JP2021144639A - Asset information management system, and asset information management method - Google Patents

Abstract

To acquire asset information required for stable control of a control system, while suppressing impacts with respect to the control system.SOLUTION: In an asset information management system, an asset management device 20 comprises: a system configuration estimation unit that acquires information on a communication state of a control system configured to be provided with a plurality of control devices performing prescribed control, and estimates a configuration of the control system on the basis of the acquired information on the communication state; a risk evaluation unit that estimates risks of respective control devices upon controlling on the basis of vulnerability information on the control device and the estimated configuration of the control system; a collection object identification unit that identifies a collection object device serving as the control device having a risk upon controlling satisfies a prescribed condition; and an asset structure management unit that acquires information on a structure of assets managed by the identified collection object device.SELECTED DRAWING: Figure 2

Description

The present invention relates to an asset information management system and an asset information management method.

A control system that controls various devices (for example, valves and actuators) such as those used in social infrastructure such as electric power, railways, water, and gas and automobiles is preset by controlling each device. It is kept at the pressure and temperature.

In order to realize such control, usually, in a control system, an embedded device such as a controller periodically acquires information on the sensor of the device and confirms the state of the device, and this information is used by other controllers or other controllers. The server or the like is notified, and the control device controls the device as necessary based on the result. In this case, periodic communication occurs in the control system, and each process and control is usually performed based on the communication data.

Conventionally, such a control system uses a dedicated OS or a dedicated protocol, and has been installed in an isolated state in an area inaccessible from an external network such as the Internet. Therefore, it has been considered to be free from cyber attacks such as so-called computer viruses and DoS attacks.

However, in recent years, there have been an increasing number of cases where a general-purpose OS and a general-purpose protocol are used for a control system in order to reduce costs, and cooperation with a general-purpose information system for improving processing efficiency is also advancing. Computer viruses targeting control systems are also becoming widespread. From such a situation, it is more appropriate for the control system to collect vulnerability information related to the device or device in the control system at the same level as a general information system and prevent the exploitation of the vulnerability. Needs to be dealt with.

Specifically, it is necessary to take proactive measures such as collecting asset information (OS information and software information) existing in the control system, collating it with vulnerability information released daily, and applying patches. However, due to the nature of a control system that must continuously perform a wide variety of controls, there is a problem that configuration changes such as introducing new software for collecting asset information are complicated and difficult.

In this regard, as a method of collecting asset information without changing the configuration as much as possible, it monitors communication packets flowing through the network, and if it is considered that a change has occurred in the internal configuration, it communicates individually with the device. A technique for collecting asset information by transmitting a packet has been proposed (see, for example, Patent Document 1).

JP-A-2009-302625

However, in the control system, the CPU load of each device and the bandwidth used by the network are determined in advance at the time of system construction, and if the control system deviates from the set values, the possibility of significantly affecting the network increases. This may affect the operation of the control system and hinder business operations. In the conventional technology such as Patent Document 1, since a lot of communication occurs in the network for collecting asset information, the network and the load may increase depending on the operating condition of the control system, which may hinder the business. was there.

The present invention has been made in view of such a situation, and an object of the present invention is an asset information management system capable of acquiring asset information necessary for stable control of a control system while suppressing an influence on the control system. It is to provide a method of managing asset information.

One of the present inventions for solving the above-mentioned problems is to acquire and acquire information on the communication state of a control system having a processor and a memory and a plurality of control devices for performing predetermined control. Based on the system configuration estimation unit that estimates the configuration of the control system based on the communication status information, the vulnerability information about the control device, and the estimated configuration of the control system, the risk in each control of the control device is determined. Acquires information on the configuration of the estimated risk evaluation unit, the collection target identification unit that specifies the collection target device that is a control device whose control risk satisfies a predetermined condition, and the assets managed by the specified collection target device. It is an asset information management system equipped with an asset composition management department.

Another one of the present invention for solving the above-mentioned problems is to provide information on the communication state of a control system in which an information processing device having a processor and a memory is configured to include a plurality of control devices that perform predetermined control. Each of the control devices is based on the system configuration estimation process that acquires and estimates the configuration of the control system based on the acquired communication state information, the vulnerability information about the control device, and the estimated configuration of the control system. A risk evaluation process for estimating a control risk, a collection target identification process for identifying a collection target device whose control risk satisfies a predetermined condition, and an asset managed by the specified collection target device. It is an asset information management method that executes an asset configuration management process that acquires configuration information.

According to the present invention, it is possible to acquire asset information necessary for stable control of a control system while suppressing the influence on the control system.

Issues, configurations and effects other than those described above will be clarified by the description of the following embodiments.

It is a figure explaining an example of the structure and function provided in the asset information management system which concerns on 1st Embodiment. It is a figure explaining an example of the function provided in the asset management apparatus which concerns on 1st Embodiment. It is a figure which shows an example of the data structure of vulnerability information. It is a figure which shows an example of the data structure of the collection template information. It is a figure which shows an example of the hardware composition of a control device and an asset management device. It is a figure which shows an example of the hardware composition of an external storage medium. It is a flow chart explaining the outline of the processing performed in the asset information management system which concerns on 1st Embodiment. It is a flow diagram explaining an example of an external service information collection process. It is a figure which shows an example of the external service information collection command. It is a figure which shows an example of the data structure of the system configuration information. It is a figure which shows an example of the system configuration display screen. It is a flow diagram explaining an example of a configuration information collection program generation process. It is a figure which shows an example of the priority display screen. It is a figure which shows an example of the configuration information collection program. It is a flow diagram explaining an example of a configuration information collection program execution process. It is a figure which shows an example of the configuration information. It is a flow chart explaining an example of an asset information update process. It is a figure explaining an example of the structure and function of the asset information management system which concerns on 2nd Embodiment. It is a flow diagram explaining an example of the internal configuration information automatic collection processing which concerns on 2nd Embodiment.

Hereinafter, each embodiment of the present invention will be described with reference to the drawings.

[First Embodiment]
<System configuration>
FIG. 1 is a diagram illustrating an example of a configuration and a function provided in the asset information management system 1 according to the first embodiment. As shown in the figure, the asset information management system 1 includes a plurality of control devices 10 (10 (1) to 10 (n)) and devices 70 (70 (1) to 70 (n)) to be controlled thereof. It includes a control system 50, an asset management device 20, an asset management device 20, and an external storage medium 30 that can be connected to each control device 10. In the following, the control device 10 and the device 70 may be collectively referred to as a device.

