JP7220095B2 - セキュリティ設計立案支援装置 - Google Patents
セキュリティ設計立案支援装置 Download PDFInfo
- Publication number
- JP7220095B2 JP7220095B2 JP2019030972A JP2019030972A JP7220095B2 JP 7220095 B2 JP7220095 B2 JP 7220095B2 JP 2019030972 A JP2019030972 A JP 2019030972A JP 2019030972 A JP2019030972 A JP 2019030972A JP 7220095 B2 JP7220095 B2 JP 7220095B2
- Authority
- JP
- Japan
- Prior art keywords
- countermeasure
- threat
- information
- countermeasures
- merge
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60R—VEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
- B60R16/00—Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
- B60R16/02—Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
- B60R16/023—Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements for transmission of signals between vehicle parts or subsystems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/85—Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Mechanical Engineering (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Small-Scale Networks (AREA)
Description
Claims (5)
- 車載ネットワークに対するセキュリティ設計の立案を支援する装置であって、
前記車載ネットワークに対する脅威にそれぞれ対応する複数の対策案を表す第1の対策方針情報を作成する対策方針作成部と、
前記対策方針作成部が作成した前記第1の対策方針情報が表す前記複数の対策案のうち同一種類の対策案同士をマージして前記複数の対策案をグループ化するマージ処理部と、
前記脅威と前記マージ処理部によりグループ化された前記複数の対策案との関係を表す第2の対策方針情報を外部に出力する通信部と、
予め設定された各対策案の特徴に関するマージルール情報を記憶した記憶部と、を備え、
前記マージ処理部は、前記マージルール情報を用いて前記同一種類の対策案同士をマージするセキュリティ設計立案支援装置。 - 請求項1に記載のセキュリティ設計立案支援装置において、
外部から取得した情報に基づいて前記マージルール情報を更新するルール更新部をさらに備えるセキュリティ設計立案支援装置。 - 請求項1に記載のセキュリティ設計立案支援装置において、
前記記憶部は、予め設定された各脅威と対策案との関係を表す対策案選択情報をさらに記憶し、
前記対策方針作成部は、前記脅威に対する分析結果を表す脅威分析情報を取得し、前記脅威分析情報と前記対策案選択情報とを用いて前記第1の対策方針情報を作成するセキュリティ設計立案支援装置。 - 請求項3に記載のセキュリティ設計立案支援装置において、
外部から取得した情報に基づいて前記対策案選択情報を更新するルール更新部をさらに備えるセキュリティ設計立案支援装置。 - 請求項1に記載のセキュリティ設計立案支援装置において、
前記通信部は、前記第2の対策方針情報を外部のコンピュータに出力し、
前記第2の対策方針情報は、前記脅威と前記マージ処理部によりグループ化された前記複数の対策案との関係を示す画面を、前記コンピュータが備える表示装置に表示させるための情報であるセキュリティ設計立案支援装置。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2019030972A JP7220095B2 (ja) | 2019-02-22 | 2019-02-22 | セキュリティ設計立案支援装置 |
CN202010106488.1A CN111614607A (zh) | 2019-02-22 | 2020-02-21 | 安全设计制定辅助装置 |
US16/798,036 US11381602B2 (en) | 2019-02-22 | 2020-02-21 | Security design planning support device |
EP20158789.6A EP3699798B1 (en) | 2019-02-22 | 2020-02-21 | Security design planning support device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2019030972A JP7220095B2 (ja) | 2019-02-22 | 2019-02-22 | セキュリティ設計立案支援装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2020135664A JP2020135664A (ja) | 2020-08-31 |
JP7220095B2 true JP7220095B2 (ja) | 2023-02-09 |
Family
ID=69784056
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2019030972A Active JP7220095B2 (ja) | 2019-02-22 | 2019-02-22 | セキュリティ設計立案支援装置 |
Country Status (4)
Country | Link |
---|---|
US (1) | US11381602B2 (ja) |
EP (1) | EP3699798B1 (ja) |
JP (1) | JP7220095B2 (ja) |
CN (1) | CN111614607A (ja) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11718565B2 (en) * | 2020-01-31 | 2023-08-08 | Champion Link International Corporation | Panel for forming a floor covering and such floor covering |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003196476A (ja) | 2001-12-27 | 2003-07-11 | Hitachi Ltd | セキュリティポリシーの作成支援システムおよびセキュリティ対策決定支援システム |
JP2003256205A (ja) | 2002-03-06 | 2003-09-10 | Toshiba Corp | ソフトウェア設計要件抽出支援方法、ソフトウェア設計要件決定支援方法、ソフトウェア設計支援方法、およびプログラム |
JP2005025523A (ja) | 2003-07-02 | 2005-01-27 | Mitsubishi Electric Corp | 情報セキュリティ管理支援装置 |
JP2009110177A (ja) | 2007-10-29 | 2009-05-21 | Ntt Data Corp | 情報セキュリティ対策決定支援装置及び方法ならびにコンピュータプログラム |
JP2017068825A (ja) | 2015-09-29 | 2017-04-06 | パナソニックIpマネジメント株式会社 | ソフトウェア開発システムおよびプログラム |
Family Cites Families (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS5145907B2 (ja) | 1972-11-01 | 1976-12-06 | ||
