• Journal of Korea Water Resources Association
• /
• v.46 no.2
• /
• pp.183-193
• /
• 2013

Selecting the evaluation index to determine water resources system design yield is an important problem for water resources engineers. Reliability, resilience and vulnerability are three widely used indices for yield analysis. However, there is an overlap region between indices as well as resilience and vulnerability can show improvement in non-monotonic phenomena although yield condition becomes worse. These problems are usually not recognized and the decisions are made according to calculated estimates in real situation. The reason for this is caused by a diverse characteristics of water resources system such as seasonal variability of hydrologic characteristics and water demands. In this study, the applicability of resilience and vulnerability for multi indices application in addition to reliability which is applied generally is examined. Based on highly seasonal irrigation water demand ratio, the correlation and non-monotonic phenomena of each index are analyzed for seven selected reservoirs. Yongdam reservoir which supplies constant water supply showed the general tendency, but Chungju, Andong, Namgang and other reservoirs which supplies irrigation water showed clear non-monotonic phenomena in resilience and vulnerability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.243-253
• /
• 2022

Recently, cyber attacks on national infrastructure facilities have continued to occur. As a result, the vulnerabilities of ICS-CERTs have more than doubled from last year, and the vulnerabilities to industrial control systems such as nuclear facilities are increasing day by day. Most control system operators formulate vulnerability countermeasures based on the vulnerability information sources of industrial control systems provided by ICS-CERT in the United States. However, it is difficult to apply this to the security of domestic control systems because ICS-CERT does not contain all relevant vulnerability information and does not provide vulnerabilities to domestic manufacturer's products. In this research, we will utilize publicly available vulnerability-related information such as CVE, CWE, ICS-CERT, and CPE to discover vulnerabilities that may exist in control system assets and may occur in the future. I proposed a plan that can predict possible vulnerabilities and applied it to information on major domestic control systems.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.46 no.4
• /
• pp.218-228
• /
• 2023

Maintaining sea superiority through successful mission accomplishments of warships is being proved to be an important factor of winning a war, as in the Ukraine-Russia war. in order to ensure the ability of a warship to perform its duties, the survivability of the warship must be strengthened. In particular, among the survivability factors, vulnerability is closely related to a damage assessment, and these vulnerability data are used as basic data to measure the mission capability. The warship's mission capability is usually measured using a wargame model, but only the operational effects of a macroscopic view are measured with a theater level resolution. In order to analyze the effectiveness and efficiency of a weapon system in the context of advanced weapon systems and equipments, a warship's mission capability must be measured at the engagement level resolution. To this end, not the relationship between the displacement tonnage and the weight of warheads applied in the theater level model, but an engagement level resolution vulnerability assessment method that can specify physical and functional damage at the hit position should be applied. This study proposes a method of measuring a warship's mission capability by applying the warship vulnerability assessment method to the naval engagement level analysis model. The result can be used as basic data in developing engagement algorithms for effective and efficient operation tactics to be implemented from a single unit weapon system to multiple warships.

• Journal of Soil and Groundwater Environment
• /
• v.23 no.4
• /
• pp.26-41
• /
• 2018

The purpose of this study is to improve the Original DRASTIC Model (ODM) for the assessment of groundwater contamination vulnerability on the GIS platform. Miryang City of urban and rural features was selected for the study area to accomplish the research purpose. Advanced DRASTIC Model (ADM) was developed adding two more DRASTIC factors of lineament density and landuse to ODM. The fuzzy logic was also applied to ODM and ADM to improve their ability in evaluating the groundwater contamination vulnerability. Although the vulnerability map of ADM was a little simpler than that of ODM, it increased the area of the low vulnerability sector. The groundwater vulnerability maps of ODM and ADM using DRASTIC Indices represented the more detailed descriptions than those from the overlap of thematic maps, and their qualities were improved by the application of fuzzy technique. The vulnerability maps of ODM, ADM and FDM was evaluated by NO3-N concentrations in the study area. It was proved that ADM including lineament density and landuse factors produced a more reliable groundwater vulnerability map, and fuzzy ADM (FDM) made the best detailed groundwater vulnerability map with the significant statistical results.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.464-472
• /
• 2017

