第3å IIoTã»ãã¥ãªãã£ã®æè¡ç対çã«ã¤ãã¦
第3åã§ã¯ãIIoTã»ãã¥ãªãã£ãã©ã¯ãã£ã¹ï¼æ¬ã³ã©ã ã«ããããGood practices for Security of Internet of Things in the context of Smart Manufacturingãï¼ã®æè¡ç対çãè¦ã¦ããããã¨æãã¾ãã
æè¡ç対çï¼TM-01ï½24ï¼
æè¡ç対ç(Technical Practices)ã¯ãIIoTããã¤ã¹ã«å®è£ ããå¿ è¦ãããæè¡çãªã»ãã¥ãªãã£å¯¾çã®æ¦è¦ããã®å®è£ æ¹æ³ãã¤ã³ãã©ã¹ãã©ã¯ãã£ã®å復åãç¶ç¶æ§ã確ä¿ããããã®è¦æ±äºé ãå®ãã¦ãã¾ãã
å³2ãæè¡ç対çã®è¦ä»¶ã«ãã´ãª
æè¡ç対çã§ã¯ã大ã¾ãã«ä»¥ä¸ã®è¦ä»¶ãå®ãã¦ããã¨è¨ãã¾ãã
- - IIoTã«ããããã½ããã¦ã§ã¢ã®ä¿¡é ¼æ§ããã¼ã¿ã®å®å ¨æ§ã確ä¿ãã¾ãããï¼ä¿¡é ¼æ§ããã³å®å ¨æ§ã®ç®¡çï¼
- - IIoTã«ããããã¯ã©ã¦ãã®é¸æãå¥ç´ãæ§æã«ã¯ã»ãã¥ãªãã£ãèæ ®ãã¾ãããï¼ã¯ã©ã¦ãã»ãã¥ãªãã£ï¼
- - IIoTã«é¢ããäºæ¥ç¶ç¶è¨ç»ã使ãããã¹ãããã³è¦ç´ããè¡ãã¾ãããï¼äºæ¥ç¶ç¶ã¨å¾©æ§ï¼
- - IIoTã®æ©å¨éã®éä¿¡ãã¼ã¿ã¯æå·åãªã©ã§ä¿è·ãã¾ãããï¼M2Mã»ãã¥ãªãã£ï¼
- - IIoTã®ä¿åãã¼ã¿ã転éãã¼ã¿ã¯ã¢ã¯ã»ã¹å¶å¾¡ãæå·åãªã©ã§ä¿è·ãã¾ãããï¼ãã¼ã¿ä¿è·ï¼
- - IIoTã®ãããã¯ãã¹ãå¾ã«é©ç¨ãããããªã¹ã¯åæã«åºã¥ããèªåæ´æ°ãè¡ãã¾ãããï¼ã½ããã¦ã§ã¢ï¼ãã¡ã¼ã ã¦ã§ã¢ã®æ´æ°ï¼
- - IIoTã¸ã®ã¢ã¯ã»ã¹ã¯å¿ è¦æå°éã¨ããç©çã¢ã¯ã»ã¹ãèæ ®ãã¾ãããï¼ã¢ã¯ã»ã¹å¶å¾¡ï¼
- - IIoTã®ãããã¯ã¼ã¯ã¯ã»ã°ã¡ã³ãåé¢ããããã³ã«å¶éãæå·åã«ããå¿ è¦æå°éã®éä¿¡ã«ãã¾ãããï¼ãããã¯ã¼ã¯ããããã³ã«ãæå·åï¼
- - IIoTã®ãã°ããªã¢ã«ã¿ã¤ã ã§ç£è¦ãã宿çã«ã¬ãã¥ã¼ãã¾ãããï¼ç£è¦ã¨ç£æ»ï¼
- - IIoTã®ã»ãã¥ãªãã£æ§æã®ãã¼ã¹ã©ã¤ã³ãå®ããããã«æºæ ããããã«ãã¾ãããï¼æ§æç®¡çï¼
- 3.1. ä¿¡é ¼æ§ããã³å®å ¨æ§ã®ç®¡çï¼Trust and Integrity Managementï¼
- ãã¼ã¿ã¨ãµã¼ãã¹ã®ä¿¡é ¼æ§ã¨å®å ¨æ§ã確ä¿ããããã®ã»ãã¥ãªãã£å¯¾çã§ããããã§ã¯ãIIoTããã¤ã¹ã®èªè¨¼ããã¢ããªã±ã¼ã·ã§ã³ãã¯ã¤ããªã¹ãã®å®è£ ãè¦ç´ããªã©ãæ±ãã¦ãã¾ããï¼TM-01ï½06ï¼
