Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry. The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result. The duplicated environment includes components which are duplicated by one of the duplication level.

Abstract: Provided is an analysis system that allows a security administrator to understand the impact of known vulnerabilities on the system to be diagnosed. The topology identification unit 14 identifies network topology of devices included in a system to be diagnosed. The analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in the system to be diagnosed. The display control unit 8 displays segments included in attack patterns superimposed on the network topology, on a display device. At this time, the display control unit 8 changes a display mode of the segment according to a type of the vulnerability that corresponds to the attack means included in the attack pattern including the segment.

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry. The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user and effects associated with the physical components in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result.

Abstract: This security evaluation system includes a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation; a second graph generation part that generates a second evaluation graph representing a personal relationship between areas where the resources are located; and display part that displays the first evaluation graph and the second evaluation graph in association with each other.

Abstract: An analysis unit 6 generates one or more pairs of a start point fact which is a fact representing possibility of the attack in a device that is a start point and an end point fact which is a fact representing possibility of the attack in the device that is an end point, analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact, based on facts representing states of the devices generated based on information regarding the device that is the start point and information regarding the device that is the end point, the start point fact, and one or more analysis rules for analyzing the attack, and generates an attack scenario in a case where it is possible to derive the end point fact from the start point fact.

Abstract: The analysis unit 6 generates one or more pairs of a start point fact which is a fact representing possibility of attack in a device that is a start point and an end point fact which is a fact representing possibility of attack in a device that is an end point. The analysis unit 6 analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact, and generates an attack graph from a node corresponding to the start point fact to a node corresponding to the end point fact, in a case where it is possible to derive the end point fact from the start point fact.

Abstract: The analysis unit generates one or more pairs of a start point fact which is a fact representing possibility of attack in a device that is a start point and an end point fact which is a fact representing possibility of attack in a device that is an end point. The analysis unit analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact. The analysis unit generates an attack pattern that includes at least an attack condition, an attack result, and an attack means, in a case where it is possible to derive the end point fact from the start point fact.

Abstract: Provided is an analysis system that can analyze the degree of impact of vulnerability on individual systems. An analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in a system to be diagnosed. A calculation unit 12 calculates an evaluation value, for each vulnerability, which indicates degree of impact of the vulnerability on the system to be diagnosed. Specifically, the calculation unit 12 calculates the evaluation value, for each vulnerability, based on the number of the attack patterns that include the vulnerability focused on as the attack means and the number of the segments indicated by each attack pattern that includes the vulnerability focused on as the attack means.

Abstract: An attack graph processing device includes a node extraction unit which extracts a node relating to a rule classified into a predetermined group from an attack graph that is configured from one or more nodes indicating the state of a system to be diagnosed, or the state of the primary agent of an attack on the system to be diagnosed, and one or more edges indicating the relationship among a plurality of nodes, the attack graph being generated using rules indicating a condition in which the attack can be executed, and a graph configuration unit which simplifies the attack graph on the basis of the extracted node.

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry, The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result.

Abstract: An information collection system includes: a side-channel information processing unit that derives load information to estimate an impact on the availability of a target machine for active scanning by using side-channel data; an allow list generation unit that generates an allow list including a scan timing and a scan range in which the availability is not affected, the allow list generation unit generating the allow list based on the load information; and an allow list storage unit that stores the allow list. An active scan of the target machine is executed by referencing the allow list stored in the allow list storage unit to collect asset information of the target machine.

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry. The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user and effects associated with the physical components in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result.

Abstract: This security evaluation system includes a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation; a second graph generation part that generates a second evaluation graph representing a personal relationship between areas where the resources are located; and display part that displays the first evaluation graph and the second evaluation graph in association with each other.

Abstract: This security evaluation system includes a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation; a second graph generation part that generates a second evaluation graph representing a connection relationship between areas where the resources are located; and display part that displays the first evaluation graph and the second evaluation graph in association with each other.

Abstract: A communication system according to the present disclosure includes: a management apparatus (30) configured to manage positional information regarding a communication terminal (10); a server (50) configured to provide a communication service for the communication terminal (10), and a control apparatus (60) configured to control start or stop of a communication function included in a communication apparatus (40). The server (50) is arranged in the vicinity of a base station (20), the management apparatus (30) transmits the positional information regarding the communication terminal (10) to the control apparatus (60), the control apparatus (60) controls start or stop of the communication function that the communication apparatus (40) includes based on the positional information, and the control apparatus (60) notifies the communication terminal (10) of start or stop of the communication function that the communication apparatus (40) includes via the management apparatus (30).

Abstract: A communication system according to the present disclosure includes: a management apparatus (30) configured to manage positional information regarding a communication terminal (10); a server (50) configured to provide a communication service for the communication terminal (10), and a control apparatus (60) configured to control start or stop of a communication function included in a communication apparatus (40). The server (50) is arranged in the vicinity of a base station (20), the management apparatus (30) transmits the positional information regarding the communication terminal (10) to the control apparatus (60), the control apparatus (60) controls start or stop of the communication function that the communication apparatus (40) includes based on the positional information, and the control apparatus (60) notifies the communication terminal (10) of start or stop of the communication function that the communication apparatus (40) includes via the management apparatus (30).

Abstract: An apparatus is provided for widening the woven conductive sheath that Surround a shielded cable. The apparatus includes opposed punches that move into Contact with the exposed conductive sheath. Forces exerted by the punches are Sufficient to cause the extreme end of the exposed conductive sheath to be flared outwardly. The punches may be moved circumferentially around the wire for successive punching operations to achieve a uniform flaring. The punches also may be moved axially further away from the flared end to perform a second series of punches to flare the conductive sheath even further. The flared conductive sheath then can be folded over the insulating sheath.

Abstract: Connectors and electrical wires of a wire harness are temporarily arranged on a plate, and an interior panel on which fixtures are provided is set on the plate on which the wire harness is temporarily arranged. Connectors and electric wires are held by the fixtures, and the interior panel is separated from the plate, so that the wire harness is integrated with the interior panel. Since connectors and electric wires are positively held by the fixtures, the shape of the wire harness is not collapsed, and the fixtures are used not only as temporary fixtures but also as final fixtures to attach the wire harness onto the interior panel. Accordingly, when the automobile manufacturer attaches the interior panel to an automobile body, the wire harness is simultaneously incorporated into the automobile body.

Abstract: Both ends of a plurality of parallel electrical wires are respectively connected to the connectors with pressure by a pressure-connecting and wiring machine into which the plurality of electrical wires are introduced, and the thus introduced electrical wires are sent to the electrical wire pressure-connecting section via the electrical wire cutting section. At this time, the connectors are successively fed to the electrical wire pressure-connecting section of the pressure-connecting and wiring machine in the direction parallel with the arrangement of the pressure terminals. After the electrical wires have been connected to the connector with pressure, the pressure-connected electrical wires of a predetermined length are drawn out from the pressure-connecting and wiring machine. Then the pressure-connecting and wiring machine is turned round the vertical axis by an angle of 180°, and the electrical wires, which have been drawn out before, are connected to the other connector with pressure and cut.

Abstract: An apparatus and method are provided to widen a woven sheath of a wire. The apparatus and method are operative to punch an exposed woven sheath S3 in radial directions by a pair of punches 31b to deform and widen the woven sheath. The woven sheath S3 can be deformed and widened easily even if it has a multi-layer construction.