results from the analyses have provided meaningful and important information about the company-specific psychosocial risk factors and their impact on health and well-being.

• Korean Journal of Construction Engineering and Management
• /
• v.14 no.3
• /
• pp.22-32
• /
• 2013

Generally, asset management procedure consists of exact information collection, decision of service level, analysis of aspiration level, analysis of financial condition and available budget, preparation of asset management plan, and value of modified asset. In this study, for the risk-based asset management, condition assessment and performance measuring, assessment of failure modes and risks, evaluation/selection of treatment options, and implementation of optimum solution are additionally included. For this, bridge inventory and performance measure considering risks are classified and method of quantitative/qualitative performance measure is suggested. Also, evaluation method of risk analysis for bridge asset management is suggested and basic research is carried out for applicable method of risk-based asset management. Using suggested risk procedure and method of risk-based bridge service level evaluation, it is possible to perform resonable asset management. Moreover, it is concluded that the proposed applicable method of risk-based asset management will provide a solution to contribute the development of systematical asset management for optimal decision making and prototype asset management system.