Abstract: A mesa portion is formed on a substrate. An insulating film including an organic layer is disposed on the mesa portion. A conductor film is disposed on the insulating film. A cavity provided in the organic layer has side surfaces extending in a first direction. A shorter distance out of distances in a second direction perpendicular to the first direction from the mesa portion to the side surfaces of the cavity in plan view is defined as a first distance. A shorter distance out of distances in the first direction from the mesa portion to side surfaces of the cavity in plan view is defined as a second distance. A height of a first step of the mesa portion is defined as a first height. At least one of the first distance and the second distance is greater than or equal to the first height.

Abstract: A vulnerability analyzer includes: a single route derivation unit for deriving single route information from an attack determination position to a start position of program information; a variable analysis unit for deriving actual value range information from information of a branch condition and a branch result in the program information; a memory editing unit for setting a virtual address and an input flag corresponding to input variable information, storing actual value information of the input variable information, and storing actual value range information from the variable analysis unit; and a vulnerability existence determination unit for extracting variable information of an attack execution condition, acquiring the actual value information and the actual value range information corresponding the variable information, calculating limited input actual value information when the input flag is set to the virtual address, and determining if the limited input actual value information satisfies the attack e

Abstract: A vulnerability evaluation apparatus includes an input unit configured to input a source code of a program to be evaluated, information indicating assets which are desired to be preserved and an attack accomplishment condition where the assets are not preserved, information indicating an attack determination position at which whether the condition where the assets are not preserved is satisfied can be determined, and input information for the program, an input position designating unit configured to designate an input position indicating a position at which the input information for the program is input, an attack determination position designating unit configured to designate the attack determination position, and an attack path analyzing unit configured to analyze a path from the attack determination position to the input position and specify an attack path where the attack accomplishment condition is satisfied.

Abstract: A vulnerability analyzer includes: a single route derivation unit for deriving single route information from an attack determination position to a start position of program information; a variable analysis unit for deriving actual value range information from information of a branch condition and a branch result in the program information; a memory editing unit for setting a virtual address and an input flag corresponding to input variable information, storing actual value information of the input variable information, and storing actual value range information from the variable analysis unit; and a vulnerability existence determination unit for extracting variable information of an attack execution condition, acquiring the actual value information and the actual value range information corresponding the variable information, calculating limited input actual value information when the input flag is set to the virtual address, and determining if the limited input actual value information satisfies the attack e

Abstract: A vulnerability evaluation apparatus includes an input unit configured to input a source code of a program to be evaluated, information indicating assets which are desired to be preserved and an attack accomplishment condition where the assets are not preserved, information indicating an attack determination position at which whether the condition where the assets are not preserved is satisfied can be determined, and input information for the program, an input position designating unit configured to designate an input position indicating a position at which the input information for the program is input, an attack determination position designating unit configured to designate the attack determination position, and an attack path analyzing unit configured to analyze a path from the attack determination position to the input position and specify an attack path where the attack accomplishment condition is satisfied.

Abstract: A security vulnerability evaluating apparatus which can automatically perform exhaustive vulnerability evaluation for protected property of an information system is provided. A design specification of a product with a built-in computer is inputted to a specification input part. A design model producing part produces a design model indicating operation of the product and data used in the product, based on the design specification inputted by the specification input part. A property input part inputs protected property of the product and protection state of the protected property. A protection state model producing part produces a protection state model by extracting, out of the design model produced by the design model producing part, operation portion associated with the protected property inputted by the property input part. A determination part determines, based on the protection state model, whether or not there exists a state to violate the protection state of the protected property.