The control system 50 is, for example, an information processing system that controls various devices 70 provided in a social infrastructure system such as electric power, railroad, water, gas, or an automobile manufacturing factory.

The asset information management system 1 is a configuration information collection program (details are described) which is a program for collecting information on the internal configuration of each control device 10 constituting the control system 50 in order to maintain stable or secure control by the control system 50. Based on (described later), information on the internal configuration of the necessary control device 10 is collected. As a result, a user such as a worker can take necessary measures for each control device 10.

In the present embodiment, the internal configuration refers to the configuration of information assets of the OS (Operating System) operating in the control device 10 and other software (middleware, applications, etc.).

The control device 10 is an information processing device that controls the operation of the device 70. The control device 10 (10 (1) to 10 (n)) is, for example, a pressure or temperature obtained from a sensor or the like (not shown) provided in the device 70 (70 (1) to 70 (n)). The device 70 is controlled while acquiring attribute information at a predetermined timing (time interval, etc.).

The asset management device 20 is an information processing device that causes the control device 10 to execute a configuration information collection program and acquires information on the internal configuration of the control device 10 based on the execution result.

Communication between the asset management device 20 and the control device 10 and between the control device 10 is possible by a wired or wireless network 40 such as a LAN (Local Area Network), WAN (Wide Area Network), the Internet, or a dedicated line. Connected to.

Next, the function of each information processing device in the asset information management system 1 will be described.

<Function>
As shown in FIG. 1, the control device 10 provides functions provided to the control processing unit 101 (101 (1) 101 (n)) that controls the device 70, the device 70, or another control device 10. (Hereinafter referred to as an external service. For example, a communication service open to the outside. Telnet, etc.) The external service management unit 102 (102 (1) 102 (n)) that manages the external storage and the external storage connected to the external storage unit 102 (102 (1) 102 (n)). External media connection units 103 (103 (1) to 103 (n)) that transmit and receive data to and from the medium 30, and internal configuration management units 104 (104 (1) to 104) that manage information on the internal configuration of the control device 10. (N)), communication units 105 (105 (1) to 105 (n)) that communicate with other information processing devices, and program execution units 106 (106 (1) to 106 (n)) that execute various programs. )) And each functional unit is provided.

The external storage medium 30 is a portable storage device such as an SD card or a USB memory. The external storage medium 30 has a configuration for storing the configuration information collection program storage unit 301 for storing the configuration information collection program 1201 generated by the asset management device 20 and the internal configuration information (configuration information 1301) collected from each control device 10. Each functional unit includes a storage unit 302, a control device 10 or an asset management device 20 connected to the storage unit 302, and a connection unit 303 for transmitting and receiving data.

The user in the asset information management system 1 brings an external storage medium 30 and connects it to the asset management device 20 or each control device 10.

Next, FIG. 2 is a diagram illustrating an example of a function provided in the asset management device 20 according to the first embodiment. As shown in the figure, the asset management device 20 includes a system configuration estimation unit 215, a risk evaluation unit 203, a collection target identification unit 204, a configuration information collection program generation unit 205, an asset configuration management unit 206, a communication unit 207, and a system configuration. System configuration storage unit 209 that stores information 901 (described later), vulnerability storage unit 210 that stores vulnerability information 1001 (described later), collection template storage unit 211 that stores collection template information 1101 (described later), input / output unit 212. , And each functional unit of the external medium connection unit 213.

First, the system configuration estimation unit 215 acquires information on the communication status of the control system 50, which is configured to include a plurality of control devices 10 that perform predetermined control, and configures the control system 50 based on the acquired communication status information. To estimate.

Specifically, the system configuration estimation unit 215 includes a network monitoring unit 208, an external service information collection unit 201, and a configuration estimation unit 202.

The network monitoring unit 208 monitors the load status of the network 40. The external service information collecting unit 201 collects information on the external service from the control device 10 according to the load status of the network 40. The configuration estimation unit 202 estimates the configuration of the control system 50 based on the information of the external service.

Next, the risk assessment unit 203 determines each control risk (for example, security) of the control device 10 based on the vulnerability information regarding the control device 10 and the configuration of the control system 50 estimated by the system configuration estimation unit 215. Risk) is estimated.

Specifically, for example, the risk assessment unit 203 has a length of time from the past estimation time of the configuration of the control system 50 to a predetermined time (in the present embodiment, it is the present time, but another predetermined timing may be used). Correspondingly, the magnitude of each control risk of the control device 10 is estimated.

Further, for example, the risk assessment unit 203 controls according to the length of time from the time when the vulnerability information 1001 is set to a predetermined time (in this embodiment, it is the current time, but another predetermined timing may be used). Estimate the magnitude of each control risk of the device 10.

Here, the vulnerability information 1001 will be described.

(Vulnerability information)
FIG. 3 is a diagram showing an example of the data structure of the vulnerability information 1001. Vulnerability information 1001 is information on vulnerabilities (for example, control and security vulnerabilities) possessed by the OS or software stored in the control device 10. Vulnerability information 1001 is provided to the asset management device 20 automatically or at a timing specified by the user, for example, from an external network of the asset information management system 1.

Specifically, the vulnerability information 1001 is the release date and time 1003, which is the date and time when the information related to the vulnerability target 1002 and the vulnerability target 1002, which is the OS or software in the control device 10 in which the vulnerability was found, were released. It is a database having one or more records including the risk level 1004 of the vulnerability related to the vulnerability target 1002.

The components of the vulnerability information 1001 are not limited to those described here. Further, the registration order of each information in the vulnerability information 1001 is not limited to the order described here.

Next, as shown in FIG. 2, the collection target identification unit 204 identifies the collection target device, which is the control device 10 whose control risk satisfies a predetermined condition.

Specifically, the collection target identification unit 204 sets the priority information as a candidate of the collection target device based on the risk as a predetermined condition.

The configuration information collection program generation unit 205 is a predetermined program (internal configuration information) for acquiring the asset configuration information (internal configuration information) of the collection target device based on the collection target device information specified by the collection target identification unit 204. That is, a configuration information collection program) is generated.