US7095854B1 (en) * | 1995-02-13 | 2006-08-22 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US20100030423A1 (en) * | 1999-06-17 | 2010-02-04 | Paxgrid Telemetric Systems, Inc. | Automotive telemetry protocol |
US8256002B2 (en) * | 2002-01-18 | 2012-08-28 | Alcatel Lucent | Tool, method and apparatus for assessing network security |
US20070276674A1 (en) * | 2002-08-19 | 2007-11-29 | Merzad Hemmat | Defining and sizing feasible approaches to business needs within an integrated development process |
US20070288208A1 (en) * | 2004-08-20 | 2007-12-13 | Lockheed Martin Corporation | Measurable enterprise CBRNE protection |
US20060161879A1 (en) * | 2005-01-18 | 2006-07-20 | Microsoft Corporation | Methods for managing standards |
US20070157311A1 (en) * | 2005-12-29 | 2007-07-05 | Microsoft Corporation | Security modeling and the application life cycle |
JP5145907B2 (ja) | 2007-12-04 | 2013-02-20 | 日本電気株式会社 | セキュリティ運用管理システム、方法、及び、プログラム |
US20130304514A1 (en) * | 2012-05-08 | 2013-11-14 | Elwha Llc | Systems and methods for insurance based on monitored characteristics of an autonomous drive mode selection system |
US8595037B1 (en) * | 2012-05-08 | 2013-11-26 | Elwha Llc | Systems and methods for insurance based on monitored characteristics of an autonomous drive mode selection system |
US9721086B2 (en) * | 2013-03-15 | 2017-08-01 | Advanced Elemental Technologies, Inc. | Methods and systems for secure and reliable identity-based computing |
KR102271978B1 (ko) * | 2013-10-08 | 2021-07-02 | 주식회사 아이씨티케이 홀딩스 | 차량 보안 네트워크 장치 및 그 설계 방법 |
JP2015204061A (ja) * | 2014-04-16 | 2015-11-16 | 株式会社日立製作所 | システムセキュリティ設計支援装置、システムセキュリティ設計支援方法、及びシステムセキュリティ設計支援プログラム |
US9325732B1 (en) * | 2014-06-02 | 2016-04-26 | Amazon Technologies, Inc. | Computer security threat sharing |
WO2016064470A1 (en) * | 2014-10-24 | 2016-04-28 | Carrier Corporation | Policy-based auditing of static permissions for physical access control |
US9866542B2 (en) * | 2015-01-28 | 2018-01-09 | Gm Global Technology Operations | Responding to electronic in-vehicle intrusions |
EP3151114A1 (en) * | 2015-09-29 | 2017-04-05 | Panasonic Intellectual Property Management Co., Ltd. | Software development system in system development based on model-based method |
US10609146B2 (en) * | 2015-12-18 | 2020-03-31 | Intel Corporation | Group-based data transfer in machine-to-machine systems |
US10386845B1 (en) * | 2016-01-22 | 2019-08-20 | State Farm Mutual Automobile Insurance Company | Autonomous vehicle parking |
US10270789B2 (en) * | 2016-01-29 | 2019-04-23 | Acalvio Technologies, Inc. | Multiphase threat analysis and correlation engine |
FR3049078B1 (fr) * | 2016-03-21 | 2019-11-29 | Valeo Vision | Dispositif et procede de commande a reconnaissance vocale et/ou gestuelle pour l'eclairage interieur d'un vehicule |
WO2017189593A1 (en) * | 2016-04-26 | 2017-11-02 | Acalvio Technologies, Inc. | Responsive deception mechanisms |
US10242375B2 (en) * | 2016-06-29 | 2019-03-26 | Honda Motor Co., Ltd. | Methods and apparatus for connected vehicles application effectiveness estimation |
US10567415B2 (en) * | 2016-09-15 | 2020-02-18 | Arbor Networks, Inc. | Visualization of network threat monitoring |
US9892256B1 (en) * | 2017-04-10 | 2018-02-13 | Bracket Computing, Inc. | Threat defense techniques |
US11477212B2 (en) * | 2017-07-27 | 2022-10-18 | Upstream Security, Ltd. | System and method for connected vehicle cybersecurity |
JP6942339B2 (ja) | 2017-08-04 | 2021-09-29 | ニューロング精密工業株式会社 | スクリーン印刷用のスキージ |
US20200027096A1 (en) * | 2017-11-07 | 2020-01-23 | Jason Ryan Cooner | System, business and technical methods, and article of manufacture for utilizing internet of things technology in energy management systems designed to automate the process of generating and/or monetizing carbon credits |
US11175665B2 (en) * | 2018-01-17 | 2021-11-16 | Agco International Gmbh | Steering controller for an autonomous vehicle |
US11120688B2 (en) * | 2018-06-29 | 2021-09-14 | Nissan North America, Inc. | Orientation-adjust actions for autonomous vehicle operational management |
