• Journal of the Korean Society of Safety
• /
• v.31 no.5
• /
• pp.141-148
• /
• 2016

There exists required safety integrity level (SIL) to assure safety in accordance with international standards for every electrical / electronics / control equipment or systems with safety related functions. The SIL is allocated from lowest level (level 0) to highest level (level 4). In order to guarantee certain safety level that is internationally acceptable, application of methodology for SIL allocation and demonstration based on related international standards is required. Especially, in case of the SIL allocation method without determining of quantitative tolerable risk, the additional review is needed to check whether it is suitable or not is required. In this study, the quantitative risk reduction model based on the safety integrity allocation results of railway platform screen door system using Risk Graph method has been examined in order to review the suitability of quantitative risk reduction according to allocated safety integrity level.

• Proceedings of the KSR Conference
• /
• 2006.11b
• /
• pp.870-877
• /
• 2006

Recently, failures of equipments are linked directly to extensive damages of human lives or financial losses from the increasing uses of train control equipments utilizing computers. Then safety activities have to progress for guaranteeing safety during the system life-cycle. In this paper, we examine the methods for risk analysis and assessment of safety activities and propose optimized one method for risk assessment. There are original risk assessment methods; risk graph and risk matrix method under the qualitative analysis, IRF(Individual Risk Formula) calculations and statistical calculations method under the quantitative analysis. Best-Practice(BP) risk analysis method is proposed for combining advantages of the qualitative and the quantitative analysis. In the comparison of risk graph and risk matrix method for safety estimation, BP method has no applications published up to now, but we can expect that this method will be utilized widely for the risk assessment due to various strong points.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1920-1937
• /
• 2015

Network environment has been under constant threat from both malicious attackers and inherent vulnerabilities of network infrastructure. Existence of such threats calls for exhaustive vulnerability analyzing to guarantee a secure system. However, due to the diversity of security hazards, analysts have to select from massive alternative hardening strategies, which is laborious and time-consuming. In this paper, we develop an approach to seek for possible hardening strategies and prioritize them to help security analysts to handle the optimal ones. In particular, we apply a Risk Flow Attack Graph (RFAG) to represent network situation and attack scenarios, and analyze them to measure network risk. We also employ a multi-objective genetic algorithm to infer the priority of hardening strategies automatically. Finally, we present some numerical results to show the performance of prioritizing strategies by network risk and hardening cost and illustrate the application of optimal hardening strategy set in typical cases. Our novel approach provides a promising new direction for network and vulnerability analysis to take proper precautions to reduce network risk.

• Fire Science and Engineering
• /
• v.8 no.1
• /
• pp.47-52
• /
• 1994

이 논문은 설계상의 안전 및 완전한 정량적 위험성 평가에 의해 맞추는 것이 가능한 여러가지 방법(QRA: Quantitative risk analysis)에 촛점을 두면서, 위험성 평가의 방법론의 간략한 개요를 소개하고 있다. QRA의 결과는 단독 위험 및 그룹 혹은 사회적 위험으로써 보통 소개된다. 계산된 단독 risk는 자주 단독 위험 graph(IRG : Individual risk graph)와 단독 위험등고선(IRC : Individual risk contours)의 형으로 나타낸다. IRG와 IRC는 예를 들면 다음과 같은 사고의 시나리오로 계산된다. : 여러가지 기상조건 하에서 2kg/s의 암모니아의 유출을 1800s로 한다. 이 예는 그래프가 곡선의 상승을 나타내는 것이 확실하다. 마지막으로, QRA는 예를 들어서 토지이용계획 등에 유용한 수단으로 될 수 있다고 할 수 있다. 한편 화학플랜트의 안전에 대해서는, 위험성 평가를 위해 다른 방법이 유효하며, 불가피하다.