In the present embodiment, the configuration information collection program generation unit 205 stores the program generated by the configuration information collection program generation unit 205 in a predetermined storage device (external storage medium 30). Then, the collection target device executes the stored program, and stores the information on the configuration of the assets managed by the collection target device in the storage device (program execution unit 106).

The program execution unit 106 determines whether or not the program (configuration information collection program) has been executed by the collection target device of the collection target itself, and determines that the program has been executed by the collection target device. The asset composition management unit 206 that stores the information on the composition of the assets managed by the collection target device in the storage device (external storage medium 30) stores the information on the composition of the assets managed by the collection target device specified by the collection target identification unit 204. get. That is, the asset configuration management unit acquires the asset configuration information based on the program generated by the configuration information collection program generation unit 205.

In the present embodiment, the asset configuration management unit 206 acquires the asset configuration information stored in the configuration information collection program generation unit 205 from the storage device (external storage medium 30).

Next, the communication unit 207 transmits / receives data to / from the control device 10 via the network 40.

The system configuration storage unit 209 stores the configuration of the control system 50 estimated by the system configuration estimation unit 215 as system configuration information 901, and stores the asset configuration information (configuration information 1301) acquired by the asset configuration management unit 206. ..

The vulnerability storage unit 210 stores the vulnerability information 1001.

The collection template storage unit 211 stores the collection template information 1101, which is information that stores the collection procedure of the internal configuration information and the collection target.

Here, the collection template information 1101 will be described.

(Collection template information)
FIG. 4 is a diagram showing an example of the data structure of the collection template information 1101. The collection template information 1101 is a database having at least one record configured including the OS information 1102 of the OS operating in the control device 10 and the configuration information collection script 1103 corresponding to the OS related to the OS information 1102. ..

The configuration information collection script 1103 is a program or the like that collects information on the internal configuration of the control device 10. The configuration information collection script 1103 is, for example, a program that describes the location and reference method of data to be referred to in order to collect information on the internal configuration. The contents of the configuration information collection script 1103 differ depending on the OS.

The components of the collection template information 1101 are not limited to those described here, and at least the elements described here may be included. Further, the order of the components of the collection template information 1101 is not limited to that described here.

Next, as shown in FIG. 2, the input / output unit 212 accepts the user input to the asset management device 20 and displays the information to be presented to the user.

Specifically, for example, the input / output unit 212 contains information on the configuration of the control system 50 estimated by the system configuration estimation unit 215 and information on the configuration of assets managed by the collection target device acquired by the collection target identification unit 204. Output at least one of them. Further, the input / output unit 212 outputs the priority information together with the configuration information of the collection target device.

Next, the external medium connection unit 213 transmits / receives data to / from the connected external storage medium 30.

Here, FIG. 5 is a diagram showing an example of the hardware configuration of the control device 10 and the asset management device 20. These information processing devices include a CPU 14, a memory 15 such as a RAM (Random Access Memory) and a ROM (Read Only Memory), a storage device 13 such as an HDD (Hard Disk Drive) and an SSD (Solid State Drive), and a keyboard. Alternatively, an input / output device 11 including a touch panel or the like, a monitor, a display, or the like, and a communication device 11 that communicates with another information processing device are provided, and these are connected by an internal communication line 16 such as a bus.

The functions of the functional units of the control device 10 and the asset management device 20 are realized by the CPU 14 reading a predetermined program that realizes each function stored in the memory 15 or the storage device 13. Each program may be recorded in advance on a recording medium that can be read by the control device 10 and the asset management device 20, and is required via a storage medium or a communication medium (a network or a carrier wave propagating through the network). It may be introduced at times.

Next, FIG. 6 is a diagram showing an example of the hardware configuration of the external storage medium 30. The external storage medium 30 includes an input / output device 31 for inputting / outputting (connecting) data and a storage device 32 such as a flash memory, and these are connected by an internal communication line 33 such as a bus.

Next, the processing performed in the asset information management system 1 will be described.

<Outline of processing>
FIG. 7 is a flow chart illustrating an outline of processing performed in the asset information management system 1 according to the first embodiment.

First, the asset management device 20 executes an external service information collection process for collecting the configuration of the control system 50 at a predetermined timing (S1). Then, the asset management device 20 executes the configuration information collection program generation process of generating the configuration information collection program 1201 and storing it in the external storage medium 30 based on the result of the external service information collection process (S3).

On the other hand, the control device 10 executes the configuration information collection program 1201 stored in the external storage medium 30 and executes the configuration information collection program execution process for storing the output information (configuration information 1301) in the external storage medium 30. (S5).

The asset management device 20 executes an asset information update process for acquiring the configuration information 1301 stored in the external storage medium 30 (S7).

After that, based on the configuration information 1301 of the asset management device 20, the user causes the control device 10 to perform processing related to the change of its internal configuration (for example, the assets of the control device 10 (OS, various software, etc.)). Update) to eliminate the vulnerability in.

The details of these processes will be described below.

<External service information collection process>
FIG. 8 is a flow chart illustrating an example of the external service information collection process. The external service information collection process is executed, for example, at a predetermined timing (for example, a predetermined time interval, a predetermined time, or a timing designated by the user) after the asset information management system 1 is started.

First, the network monitoring unit 208 of the asset management device 20 acquires information indicating the current state of the network 40 (the load status of the network 40) (S401). Specifically, for example, the network monitoring unit 208 monitors the communication status of the network 40 (for example, acquires response data by transmitting a predetermined packet to the network 40), and per unit time in the network 40. Generates information such as the number or data size of communication packets of the above, or the band used in the network 40.

The network monitoring unit 208 determines whether or not the load on the network 40 is high based on the information acquired in S401 (S402). Specifically, for example, the network monitoring unit 208 determines whether or not the number of packets or data size acquired in S401 is equal to or greater than a predetermined threshold value, or whether or not the band used is equal to or greater than a predetermined threshold value. Etc. are judged.

When the load on the network 40 is high (S402: above the specified value), the load on the network 40 is high at present and it is not suitable for acquiring external service information. Therefore, the network monitoring unit 208 repeats the process of S401.

On the other hand, when the load on the network 40 is not high (S402: less than the specified value), the external service information collecting unit 201 of the resource management device 20 identifies the control device 10 to be acquired from the external service information (S403). ..

