Development of Knowledge Graph Based on Risk Register to Support Risk Management of Construction Projects

Muritala Adebayo Isah,김병수 대한토목학회 2023 KSCE Journal of Civil Engineering Vol.27 No.7

Risk management (RM) in construction projects is a knowledge-intensive process that requiresan efficient mechanism for capturing, storing, exploiting, and managing risk-related knowledge. Although some existing studies have proposed various knowledge-based risk management(KBRM) tools. However, not all tools suit all projects, as every project is unique. Besides, eachtool is developed based on certain assumptions with methodological drawbacks. Hence, newtools are required in response to the continuous change in the project environment,complexity, and dynamism by adopting new technologies to improve the RM processes. Thisstudy proposes a knowledge graph technique to improve risk-related knowledge storage,sharing, and reuse in managing construction project risks. This study constructed a riskknowledge graph (RisKG) based on a project risk register. The proposed RisKG was then usedto develop a construction risk dashboard (ConRisk Dashboard) that can be used for quick riskinformation retrieval to support the RM of construction projects. The effectiveness of theproposed ConRisk Dashboard was verified through its use for the search and retrieval of riskassessment details of a particular risk source associated with the case project used in RisKG. The results indicate that the ConRisk Dashboard can improve the RM processes by saving timespent on project documentation reviews and cost expended on expert workshops at thebeginning of every new project. Conclusively, the contribution of this study to the body ofknowledge is that it provides a framework for developing knowledge-based risk managementsystems (KBRMS) and intelligent tools that can facilitate integrated risk management and digitalcollaboration among project stakeholders to support informed decision-making in constructionprojects. In addition, this work paves the way for research towards developing and adoptingdigital tools that can facilitate the digital transformation of RM and CM practices to improveproject performance and productivity in the construction industry.

Risk Graph에 의해 할당된 SIL에 따른 철도 승강장 도어 시스템의 정량적 Risk 저감 모델

송기태 ( Ki Tae Song ),이성일 ( Sung Ill Lee ) 한국안전학회(구 한국산업안전학회) 2016 한국안전학회지 Vol.31 No.5

There exists required safety integrity level (SIL) to assure safety in accordance with international standards for every electrical / electronics / control equipment or systems with safety related functions. The SIL is allocated from lowest level (level 0) to highest level (level 4). In order to guarantee certain safety level that is internationally acceptable, application of methodology for SIL allocation and demonstration based on related international standards is required. Especially, in case of the SIL allocation method without determining of quantitative tolerable risk, the additional review is needed to check whether it is suitable or not is required. In this study, the quantitative risk reduction model based on the safety integrity allocation results of railway platform screen door system using Risk Graph method has been examined in order to review the suitability of quantitative risk reduction according to allocated safety integrity level.

Using Genetic Algorithm for Optimal Security Hardening in Risk Flow Attack Graph

( Fangfang Dai ),( Kangfeng Zheng ),( Binwu ),( Shoushan Luo ) 한국인터넷정보학회 2015 KSII Transactions on Internet and Information Syst Vol.9 No.5

Network environment has been under constant threat from both malicious attackers and inherent vulnerabilities of network infrastructure. Existence of such threats calls for exhaustive vulnerability analyzing to guarantee a secure system. However, due to the diversity of security hazards, analysts have to select from massive alternative hardening strategies, which is laborious and time-consuming. In this paper, we develop an approach to seek for possible hardening strategies and prioritize them to help security analysts to handle the optimal ones. In particular, we apply a Risk Flow Attack Graph (RFAG) to represent network situation and attack scenarios, and analyze them to measure network risk. We also employ a multi-objective genetic algorithm to infer the priority of hardening strategies automatically. Finally, we present some numerical results to show the performance of prioritizing strategies by network risk and hardening cost and illustrate the application of optimal hardening strategy set in typical cases. Our novel approach provides a promising new direction for network and vulnerability analysis to take proper precautions to reduce network risk.

보안 위험 평가를 위한 사회공학 공격 그래프 : Social Engineering Attack Graph framework(SEAG)

김준석(Jun Seok Kim),강현재(Hyunjae Kang),김진수(Jinsoo Kim),김휘강(Huy Kang Kim) 한국컴퓨터정보학회 2018 韓國컴퓨터情報學會論文誌 Vol.23 No.11

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset"s authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

철도신호 안전무결성수준 분석에 관한 연구

장승환 ( Seung Hwan Jang ),김대현 ( Dae Hyun Kim ),변보석 ( Bo Suk Byun ) 대한설비관리학회 2015 대한설비관리학회지 Vol.20 No.3

