The digitization of ship environments has increased the risk of cyberattacks on ships. The smartization and automation of ships are also likely to result in cyber threats. The International Maritime Organization (IMO) has discussed the establishment of regulations at the autonomous level and has revised existing agreements by dividing autonomous ships into four stages, where stages 1 and 2 are for sailors who are boarding ships while stages 3 and 4 are for those not boarding ships. In this study, the level of a smart ship was classified into LEVELs (LVs) 1 to 3 based on the autonomous levels specified by the IMO. Furthermore, a risk assessment for smart ships at various LVs in different risk scenarios was conducted The cyber threats and vulnerabilities of smart ships were analyzed by dividing them into administrative, physical, and technical security; and mitigation measures for each security area were derived. A total of 22 cyber threats were identified for the cyber asset (target system). We inferred that the higher the level of a smart ship, the greater the hyper connectivity and the remote access to operational technology systems; consequently, the greater the attack surface. Therefore, it is necessary to apply mitigation measures using technical security controls in environments with high-level smart ships.

본 논문의 목적은 한국이 직면한 뉴테러리즘 양상과 위협 요인을 분석해보고, 선제적으로 대응할 수 있는 과제에 대해 제시해 봄에 있다. 현재 한국은 포괄적 안보상황 하에서 대중과 다중이용시설 대상 무차별적 공격의 사전 차단 및 대량살상 등 전방위적으로 테러위협에 대응하고 있다. 이에 이 논문에서는 테러 수단의 첨단화 및 고도화되고 있는 뉴테러리즘에 대해 선제적으로 국가 및 국민적 인식을 강화하고 취약점 보완을 위해 법률적, 제도적 대응 방안을 제시했다. 또 포괄적 안보 상황을 반영하여 국내 테러 양상을 분석하고, 테러예방시스템 구축을 위한 통합방위법 및 테러방지법의 상호 연계성과 사법집행 강화를 위한 근거를 마련해야 한다. 특히 AI 기반의 테러예방 및 대응 시스템 등 4차 산업혁명의 신기술 적용을 토대로 테러위협을 선제적 으로 차단하고 이 같은 기술을 활용하는 대테러업무 담당자를 대상 으로 교육훈련을 강화할 수 있는 방안 역시 마련해야 한다.

In the wake of the Fukushima NPP accident, research on the safety evaluation of spent fuel storage facilities for natural disasters such as earthquakes and tsunamis has been continuously conducted, but research on the protection integrity of spent fuel storage facilities is insufficient in terms of physical protection. In this study, accident scenarios that may occur structurally and thermally for spent fuel storage facilities were investigated and safety assessment cases for such scenarios were analyzed. Major domestic and international institutions and research institutes such as IAEA, NEA, and NRC provide 13 accident scenario types for Spent Fuel Pool, including loss-of-coolant accidents, aircraft collisions, fires, earthquakes. And 10 accident scenario types for Dry Storage Cask System, including transportation cask drop accidents, aircraft collisions, earthquakes. In the case of Spent Fuel Pool, the impact of the cooling function loss accident scenario was mainly evaluated through empirical experiments, and simulations were performed on the dropping of spent nuclear fuel assembly using simulation codes such as ABAQUS. For Dry Storage Cask System, accident scenarios involving structural behavior, such as degradation and fracture, and experimental and structural accident analyses were performed for storage cask drop and aircraft collision accidents. To evaluate the safety of storage container drop accidents, an empirical test on the container was conducted and the simulation was conducted using the limited element analysis software. Among the accident scenarios for spent fuel storage facilities, aircraft and missile collisions, fires, and explosions are representative accidents that can be caused by malicious external threats. In terms of physical protection, it is necessary to analyze various accident scenarios that may occur due to malicious external threats. Additionally, through the analysis of design basis threats and the protection level of nuclear facilities, it is necessary to derive the probability of aircraft and missile collision and the threat success probability of fire and explosion, and to perform protection integrity evaluation studies, such as for the walls and structures, for spent fuel storage facilities considering safety evaluation methods when a terrorist attack occurs with the derived probability.

KINAC (Korea Institute of Nuclear Non-proliferation and Control) is entrusted with the NSSC (Nuclear Safety And Security Commission) to conduct threat assessments for nuclear facilities. As part of the threat assessment, DBT (Design Basis Threat) must be established every three years, and a threat assessment report must be developed for DBT establishment. This paper suggests a method for collecting and analyzing cyber threat information for the development of a cyber security threat assessment report. Recently, cyber threats not only in the IT (Information Technology) field but also in the ICS (Industrial Control System) field are rapidly increasing. As cyber threats increase, threat information including related attack techniques is also increasing. Although KINAC is conducting a threat assessment on cyber security at nuclear facilities, it cannot collect and analyze all cyber threat information. Therefore, it is necessary to determine a reliable source of threat information for threat assessment, and establish a strategy for collecting and analyzing threat information for DBT establishment. The first method for collecting and analyzing threat information is to first collect threat information on industrial fields with high similarity to nuclear facilities. Most of the disclosed cyber threat information is in the IT field, and most of this information is not suitable for closed-network nuclear facilities. Therefore, it is necessary to first collect and analyze threat information on facilities that use networks similar to nuclear facilities such as energy and financial sector. The second method is to analyze the attack technique for the collected threat information. The biggest factor in DBT reset is whether there is a new threat and how much it has increased compared to the existing threat. Therefore, it is necessary to analyze which attack technique was used in the collected threat information, and as part of the analysis, a cyber attack analysis model such as a kill chain can be used. The last method is to collect and manage the disclosed vulnerability information. In order to manage vulnerabilities, it is necessary to analyze what assets are in the nuclear facility first. By matching the reported vulnerability with the CDA (Critical Digital Asset) in the facility, it is possible to analyze whether the CDA can be affected by a cyber attack.As cyber threats continue to increase, it is necessary to analyze threat cases of similar facilities, attack techniques using attack models, and vulnerability analysis through asset identification in order to develop a threat assessments report.

최근 테러의 대상 범위는 보다 광범위해 지고 있으며, 국내의 테러발생위험이 지속적으로 증가하고 있는 가운데 테러의 형태는 국가의 중요시설과 같은 경성표적(Hard Target)에서 초고층건물과 같은 다중이용시설의 연성표적(Soft Target)으로 변화하고 있다. 따라서 본 논문에서는 Fema 455 - Rapid Visual Screening을 통해 국내의 초고층건물과 고층건물의 테러위험도 평가결과를 국내의 저층건물의 테러위험도 평가결과와 비교하여 초고층건물의 테러위험도를 분석하였다. 그 결과 초고층건물 및 고층건물은 저층건물에 비해 Consequences, Vulnerability Rating보다 Threat Rating항목이 상대적으로 높았으며, 이는 초고층건물의 거주인원 및 국가적 또는 지역적인 상징성 및 가시성 부분에서 테러위험도가 높은 것이 주요 원인으로 분석되었다.