Specifically, for example, the external service information collecting unit 201 may specify all the control devices 10, or may specify a part of the control device 10 (for example, the control device 10 whose ID number is within a predetermined range). You may get it.

The external service information collection unit 201 generates an external service information collection command 801 which is a program for acquiring external service information from the control device 10 specified in S403 (S404).

(External service information collection command)
Here, FIG. 9 is a diagram showing an example of the external service information collection command 801. The external service information collection command 801 is a collection target device address 802 that is information (referred to as an IP address in this embodiment) that identifies the control device 10 that is the target for acquiring external service information, and the control indicated by the collection target device address 802. The port used for communication between the protocol 803, which is information on the protocol used for communication with the device 10 (for example, TCP: Transmission Control Protocol, UDP: User Datagram Protocol), and the control device 10 indicated by the collection target device address 802. The number 804 and the data for collecting information 805 are included.

The information collection data 805 is, for example, data corresponding to the protocol 803 and the port number 804. When this data is transmitted to the control device 10, the control device 10 returns a predetermined response data corresponding to the data, so that the OS operating in the control device 10 and the control device 10 provide it to an external device. It is possible to identify the external service that is being used without providing any special function.

The components of the external service information collection command 801 are not limited to those described here, and may include at least the collection target device address 802, the protocol 803, and the port number 804. Information gathering data 805 is not an essential element. Further, the storage order of the components of the external service information collection command 801 is not limited to the order described here.

Further, in the present embodiment, the external service information collection command 801 is generated for each control device 10, but may be generated as one command for all the control devices 10 specified in S403.

Next, as shown in S405 of FIG. 8, the external service information collecting unit 201 transmits the external service information collecting command 801 generated in S404 to each control device 10 specified in S403. Then, the communication unit 105 of each control device 10 that has received the external service information collection command 801 receives a predetermined response 402 (for example, information including the ID and IP address of the control device 10) based on a predetermined function provided in advance. ) Is generated (S405), and the generated response 402 is transmitted to the asset management device 20.

The external service information collection unit 201 of the asset management device 20 confirms whether or not all the external service information collection commands 801 generated in S404 have been transmitted (S406). If there is an external service information collection command 801 that has not been transmitted, this is transmitted (S406: incomplete), and if all the external service information collection commands 801 are transmitted (S406: completed), the external service information collection unit 201 , Perform the following processing.

That is, the external service information collecting unit 201 estimates the configuration of the control system 50 based on the response 402 received from each control device 10 (S407).

Specifically, for example, the external service information collecting unit 201 receives each response 402.
Based on the above, the presence or absence of an abnormality in each control device 10, the connection relationship between each control device 10 that is the source of each response 402, the OS operating in each control device 10, and each control device 10 provide. Estimate external services, etc.

The system configuration storage unit 209 stores the result estimated in S407 as system configuration information 901 (S408).

(System configuration information)
FIG. 10 is a diagram showing an example of the data configuration of the system configuration information 901. The system configuration information 901 includes a device identifier 902 which is an identifier of the control device 10, a collection date and time 903 which is a date and time when the information of the internal configuration 907 in the control device 10 related to the device identifier 902 is acquired, and a control device related to the device identifier 902. The IP address 904, which is information for identifying the 10, and the OS information 905 (for example, information on the free number of the I / O port, which differs depending on the OS), which is the information of the OS operating in the control device 10 related to the device identifier 902. , A database having one or more records including an external service 906, which is information for identifying an external service provided by the control device 10 according to the device identifier 902, and an internal configuration 907 in the control device 10 related to the device identifier 902. .. At the time of the first execution of S40, the internal configuration 907 may be empty information.

The external service 906 and the internal configuration 907 may include information on a plurality of external services or configurations depending on the configuration of the device or the device.

The components of the system configuration information 901 are not limited to those described here, and at least the elements described here may be included. Further, the storage order of the components of the system configuration information 901 is not limited to the order described here.

Next, as shown in S409 of FIG. 8, the input / output unit 212 displays a system configuration display screen showing the contents of the system configuration information 901 generated in S407. This completes the external service information collection process.

(System configuration display screen)
FIG. 11 is a diagram showing an example of the system configuration display screen 1401. The system configuration display screen 1401 shows a system configuration diagram 1402 showing the connection relationship (whether or not there is a connection, etc.) between the asset management device 20 and each control device 10 based on the IP address information, and the configuration of each control device 10. It also includes a detailed configuration list 1403.

The detailed configuration list 1403 includes device information 1404 which is information for specifying the control device 10, acquisition date and time 1405 of information on the internal configuration of the control device 10 according to the device information 1404, and IP address 1406 of the control device 10 according to the device information 1404. Each information of OS1407 operating in the control device 10 according to the device information 1404, the external service 1408 provided by the control device 10 according to the device information 1404, and the internal configuration 1409 in the control device 10 according to the device information 1404 , Each control device 10 (equipment) is displayed in a list. The internal configuration 1409 is hidden at the time of the first execution of S408.

The components of the system configuration display screen 1401 are not limited to those described here, and at least the above elements may be included. Further, the display order of the components of the system configuration display screen 1401 is not limited to that described here.

<Configuration information collection program generation process>
FIG. 12 is a flow chart illustrating an example of the configuration information collection program generation process. note that,
This process is executed at a predetermined timing (for example, a predetermined time interval, a predetermined time, or a timing designated by the user) after the execution of the external service information collection process. Further, at the start of this process, the user connects the external storage medium 30 to the asset management device 20.

First, the configuration information collection program generation unit 205 of the asset management device 20 acquires the system configuration information 901 stored in the system configuration storage unit 209 in the external service information collection process (S501).

Further, the configuration information collection program generation unit 205 acquires the vulnerability information 1001 stored in the vulnerability storage unit 210 (S502).

The risk assessment unit 203 evaluates the current risk of each control device 10 in the control system 50 based on the system configuration information 901 acquired in S501 and the vulnerability information 1001 acquired in S502 (S503).