This paper demonstrates the result of Safety Integrity Level (SIL) allocation for Honam KTX Train Control System (TCS), by applying the semi-quantitative approach. TCS is defined in this paper as the set of TVM SEI, Supplementary Safety Equipment, Power Equipment, TCS Integrated Maintenance System (TIMS), and Local Control Panel (LCP). SIL allocation is performed for these constituent subsystems of TCS. Three approaches for SIL allocation being widely used in railway application are compared in terms of the conservativeness of the allocation result; qualitative, quantitative, and semi-quantitative methods. The semi-quantitative method, based on the risk matrix and the relationship between Tolerable Hazard Rate (THR) and SIL, is less pessimistic than the qualitative method, but more conservative than the quantitative method, in the sense that it utilizes more information (e.g., risk reduction factors involved in the hazard occurrence) than the qualitative method which purely depends on the configuration of Risk Graph. Based on three principles of the semi-quantitative method, the SIL allocation process is performed for the subsystems composing TCS.

화물차 DTG 데이터를 활용한 고속도로 졸음운전 위험구간 분석

조종석,이현석,이재영,김덕녕 대한교통학회 2017 대한교통학회지 Vol.35 No.2

In the past 10 years, the accidents caused by drowsy driving have occupied about 23% of all traffic accidents in Korea expressway network and this rate is the highest one among all accident causes. Unlike other types of accidents caused by speeding and distraction to the road, the accidents by drowsy driving should be managed differently because the drowsiness might not be controlled by human's will. To reduce the number of accidents caused by drowsy driving, researchers previously focused on the spot based analysis. However, what we actually need is a segment (link) and occurring time based analysis, rather than spot based analysis. Hence, this research performs initial effort by adapting link concept in terms of drowsy driving on highway. First of all, we analyze the accidents caused by drowsy in historical accident data along with their road environments. Then, links associate with driving time are analyzed using digital tachograph (DTG) data. To carry this out, negative binomial regression models, which are broadly used in the field, including highway safety manual, are used to define the relationship between the number of traffic accidents on expressway and drivers’ behavior derived from DTG. From the results, empirical Bayes (EB) and potential for safety improvement (PSI) analysis are performed for potential risk segments of accident caused by drowsy driving on the future. As the result of traffic accidents caused by drowsy driving, the number of the traffic accidents increases with increase in annual average daily traffic (AADT), the proportion of trucks, the amount of DTG data, the average proportion of speeding over 20km/h, the average proportion of deceleration, and the average proportion of sudden lane-changing. 지난 10년 간 졸음운전은 전체 고속도로 사고건수의 약 23%로 교통사고 사망원인 중 가장 높은 비중을 차지하고 있다. 과속, 주시태만 등 운전자 과실이 주요원인인 일반적인 사고유형과 달리, 졸음운전은 졸음이라는 불가항력적 원인에 의해 발생한다는 점에서 타 사고유형과 차별화된 접근이 요구된다. 그 동안의 졸음운전 감소대책은 일반적인 교통사고 대책과 마찬가지로 사고다발지점과 같은 특정지점(spot)에 집중하였으나, 도로특성(해당구간의 화물차 비율 등) 또는 시간특성(누적주행시간에 따른 위험 운전행동 증가 등)을 고려한 감소대책이 필요함에 따라, 본 연구에서는 시·공간적으로 확대한 구간(link) 개념을 도입하였다. 고속도로 졸음운전 위험구간 분석을 위해 화물차 디지털 운행기록계(digital tacho graph: DTG) 자료를 활용하였으며 , 이를 바탕으로 졸음운전 위험구간을 산정하였다. 위험 행동지표와 사고 발생건수 간의 상관 분석을 위해 음이항 회귀모형(negative binomial regression)을 통한 졸음사고 예측모형을 추정하였으며 모형의 결과 값을 바탕으로 경험적 베이즈(empirical Bayes: EB) 추정치와 구간별 잠재적 안전개선 지수(potential for safety improvement: PSI)를 산출하여 졸음운전 위험 구간을 선정하였다. 졸음사고 모형 추정 결과, 연평균 일교통량, 화물차 비율, DTG 수집 자료건수, 평균 과속비율(20km/h 초과), 평균 급감속비율 및 평균 급차로변경비율이 늘어날 경우 졸음운전 사고건수 역시 증가하는 것으로 분석되었다.

Research on Risk Early-Warning Model in Airport Flight Area based on Information Entropy Attribute Reduction and BP Neural Network

보안공학연구지원센터(IJSIA) 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.10

According to the fussy of evaluating index and the uncertainty of evaluating information in flight area, systems thinking tool of complex science management theory - explore graph, is used to construct the fight area risk evaluation index system. And a fight area risk early-warning model based on information entropy attribute reduction and multi-layer BP neural network is proposed. First rough set and information entropy are combined, based on information entropy attribute reduction algorithm, the reduced index information are got. Then based on the multi-layer BP network, the data collected from the flight area was intelligent reasoned and analyzed and evaluated. An example analysis by MATLAB shows that the method is feasible, and it provides support for venture investment project risk management evaluation method.

결과 심각도 및 리스크 그래프에 기반한 철도 승강장 도어시스템의 안전 무결성 수준 할당

송기태 ( Ki Tae Song ),이성일 ( Sung Ill Lee ) 한국안전학회(구 한국산업안전학회) 2015 한국안전학회지 Vol.30 No.6

There exists required safety integrity level (SIL) to assure safety in accordance with international standards for every electrical / electronics / control equipment or systems with safety related functions. The SIL is allocated from lowest level (level 0) to highest level (level 4). In order to guarantee certain safety level that is internationally acceptable, application of methodology for SIL allocation and demonstration based on related international standards is required. However, application standard differs from every industry in domestic or international for application on mythology for allocation and demonstration of SIL. Application or assessment is not easy since absence on clear criteria or common definition. This research studied not only fundamental concept of SIL required to guarantee safety in accordance with international standards for safety related equipment and system, but different types of methodologies for SIL allocation. Specifically, SIL allocation for Platform Screen Door system of railway is studied applying methodology of severity of accidents and risk graph among different methodologies for SIL allocation.

Improvement of the Reliability Graph with General Gates to Analyze the Reliability of Dynamic Systems That Have Various Operation Modes

Shin, Seung Ki,No, Young Gyu,Seong, Poong Hyun Korean Nuclear Society 2016 Nuclear Engineering and Technology Vol.48 No.2

The safety of nuclear power plants is analyzed by a probabilistic risk assessment, and the fault tree analysis is the most widely used method for a risk assessment with the event tree analysis. One of the well-known disadvantages of the fault tree is that drawing a fault tree for a complex system is a very cumbersome task. Thus, several graphical modeling methods have been proposed for the convenient and intuitive modeling of complex systems. In this paper, the reliability graph with general gates (RGGG) method, one of the intuitive graphical modeling methods based on Bayesian networks, is improved for the reliability analyses of dynamic systems that have various operation modes with time. A reliability matrix is proposed and it is explained how to utilize the reliability matrix in the RGGG for various cases of operation mode changes. The proposed RGGG with a reliability matrix provides a convenient and intuitive modeling of various operation modes of complex systems, and can also be utilized with dynamic nodes that analyze the failure sequences of subcomponents. The combinatorial use of a reliability matrix with dynamic nodes is illustrated through an application to a shutdown cooling system in a nuclear power plant.

핵심기반시설 사이버 보안 평가 모델링 기법 연구

엄익채 한국디지털정책학회 2019 디지털융복합연구 Vol.17 No.8

The purpose of this study is to analyze cyber security risk modeling of critical infrastructure, draw out limitations and improvement measures. This paper analyzed cyber security risk modeling of national critical infrastructure like as electricity sector, nuclear power plant, SCADA. This paper analyzed the 26 precedent research cases of risk modeling in electricity sector, nuclear power plant, SCADA. The latest Critical Infrastructure is digitalized and has a windows operating system. Critical Infrastructure should be operated at all times, it is not possible to patch a vulnerability even though find vulnerability. This paper suggest the advanced cyber security modeling characteristic during the life cycle of the critical infrastructure and can be prevented. 본 연구는 원자력 발전소등의 국가 핵심기반시설에 대한 기존의 사이버 보안 위험 모델링 기법을 분석하고 이의 한계점 및 개선방안을 도출하는데 목적이 있다. 연구 대상은 전력 및 원자력 발전소, SCADA등의 국가 핵심기반시설의 사이버 보안 위험 모델링 기법이다. 연구에서는 SCADA, 전력, 원자력 발전의 사이버 보안 위험 모델링 분야의 총 26편에 대한 선행 연구 사례를 분석하고, 이를 정성적 모델링과 정량적 모델링 기법으로 구분하여 각각의 특징과 한계점에 대해 분석하였다. 최근 핵심기반시설은 디지털화 되어 가는 추세이며 Windows등의 운영체제를 사용하는 시스템들로 구성되어 있지만, 상시 운영되어야 하는 요구사항으로 인해, 취약점이 발견되더라도 패치등을 즉각 행할 수가 없는 특징이 있다. 본 연구에서는 이러한 제약사항들을 감안하여 취약점들이 핵심기반시설의 생명주기동안 어떤 특성으로 전파되고 예방 할 수 있는지에 대한 모델링 기법 방안을 제시하고 있다.