Abstract: An object of the present invention is to provide a float assembly that can prevent the floats from flipping. The present invention provides a float assembly including a plurality of floats connected together comprising: a filled float having a hollow portion, wherein the hollow portion has a part filled with a filler, and the filled float is arranged at a position facing an assembly periphery surrounding the float assembly.

Abstract: Provided is an analysis system that allows a security administrator to understand the impact of known vulnerabilities on the system to be diagnosed. The topology identification unit 14 identifies network topology of devices included in a system to be diagnosed. The analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in the system to be diagnosed. The display control unit 8 displays segments included in attack patterns superimposed on the network topology, on a display device. At this time, the display control unit 8 changes a display mode of the segment according to a type of the vulnerability that corresponds to the attack means included in the attack pattern including the segment.

Abstract: In order to reduce processing load when analyzing a security risk, an information collection control apparatus includes: a history information collecting unit configured to perform collection processing for collecting history information related to an operation history of a program operating with a terminal; and a transmission control unit configured to control a timing for transmitting the history information to a server.

Abstract: A risk analysis is conducted without increasing the computational cost. A grouping means groups a plurality of hosts included in a system to be analyzed into a plurality of groups. A virtual analysis element generation means generates at least one virtual analysis element for each of the plurality of groups. An analysis means analyzes whether an attack against the virtual analysis element being an end point of an attack is possible by using the virtual analysis element. An analysis target element determination means determines, as a target of a risk analysis, a host corresponding to the virtual analysis element included in a path where the attack occurs among hosts included in the system to be analyzed. An analysis means analyzes whether an attack against the host being the end point of the attack is possible for the host determined as a target of the risk analysis.

Abstract: A network control apparatus (10) according to the present disclosure is a network control apparatus (10) configured to control a node included in a network, and the network control apparatus (10) includes a collecting unit (11) configured to collect data pertaining to a node included in a network, a calculating unit (12) configured to calculate a security index pertaining to a threat of the node based on the data collected by the collecting unit (11), and a determining unit (13) configured to determine a zone of the node based on the security index calculated by the calculating unit (12).

Abstract: Generation of an attack scenario to be used for risk analysis of a system to be analyzed is enabled without depending on the technique and the knowledge of a person who creates it. An analysis result acquisition means acquires a risk analysis result of a first risk analysis performed on a system to be analyzed. A condition acquisition means acquires conditions for an attack scenario to be used for a second risk analysis on the basis of an attack scenario table and the risk analysis result. An attack scenario generation means generates an attack scenario to be used for the second risk analysis on the basis of the conditions for the attack scenario acquired by the condition acquisition means.

Abstract: An analysis apparatus (10) includes: a setting unit (11) configured to set virtual vulnerabilities in a plurality of nodes configuring an information system to be analyzed; an extraction unit (12) configured to extract an attack route of the information system based on the virtual vulnerabilities set by the setting unit (11); and a discrimination unit (13) configured to discriminate vulnerabilities to be monitored based on the virtual vulnerabilities in the extracted attack route extracted by the extraction unit (12).

Abstract: An analysis apparatus (10) includes an environment assessment unit (11) for assessing environmental metrics of a Common Vulnerability Scoring System (CVSS) as regards a vulnerability in an information system based on an attack path extracted from the information system to which the vulnerability to be analyzed is applied, a base assessment unit (12) for assessing base metrics of the CVSS as regards the vulnerability in the information system based on obtained CVSS base value information of the vulnerability and a predetermined base value countermeasure determination condition of the information system, and a determination unit (13) for determining whether or not the vulnerability in the information system needs to be addressed based on an assessment result of the environmental metrics and an assessment result of the base metrics.

Abstract: A risk analysis result display apparatus, a risk analysis result display method, and a computer readable medium capable of enabling a user to recognize changes in risk in a system are provided. A risk analysis result (13) is a risk analysis result obtained by assessing a risk to a system to be analyzed in a first assessment period. A risk analysis result (14) is a risk analysis result obtained by assessing the risk to the system to be analyzed in a second assessment period different from the first assessment period. Comparison means (11) compares the risk analysis result (13) with the risk analysis result (14), and extracts a difference between the risk analysis result (13) and the risk analysis result (14). Output means (12) displays the difference extracted by the comparison means (11) for a user.

Abstract: An analysis unit 6 generates one or more pairs of a start point fact which is a fact representing possibility of the attack in a device that is a start point and an end point fact which is a fact representing possibility of the attack in the device that is an end point, analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact, based on facts representing states of the devices generated based on information regarding the device that is the start point and information regarding the device that is the end point, the start point fact, and one or more analysis rules for analyzing the attack, and generates an attack scenario in a case where it is possible to derive the end point fact from the start point fact.

Abstract: A comparison means compares a first risk analysis result with a second risk analysis result. The first risk analysis result includes a first risk evaluation value. The second risk analysis result includes a second risk evaluation value. Based on the result of the comparison, a display means displays the first risk evaluation value in such a manner that a first risk evaluation value for which there is a second risk evaluation value, in the second risk analysis result, for an attack step of which an attack destination coincides with an asset included in the first risk analysis result and an attack method coincides with an attack method included in the first risk analysis result can be distinguished from a first risk evaluation value for which there is no such second risk evaluation value.

Abstract: Attack path information includes information about an attack path including at least one attack step including an attack source, an attack destination, and an attack method. Vulnerability specification means refers to the attack path information and thereby specifies vulnerabilities exploitable by an attack on the attack destination in the attack step. In the vulnerability information DB, vulnerabilities and presence/absence of exploit codes for the vulnerabilities are stored and associated with each other. Diagnosis evaluation generation means refers to the vulnerability information DB, and thereby examines whether or not there is an exploit code for the specified vulnerability and generates, for the attack step, a risk diagnosis evaluation including the number of specified vulnerabilities and the presence/absence of the exploit codes therefor. Output means outputs the attack step and the risk diagnosis evaluation while associating them with each other.

Abstract: The analysis unit generates one or more pairs of a start point fact which is a fact representing possibility of attack in a device that is a start point and an end point fact which is a fact representing possibility of attack in a device that is an end point. The analysis unit analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact. The analysis unit generates an attack pattern that includes at least an attack condition, an attack result, and an attack means, in a case where it is possible to derive the end point fact from the start point fact.

Abstract: Provided is an analysis system that can analyze the degree of impact of vulnerability on individual systems. An analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in a system to be diagnosed. A calculation unit 12 calculates an evaluation value, for each vulnerability, which indicates degree of impact of the vulnerability on the system to be diagnosed. Specifically, the calculation unit 12 calculates the evaluation value, for each vulnerability, based on the number of the attack patterns that include the vulnerability focused on as the attack means and the number of the segments indicated by each attack pattern that includes the vulnerability focused on as the attack means.

Abstract: A worm reducer includes a worm shaft; a worm wheel; a housing that houses the worm shaft and the worm wheel; a bearing that holds the worm shaft inside the housing; a coil spring that contacts an outer peripheral surface of the bearing and applies an urging force toward the worm wheel; and a preload member that is screwed into and fixed to the housing and pressurizes the coil spring. A winding direction of the coil spring is different from a winding direction of a thread of the preload member, and contact resistance between the coil spring and the preload member is greater than contact resistance between the coil spring and the bearing.

Abstract: In a fluid control valve, a cylinder chamber includes a first pilot chamber extending from a piston in one of sliding directions. An opening of a first pilot port allowing supply and discharge of fluid is formed in the inner wall of the first pilot chamber. The fluid is accommodated in the first pilot chamber when the piston is in a valve open position, and discharged via the opening when the piston is displaced toward a valve closed position. At least one of the piston and a valve body includes a throttle portion forming, between the piston and the valve body, a throttle path having a cross-sectional area smaller than the area of the opening, after the piston starts being displaced from the valve open position toward the valve closed position.

Abstract: The present disclosure provides a security assessment apparatus, a method, and a program capable of making an assessment of a security risk simply and appropriately. The security assessment apparatus according to the present disclosure is a security assessment apparatus of a facility to be controlled using a controller, including: an identification unit (15) configured to identify a compromised component which puts the facility into an unsafe situation based on data regarding a plurality of components provided in the facility and control program code of the controller, thereby generating a list of the compromised component; and a compromised behavior generating unit (16) configured to generate a compromised behavior of a selected component selected from the list of the compromised component.

Abstract: In a fluid control valve, a cylinder chamber includes a first pilot chamber extending from a piston in one of sliding directions. An opening of a first pilot port allowing supply and discharge of fluid is formed in the inner wall of the first pilot chamber. The fluid is accommodated in the first pilot chamber when the piston is in a valve open position, and discharged via the opening when the piston is displaced toward a valve closed position. At least one of the piston and a valve body includes a throttle portion forming, between the piston and the valve body, a throttle path having a cross-sectional area smaller than the area of the opening, after the piston starts being displaced from the valve open position toward the valve closed position.

Abstract: A worm reducer includes a worm shaft; a worm wheel; a housing that houses the worm shaft and the worm wheel; a bearing that holds the worm shaft inside the housing; a coil spring that contacts an outer peripheral surface of the bearing and applies an urging force toward the worm wheel; and a preload member that is screwed into and fixed to the housing and pressurizes the coil spring. A winding direction of the coil spring is different from a winding direction of a thread of the preload member, and contact resistance between the coil spring and the preload member is greater than contact resistance between the coil spring and the bearing.

Abstract: A fitting nut made of a resin material includes: a hollow, large-diameter tube portion having a female thread formed on its inner peripheral wall; and a small-diameter tube portion that is continuous to the large-diameter tube portion and having a hollow cylindrical shape with a smaller diameter than the large-diameter tube portion. The small-diameter tube portion includes, in the outer peripheral wall thereof, a plurality of engagement grooves that are depressed inwardly in the diameter direction of the small-diameter tube portion and extend along the longitudinal direction that is orthogonal to the diameter direction.