Specifically, for example, the risk evaluation unit 203 compares the configuration of each control device 10 indicated by the system configuration information 901 with the OS and the external service indicated by the vulnerability target 1002 of the vulnerability information 1001 to determine the vulnerability. The number of OSs and external services possessed is specified for each control device 10, and the larger the number, the higher the risk of the control device 10 (or the control device 10 having a certain number or more is a risk. Is evaluated as high). Further, for example, the risk evaluation unit 203 may evaluate those risks by acquiring the hardware information of each control device 10.

Then, for the control devices 10 having the same risk evaluation, the risk evaluation unit 203 calculates, for example, the time difference (elapsed time) from the publication date and time 1003 of the vulnerability information 1001 to the current date and time to determine the vulnerability. It is evaluated that the older the information is, the higher the risk is (or, if the information on the vulnerability is before a certain time, the risk of the control device 10 is evaluated to be high).

The collection target identification unit 204 calculates the priority order (priority order for acquiring the configuration information 1301) of each control device 10 based on the risk evaluated in S503 (S504).

Specifically, for example, the collection target identification unit 204 has a higher priority as the control device 10 has a higher risk. In addition, the collection target identification unit 204 has a higher priority of the control device 10 having an OS or an external module whose vulnerability information 1001 has a high risk level 1004 or whose publication date and time 1003 is before a certain period of time among the control devices 10 having the same risk. To raise.

The collection target identification unit 204 may set priorities among the control devices 10 having the same risk according to their physical positions (for example, the control device 10 having a short distance from the asset management device 20). High priority). Thereby, the work load of the user can be adjusted.

The input / output unit 212 displays the priority information calculated in S504 on the priority display screen 1501 (S505).

(Priority display screen)
FIG. 13 is a diagram showing an example of the priority display screen 1501. The priority display screen 1501 shows a system configuration diagram 1502 showing a connection relationship between the asset management device 20 and each control device 10 based on IP address information, and a priority order showing information on the priority of each control device 10. It includes a detailed list 1503.

In the priority order detailed list 1503, the device information 1505 that identifies the control device 10, the priority order 1504 of the control device 10 according to the device information 1505, the risk magnitude 1506 of the control device 10 according to the device information 1505, and the risk Each information of the calculation basis 1507 of the size 1506 is displayed in a list. In the example of the figure, the calculation basis 1507 shows that the vulnerability has been disclosed within one month, or that more than half a year has passed since the previous collection date and time of the information on the internal configuration.

The components of the priority display screen 1501 are not limited to the items described here, and at least the elements described here may be included. Further, the display order of the components of the priority display screen 1501 is not limited to the order described here.

The user can consider which control device 10 has a high risk while checking the priority display screen 1501.

Next, as shown in S506 of FIG. 12, the configuration information collection program generation unit 205 acquires the collection template information 1101 from the collection template storage unit 211, and based on the acquired collection template information 1101, the configuration information collection program 1021 To generate.

Specifically, for example, first, the configuration information collection program generation unit 205 receives an input to the priority display screen 1501 from the user, and then receives a collection target device from the control device 10 displayed on the priority display screen 1501. To identify. The configuration information collection program generation unit 205 may automatically specify each control device 10 having a predetermined priority (for example, the control device 10 from the highest priority to the predetermined order) as a collection target device. ..

Then, the configuration information collection program generation unit 205 specifies all the OSs operating in the specified collection target device. Then, the configuration information collection program generation unit 205 acquires the configuration information collection script 1103 corresponding to each specified OS from the collection template information 1101, respectively. The configuration information collection program generation unit 205 stores the IP address (acquired from the system configuration information 901) of each collection target device in association with each acquired configuration information collection script 1103, thereby storing the configuration information collection program 1201. To generate.

The configuration information collection program generation unit 205 may independently generate the configuration information collection program 1201 without using the collection template information 1101. Further, the configuration information collection program generation unit 205 may generate the configuration information collection program 1201 by using a template including the information of the collection target device.

(Configuration information collection program)
FIG. 14 is a diagram showing an example of the configuration information collection program 1201. The configuration information collection program 1201 determines whether or not the IP address 1202 of the collection target device, the configuration information collection script 1203, which is a program for collecting information on the internal configuration of the collection target device, and the configuration information collection script 1203 have been executed. Includes the execution presence / absence flag 1204, which is information (execution flag) indicating the above.

The execution presence / absence flag 1204 is a flag indicating whether or not the configuration information collection script 1203 has been executed for the collection target device. If it is executed, it is "executed", and if it is not executed, it is "not executed". Information is set.

The configuration information collection program 1201 may be generated for each collection target device, or may be a program in which programs related to all collection target devices are integrated into one.

The components of the configuration information collection program 1201 are not limited to those described here, and at least the components described here may be included. Further, the storage order of the components of the configuration information collection program 1201 is not limited to the order described here.

Next, as shown in FIG. 12, the external medium connection unit 213 transmits a connection confirmation command 501 to the external storage medium 30. Upon receiving the connection confirmation command 501, the connection unit 303 of the external storage medium 30 generates a response 502 indicating the connection state, and transmits the generated response 502 to the asset management device 20.

The external medium connection unit 213 of the asset management device 20 confirms the response 502 (S507).

If the response 502 indicates a connection failure (or the response 502 has not been received) (S507: connection failure), the external media connection unit 213 ends the configuration information collection program generation process (S508). On the other hand, when the response 502 indicates the connection success (S507: connection success), the configuration information collection program generation unit 205 transmits the configuration information collection program 1201 generated in S506 to the external storage medium 30.

The configuration information collection program storage unit 301 of the external storage medium 30 stores the received configuration information collection program 1201 (S509). Then, the connection unit 303 of the external storage medium 30 transmits a predetermined response 504 to the asset management device 20.

Next, the configuration information collection program generation unit 205 confirms the received response 504 (S510). When the configuration information collection program generation unit 205 determines that the storage of the configuration information collection program 1201 has failed based on the received response 504, the configuration information collection program 1201 is transmitted again (S510: storage failure). On the other hand, when the configuration information collection program generation unit 205 determines that the storage of the configuration information collection program 1201 is successful, the configuration information collection program generation process ends (S510: successful storage).

If the storage of the configuration information collection program 1201 fails more than a predetermined number of times, there may be a situation in which the external storage medium 30 has no free space or the external storage medium 30 is in a writable state. The information collection program generation unit 205 may end the configuration information collection program storage process even in such a case.

