IoTセキュリティって特別なの？（仮）/OWASP_Kansai_20180218-01

Transcript

1. A NO J A G I

2. 2

3. 2 NIST SP-800

4. I :: 3 : 1 3: 30/ . -08 0.

   83: 3 : 3 3:3 :3 0 3 :

5. 2 NIST SP-800

6. I :: : 16 : 0/ . -08 0. 8

   : : : : 0 6:

7. ' 
    &"!%  JIS X 25010  $&&" #

8. E IOT C A IOT C A IoT A GI

   J

9. 4 3. 1 . 3 1 . . /4 3

   J 1 . . /4 . 43 ? . . .3 23 4 WN J C

10. 
         G I  

    

11. 4 3. 1 . 3 1 . . /4 3

    C 1 . . /4 . 43 ? . . .3 23 4 NJ W

12. QFA M e Nn o CG T E / S

    e M R XG T E / S CG T E 2 / // / N e IVBPXG G T E // POIF M I I / I Q CG C e N  
      
    
    

13. - -

14. /. ---

15. /. ---

16. /. ---

17. /. ---

18. 4 3. 1 . 3 1 . . /4 3

    C 1 . . /4 . 43 ? . . .3 23 4 NJ W

19. * 5 18.421 22.445 28.749 131.725 30.32 37.5 48.805 250.066

    0 50 100 150 200 250 300 2013
    2014
    2015
    2020
    Automotive Generic Business Vertical Business Consumer Total * 794/7 5: 199 0 794/7 5 4/ 755 2. 4 2 1 0

20. I I 22.77 30.23 40.24 135.09 38.07 49.03 63.92 207.97

    0 50 100 150 200 250 2014
    2015
    2016
    2020
    Cross-Industry Vertical Business Consumer Total * 7 /7 5: 1 6 0 7 /7 53 / 7553 2. * 1 5 * 2 025 7*

21. /E * I • M S • • • y

    • R g • gM G • gMb • ns • ns • A e g N • M • a S • • M • g c M • ns • p • M Sa • ns • • M S fPT • nso • e O a S • - • yr • • M • • M S • PT • ns R • g Si g T - PS

22. 4 3. 1 . 3 1 . . /4 3

    C 1 . . /4 . 43 ? . . .3 23 4 NJ W

23. 
    

24. 
     117 
    "    #  #$%!

    Copyright,(c),201532016,,,NPO   
    #$     
    94 WiFi LAN USB HDMI    Copyright8(c)82015@2016888NPO
       
    102 USB Wi)Fi+/+Bluetooth      Wi)Fi Copyright+(c)+2015)2016+++NPO
      
    110 WiFi  LAN      NAS  SD     Copyright3(c)3201592016333NPO' &)!#$"(%
    

25. y % -A&=;.98>; 95 !367
    3)27# 44"165:@<; # ' ,? 

    *    .+$ (/0?  b b o b A LOY S AN y O A AT OA AT • u A N L N • k N L L • e L L • u • e L • N u AN L N N • o L D • k N N N N • N e b N • O A O • O k b F O Y k b O LOY S b O A b O b O • u A N L N • • N O • y I N Y LA A N • N p • p L k N L L • p • p L k N L L • o L D • k N N N N • N N N • N e b N • O A O • O k Copyright,(c),201532016,,,NPO   
    N / a i ( 2?/0 0$ 96 #589 5+49& !66%387:><; & ) .=
     ,   "0-' *12=  • FN o / r e or I / i A N • A • • / a i / N / / • / a i / N / / • / a i / N / / • • N /i /i • N I N A • • N / a i / N / / • N / a i / N / / • N / a i / N / / • • I I al w N • r / / A N I A N • r ar • • I / T r • / / • rar I A • • o / r A • • ra r I Copyright-(c)-201542016---NPO   
    e l +3A2
    " 97 '7:; 7.6;) %88(5:9<@>= ) , "1?   /" # $! &20*  -34? • erD D • e l D D • • w • • • e • • • D • e • • • ia l • D D • e D • I D D er • I D l D • • w • • • D • l T • T Fo T • D • D • ia l • D D • e D Copyright-(c)-201552016---NPO   
    A iw )4@
    * 1
    #1DoS 98 %69: 6-5:' "77&498;?=< ' + 0>   . ! $1/( ,23> • C S TF / i A • rl a T C • rl a I I • • S rl a I C • I iI • • I iI • F • C • e S C • F F AD • ( I C I C R • • I iI • • I iI • F • C • e S C /) • R N TF i S i C • / o iS i e AD • • I iI • • I iI • F • Copyright/(c)/201572016///NPO   
    / '5G
    A?>D<0B:E(,F 99 #589 5+49% !66$387;D@= % ) /C   -   "0.& *12C oe / • N I oe / F N a F • T oe / • • ie / l a A • o/ / / A • o/ / / A • / /F • • o/ / / A • Tlr /a A • • I • F A • o/ / / A • o/ / / A • o/ / / A • o/ / / A • F w F • w F Copyright,(c),201532016,,,NPO   
    /// .

