IoT Cyber Security Counter Measurement

IoT

IoTLT@20170924/Misoca

()

@kaizen_nagoya

2017/09/24

1 NMIRI

(25)

IoT, , ,

TOPPERS ET2017 1515thWOCS2 SECCON, DEV SEC CON

///Html/Q&A

2017/09/24

2

(c) @kaizen_nagoya

IoTDeep Learning

IoTRaspberry PI Raspberry PISSP TCP/IPTOPPERS IoTRuby Lego MindstormRuby! RealTime 2017/09/24

3 / ! IoT.NET microframework! IoT? IoTOK! ! Verilog HDL ! ! IPA

(c) @kaizen_nagoya

Yes: No:slide

https://www.slideshare.net/kaizenjapan/before-study-gifu-university-2016

2017/09/24

4

(c) @kaizen_nagoya

IoTDeep Learning No: Yes:slide

https://www.slideshare.net/kaizenjapan/deep-learning-reading-club-nimbi

2017/09/24

5

(c) @kaizen_nagoya

Yes: No:slide

https://www.slideshare.net/kaizenjapan/wireshark-measure-the-net

2017/09/24

6

(c) @kaizen_nagoya

Yes:No:slide

https://www.slideshare.net/kaizenjapan/internet-textbook-2017

2017/09/24

7

(c) @kaizen_nagoya

IoTRaspberry PI No: Yes:slide

https://www.slideshare.net/kaizenjapan/safety-and-security-using-raspberry-pi

2017/09/24

8

(c) @kaizen_nagoya

Raspberry PISSP Yes: no:slide

https://swest.toppers.jp/SWEST17/data/s5d_proceeding.pdf

2017/09/24

9

(c) @kaizen_nagoya

TCP/IPTOPPERS Yes: No:slide

http://toppers.jp/docs/contest/2013/mmatsu_presen_2013.pdf 2017/09/24

10

(c) @kaizen_nagoya

No: Yes:slide

https://www.slideshare.net/HiroakiNagashima1/toppers2016

2017/09/24

11

(c) @kaizen_nagoya

Yes: No:

Miho nagahama https://www.youtube.com/watch?v=5Lt_so7zaM4

2017/09/24

12

(c) @kaizen_nagoya

IoTRuby No: Yes:

mruby https://www.youtube.com/watch?v=4601oSU2jDY

2017/09/24

13

(c) @kaizen_nagoya

Lego MindstormRuby! Yes: No:slide

https://www.slideshare.net/yamanekko/mrubyet

2017/09/24

14

(c) @kaizen_nagoya

RealTime Yes: No:slide

http://toppers.jp/docs/contest/2013/nakamura_presen_2013.pdf

2017/09/24

15

(c) @kaizen_nagoya

/ Yes: No:slide

https://www.toppers.jp/docs/contest/2013/shiode_presen_2013.pdf

2017/09/24

16

(c) @kaizen_nagoya

Yes: No:slide

https://www.slideshare.net/kaizenjapan/ss-65852140

2017/09/24

17

(c) @kaizen_nagoya

IoT.NET microframework! No: Yes:slide

https://www.slideshare.net/kaizenjapan/net-micro-framework-for-toppers-net

2017/09/24

18

(c) @kaizen_nagoya

IoT? Yes: No:slide

https://www.slideshare.net/NSaitoNmiri/toppers-ssp-33935396

2017/09/24

19

(c) @kaizen_nagoya

IoTOK! Yes: No:slide

https://www.slideshare.net/kaizenjapan/iot-safety-and-security

2017/09/24

20

(c) @kaizen_nagoya

! No: Yes:slide

https://www.slideshare.net/kaizenjapan/net-micro-framework-for-toppers-net

2017/09/24

21

(c) @kaizen_nagoya

Verilog HDL No: Yes:slide

https://www.slideshare.net/kaizenjapan/how-to-use-starc-rtl-design-style-guide-veriloghdl-2011-version

2017/09/24

22

(c) @kaizen_nagoya

Yes: No:slide

https://www.slideshare.net/kaizenjapan/hazop-safety-and-security-with-records-swest-at-gero-gifu-pref-japan