<Configuration information collection program execution process>
FIG. 15 is a flow chart illustrating an example of the configuration information collection program execution process. This process is executed at a predetermined timing (for example, a predetermined time interval, a predetermined time, or a timing designated for the control device 10 by the user) after the execution of the configuration information collection program generation process.

At the start of this process, the user connects the external storage medium 30 to the control device 10 which is the collection target device. Here, the case where the control device 10 (x) of the control devices 10 (1) to (n) is the collection target device will be described.

First, the external medium connection unit 103 (x) of the control device 10 (x) transmits the connection confirmation command 601 to the external storage medium 30. Upon receiving the connection confirmation command 601, the connection unit 303 of the external storage medium 30 transmits a response 602 indicating the connection state to the control device 10 (x). The external media connection unit 103 (x) may transmit the connection confirmation command 601 according to the instruction from the asset management device 20.

After that, the external medium connection unit 103 (x) of the control device 10 (x) confirms the response 602 (S601). If it is determined that the connection with the external storage medium 30 has failed (or the response 602 has not been received) (S601: connection failure), the external medium connection unit 103 (x) executes the configuration information collection program. The process ends (S602). On the other hand, when it is determined that the connection with the external storage medium 30 is successful (S601: connection successful), the external medium connection unit 103 (x) transfers the acquisition of the configuration information collection program 1201 to the external storage medium 30. The requested acquisition command 603 is transmitted to the external storage medium 30.

The configuration information collection program storage unit 301 of the external storage medium 30 acquires the configuration information collection program 1201 in response to the reception of the acquisition command 603 (S603). The connection unit 303 transmits the configuration information collection program 1201 to the control device 10 (x).

The program execution unit 106 (x) of the control device 10 (x) executes the received configuration information collection program 1201 (S604). The program execution unit 106 (x) may automatically execute the configuration information collection program 1201 after receiving it, or may execute the program based on user input.

After executing the configuration information collection program 1201, the program execution unit 106 (x) confirms whether or not the configuration information collection program 1201 is a program corresponding to its own control device 10 (x) (S605). Specifically, for example, the program execution unit 106 (x) confirms the information of the control device 10 registered in the collection target IP address 1202 of the configuration information collection program 1201 or the configuration information collection script 1203.

If the configuration information collection program 1201 is not a program corresponding to itself (S605: mismatch), the connection destination control device 10 has an error, and the program execution unit 106 (x) executes the configuration information collection program execution process. Is finished (S606).

On the other hand, when the configuration information collection program 1201 is a program corresponding to itself (S605: match), the program execution unit 106 (x) has a predetermined function according to the configuration information collection program 1201 (collection template information 1101). Based on the above, information on the internal configuration of the control device 10 (x) is collected (S607). Then, the program execution unit 106 (x) sets the execution presence / absence flag 1204 of the configuration information collection program 1201 to “executed” (updates the configuration information collection program 1201) (S608).

The external medium connection unit 103 (x) of the control device 10 (x) transmits the internal configuration information collected in S607 and the configuration information collection program 1201 updated in S608 to the external storage medium 30.

The configuration storage unit 302 of the external storage medium 30 stores the information of the internal configuration received from the control device 10 (x) as the configuration information 1301 (S609). Further, the configuration information collection program storage unit 301 of the external storage medium 30 stores the configuration information collection program 1201 received from the control device 10 (x) (S610). This completes the configuration information collection program execution process.

When there are a plurality of collection target devices, the above configuration information collection program execution process is executed for each collection target device.

Here, the configuration information will be described.

(Configuration information)
FIG. 16 is a diagram showing an example of the configuration information 1301. The configuration information 1301 includes an identifier 1302 of the control device 10 (equipment) in the control system 50, a collection date and time 1303 of the internal configuration information 1306, an IP address 1304 which is information for specifying the control device 10 related to the identifier 1302, and an identifier. The OS information 1305 operating in the control device 10 according to 1302 and the information 1306 of the internal configuration in the control device 10 according to the identifier 1302 are included.

The components of the configuration information 1301 are not limited to those described here, and the storage order of the respective information is not limited to the order described here.

<Asset information update processing>
FIG. 17 is a flow chart illustrating an example of asset information update processing. This process is executed at a predetermined timing (for example, a predetermined time interval, a predetermined time, or a timing designated by the user) after the execution of the configuration information collection program execution process. At the start of this process, the user connects the external storage medium 30 to the asset management device 20.

First, the external medium connection unit 213 of the asset management device 20 transmits the connection confirmation command 701 to the external storage medium 30. Upon receiving the connection confirmation command 701, the connection unit 303 of the external storage medium 30 transmits a response 702 indicating the connection status with the asset management device 20 to the asset management device 20.

After that, the external medium connection unit 213 of the asset management device 20 confirms the response 702 (S701). If the response 702 indicates a connection failure (or the response 702 has not been received) (S701: connection failure), the external media connection unit 213 ends the asset information update process (S702).

If the response 702 indicates a successful connection (S701: successful connection), the asset configuration management unit 206 transmits a configuration information collection program acquisition command 703 requesting acquisition of the configuration information collection program 1201.

The configuration information collection program storage unit 301 of the external storage medium 30 acquires the configuration information collection program 1201 in response to the reception of the configuration information collection program acquisition command 703 (S703). The connection unit 303 transmits this configuration information collection program 1201 to the asset management device 20.

The asset composition management unit 206 of the asset management device 20 confirms the execution presence / absence flag 1204 of the configuration information collection program 1201 received from the external storage medium 30. After confirming that the execution presence / absence flag 1204 is "executed", the asset configuration management unit 206 extracts the contents of the collection target IP address 1202 of the configuration information collection program 1201 (S704).

Then, the asset configuration management unit 206 transmits a configuration information acquisition command 705, which is a command for requesting acquisition of information on the internal configuration of the control device 10 related to the extracted IP address, to the external storage medium 30.

The configuration storage unit 302 of the external storage medium 30 acquires the configuration information 1301 related to the control device 10 indicated by the configuration information acquisition command 705 in response to the reception of the configuration information acquisition command 705 (S705). The connection unit 303 of the external storage medium 30 transmits the acquired configuration information 1301 to the asset management device 20.

