{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00195599","sets":["1164:3696:9666:9765"]},"path":["9765"],"owner":"44499","recid":"195599","title":["セーフティとセキュリティの手法を含んだリスク管理手法についての調査"],"pubdate":{"attribute_name":"公開日","attribute_value":"2019-05-02"},"_buckets":{"deposit":"7fe9d0d1-0b3c-462b-8347-f61ec8547768"},"_deposit":{"id":"195599","pid":{"type":"depid","value":"195599","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"セーフティとセキュリティの手法を含んだリスク管理手法についての調査","author_link":["466088","466087"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"セーフティとセキュリティの手法を含んだリスク管理手法についての調査"},{"subitem_title":"A Survey of Risk Management Method with Safety and Security Analysis","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2019-05-02","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"日本電信電話株式会社"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"NIPPON TELEGRAPH AND TELEPHONE CORPORATION","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/195599/files/IPSJ-GN19108003.pdf","label":"IPSJ-GN19108003.pdf"},"date":[{"dateType":"Available","dateValue":"2021-05-02"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-GN19108003.pdf","filesize":[{"value":"1.0 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"29"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"caf4f0fd-42a4-4b9d-a9b1-0070985bbf06","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2019 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"五郎丸, 秀樹"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Hideki, Goromaru","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA1155524X","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8744","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，IoT や CPS 技術の広まりによって情報システムは人々の普段の生活に欠かせなくなるほど社会に浸透しシームレスに様々なサービスを使えるため利便性が高まってきている．しかし利便性が高まった反面，サイバー攻撃による被害が拡大し易くなり，標的型攻撃やハイブリッド攻撃など技術的だけではなく人的な脆弱性にも攻撃が行われている．そして Stuxnet やサプライチェーン攻撃のようにネットワークから切り離された制御系システムでさえもサイバー攻撃対象になっている．その結果，セーフティだけでなくセキュリティの面も含めたリスク管理が必要となり，FMVEA，FACT Graph，SAHARA，STPA-SafeSec などセーフティとセキュリティの手法を組合わせた新たな手法が出現した．本稿では，これらの手法について調査を行い，手法の違いや共通点などの特徴を示すと共に，その問題点や課題を明らかにする．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recent years, with the spread of IoT and CPS, information systems have become essential in people's daily life and the convenience of various services has been improved through their seamless use. However, the damage of cyber-attacks has become widespread easily for the high convenience. Attacks to not only technical vulnerabilities but also human vulnerabilities have increased, such as APT or hybrid attacks. Even offline control systems are targeted by cyber-attacks such as Stuxnet or supply chain attacks. As a result, it has been to need the risk management for safety and security, and new methods, which have safety method and safety method such as FMVEA, FACT Graph, SAHARA and STPA-SafeSec, have appeared. In this paper, we identify about the difference of measures or things in common of methods after investigating these methods, and clarify the problems and issues.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"7","bibliographic_titles":[{"bibliographic_title":"研究報告グループウェアとネットワークサービス（GN）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2019-05-02","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"3","bibliographicVolumeNumber":"2019-GN-108"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":195599,"updated":"2025-01-19T23:02:18.878887+00:00","links":{},"created":"2025-01-19T01:00:31.048207+00:00"}