@techreport{oai:ipsj.ixsq.nii.ac.jp:00195599,
 author = {五郎丸, 秀樹 and Hideki, Goromaru},
 issue = {3},
 month = {May},
 note = {近年，IoT や CPS 技術の広まりによって情報システムは人々の普段の生活に欠かせなくなるほど社会に浸透しシームレスに様々なサービスを使えるため利便性が高まってきている．しかし利便性が高まった反面，サイバー攻撃による被害が拡大し易くなり，標的型攻撃やハイブリッド攻撃など技術的だけではなく人的な脆弱性にも攻撃が行われている．そして Stuxnet やサプライチェーン攻撃のようにネットワークから切り離された制御系システムでさえもサイバー攻撃対象になっている．その結果，セーフティだけでなくセキュリティの面も含めたリスク管理が必要となり，FMVEA，FACT Graph，SAHARA，STPA-SafeSec などセーフティとセキュリティの手法を組合わせた新たな手法が出現した．本稿では，これらの手法について調査を行い，手法の違いや共通点などの特徴を示すと共に，その問題点や課題を明らかにする．, In recent years, with the spread of IoT and CPS, information systems have become essential in people's daily life and the convenience of various services has been improved through their seamless use. However, the damage of cyber-attacks has become widespread easily for the high convenience. Attacks to not only technical vulnerabilities but also human vulnerabilities have increased, such as APT or hybrid attacks. Even offline control systems are targeted by cyber-attacks such as Stuxnet or supply chain attacks. As a result, it has been to need the risk management for safety and security, and new methods, which have safety method and safety method such as FMVEA, FACT Graph, SAHARA and STPA-SafeSec, have appeared. In this paper, we identify about the difference of measures or things in common of methods after investigating these methods, and clarify the problems and issues.},
 title = {セーフティとセキュリティの手法を含んだリスク管理手法についての調査},
 year = {2019}
}