The asset composition management unit 206 of the asset management device 20 acquires the system configuration information 901 (S706). Then, the system configuration storage unit 209 has acquired the system configuration information 901.
Is updated with the configuration information 1301 received from the external storage medium 30 (S707).

Specifically, for example, the asset configuration management unit 206 is configured with the collection date and time 903 of the system configuration information 901 in the record of the device identifier 902 corresponding to the device identifier 1302 of the received configuration information 1301 in the system configuration information 901. The collection date and time 1303 of the information 1301 is updated, the IP address 1304 of the configuration information 1301 is updated with the IP address 904 of the system configuration information 901, and the OS information 1305 of the configuration information 1301 is updated with the OS information 905 of the system configuration information 901. The internal configuration information 1306 of the configuration information 1301 is updated by the internal configuration 907 of the system configuration information 901 (if there is no corresponding information, it is added).

The system configuration storage unit 209 stores the system configuration information 901 updated in S707, and ends the asset information update process (S708).

After that, the user confirms the configuration information 1301 (information on the internal configuration) to determine the control device 10 having a particular control problem, and takes appropriate measures for the control device 10. For example, the configuration of the other control system 50 is to acquire an update program related to software such as an OS or an external service from a predetermined network and install it in the control device 10, stop the control device 10, replace it with another control device 10, and so on. It is possible to take measures such as changing.

The above measures may be automatically taken by the asset management device 10 based on the updated configuration information 901.

As described above, the asset information management system 1 of the present embodiment estimates the configuration of the control system 50 based on the communication status information of the control system 50, and is based on the vulnerability information 1001 and the estimated configuration of the control system 50. , Each control risk of the control device 10 is estimated, the control device 10 (collection target device) having the control risk of a predetermined condition (priority) is specified, and the asset managed by the collection target device is identified. Get configuration information.

That is, the configuration of the control system 50 is estimated based on the communication state information of the network 40, and based on this estimation result, only the control device 10 having a risk is the target of collecting asset information. As a result, the asset information in the control system 50 can be collected without imposing a heavy load on the control device 10 and the network 40 in the control system 50. Then, only the necessary asset information can be efficiently collected according to the risk of the control device 10.

As described above, according to the asset information management system 1 of the present embodiment, it is possible to acquire the asset information necessary for stable control of the control system while suppressing the influence on the control system.

[Second Embodiment]
In the first embodiment, the configuration information collection program 1201 is stored in the external storage medium 30, and each control device 10 reads the configuration information collection program 1201 from the external storage medium 30 and executes it.

On the other hand, in the present embodiment, each control device 10 executes the configuration information collection program 1201 without using the external storage medium 30.

<Configuration and function>
FIG. 18 is a diagram illustrating an example of the configuration and function of the asset information management system 1 according to the second embodiment. The same reference numerals are given to the same configurations as those in the first embodiment. Hereinafter, the points different from those of the first embodiment will be mainly described.

The asset information management system 1 according to the present embodiment includes an asset management device 20, a control system 50 including a plurality of control devices 10 and a device 70 to be controlled, and these can communicate with each other via a network 40. It is connected to the. That is, unlike the first embodiment, the asset information management system 1 does not have the external storage medium 30.

Further, unlike the first embodiment, the control device 10 does not have the external medium connection unit 103. The asset management device 20 also does not have an external medium connection unit 213, unlike the first embodiment.

The hardware configuration of the control device 10 and the asset management device 20 is the same as that of the first embodiment.

Next, the processing performed by the asset information management system 1 will be described.

In the present embodiment, in the asset information management system 1, the asset management device 20 directly transmits the configuration information collection program 1201 to each control device 10, each control device 10 collects information on its internal configuration, and the asset management device 20 Performs a process of directly receiving the information of the internal configuration (hereinafter referred to as an internal configuration information automatic collection process).

Specifically, first, the external service information acquisition process is performed as in the first embodiment, and then the internal configuration information automatic collection process is performed.

<Automatic collection process of internal configuration information>
FIG. 19 is a flow chart illustrating an example of the internal configuration information automatic collection process according to the second embodiment. Note that this process is executed at a predetermined timing (for example, a predetermined time interval, a predetermined time, or a timing designated by the user) after the completion of the external service information acquisition process.

First, the system configuration storage unit 209 of the asset management device 20 acquires the system configuration information 901 generated by the external service information acquisition process, as in S501 of the first embodiment (S1701). Further, the vulnerability storage unit 210 acquires the vulnerability information 1001 as in the case of S502 of the first embodiment (S1702).

The risk assessment unit 203 of the asset management device 20 calculates the risk of each control device 10 based on the system configuration information 901 acquired in S1701 and the vulnerability information 100 acquired in S1702, as in S503 of the first embodiment. (S1703). Then, the collection target identification unit 204 calculates the priority of each control device 10 based on the risk calculated in S1703 as in S504 of the first embodiment (S1704), and similarly to S505 of the first embodiment. , Display the collection priority screen (S1705).

Next, the collection target identification unit 204 of the asset management device 20 specifies the collection target device in the same manner as in S506 of the first embodiment, and the configuration information collection program generation unit 205 identifies the collection target device in the same manner as in S506 of the first embodiment. For each identified device to be collected, the corresponding configuration information collection script 1103 is acquired from the collection template information 1101, and each configuration information collection program 1201 is generated based on the acquired configuration information collection script 1103 (S1706). Here, it is assumed that the collection target device is the control device 10 (x).

Then, in the present embodiment, the communication unit 207 of the asset management device 20 transmits the generated configuration information collection program 1201 to the control device 10 (x). Then, the program execution unit 106 (x) of the control device 10 (x) has a predetermined function as in the case of S604 of the first embodiment.
The received configuration information collection program 1201 is executed (S1707).

In the program execution unit 106 (x), similarly to S605 of the first embodiment, does the control device 10 that executes the configuration information collection program 1201 match the control device 10 defined in the configuration information collection program 1201? Whether or not it is determined (S1708).

If they do not match (S1708: mismatch), it is assumed that there is an error in the transmission destination control device 10, and the program execution unit 106 (x) ends the internal configuration information automatic collection process (S1709).

On the other hand, when both match (S1708: match), the program execution unit 106 (x) follows the configuration information collection script 1203 included in the configuration information collection program 1201 as in S607 of the first embodiment. Information on the internal configuration of the control device 10 (x) is collected (S1710).