2017/09/24

23

(c) @kaizen_nagoya

No: Yes:slide

https://www.slideshare.net/kaizenjapan/22-76145311

2017/09/24

24

(c) @kaizen_nagoya

!Yes: No:slide


2017/09/24

25

(c) @kaizen_nagoya

Yes: No:slide

https://www.slideshare.net/monaka/cq-13089373

2017/09/24

26

(c) @kaizen_nagoya

IPA Yes: No:slide

https://www.slideshare.net/kozossakai/makeos

2017/09/24

27

(c) @kaizen_nagoya

No: Yes:slide


2017/09/24

28

(c) @kaizen_nagoya

IoT ,

2017/09/24

29

(c) @kaizen_nagoya

IoT

2017/09/24

30

(c) @kaizen_nagoya

OS,

FTA, FMEA, HAZOP

1 CISCO CCIE

2017/09/24

31

(c) @kaizen_nagoya

,

OS

100 DVD-R(SD)

2017/09/24

32

(c) @kaizen_nagoya

2017/09/24

33

(c) @kaizen_nagoya

(

2017/09/24

34

(c) @kaizen_nagoya

2017/09/24

35

(c) @kaizen_nagoya

2017/09/24

36

(c) @kaizen_nagoya

TOPPERS ET2017 1515thWOCS2

SECCON, DEV SEC CON

2017/09/24

37

(c) @kaizen_nagoya

TOPPERS

1015() 13:00 1017() 17:30 259-0314 TEL: 0465-63-3001

: 30() 326

TOPPERS24,000(11,000*2,2,000) 25,50011,000*2, 3,500)

http://toppers.jp/devconf2017.html 2017/09/24

38

925

(c) @kaizen_nagoya

ET2017

ET/IoT (JASA) 3F

11/15()

11/16()

2017/09/24

39

(c) @kaizen_nagoya

15 15thWOCS2

: JAXA IPA: 2017112913301730

17451915 2017113010001700 :

108-8345 2-15-45 2017/09/24

40

(c) @kaizen_nagoya

SEC CON

DEV SEC Con http://www.devseccon.com/

SEC Con https://2017.seccon.jp/

2017/09/24

41

(c) @kaizen_nagoya

39(3

51(2

Html Q&A Document History 2017/09/24

42

(c) @kaizen_nagoya

2017/09/2443 (c) @kaizen_nagoya

(1) [1] , , SB,2013 [2] Justin Seitz,Python, ,2015 [3], BP, 2018 [4] , TCP/IP Java,, 2002 [5] RASPBERRY PI FOUNDATION, https://www.raspberrypi.org [6] ISO/IEC 23360-1:2006 Linux Standard Base (LSB) core specification 3.1, ISO,2006 [7] Linux , Interface 2013 12 , CQ , 2013 [8] K.Ashton, That 'Internet of Things' Thing, Jun 22, 2009 http://www.rfidjournal.com/

articles/view?4986

[9], ,TOPPERS/SSP, 2017, http://www.toppers.jp/ssp-kernel.html [10] , raspberry pi ssp ,

,2014,https://github.com/alvstakahashi/RPI-SHRINKSSP-FULL

[11] ,, RaspberryPi ,SWEST,2015, http://swest.toppers.jp/SWEST17/program.html

[12], ,,,,,,, , 2009

2017/09/24

44

(c) @kaizen_nagoya

(2) [13] RFC 791, Internet Protocol, IETF, 1981 [14] , 2 , ,2001 [15] Chris Sanders, 2 Wireshark,

, 2012

[16] RFC3530, Network File System (NFS) version 4 Protocol, 2003 [17] RFC search, RFC Editor, https://www.rfc-editor.org/search/ [18] RFC, ,,1998 [19] 10 2016,IPA, 2016 [20] ,, , 2005 [21] , IPA, 2016, http://www.ipa.go.jp/sec/reports/ [22] IoT,

SECBOOKS, IPA, 2017

[23] , KadecotWebAPI,TOPPERSWG , 2016

[24] , , NSPICE conference, 2017 [25] , HAZOP-TRIZ, , 2016

2017/09/24

45

(c) @kaizen_nagoya

(3) [26] , , , 2011- [27] , , RaspberryPI , 2017 [28] , IwIP, TOPPERS,2013 [29] Miho Nagahama, ,TOPPERS on Psoc & DragonBoard,you tube, 2017 [30] , mruby/C IDE demo, you tube,2016 [31] , mrubyET,2015 [32] , TOPPERS realtime system sample, TOPPERS, 2013 [33] , TOPPERS_jSPSCIcos_lab,

