Earticle

제어시스템은 원격지의 시스템을 효율적으로 감시하고, 관리하는 목적으로 사용되는 시스템이다. 초창기의 제어시스템은 특정 용도에 맞게 개별적으로 설치되어 운영되었으나, 1990년대 이후에는 시스템의 유지관리 및 다른 시스템과의 상호운용의 요구로 점차 개방형 시스템으로 변하기 시작하면서 보안의 위험에 노출되기 시작하였다. 제어시스템은 전력, 가스, 상하수도, 교통 등의 국가주요시설의 운용에 사용되고 있으며, 해당 시스템에 사이버 침해사고 발생 시 국가적 혼란을 야기 시킬 수 있으므로 특별한 보안관리가 요구된다. 본 논문에서는 국외 제어시스템 관련 보안제품들의 기술동향을 분석하고, 이들 제품들의 특성을 비교하며, 제어시스템 전용 보안기술 개발에 필요한 기술요구사항들을 제시하고자 한다.

Industrial control system is the one that is used by the purpose of watching and managing remote systems efficiently. The early industrial control system is established and operated individually, focusing on specification usage. Since 1990's, industrial control system has begun to be expose to the danger of security because it began to be transmitted into open system gradually by request of its managing system and running with different systems together. Industrial control system has been used in running the main faculty of countries such as electric power, gas, water supply and drainage, traffic systems etc. In case cyber infringement accident happens to industrial control system, national confusion will be caused, so industrial control system is required to be managed with security. In this paper, We have analyzed technological trend of Security products on industrial control systems used in overseas, compared among features of these products and are finally going to present technological requirements that is needed to develop security technology in the exclusive use of industrial control systems.

유비쿼터스 시대가 도래함에 따라, 우리는 개인 컴퓨터에서부터 휴대폰까지 다양한 디지털 장비들과 함께 생활하고 있다. 하지만 디지털 장치의 대중화는 이를 활용한 사이버 범죄의 다양화로 발전하였고, 디지털 포렌식 분야에 대한 일반인의 인식 증대는 안티-포렌식 기술의 유행이라는 새로운 문제를 낳고 있다. 이러한 흐름을 반영하듯 포렌식 학계에서는 다양한 분야에 대한 연구가 활발히 진행 중이다. 휴대폰/ PDA와 같은 휴대용 전자 장치에서부터 비디오 게임기, 차량의 EDR (Event Data Recorder) 등의 임베디드 시스템에 대한 수사 절차나 분석 방안을 연구하는 임베디드 포렌식, 수사과정에서 발견된 안티-포렌식 기술에 효과적으로 대응하기 위한 안티-안티 포렌식(Anti-anti-Forensics) 등이 최근의 주요 이슈이다. 본 논문에서는 디지털 포렌식의 최근 현황을 살펴보고, 임베디드 포렌식과 안티 포렌식에 대한 동향 및 대응 방안을 제시한다.

As ubiquitous Age is arrived in our life, we are living together with more various digital devices such as mobile phone, Ipod, PMP, GPS Navigation etc. But popularization of digital devices has influenced to diversity of cyber crime and moreover growth of understanding digital forensics in the general public takes effect to anti forensic techniques. These movements corresponds to vigorous research in forensic community and law enforcements. For example, embedded forensics which study procedure and analysis techniques about mobile phone, PDA, video game console, EDR(event data recorder), etc. And anti-anti-forensics study countermeasures of anti-forensic techniques and widespread usage of anti-forensic tools. In this paper we report trends of current digital forensics, such as embedded forensics and anti-forensics. and suggest countermeasures for effective digital crime investigation.

본 논문에서는 원격 건강 모니터링에 대한 시스템을 제시한다. 이 부분은 2개의 부분으로 구성되어 있다. 센서장치를 갖는 건강 서버는 환자의 생체정보를 측정하고 이를 패킷화하여 원격지 시스템에 전송한다. 다음으로, 모니터링 시스템은 네트웤을 통하여 헬스서버로부터 정보를 수신한 후, 복호 기를 통하여 패킷정보를 분석하여 각각의 개별적인 생체정보를 추출한 후 이를 실시간 표시하게 된다. 이 과정에서 개인 건강정보의 누출을 방지하기 위해 파일을 암호화하여 관리하게 된다. 실험에서 제시된 시스템 모델을 구현하고 효율적인 시스템임을 보인다.

A system model for remote health monitoring is presented. The system consists of two components. Health server with sensor devices measures the vital signs of a patient and transmits the packet after a packeting the health information to client system. Next, the monitoring system receives the health information from the health server through network, and the individual vital sign is obtained by biomedical processing, then displays the real-time information, encodes the file to prevent from leaking the health information . In the experiment, the present system model is implemented. We expect that the results of this study is effective in the remote health monitoring.