US11258817B2 (en) * | 2018-10-26 | 2022-02-22 | Tenable, Inc. | Rule-based assignment of criticality scores to assets and generation of a criticality rules table |
-
2019
- 2019-02-22 JP JP2019030972A patent/JP7220095B2/ja active Active
-
2020
- 2020-02-21 EP EP20158789.6A patent/EP3699798B1/en active Active
- 2020-02-21 CN CN202010106488.1A patent/CN111614607A/zh not_active Withdrawn
- 2020-02-21 US US16/798,036 patent/US11381602B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003196476A (ja) | 2001-12-27 | 2003-07-11 | Hitachi Ltd | セキュリティポリシーの作成支援システムおよびセキュリティ対策決定支援システム |
JP2003256205A (ja) | 2002-03-06 | 2003-09-10 | Toshiba Corp | ソフトウェア設計要件抽出支援方法、ソフトウェア設計要件決定支援方法、ソフトウェア設計支援方法、およびプログラム |
JP2005025523A (ja) | 2003-07-02 | 2005-01-27 | Mitsubishi Electric Corp | 情報セキュリティ管理支援装置 |
JP2009110177A (ja) | 2007-10-29 | 2009-05-21 | Ntt Data Corp | 情報セキュリティ対策決定支援装置及び方法ならびにコンピュータプログラム |
JP2017068825A (ja) | 2015-09-29 | 2017-04-06 | パナソニックIpマネジメント株式会社 | ソフトウェア開発システムおよびプログラム |
Also Published As
Publication number | Publication date |
---|---|
US11381602B2 (en) | 2022-07-05 |
JP2020135664A (ja) | 2020-08-31 |
US20200274901A1 (en) | 2020-08-27 |
EP3699798A1 (en) | 2020-08-26 |
EP3699798B1 (en) | 2023-05-10 |
CN111614607A (zh) | 2020-09-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8122256B2 (en) | Secure bytecode instrumentation facility | |
EP3716116A1 (en) | Test scenario generation device, test scenario generation method and test scenario generation program | |
RU2514140C1 (ru) | Система и способ увеличения качества обнаружений вредоносных объектов с использованием правил и приоритетов | |
US9892263B2 (en) | System, method and apparatus to visually configure an analysis of a program | |
JP2017527931A (ja) | マルウェア検出の方法及びそのシステム | |
JP2005327275A (ja) | 効率的なパッチ当て | |
JP6282217B2 (ja) | 不正プログラム対策システムおよび不正プログラム対策方法 | |
US20190294803A1 (en) | Evaluation device, security product evaluation method, and computer readable medium | |
JP6712207B2 (ja) | セキュリティ対策装置 | |
JP7220095B2 (ja) | セキュリティ設計立案支援装置 | |
WO2020246227A1 (ja) | ルール生成装置、ルール生成方法、及びコンピュータ読み取り可能な記録媒体 | |
JP6632777B2 (ja) | セキュリティ設計装置、セキュリティ設計方法およびセキュリティ設計プログラム | |
TWI804386B (zh) | 用於計算系統中資料之合規風險管理 | |
JP7424395B2 (ja) | 分析システム、方法およびプログラム | |
JP6884652B2 (ja) | ホワイトリスト管理システムおよびホワイトリスト管理方法 | |
US20240202345A1 (en) | Attack scenario generation apparatus, attack scenario generation method, and computer readable medium | |
KR20140044954A (ko) | 툴바를 통한 이중 안티 피싱 방법 및 서버 | |
WO2023175954A1 (ja) | 情報処理装置、情報処理方法、及びコンピュータ読み取り可能な記録媒体 | |
JP7405162B2 (ja) | 分析システム、方法およびプログラム | |
WO2023175879A1 (ja) | 情報処理装置、方法、及びコンピュータ可読媒体 | |
US20210367979A1 (en) | CyberSecurity System Having Security Policy Visualization | |
Sambin | Usability of Safety Critical Applications in Enterprise Environments: Defining Guidelines for Error Preventing UI/UX Patterns and Improving Existing Interfaces. | |
JP2023012617A (ja) | 導入支援装置、導入支援方法及び導入支援プログラム | |
Haber et al. | Vulnerability States | |
CN115688103A (zh) | 一种设备数据管理方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A625 | Written request for application examination (by other person) |
Free format text: JAPANESE INTERMEDIATE CODE: A625 Effective date: 20220216 |
|
A711 | Notification of change in applicant |
Free format text: JAPANESE INTERMEDIATE CODE: A711 Effective date: 20220513 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20220513 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20221026 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20221101 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20221223 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20230117 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20230130 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 7220095 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |