%& o - jasstjasst.jp/symposium/jasst18niigata/pdf/s1.pdf5 18.421 22.445 28.749 131.725 30.32 37.5...
TRANSCRIPT
-
O
I
-
2
-
2
NIST SP 800-183
-
I
:: 3 : 1 3:30/
. -08 0. 83: 3 :3 3:3 :3 0 3 :
-
2
NIST SP 800-160
-
I
:: : 16 :0/
. -08 0. 8 : :: : 0 6:
-
JIS X 25000
-
/ 0 C /. C
6 5: 8 4 93 24
-
E IOT C A IOTC A IoT A GI
J
-
4 3. 1 . 3 1 . . /4 3 J1 . . /4 . 43 ? . . .3 23 4 WN J C
-
GI
https://www.pinterest.co.uk/pin/422071796318231297/
-
4 3. 1 . 3 1 . . /4 3 C1 . . /4 . 43 ? . . .3 23 4 NJ W
-
QFA
M e Nn o CG T E/
S e M R XGT E
/S CG T E2 / // /
N e IVBPXG GT E
// POIF MI I
/ I Q CGC e N
-
- -
-
/.
---
-
/.
---
-
/.
---
-
/.
---
-
4 3. 1 . 3 1 . . /4 3 C1 . . /4 . 43 ? . . .3 23 4 NJ W
-
*5
18.421 22.44528.749
131.725
30.32 37.548.805
250.066
0
50
100
150
200
250
300
2013 2014 2015 2020
AutomotiveGeneric BusinessVertical BusinessConsumerTotal
* 794/7 5: 199 0 794/7 54/ 755 2.
42 1 0
-
II
22.77 30.2340.24
135.09
38.07 49.0363.92
207.97
0
50
100
150
200
250
2014 2015 2016 2020
Cross-IndustryVertical BusinessConsumerTotal
* 7 /7 5: 1 6 0 7 /7 53
/ 7553 2.
* 15
*2
025 7*
-
/E*
I• M S••• y• R g
• gMG• gMb
• ns• ns• A e g
N•M•
a S•
• M• gc M
• ns• p
• M Sa
• ns•
• M SfPT• nso
• eOa S
• -• yr••M•
• M S• PT
• ns R
• gSi g
T - PS
-
4 3. 1 . 3 1 . . /4 3 C1 . . /4 . 43 ? . . .3 23 4 NJ W
-
117Copyright,(c),201532016,,,NPO
94
WiFi
LAN
USB
HDMI
Copyright8(c)82015@2016888NPO
102
USB
Wi)Fi+/+Bluetooth
Wi)Fi
Copyright+(c)+2015)2016+++NPO
110
WiFi
LAN NAS SD
Copyright3(c)3201592016333NPO
-
y
95
bb o b A
LOY S
AN yO A
ATOA AT
• u AN LN
• k N
L L
• e
L L
•u
• eL
• N u
AN L NN
• o LD
•k N
NN N
•
N eb N
• OA O
• O
k
b
F OY kb
O LOYS
b O Ab
Ob O
• u AN LN
•
• N
O
• y IN Y LA
A N
• Np
•p Lk N
L L
•p
•p Lk N
LL
• o LD
•k N
NN N
•N
N N
•
N eb N
• OA O
• O
k
Copyright,(c),201532016,,,NPO
N / a i2
96
• FNo / r
e or I /i AN
•A
• • / a i/
N/ /
• / a i/ N
//
• / a i/ N
//
•
• N/i
/i
• NI N
A
• • N/ a i/
N/ /
• N/ a i/ N
//
• N/ a i/ N
//
•
• II
alw
N• r / / A
N IA
N
• rar
•• I
/T
r
•/ /
• rarIA
•• o /
r A
•
• rar I
Copyright-(c)-201542016---NPO
e l3
97
• erD
D
• el
D D
•
• w
••
• e
••
•D
• e
••
• ia
l
• DD
• e
D
• ID
Der
• ID lD
•
• w
••
•D
•
lT
• TFoT
•D
•D
• ia
l
• DD
• e
D
Copyright-(c)-201552016---NPO
A iw4 DoS
98
• C STF
/ iA
• rl a
T C
• rl a
I I
•• S
rla
I C
•I
iI
• •I
iI•
F
•C
• eS
C
•F F
AD• ( I
C
IC R
• •I
iI
• •I
iI•
F
•C
• eS
C
/)
• R NTF iS i
C
• / o iS i
e
AD
• •I
iI
• •I
iI•
F
•
Copyright/(c)/201572016///NPO
/5
99
oe /
• N Ioe /
F N aF
• Toe /
••
ie/
la A
•o/ /
/ A
•o/ /
/ A
•/ /F
••
o/ / /A
• Tlr /aA
•
• I
•F A
•o/ /
/ A
•o/ /
/ A
•o/ /
/ A
•o/ / /A
• F wF
•
wF
Copyright,(c),201532016,,,NPO
/// .
-
IOT= IoT=Industrial IoT
-
Industrial Internet Consortium
-
2 * 20 2* 0 2 * 2 0 2
-
a
e
S TY
BDH d
E NOH
LGAI R
3 : 2 P LC D
-
:C BD A E
:
: : :
: :
-
1 . 5CAB :2 . B B A B:C :A 2 32 3AC B 5 2 : 2B: B 2B B A B 244 2B 5
EB B . 5CAB :2 . B B 1 : A 3G4 5: 2B: 4 AGAB : :B:2B: A B A 4C G 4 4B 4 B 2 5 : B 2B 2AA BA 2 5 AGAB A 2AA BA E:B
4 AA A 2 5 52B2 CA: 4 2 4 :B 4BC A : B 23: :BG 2 5 AB2 52 5A B 5 :B 2 A 2B: 2 3CA: AA 2 5 A 4: B2 CB4 A 24 AA: 5CAB : A 2 5 C3 :4 : 2AB C4BC
2C 4 5 : 02 4 & 3G : C 5: 3 A1 1 :A4 2 , 4B :4 . 0 . B
1 .. :A 2 CB 2 IA2 53 E : 5CAB G 2425 :2 2 5B B B 4 23 2B : 2B 2 5 23
f igf aM c
h b die l f LT L T
. 5CAB :2 . B B A B:C
-
• OMPRNQ
C D F DE DE /E D D
E D D AA D C) () )
D D D F D I
• UT) ECD ) D D E D () ECD ) D D D DE
I*http://www.iiconsortium.org/test-beds.htm
) & ) ) - - ) L S
-
http://www.iiconsortium.org/IISF.htm
-
vR I PWHY
. . . . . ..
E PRM. KGM LBPBT KGYO POR edE MSP AWicE PRM UaTYNBCrMsn tgB
MS R uPO
-
/ . / . , , ,. / . , . , ,. .
,. , / , ,, / , ,. / , /
t TH O hnUhnU g u fE aceUpoT O OUs S aceU Ti Oly
aceUv k UdEbIr Nè x TmW t vIRU S T O k
-
CIM FME
T CIL
SY SL
-
A
ü O L N
ü O E
ü U I PH
ü O RT ISH
-
/ /
LU SIUPF EDFBA
C / CR
H NOT
V CY
-
+
-
O T
O T TO T T
TT O T
T
T I
S O T
-
A
CE
-
- -
*Source:Kaspersky AO
-
))
Y n KY luct rMuU a t R NuWu
m U a t R K uS NK S rMue Mlu U a t R K gPAP Pi U a t R y Ro Ks R
C DITu au U Y E
Y n KY luG Yu o : : Mu
e Mlu : ( ( ): : )
-
/ Y O Q bSN T SR bUX MP CniA e Y O Q b
WL Y O Q bSN T SR bUbV LVE CniA Y O Q b
Y O Q bSN T SR bU/ / E dk dC o I Y O Q b
-
NIDO SA
RD
CUMTE
-
S GNP N
S GNA G G
R G
I E O GNE T
P N GT N
-
o ljm gkjp m cihnduta f e_brsENES ASION ERSING 4WECTSION =SANDA D 4= SSP/ PENSERS
RSANDA D O G INDEW P P 8AIN AGE97= =PECIA T ICASIONR -%% EC NICA 6TIDE SO 7NFO MASION =ECT IS ERSING AND1RRERRMENS SSPR/ CR C NIRS GO PT ICASIONR DESAI RP -%% FINA:PEN =OT CE =ECT IS ERSING 8ES ODO OG 8ANTA :== 88SSP/ IRECOM O G EREA C
7NFO MASION = RSEMR =ECT IS 1RRERRMENS 5 AME O 7==15SSP/ OIRRG O G IRRAF SME 1PP ICASION =ECT IS 2ONRO SITM 1=2 EAS 2 ARRIFICASIONSSP/ P O ECSR E APPREC O G PAGE ( ) . - EAS %2 ARRIFICASION
:PEN E 1PP ICASION =ECT IS O ECS : 1= ERSING 6TIDESSPR/ O ARP O G INDEW P P : 1= ERSING O ECS
8IC OROFS = 734 EAS 8ODE SSPR/ MRDN MIC OROFS COM ENTR I A EE- (- - 0CR % ARPW
http://www.pentest-standard.org/index.php/Main_Pagehttps://csrc.nist.gov/publications/detail/sp/800-115/finalhttp://www.isecom.org/research/http://www.oissg.org/issaf.htmlhttp://projects.webappsec.org/w/page/13246978/Threat%20Classificationhttps://www.owasp.org/index.php/OWASP_Testing_Projecthttps://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx
-
JPCERT/CC
-
1 / 02 . / 2 / 6 .
-
IT OT ICS Embedded system
-
S F F
F F
F F F F
I FS
-
.