In the ICT (Information and Communication Technology) convergence security environment, a lot of companies use an external public web system for the external disclosure and sharing of product information, manufacturing technology, service manualsand marketing materials. In this way, the web system disclosed on the Internet is an important aspect of cyber security management and has an always-on vulnerability requiringan information protection solution and IT vulnerability checks. However, there are limits to vulnerability detection management in anexternal environment. In this study, in order to solvethese problems, we constructed a system based on digital forensics and conducted an empirical study on the detection of important information in enterprises by using forensic techniques. It was found thatdue to the vulnerability of web systems operated in Korea and overseas, important information could be revealed,such as the companies' confidential data and security management improvements. In conclusion, if a system using digital forensic techniques is applied in response to theincreasing number of hacking incidents, the security management of vulnerable areas will be strengthened and the cyber security management system will be improved.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.28 no.9
• /
• pp.698-706
• /
• 2017

The risk of high power electromagnetic(HPEM) pulse exposure to the devices used in digital control system such as PLC(programmable logic controller) and communication cable is increasing. In this paper, two different frequency ranges HPEMs were exposed to those control systems to assess the each vulnerability. The vulnerability of the EUTs exposed from HPEM were analyzed and compared with a variation of distances and source power. As the EUTs were exposed to higher level of HPEM, the voltage and communication waveform of the control system had shown a distorted response. And the unshielded twisted pair(UTP) cable connected to the EUTs showed operation failures with induced voltage. However, the foiled twisted pair(FTP) cable shielded the connected device efficiently from the HPEM exposure. Therefore, the necessity of the protection measures against the vulnerability of HPEM exposure for the digital control system used in power facilities and industrial site were verified.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.557-559
• /
• 2022

The use of open source has the advantage that the development environment is convenient and maintenance is easier, but there is a limitation in that it is easy to be exposed to vulnerabilities from a security point of view. In this regard, the LOG4J vulnerability, which is an open source logging library widely used in Apache, was recently discovered. Currently, the risk of this vulnerability is at the 'highest' level, and developers are using it in many systems without being aware of such a problem, so there is a risk that hacking accidents due to the LOG4J vulnerability will continue to occur in the future. In this paper, we analyze the LOG4J vulnerability in detail and propose a SNORT detection policy technology that can detect vulnerabilities more quickly and accurately in the security control system. Through this, it is expected that in the future, security-related beginners, security officers, and companies will be able to efficiently monitor and respond quickly and proactively in preparation for the LOG4J vulnerability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.773-775
• /
• 2011

We analysed privacy, attack model and vulnerability with light-weight RFID System. A specific system's vulnerability depends on its implementation and the applied countermeasures. We can build an RFID system with a satisfactory security level even in a high-risk application area. To do so, however, we must pay attention to the implementation of proportional security measures.

• Computers and Concrete
• /
• v.30 no.2
• /
• pp.113-126
• /
• 2022

Reinforced concrete bearing walls (RCBWs) are one of the most applicable structural systems. Therefore, vulnerability analysis and rehabilitation of the RCBW system are of great importance. In the present study, in order to the more precise investigation of the performance of this structural resistant system, pushover and nonlinear time history analyses based on several assumptions drawing upon experimental research were performed on several models with different stories. To validate the nonlinear analysis method, the analytical and experimental results are compared. Vulnerability evaluation was carried out on two seismic hazard levels and three performance levels. Eventually, the need for seismic rehabilitation with the basic safety objective (BSO) was investigated. The obtained results showed that the studied structures satisfied the BSO of the seismic rehabilitation guidelines. Consequently, according to the results of analyses and the desired performance, this structural system, despite its high structural weight and rigid connections and low flexibility, has integrated performance, and it can be a good option for earthquake-resistant constructions.

• Proceedings of the Korean Society of Soil and Groundwater Environment Conference
• /
• 2005.04a
• /
• pp.304-307
• /
• 2005

A numerical modelling method using a backward-in-time advection dispersion equation is introduced in assessing the vulnerability of groundwater to contaminants as an alternative to classical vulnerability mapping methods. The flux and resident concentration measurements are normalized by the total contaminants mass released to the system to provide the travel time probability density function and the location probability function. With the results one can predict the expected travel time of a contaminant from up stream location to a well and also the relative concentration of the contaminant at a well. More specific groundwater vulnerability can be mapped by these predicted measurements.