- 3.2. ã¯ã©ã¦ãã»ãã¥ãªãã£ï¼Cloud securityï¼
- ã¯ã©ã¦ãã»ãã¥ãªãã£ã¯ãIIoTã®ã¯ã©ã¦ãã³ã³ãã¥ã¼ãã£ã³ã°ã®é¨åã«å¿ è¦ãªã»ãã¥ãªãã£å¯¾çã§ããã¯ã©ã¦ã鏿æã®å½±é¿è©ä¾¡ããã¯ã©ã¦ãå ãã¼ã¿ã®æå·åãªã©ãæ±ãã¦ãã¾ããï¼TM-07ï½11ï¼
-
å³3ãæè¡ç対çã®ã»ãã¥ãªãã£è¦ä»¶1/5ï¼TM-01~11ï¼
â» å³å ã®ã»ãã¥ãªãã£è¦ä»¶ã®ç¥ç§°ã¯å½ç¤¾æè¨³ -
TM-01ï¼ ã½ããã¦ã§ã¢ã®å®è¡ãéå§ããåã«ã½ããã¦ã§ã¢ã®æ´åæ§ãæ¤è¨¼ããä¿¡é ¼ã§ããã½ã¼ã¹ï¼ãã³ãç½²åæ¸ã®ãã®ï¼ããå ¥æãããã®ã§ãããå®å ¨ãªæ¹æ³ã§åå¾ããã¦ãããã¨ã確èªãããã¨ã TM-02ï¼ é©åãªæ¹æ³ã使ç¨ãã¦OTãããã¯ã¼ã¯å ã®ãã¹ã¦ã®IIoTããã¤ã¹ãèªè¨¼ãããã¨ï¼ä¾ï¼ãã¸ã¿ã«è¨¼ææ¸/ PKIï¼ TM-03ï¼ IIoTããã¤ã¹éã®ãã¼ã¿äº¤æãã£ãã«ããã¯ã¤ããªã¹ãå½¢å¼ã§å®ç¾©ããã§ããéãå®å ¨ãªãã£ãã«ã®ã¿ã鏿ãããã¨ã TM-04ï¼ ã¢ããªã±ã¼ã·ã§ã³ã®ãã¯ã¤ããªã¹ããå®è£ ããå°ãªãã¨ãå¹´ã«1åãããã³ã·ã¹ãã ã«å¤æ´ããã£ãå ´åã¯ãªã¹ããè¦ç´ããã¨ã TM-05ï¼ å®è£ ãããã½ãªã¥ã¼ã·ã§ã³ã®å¦çè½åã«åããã¦èª¿æ´ãããé©åãªæå·åã¡ã«ããºã ã¨ãã¼ã¹ãã¬ã¼ã¸ã使ç¨ãã¦ã製é ãã¼ã¿ã®æ´åæ§ã確ä¿ãããã¨ã TM-06ï¼ ä¸æ£ãªãã¼ã¿å¤æ´ã®å¯è½æ§ãç¹å®ããããã«ãä¿åä¸ããã³éä¿¡ä¸ã®è£½é ãã¼ã¿ãç£è¦ãããã¨ã TM-07ï¼ ã¯ã©ã¦ãã®ç¨®é¡ã®é¸æã¯ããã¸ãã¹ã¨ãã©ã¤ãã·ã¼ã¸ã®å½±é¿è©ä¾¡ã«åºã¥ãã¦æ±ºå®ãããã¨ãã¾ããã¯ã©ã¦ãã»ãã¥ãªãã£ãããã¤ãã®å½ã¨åå¨å ´æã«é©ç¨ãããæ³å¾ãè¦å¶ãèæ ®ãããã¨ã TM-08ï¼ å¿ è¦ã«å¿ãã¦ãã¯ã©ã¦ãã»ãã¥ãªãã£ãããã¤ãã¨ã®å¥ç´ã«ã»ãã¥ãªãã£ããã³å¯ç¨æ§ã®å´é¢ãå«ãããã¨ã TM-09ï¼ ã¯ã©ã¦ããã¼ã¹ã®ã¢ããªã±ã¼ã·ã§ã³ã¨éä¸åã·ã¹ãã ã«ã¤ãã¦ã¯ãåä¸é害ç¹ãåé¿ãããã¨ã
â»åä¸é害ç¹ï¼åä¸ç®æãåããªãã¨ã·ã¹ãã å ¨ä½ãé害ã¨ãªããããªç®æTM-10ï¼ ãããªãã¯ã¯ã©ã¦ãã®å©ç¨ãæ¤è¨ããå ´åã¯ããã©ã¤ãã¼ãã¯ã©ã¦ãã¾ãã¯å°ãªãã¨ããã¤ããªããé ç½®ã¢ãã«å ã®éè¦ãªã·ã¹ãã ã¨ã¢ããªã±ã¼ã·ã§ã³ãç¹å®ããå®è£ ã«å ç«ã£ã¦ãªã¹ã¯åæãè¡ããã¨ã