TOPPERS, 2013

[34] , OSTOPPERS/SSP, 2014 [35] , , pritemps, 2015 [36], , JAXA/IPA WOCS2, 2016 [37] , ARM, 2012 [38] , OS, OSC, 2015 [39], , 3, 2013

2017/09/24

46

(c) @kaizen_nagoya

(1/2) API: Application programming

Interface

CCIE: Cisco Certified Internetwork Expert

CERT:Computer Emergency Readiness Teams,

CEST: Consortium for Embedded System Technology

DEV: developer DVD-R:digital versatile disc

Recordable

ET: embedded technology FME:A failure mode and effective

analysis

FTA: fault tree analysis GPS: global positioning system HAZOP: hazard analysis and

Operability study

Html: hyper text mark up language

2017/09/24

47

http: hyper text transfer protocol https: hyper text transfer protocol

secure

ID: identifier IDE: Integrated development

environment

IEC: International Electrotechnical Commission,

IoT, Internet of things IP: internet protocoll ISO: International Organization for

Standardization

JASA: Japan Embedded Systems Technology Association

JAXA: Japan Aerospace Exploration AgencIPA:Information-technology Promotion Agency, Japan,

Jp: Japan JSP: Just Standard Profile kernel LSB: Linux Standard Base LT: lightening talks

(c) @kaizen_nagoya

(2/2) lwIP: light weight Internet Protocol MISRA:Motor Industry Softwre

Reliability Association,

Mruby/c, mruby compact(?) Net: network Nmiri, Nagoya Municipal Industrial

Research institute

NSPICE: Nippon software process improvement and capability determination

OS: operating system OSC; open source conference PSoC: Programmable System-on-

Chip

RFC: request for comment RSS: real time system sample RTL: Register Transfer Level

2017/09/24

48

SD: Secure Digital card SEC CoN: Security Contest SSP: Smallest Set Profile kernel STARC: Semiconductor Technology

Academic Research Center(dissolution)

SWEST: Summer Workshop on Embedded System Technologies

TCP: Transmission Control Protocol TOPPERS: Toyohashi OPen Platform

for Embedded Real-time Systems

TRIZ: theory of the resolution of invention-related tasks

ver: version WG: Working Group WOCS: workshop on critical

software systems

www: world wide web Kadecot: Kaden(home

electronics) controller, Kadeco is a TM of Sony Science Laboratory

(c) @kaizen_nagoya

, (), ()(JAXA), (), (),(), (), (, (), (), (), (), (), (), (), (),AW(), (), (), (), ()NSD, (),(), (), (), (), OSC, mini maker fair, CEST, SWEST

49

2017/09/24

(c) @kaizen_nagoya

Htmlhttp://researchmap.jp/kaizen/

(Network-Protocol)/ https://researchmap.jp/

jo7u5uypt-1826017/#_1826017 URL http://bit.ly/2yMhtTk cyber securityresearchmapkaizen

2017/09/24

50

(c) @kaizen_nagoya

Q: A:

Q A:

Q: A:

Q: A: 2017/09/24

51

(c) @kaizen_nagoya

Document History 0.1 2017.09.22 first version, 20 pages 0.2 2017.09.23 add 6 check slides, 26 pages 0.3 2017.09.24 add 4 check slides, 30 pages, todays version 0.4 2017.09.25 add 4 content slides, 34 pages 0.5 2017.09.26 add 2 q&a slides, 36 pages 0.6 2017.09.27 add 2 reference slides, 40 pages 0.7 2017.09.28 add a reference and a special thanks slide, 42 pages 0.8 2017.09.29 add 2 abbreviations slides 44 pages 0.9 2017.09.30 add 4 table of content slides, 48 pages 0.95 2017.10.01 add 3 slides 51 pages 0.99 2017.10.02 add a document history 52 pages 0.999 2017.10.03 add a slides, 53 pages

2017/09/24

52

(c) @kaizen_nagoya

2017/09/24

53

NMIRI@kaizen_nagoya

(c) @kaizen_nagoya

IoT Cyber Security Counter Measurement

Internet

Transcript of IoT Cyber Security Counter Measurement