26.  IOT=  IoT=Industrial IoT 
    

27. 
     Industrial Internet Consortium

28. 2 * 20 2* 0 2 * 2 0 2

29. a e S TY BDH d E NOH LGAI R

    3 : 2 P LC D

30. : C BD A E : : : : :

    :

31. 1 . 5CAB :2 . B B A B:C :A

    2 32 3 AC B 5 2 : 2B: B 2B B A B 244 2B 5 EB B . 5CAB :2 . B B 1 : A 3G 4 5: 2B: 4 AGAB : :B:2B: A B A 4C G 4 4B 4 B 2 5 : B 2B 2AA BA 2 5 AGAB A 2AA BA E:B 4 AA A 2 5 52B2 CA: 4 2 4 :B 4BC A : B 23: :BG 2 5 AB2 52 5A B 5 : B 2 A 2B: 2 3CA: AA 2 5 A 4: B2 CB4 A 24 AA : 5CAB : A 2 5 C3 :4 : 2AB C4BC 2C 4 5 : 02 4 & 3G : C 5: 3 A 1 1 :A4 2 , 4B :4 . 0 . B 1 .. :A 2 CB 2 IA2 53 E : 5CAB G 2425 :2 2 5 B B B 4 23 2B : 2B 2 5 23 f ig f aM c h b di e l f LT L T . 5CAB :2 . B B A B:C

32. • OMPRNQ C D F D E DE /E D

    D E D D AA D C ) () ) D D D F D I • UT ) ECD ) D D E D ( ) ECD ) D D D DE I *http://www.iiconsortium.org/test-beds.htm ) & ) ) - - ) L S

33. sa i & 1 i o e o RS C

    Co P o n E AB K E M oi C o C c ri M C oidhE BS E o Pe * http://www.iiconsortium.org/track-and-trace.htm S T

34. z v C AD I N& A C E B

    CCN&D 2 KEDG N& 2 C H GE A HGDB G DCN DN CG AN A EN- A GDN - - N/ G DC A C GEHB CG N AMN2 C A GEDC N - N N8 A CK P i g e hg a V O a cu s n d cu s n W Nlkm wW O c g W X gcW /O d G EC G E A C G DE R S UT /coy s e TgO * http://www.iiconsortium.org/time-sensitive-networks.htm / / 02- / r sx t

35. Y o eh m n CI H m l ai

    H AE Q T QANYL u ci CFG r * http://www.iiconsortium.org/manufacturing-quality-management.htm MQU R

36. 
    http://www.iiconsortium.org/IISF.htm

37. vR I PWHY . . . . . .. E

    PRM. K GM LBPB T KGYO PO R edE MSP AW icE PRM UaTY NBCrMsn tgB MS R uPO

38. / . / . , , , . / .

    , . , ,. . ,. , / , , , / , ,. / , / t TH O hnUhnU g u fE aceUp oT O OUs S aceU Ti Oly aceUv k UdEbIr N è x TmW t vIRU S T O k

39. CI M FME T CI L S Y S L

40. A ü O L N ü O E ü U

    I P H ü O RT I SH

41. / / LU SIUP F EDFBA C / CR H

    N OT V CY

42. 0 4 4.0 .

43.  ',*+ 2017/7/18-23 ! # "$ )
     %.-(& Oleg

    Bocharov ”4.0RU”  *https://www.vesti.ru/doc.html?id=2912970

44. N 4 4 2017 7 “INNOPROM” E S MS-21 ND

    ”4.0RU” D MS-21 U .D DU 0 SIEMENS U R I STAN ITALMA Kaspersky T *https://www.vesti.ru/doc.html?id=2912970

45. &( <46: 
    "/, $) 8;'*2? 3<4!%0 8;.>+5&( # 91 $)-=
    @

    7 *https://www.vesti.ru/doc.html?id=2912970

46. 0 D . INDUSTRIE4.04 U S N E 4 I

    RT *https://ostexperte.de/innoprom-2017-industrie

47. ITOTICSEmbedded system  
      

48. n eS T f T f T f a o

    r s t h I

49. .