â»ãã¤ããªããé ç½®ã¢ãã«ï¼ãã©ã¤ãã¼ãã¯ã©ã¦ãã¨ãããªãã¯ã¯ã©ã¦ããçµã¿åããã¦å©ç¨ãããã¨TM-11ï¼ ã¯ã©ã¦ãæ»æã«é¢é£ãããªã¹ã¯ã軽æ¸ãããããã¼ãç¥èã»ãã¥ãªãã£ã¢ããã¼ããæ¡ç¨ããã¯ã©ã¦ãå ããã³è»¢éä¸ã®ãã¹ã¦ã®ãã¼ã¿ãä¿è·ãããã¨ã
â»ã¼ãç¥èã»ãã¥ãªãã£ã¢ããã¼ãï¼ãããã¨ã«ã¤ãã¦ç´æ¥ä¼ããªãã§ç¸æã«ä¼ããã㨠- 3.3. äºæ¥ç¶ç¶ã¨å¾©æ§ï¼Business continuity and recoveryï¼
- äºæ¥ç¶ç¶ã¨å¾©æ§ã¯ãã»ãã¥ãªãã£ã¤ã³ã·ãã³ããçºçããå ´åã®å復åã¨æ¥åç¶ç¶æ§ã確ä¿ããããã®ã»ãã¥ãªãã£å¯¾çã§ããäºæ¥ç¶ç¶è¨ç»çã®è¨ç»ã®ä½æãããã¹ããè¦ç´ããæ±ãã¦ãã¾ããã¾ããç®æ¨å¾©æ§æéï¼RTOï¼ãªã©ã®éè¦ãªãã©ã¡ã¼ã¿ãå®ãããã¨ãªã©ãæ±ãã¦ãã¾ããï¼TM-12ï½17ï¼
- 3.4. M2Mã»ãã¥ãªãã£ï¼Machine-to-Machine securityï¼
- M2Mã»ãã¥ãªãã£ã¯ããã·ã³ééä¿¡ã«ããããã¼ã¿ä¿è·ã«é¢ããã»ãã¥ãªãã£å¯¾çã§ããéµä¿ç®¡ãæå·ã¢ã«ã´ãªãºã ãå ¥åãã§ãã¯ãªã©ãæ±ãã¦ãã¾ããï¼TM-18ï½21ï¼
-
å³4ãæè¡ç対çã®ã»ãã¥ãªãã£è¦ä»¶2/5ï¼TM-12~21ï¼
â» å³å ã®ã»ãã¥ãªãã£è¦ä»¶ã®ç¥ç§°ã¯å½ç¤¾æè¨³ -
TM-12ï¼ äºæ¥ç¶ç¶è¨ç»ï¼BCPï¼ããã³ç½å®³å¾©æ§è¨ç»ï¼DRPï¼ã使ãããã¨ã«ãããIndustry 4.0ã«ãããã·ã¹ãã ã®èé害æ§ã確ä¿ãããã¨ã«éç¹ãç½®ããã¨ã宿çã«è¨ç»ããã¹ããããã¹ããå®éã®ã»ãã¥ãªãã£ã¤ã³ã·ãã³ãããå¦ãã æè¨ã«åºã¥ãã¦è¨ç»ã調æ´ãããã¨ã TM-13ï¼ éè¦ãªäºæ¥ããã»ã¹ããã³æè¡çããã»ã¹ãå®ç¾©ããäºæ¥ç¶ç¶æ§ã«ã©ã®ç¨åº¦å½±é¿ãããã夿ãããã¨ã TM-14ï¼ è å¨ã¨ãªã¹ã¯ã®è©ä¾¡ã宿½ããè©ä¾¡çµæã«åããã¦èª¿æ´ãããé常ã®ãæç¢ºã«å®ç¾©ãããæ£å¸¸ç¶æ ã«å¾©æ§ããããã®æé æ¸ã使ãããã¨ã TM-15ï¼ ç·æ¥æå¯¾å¿è¨ç»ãæ¤è¨ããåã«ãªã¹ã¯åæãè¡ããã¨ãç·æ¥æå¯¾å¿è¨ç»ãå®ç¾©ãã管çãããæ¼ç¿ã宿½ãã¦ããããã¹ããããã¨ã宿çã«è¨ç»ãè¦ç´ããé©åã«èª¿æ´ãããã¨ã TM-16ï¼ äºæ¥ç¶ç¶è¨ç»ããã³å¾©æ§è¨ç»ã«ã¯ã第ä¸è çµç¹ã®å´é¢ãå«ãããã¨ã TM-17ï¼ ç®æ¨å¾©æ§æéï¼RTOï¼ãç®æ¨å¾©æ§å°ç¹ï¼RPOï¼ãæå¤§è¨±å®¹ä¸ææéï¼MTOï¼ããã³æå°äºæ¥ç¶ç¶ç®æ¨ï¼MBCOï¼ãªã©ã伿¥ã®äºæ¥ç¶ç¶æ§ã«é¢ããéè¦ãªãã©ã¡ã¼ã¿ãå®ç¾©ãããã¨ã TM-18ï¼ ã¤ã³ãã©ã¹ãã©ã¯ãã£æ©å¨ã«å¸¸é§ãããµã¼ãHSMã«ï¼å ¬ééµä»¥å¤ã®ï¼é·æã®ãµã¼ãã¹ã¬ã¤ã¤ã¼ãã¼ãæ ¼ç´ãããã¨ã
â»HSMï¼Hardware Security Moduleã®ç¥ãæå·éµãå®å ¨ã«ä¿ç®¡ããå°ç¨ãã¼ãã¦ã§ã¢ãæå·åãã¼ã¿ã¨æå·éµãç©ççã«åãããã¨ãã§ãããTM-19ï¼ ç¸äºèªè¨¼ãå®å ¨æ§ããã³æ©å¯æ§ãæä¾ããããã«ãéä¿¡ã¨ã³ãã£ãã£éã§å®ç¸¾ã®ããå®å ¨ãªæå·ã¢ã«ã´ãªãºã ã¨ã®ã»ãã¥ãªãã£ã¢ã½ã·ã¨ã¼ã·ã§ã³ã確ç«ãããã¨ã TM-20ï¼ ã¡ãã»ã¼ã¸ã®å ¨é¨ã¾ãã¯ä¸é¨ã以åã®ã¡ãã»ã¼ã¸ã®ä¸æ£ãªç¹°ãè¿ããã©ãããæ¤ç¥ããæ©è½ãå«ãéä¿¡ãããã³ã«ã使ç¨ãããã¨ã TM-21ï¼ ã¯ãã¹ãµã¤ãã¹ã¯ãªããã£ã³ã°ãã³ãã³ãã¤ã³ã¸ã§ã¯ã·ã§ã³ã«å¯¾ããä¿è·ã®ãããã¸ãã£ã/ãã¯ã¤ããªã¹ãã«ããå ¥åå¤ã®æ¤è¨¼ãè¡ããã¨ã - 3.5. ãã¼ã¿ä¿è·ï¼Data Protectionï¼
- ãã¼ã¿ä¿è·ã¯ãçµç¹ã®ãã¾ãã¾ãªã¬ãã«ã§ã®æ©å¯ãã¼ã¿ã®ä¿è·ã¨ãã¼ã¿ã¸ã®ã¢ã¯ã»ã¹ã®ç®¡çã«é¢ããã»ãã¥ãªãã£å¯¾çã§ãããã¼ã¿ã®éè¦åº¦ã«åºã¥ãã対çããæå·åããã³éµç®¡çãªã©ãæ±ãã¦ãã¾ããï¼TM-22ï½26ï¼
- 3.6. ã½ããã¦ã§ã¢ï¼ãã¡ã¼ã ã¦ã§ã¢ã®æ´æ°ï¼Software/Firmware updatesï¼
- ã½ããã¦ã§ã¢ï¼ãã¡ã¼ã ã¦ã§ã¢ã®æ´æ°ã¯ããããã®é©ç¨ã«é¢ããã»ãã¥ãªãã£å¯¾çã§ãããããã®ãã¹ãã第ä¸è çµç¹ã«ããé©ç¨ã®æ¡ä»¶ãªã©ãæ±ãã¦ãã¾ããï¼TM-27ï½31ï¼
-
å³5ãæè¡ç対çã®ã»ãã¥ãªãã£è¦ä»¶3/5ï¼TM-22~31ï¼
â» å³å ã®ã»ãã¥ãªãã£è¦ä»¶ã®ç¥ç§°ã¯å½ç¤¾æè¨³ -
TM-22ï¼ ä¿åä¸ï¼æ®çºæ§ã¡ã¢ãªã¨ä¸æ®çºæ§ã¡ã¢ãªã®ä¸¡æ¹ï¼ã転éä¸ããã³ä½¿ç¨ä¸ã®ãã¼ã¿ãä¿è·ãããã¨ã TM-23ï¼ OTã·ã¹ãã ã«é¢é£ãããã¼ã¿ããªã¹ã¯åæã«åºã¥ãã¦åé¡ãããã®éè¦åº¦ãè©ä¾¡ããé©åãªã¬ãã«ã®ã»ãã¥ãªãã£ã確ä¿ããããã«å¿ è¦ãªã»ãã¥ãªãã£å¯¾çãå®ç¾©ãããã¨ã TM-24ï¼ æå°ç¹æ¨©ããã³need-to-knowï¼ç¥ãå¿ è¦æ§ï¼ã®ååã念é ã«ç½®ãã¦ãç¹å®ã«ãã´ãªã®ãã¼ã¿ã¸ã®ã¢ã¯ã»ã¹ã第ä¸è çµç¹ã«è¨±å¯ãããã®ã¢ã¯ã»ã¹ãææ¸åãããã¨ã TM-25ï¼ æ©å¯æ§ã®é«ããã¼ã¿ã«ã¤ãã¦ã¯ãæå·åã¨éµç®¡çãå®è£ ãã許å¯ãããã¦ã¼ã¶ã¼ã®ã¿ãæ å ±ãèªã¿åãããã¼ã¿æå¤±é²æ¢ã½ãªã¥ã¼ã·ã§ã³ã使ç¨ã§ããããã«ãããã¨ã TM-26ï¼ ä¼æ¥å ã§å¦çãããç´æ¥çã¾ãã¯éæ¥çãªå人ãã¼ã¿ãå¿ååããã»ãã¥ã¢ã«ãããã¨ã ä¾ãã°ãå½¹å²ãã¼ã¹ã®ã¢ã¯ã»ã¹å¶å¾¡ã¨æå·åãéãã¦ããã¹ã¦ã®é¢é£ããæ³çè¦ä»¶ãèæ ®ãããã¨ã TM-27ï¼ ã¨ã³ããã¤ã³ãã®ã½ããã¦ã§ã¢/ãã¡ã¼ã ã¦ã§ã¢ã®çæ£æ§ã¨å®å ¨æ§ã確èªããã¢ãããã¼ãã®å³éãªç®¡çã確å®ã«ãããã¨ã TM-28ï¼ ã¢ãããã¼ãå ã確èªãããªã¹ã¯åæã«åºã¥ãã¦ããå ´åã«ã®ã¿ãèªåã¢ãããã¼ãæé ãå®è¡ãããã¨ã TM-29ï¼ IIoTããã¤ã¹ç¨ã®ãããã®å±éã¯ãæªå½±é¿ãåºãªããã¨ã証æããå¾ã§ã®ã¿å®æ½ããããããæ¬çªç°å¢ã«å®è£ ããåã«ãã¹ãç°å¢ã§ãã¹ããããã¨ã TM-30ï¼ ç¬¬ä¸è çµç¹ã«ãããããé©ç¨ã¯ããããããã¹ãæ¸ã§ãããããã¤ã¹ã«æªå½±é¿ãåã¼ããã¨ããªããã¨ãä¿è¨¼ã証æãããã¨ãã§ããå ´åãã¾ãã¯é©ç¨å¯è½ãªå¥ç´ã«å¾ã£ã¦ã¢ãããã¼ãã®è²¬ä»»ãè² ãå ´åã«ã®ã¿è¨±å¯ããã㨠ã TM-31ï¼ ã¢ãããã¼ãã§ããªãå¶å¾¡ã·ã¹ãã ã«ã¤ãã¦ã¯ãè£å®ç対çãé©ç¨ãããã¨ã - 3.7. ã¢ã¯ã»ã¹å¶å¾¡ï¼Access Controlï¼
- ã¢ã¯ã»ã¹å¶å¾¡ã¯ãIIoTããã¤ã¹ãã·ã¹ãã ã¸ã®è«çã¢ã¯ã»ã¹ãç©çã¢ã¯ã»ã¹ã®å¶å¾¡ã«é¢ããã»ãã¥ãªãã£å¯¾çã§ããã»ãã¥ãªãã£å¯¾çã§ããå¤è¦ç´ èªè¨¼ãããã©ã«ããã¹ã¯ã¼ãã®å¤æ´ãã¢ã«ã¦ã³ãããã¯ã®å®è£ ãªã©ãæ±ãã¦ãã¾ããï¼TM-32ï½40ï¼
- 3.8. ãããã¯ã¼ã¯ããããã³ã«ãæå·åï¼Networks, protocols and encryptionï¼
- ãããã¯ã¼ã¯ããããã³ã«ãæå·åã¯ããããã¯ã¼ã¯ç°å¢ã¸ã®å®è£ ãå¿ è¦ãªã»ãã¥ãªãã£å¯¾çã§ããéä¿¡æå·åããããã¯ã¼ã¯ã»ã°ã¡ã³ãã¼ã·ã§ã³ãé©åãªãããã³ã«ã®å®è£ ãªã©ãæ±ãã¦ãã¾ããï¼TM-41ï½49ï¼
-
å³6ãæè¡ç対çã®ã»ãã¥ãªãã£è¦ä»¶4/5ï¼TM-32~49ï¼
â» å³å ã®ã»ãã¥ãªãã£è¦ä»¶ã®ç¥ç§°ã¯å½ç¤¾æè¨³ -
TM-32ï¼ ãªã¢ã¼ãã¢ã¯ã»ã¹ãåé¢ãããã¨ãã¤ã¾ãããªã¢ã¼ãéä¿¡ãå¶å¾¡ããä¸é£ã®ã«ã¼ã«ã使ãããã¨ã TM-33ï¼ IIoTããã¤ã¹ã¨ã·ã¹ãã ã®æä½éã®ã¬ãã«ã®èªè¨¼ã確ä¿ããèªå¯ã«ãã£ã¦ã·ã¹ãã ã®ç¹å®ã»ã°ã¡ã³ãã¸ã®ã¢ã¯ã»ã¹ã®ã¿ã許å¯ããããã¨ã確å®ã«ãããã¨ã TM-34ï¼ IIoTã½ãªã¥ã¼ã·ã§ã³ã§è¦ç´ èªè¨¼æ©è½ãå®è£ /使ç¨ãããã¨ã TM-35ï¼ è©¦é転/ååä½¿ç¨æã«ããã©ã«ãã®ãã¹ã¯ã¼ãã¨ã¦ã¼ã¶ã¼åã夿´ãããã¨ãå¼·åãªãã¹ã¯ã¼ãã使ç¨ããæ±ºããããæéå¾ã«æ°ãããã¹ã¯ã¼ãã®è¨å®ãè¦æ±ãããã¨ã TM-36ï¼ æå°ç¹æ¨©ã®ååãé©ç¨ããè¤æ°ã®ã¦ã¼ã¶ã¼ãããç°å¢ã§ã¯ãé©åãªäººã«ãã£ã¦å½¹å²ãé©åã«åé¢ããæ¿èªãããããã«ãããã¨ã TM-37ï¼ å¯è½ãªéãããã¹ã¦ã®ã¦ã¼ã¶ã¼ã«åå¥ã®ã¢ã«ã¦ã³ãã使ãããã¨ã TM-38ï¼ IIoTããã¤ã¹ã§ã¢ã«ã¦ã³ãããã¯æ©è½ãå®è£ /使ç¨ãããã¨ã TM-39ï¼ å¤æ°ã®ããã¤ã¹ã使ç¨ãããåºç¯ã§å¤æ§ãªãããã¯ã¼ã¯ã®å ´åã¯ãç¹æ¨©ã¢ã¯ã»ã¹ç®¡çï¼PAMï¼ã½ãªã¥ã¼ã·ã§ã³ãæ¡ç¨ãããã¨ã TM-40ï¼ ã¢ã¯ã»ã¹å¶å¾¡ã«ããã¦ã¯ã建ç©ãã¨ãªã¢ãé¨å±ããã£ããããã¸ã®ç©ççãªã¢ã¯ã»ã¹ã®å´é¢ãèæ ®ãããã¨ã TM-41ï¼ IIoTã½ãªã¥ã¼ã·ã§ã³ã«é¢é£ããéä¿¡ãã£ãã«ãå®å ¨ã«ããæè¡çã«å¯è½ãªéããéè¦ãªãã¼ã¿ã®å ´åã¯éä¿¡ãæå·åãããã¨ã TM-42ï¼ ããã¥ã¼ã¢ãã«ã®ä¾ã§ç¤ºãããã«ãDMZã®ç¢ºç«ã¨ã¾ã¼ã³éã®ãã©ãã£ãã¯ã®å¶å¾¡ãå«ãããããããå®ç¾©ãããã¾ã¼ãã³ã°ã¢ãã«ã«åºã¥ãã¦ãç£æ¥ãã©ã³ãã®ãããã¯ã¼ã¯ãã»ã°ã¡ã³ãåãããã¨ã
â»ããã¥ã¼ã¢ãã«ï¼ä¼æ¥æ´»åã®ã¢ã¼ããã¯ãã£ã¢ãã«ãä¾ãã°ãã¬ãã«0ï¼ç©çããã»ã¹ãã¬ãã«1ï¼ã¤ã³ããªã¸ã§ã³ãããã¤ã¹ï¼ã»ã³ãµãã¢ã¯ãã¥ã¨ã¼ã¿ãªã©ï¼ãã¬ãã«2ï¼å¶å¾¡ã·ã¹ãã ï¼DCSãHMIãSCADAãªã©ï¼ãã¬ãã«3ï¼è£½é æ¥åã·ã¹ãã ï¼MESããã¹ããªã¢ã³ãªã©ï¼ãã¬ãã«4ï¼ãã¸ãã¹ãã¸ã¹ãã£ã¯ã¹ã·ã¹ãã ï¼ERPãªã©ï¼TM-43ï¼ ãã¤ã¯ãã»ã°ã¡ã³ãã¼ã·ã§ã³ã¢ããã¼ãã«å¾ããã¨ãã¤ã¾ãã1ã¤ã®ãããã¯ã¼ã¯å ã§äºãã«éä¿¡ããã³ã³ãã¼ãã³ãã®å°ããªå³¶ãæ§ç¯ããã»ã°ã¡ã³ãéã®ãããã¯ã¼ã¯ãã©ãã£ãã¯ãå¶å¾¡ãããã¨ã TM-44ï¼ å¯è½ã§ããã°ããã¸ãã¹ãããã¯ã¼ã¯ããã³å¶å¾¡ãããã¯ã¼ã¯ããå®å ¨ãããã¯ã¼ã¯ãåé¢ãããã¨ã TM-45ï¼ IIoTã½ãªã¥ã¼ã·ã§ã³ã§ã¯ãã¹ã¿ã³ãã¼ãããã³æè¡çãªæ¨å¥¨äºé ã«åºã¥ãã¦ãæ¢ç¥ã®ã»ãã¥ãªãã£æ©è½ãåããå®ç¸¾ã®ãããããã³ã«ãå®è£ ãããã¨ãã»ãã¥ã¢ã§ãããã¨ã証æããããããã³ã«ã使ç¨ããã½ãªã¥ã¼ã·ã§ã³ããããã¯ä»¥åã®ã»ãã¥ãªãã£åé¡ï¼TLS 1.3ãªã©ï¼ã«å¯¾å¦ããæ¢ç¥ã®èå¼±æ§ããããããã³ã«ï¼TelnetãSNMP v1ã¾ãã¯v2ãªã©ï¼ãé¿ããã½ãªã¥ã¼ã·ã§ã³ã鏿ãããã¨ã TM-46ï¼ åãã·ã¹ãã å ã®ãã¾ãã¾ãªããã¤ã¹ã«å¯¾ãã¦ç°ãªããããã³ã«ãå®è£ ããå ´åããããã³ã«éã®ã»ãã¥ãªãã£æ©è½ã¨ç¸äºéç¨æ§ã確ä¿ãããã¨ã TM-47ï¼ å¯è½ãªå ´åãç¹å®ã®ç°å¢å ã§å®è£ ããããããã³ã«ã®æ°ãå¶éãã使ç¨ããªãããã©ã«ãã®ãããã¯ã¼ã¯ãµã¼ãã¹ãç¡å¹ã«ãããã¨ã TM-48ï¼ è¤æ°ã®ããã¤ã¹éã§æå·éµã®å ±æãé¿ããéµäº¤æã¨éµç®¡çã®ããã®ã»ãã¥ã¢ãªç°å¢ã確ä¿ãããã¨ã TM-49ï¼ è»¢éä¸ããã³ä¿åä¸ã®ãã¼ã¿ããã³æ å ±ï¼å¶å¾¡ã¡ãã»ã¼ã¸ãå«ãï¼ã®æ©å¯æ§ãçæ£æ§ããã³/ã¾ãã¯å®å ¨æ§ãä¿è·ããããã«æå·ã®é©åãã¤å¹æçãªä½¿ç¨ã確å®ã«ãããã¨ãæ¨æºããã³å¼·åãªæå·åã¢ã«ã´ãªãºã ã¨å¼·åãªéµãé©åã«é¸æããã¦ãããã¨ã確èªããå®å ¨ã§ãªããããã³ã«ãç¡å¹ã«ãããã¨ãå®è£ ã®å ç¢æ§ãæ¤è¨¼ãããã¨ã - 3.9. ç£è¦ã¨ç£æ»ï¼Monitoring and auditingï¼
- ç£è¦ã¨ç£æ»ã¯ããã°ã®åéããã³ã¬ãã¥ã¼ã«é¢ããã»ãã¥ãªãã£å¯¾çã§ãããããã¯ã¼ã¯ãã©ãã£ãã¯ã®ç£è¦ãããã°ã®ãªã¢ã«ã¿ã¤ã åæãªã©ãæ±ãã¦ãã¾ããï¼TM-50ï½53ï¼
- 3.10. æ§æç®¡çï¼Configuration Managementï¼
- æ§æç®¡çã¯ãã»ãã¥ãªãã£æ§æãæ§æã®å¤æ´ç®¡çã«é¢ããã»ãã¥ãªãã£å¯¾çã§ããã»ãã¥ãªãã£æ§æã®ãã¼ã¹ã©ã¤ã³æºæ ç¶æ³ã®ç£è¦ã夿´ç®¡çããªã·ã¼ã«åã£ãæ§æå¤æ´ãè¡ããã¨ãªã©ãæ±ãã¦ãã¾ããï¼TM-54ï½59ï¼
-
å³7ãæè¡ç対çã®ã»ãã¥ãªãã£è¦ä»¶5/5ï¼TM-50~59ï¼
â» å³å ã®ã»ãã¥ãªãã£è¦ä»¶ã®ç¥ç§°ã¯å½ç¤¾æè¨³ -
TM-50ï¼ ITããã³OTç°å¢ã«ããã·ããªç£è¦ã½ãªã¥ã¼ã·ã§ã³ãå®è£ ãã¦ãç£æ¥ç¨ãããã¯ã¼ã¯ãã©ãã£ãã¯ã®ãã¼ã¹ã©ã¤ã³ã使ãããã¼ã¹ã©ã¤ã³ã«å¯¾ããç°å¸¸ããã³æºæ ç¶æ³ãç£è¦ãããã¨ã TM-51ï¼ ã»ãã¥ãªãã£ãã°ãåéããå°ç¨ãã¼ã«ã使ç¨ãã¦ãªã¢ã«ã¿ã¤ã ã§åæãããã¨ã (ä¾ãã°ãSecurity Operation Centerï¼SOCï¼ã®SIEMã¯ã©ã¹ã®ã½ãªã¥ã¼ã·ã§ã³ï¼ã TM-52ï¼ ãããã¯ã¼ã¯ãã°ãç¹æ¨©ã¢ã¯ã»ã¹å¶å¾¡ãããã³è³ç£æ§æã®å®æçãªã¬ãã¥ã¼ã宿½ãããã¨ã