정보시스템에서 다루는 정보 및 정보시스템은 조직의 기능을 유지함과 동시에 임무를 완수하는데 필요한 중요 자원이므로, 정보의 비인가된 누출, 변경, 손실 혹은 정보시스템의 침해로부터 파생되는 문제점은 경제적 손실뿐만 아니라 조직의 지속성 차원에서도 중요한 의미를 갖게 된다. 경쟁관계에서의 생존을 위해 신속성, 정확성 측면에서 중요한 역할을 수행하여 온 정보시스템에 치명적 오류 혹은 침해가 발생하는 경우, 해당 정보시스템에 의존하고 있는 조직의 생존성에 지대한 영향을 미칠 수 있다. 따라서 각 조직은 정보시스템을 안전하게 보호하기 위해 상당한 투자를 아끼지 않고 있으며, 이러한 노력은 몇 가지 특징들을 나타내면서 발전되어 왔다. 본 논문에서는 이러한 관련 연구들의 발전방향을 정리하고, 향후의 연구 방향을 제시하였다.

IS (information system) and the information processed by IS are very important factors to maintain all functions and keep the duty of organization. The problems derived from unauthorized disclosure, modification, and destruction of important information or compromise of IS should be considered very carefully because these can be connected to economical loss or the existence of organizations. IS carries out critical role in the aspects of promptitude and exactitude, and most organizations are rely on this IS to sustain their existence. Therefore, in competitive environment, fatal errors or compromise of IS are able to be linked to dangerous situation. And to avoid this situation, most organizations invest much money and effort in security areas to protect their IS. And these investments are realized in several ways to show some characteristics. In this paper, we summarize research trend related to security management, and propose future works.

File fuzzing(or file fuzz testing) is a software testing technique that checks the response of a target program against abnormal file inputs. It is simply random testing but powerful. Especially, it is worth as security testing. However, file fuzzing is inefficient in the sense that it takes too much time, nearly endless, and so on. For even one input file, it takes several seconds to execute. Besides, most input files that are generated randomly are invalid. We propose the advanced file fuzzing system applying field information and fault-injection rule. For a file, field information represents the starting position, size, unique name, and valid data type of each field. And fault-injection rule is the formalized expression to describe generating and injecting a fault. These enable us to make effective input files and to distribute fuzzing works to several machines. In addition, our system provides the independent random fuzzing.

Critical Infrastructure or CI are so crucial and play a vital role in the society. A damage or breakage of it will have a huge effect on humanity and economy. Supervisory Control and Data Acquisition Systems (SCADA) play a big role on Critical Infrastructure since most of these infrastructures are controlled by control systems like SCADA. In this paper, we discuss the vulnerabilities of a SCADA system, its effect to the society and the ways to prevent such vulnerabilities. We also researched on the background of the SCADA system and its comparability to the common computer system is discussed.

Communication is very important in SCADA systems. In communication, protocols are needed to be implemented to avoid some problems. In the current state of SCADA communication, two protocols are widely used, the T101 or IEC 60870-5-101 (IEC101) and the DNP3 (Distributed Network Protocol) . In this paper, we present each protocol and discuss the specifications of T101 and DNP3. This can help SCADA operators to select which protocol is suited for the operations of their SCADA system.

Critical Infrastructures are so crucial to the society and community that a disruption of it can cause great damage. Many of these identified Critical Infrastructures are controlled by control systems like SCADA or Supervisory Control and Data Acquisition. Because of this, SCADA becomes a target of terrorists and other threats. In this paper, we discuss the relationship of Critical Infrastructure and SCADA, the threats and vulnerabilities and provides steps to minimize these threats and vulnerabilities. We also discuss the function of SCADA systems and other control systems to sectors which were considered Critical Infrastructure.

As an acronym for Supervisory Control and Data Acquisition, SCADA is a concept that is used to refer to the management and procurement of data that can be used in developing process management criteria. The use of the term SCADA varies, depending on location. Conventionally, SCADA is connected only in a limited private network. In current times, there are also demands of connecting SCADA through the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data generation and viewing. With these advantages, comes the security issues regarding web SCADA. We discuss web SCADA and its connectivity along with the issues regarding security. And suggests a web SCADA security solution using asymmetric-key encryption.

Supervisory Control and Data Acquisition (SCADA) systems are critical to the safe, reliable and efficient operation of many essential services that affect the daily lives of millions of people. These services include power generation plants, potable water systems, wastewater treatment facilities, oil and gas production and transportation/distribution networks. In today’ uncertain world, security stands beside profitability, productivity, performance and control as a key element for maintaining business activities in industrial facilities. Prevention of malicious attacks against business infrastructure has become as vital to ongoing success as has the widespread use of the computer systems which make such attacks so easy and so painful. The vulnerabilities and condition of security of SCADA networks are considered in this paper. Also approaches on how to best secure SCADA system are discussed.