• Journal of the Korean Society for Railway
• /
• v.19 no.2
• /
• pp.170-186
• /
• 2016

This paper introduces a multi-phase fuzzy risk graph model, representing a method for determining for SIL values for railway industry systems. The purpose of this paper is to compensate for the shortcomings of qualitative determination, which are associated with input value ambiguity and the subjectivity problem of expert judgement. The multi-phase fuzzy risk graph model has two phases. The first involves the determination of the conventional risk graph input values of the consequence, exposure, avoidance and demand rates using fuzzy theory. For the first step of fuzzification this paper proposes detailed input parameters. The fuzzy inference and the defuzzification results from the first step will be utilized as input parameters for the second step of the fuzzy model. The second step is to determine the safety integrity level and tolerable hazard rate corresponding to be identified hazard in the railway industry. To validate the results of the proposed the multi-phase fuzzy risk graph, it is compared with the results of a safety analysis of a level crossing system in the CENELEC SC 9XA WG A0 report. This model will be adapted for determining safety requirements at the early concept design stages in the railway business.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.12
• /
• pp.95-105
• /
• 2018

As the IT industry developed, the information held by the company soon became a corporate asset. As this information has value as an asset, the number and scale of various cyber attacks which targeting enterprises and institutions is increasing day by day. Therefore, research are being carried out to protect the assets from cyber attacks by using the attack graph to identify the possibility and risk of various attacks in advance and prepare countermeasures against the attacks. In the attack graph, security metric is used as a measure for determining the importance of each asset or the risk of an attack. This is a key element of the attack graph used as a criterion for determining which assets should be protected first or which attack path should be removed first. In this survey, we research trends of various security metrics used in attack graphs and classify the research according to application viewpoints, use of CVSS(Common Vulnerability Scoring System), and detail metrics. Furthermore, we discussed how to graft the latest security technologies, such as MTD(Moving Target Defense) or SDN(Software Defined Network), onto the attack graphs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5731-5754
• /
• 2019

In this paper, we redesign, implement, and evaluate ShareSafe (Based on SecGraph), an open-source secure graph data sharing/publishing platform. Within ShareSafe, we propose De-anonymization Quantification Module and Recommendation Module. Besides, we model the attackers' background knowledge and evaluate the relation between graph data privacy and the structure of the graph. To the best of our knowledge, ShareSafe is the first platform that enables users to perform data perturbation, utility evaluation, De-A evaluation, and Privacy Quantification. Leveraging ShareSafe, we conduct a more comprehensive and advanced utility and privacy evaluation. The results demonstrate that (1) The risk of privacy leakage of anonymized graph increases with the attackers' background knowledge. (2) For a successful de-anonymization attack, the seed mapping, even relatively small, plays a much more important role than the auxiliary graph. (3) The structure of graph has a fundamental and significant effect on the utility and privacy of the graph. (4) There is no optimal anonymization/de-anonymization algorithm. For different environment, the performance of each algorithm varies from each other.

• Journal of the Korean Society of Safety
• /
• v.30 no.6
• /
• pp.164-173
• /
• 2015

There exists required safety integrity level (SIL) to assure safety in accordance with international standards for every electrical / electronics / control equipment or systems with safety related functions. The SIL is allocated from lowest level (level 0) to highest level (level 4). In order to guarantee certain safety level that is internationally acceptable, application of methodology for SIL allocation and demonstration based on related international standards is required. However, application standard differs from every industry in domestic or international for application on mythology for allocation and demonstration of SIL. Application or assessment is not easy since absence on clear criteria or common definition. This research studied not only fundamental concept of SIL required to guarantee safety in accordance with international standards for safety related equipment and system, but different types of methodologies for SIL allocation. Specifically, SIL allocation for Platform Screen Door system of railway is studied applying methodology of severity of accidents and risk graph among different methodologies for SIL allocation.

• Nuclear Engineering and Technology
• /
• v.48 no.2
• /
• pp.386-403
• /
• 2016

The safety of nuclear power plants is analyzed by a probabilistic risk assessment, and the fault tree analysis is the most widely used method for a risk assessment with the event tree analysis. One of the well-known disadvantages of the fault tree is that drawing a fault tree for a complex system is a very cumbersome task. Thus, several graphical modeling methods have been proposed for the convenient and intuitive modeling of complex systems. In this paper, the reliability graph with general gates (RGGG) method, one of the intuitive graphical modeling methods based on Bayesian networks, is improved for the reliability analyses of dynamic systems that have various operation modes with time. A reliability matrix is proposed and it is explained how to utilize the reliability matrix in the RGGG for various cases of operation mode changes. The proposed RGGG with a reliability matrix provides a convenient and intuitive modeling of various operation modes of complex systems, and can also be utilized with dynamic nodes that analyze the failure sequences of subcomponents. The combinatorial use of a reliability matrix with dynamic nodes is illustrated through an application to a shutdown cooling system in a nuclear power plant.