TM-53ï¼ æè¡çã«å®ç¾å¯è½ãªå ´åã¯ããªã¢ã«ã¿ã¤ã ã§IIoTããã¤ã¹ã®å¯ç¨æ§ãç£è¦ãããã¨ã TM-54ï¼ æ§ã ãªç¨®é¡ã®è³ç£ã«åããããã¼ã¹ã©ã¤ã³ã»ãã¥ãªãã£æ§æã確ç«ãããã¨ã TM-55ï¼ æ§æç®¡çãå¯è½ã«ããã¡ã«ããºã ã¨ãµãã¼ããã¼ã«ãå®è£ ãããã¨ã TM-56ï¼ ãªã¹ã¯åæã«åºã¥ãã¦çµç¹ãçå®ãã夿´ç®¡çããªã·ã¼ã«å¾ã£ã¦ãæ§æã®å¤æ´ãå®è£ ãææ¸åãããã¨ã TM-57ï¼ å½±é¿åæå°ç¨ã®æé ãéçºããã·ã¹ãã ã¸ã®å¤æ´ãå®è£ ããåã«å®è¡ãããã¨ã TM-58ï¼ IIoTã½ãªã¥ã¼ã·ã§ã³ãå ç¢åããããã«å¤æ´ç®¡çããªã·ã¼ãå«ãããã¨ã TM-59ï¼ ãã¾ãã¾ãªç¨®é¡ã®è³ç£ã«åããã¦ã宿çãªãã¹ãã®ããã®æ¡é ãå«ãå æ¬çãªããã¯ã¢ããè¨ç»ã使ããé©ç¨ãããã¨ã
以ä¸ã«ãããIIoTã®ã»ãã¥ãªãã£å¯¾çã®æè¡ç対çï¼Technical Practicesï¼ã«ã¤ãã¦èª¬æãã¾ããã
ããã§ããªã·ã¼ãçµç¹ç対çãæè¡ç対çã®å
¨110ä»¶ã®ã»ãã¥ãªãã£è¦ä»¶ãç´¹ä»ãã¾ãããããããã®è¨è¿°ã¯å
容ãã·ã³ãã«ãªãã®ãå¤ãããã®æå³ãå
·ä½çææ®µãåããã«ãããã®ãããã¾ãã
ãã®ãããIIoTã»ãã¥ãªãã£ãã©ã¯ãã£ã¹ã®ããæ·±ãçè§£ã®ããã«ã¯ãIIoTã»ãã¥ãªãã£ãã©ã¯ãã£ã¹ã®Annex Bï¼ã»ãã¥ãªãã£å¯¾ç/ã°ãããã©ã¯ãã£ã¹ã®è©³ç´°ãªã¹ãï¼ã確èªãããã¨ãæå¹ã§ãã
次åã¯ãIIoTã»ãã¥ãªãã£ãã©ã¯ãã£ã¹ã®è©³ç´°ãªã¹ããæç¤ºãããã¨æãã¾ãã
â» å½ã³ã©ã ã«ãããå訳ã¯å½ç¤¾ã«ã¦è±æã翻訳ãããã®ã§ããããã®å 容ã«ã¤ãã¦ä¿è¨¼ãããã®ã§ã¯ããã¾ãããæ£ç¢ºãªå 容ãå¿ è¦ãªå ´åã¯é©å®ãè±æã®åæãåç §ãã¦ããã ãã¾ããããé¡ããã¾ãã
åèè³æ
- Good practices for Security of Internet of Things in the context of Smart Manufacturingï¼ENISAï¼
https://www.enisa.europa.eu/publications/good-practices-for-security-of-iot - Good practices for Security of Internet of Thingsï¼ENISAï¼
https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot
Writer Profile
ã»ãã¥ãªãã£äºæ¥é¨
ã»ãã¥ãªãã£ã³ã³ãµã«ãã£ã³ã°æ
å½ ãã¼ãã³ã³ãµã«ã¿ã³ã
æ¸ç° åä¹
Tweet