Similar to S608 of the first embodiment, the program execution unit 106 (x) updates the execution presence / absence flag 1204 included in the configuration information collection program 1201 to “executed” (S1711). The communication unit 105 (x) transmits the configuration information 1301 which is the internal configuration information collected in S1710 and the configuration information collection program 1201 updated in S1711 to the asset management device 20.

Similar to S704 of the first embodiment, the asset composition management unit 206 of the asset management device 20 configures by checking the execution presence / absence flag 1204 included in the configuration information collection program 1201 received from the control device 10 (x). It is determined whether or not the information collection program 1201 has been executed (S1712). As a result, if it is determined that the configuration information management unit 206 has not been executed, the asset configuration management unit 206 again transmits the configuration information collection program 1201 to the control device 10 (x) (S1712: not executed).

On the other hand, when it is determined that the system has been executed (S1712: executed), the asset configuration management unit 206 acquires the system configuration information 901 (S1713) as in the case of S706 of the first embodiment.

Then, the system configuration storage unit 209 updates the system configuration information 901 acquired in S1713 with the configuration information 1301 received from the control device 10 (x), similarly to S707 of the first embodiment (S1714).

Further, the system configuration storage unit 209 stores the system configuration information 901 updated in S1714 and ends the process, similarly to S708 of the first embodiment (S1715).

As described above, according to the asset information management system 1 of the present embodiment, the asset management device 20 can provide the configuration information collection program 1201 to the control device 10 without going through the external storage medium 30. As a result, even when a large number of control devices 10 and 70 are present, the asset information can be updated quickly.

The present invention is not limited to each of the above embodiments, and includes various modifications. For example, the above-described embodiment has been described in detail in order to explain the present invention in an easy-to-understand manner, and is not necessarily limited to the one including all the described configurations. For example, it is possible to add / delete / replace a part of the configuration of the embodiment with another configuration.

For example, the function of the asset management device 20 of the control device 10 may be included, or a part of the function of the asset management device 20 may be included in the control device 10. In addition, the control device 10 and the asset management device 2
Communication between 0s may be performed via another device.

Further, the data shown as the information in the database format in the present embodiment may be in any other data format.

Further, in the present embodiment, the information on the number of packets, the band, and the like is used to check the load status of the network 40, but other information indicating the communication amount may be used.

Further, in the present embodiment, the collection template information 1101 and the configuration information collection script depend on software such as an OS, but when they depend on the hardware of the control device 10 or the device 70, the information corresponding to these hardware is used. Alternatively, it may be a program.

Further, in the present embodiment, the risk of the control device 10 (device 70) is the presence or absence or number of vulnerable OSs or external services, the degree of risk of the vulnerability, and the elapsed time from the previous collection date and time of the information of the internal configuration. Although it is calculated from the above, it may be calculated by using other factors such as other software information, hardware specifications or configurations.

Further, in the present embodiment, as a method of calculating the priority of the control device 10 (device 70), the calculated risk magnitude and the calculation method based on the physical position of the control device 10 have been described, but the hardware specifications or configurations have been described. It may be calculated using other factors such as.

Further, in the present embodiment, the external storage medium 30 such as a USB memory is used as the main body for storing the configuration information collection program and the like, but another information processing system other than the asset information management system 1 such as the cloud is used. You may use it.

Further, in the present embodiment, as the conditions for specifying the collection target device, the priority, the date and time, and the physical position of the device based on the high risk are set, but other conditions (for example, the collection target device) are set. Maximum number of units) may be set.

Further, in the present embodiment, the internal configuration information is the configuration information of the OS and other software, but other information (for example, hardware information of each device, information about the network 40, information of each device, etc.) Management information) may be added or replaced with other information.

The above description of the present specification clarifies at least the following. That is, the asset information management system of each embodiment is a configuration information collection program generation unit that generates a predetermined program for acquiring information on the asset configuration of the collection target device based on the information of the specified collection target device. The asset composition management unit may acquire information on the composition of the asset based on the generated program.

In this way, by generating a configuration information collection program for acquiring the asset configuration information of the collection target device and acquiring the asset configuration information based on this program, each collection target device has a wide variety of configurations. Even if you have, you can surely get the information of the composition of those assets.

Further, in the asset information management system of each embodiment, the risk assessment unit controls each of the control devices according to the length of time from the past estimation time to the predetermined time of the configuration of the control system. You may estimate the magnitude of the risk.

In this way, by estimating the magnitude of the control risk of the control device 10 according to the length of time from the past estimation of the configuration of the control system 50 to the present, for example, the configuration is checked for a long time. It is possible to perform an appropriate risk assessment on the control device 10 according to the current situation, such as assuming that the risk is high for the control device 10 that has not been used.

Further, in the asset information management system of each embodiment, the risk assessment unit determines the magnitude of the risk in each control of the control device according to the length of time from the setting of the vulnerability information to the predetermined time. You may estimate the risk.

In this way, by estimating the magnitude of the control risk of the control device 10 according to the length of time from the setting of the vulnerability information 1001 to the present, for example, the control whose configuration has not been updated for a long time. It is possible to perform an appropriate risk assessment based on the update history of the control device 10, such as assuming that the device 10 has a high risk.

Further, in the asset information management system of each embodiment, the configuration information collection program generation unit stores the generated program in a predetermined storage device, and the collection target device executes the stored program. A program execution unit that stores information on the configuration of the asset managed by the collection target device in the storage device is provided, and the asset configuration management unit acquires information on the configuration of the stored asset from the storage device. , May be.

In this way, the configuration information collection program 1201 is stored in a storage device such as the external storage medium 30, the collection target device executes the configuration information collection program 1201 to obtain information on the configuration of the asset, and the asset management device obtains information on the configuration of the asset. By acquiring the information on the configuration of the asset from the storage device, the configuration information collection program 1201 can be easily managed. For example, the user can collect information from the control device 10 (device 70) of the collection target device installed in various places by using an external storage medium 30 or the like capable of storing the configuration information collection program 1201 and the information thereof. The configuration can be easily updated.

Further, in the asset information management system of each embodiment, when the program execution unit determines whether or not the program has been executed by the collection target device and determines that the program has been executed by the collection target device. The information on the configuration of the assets managed by the collection target device may be stored in the storage device only.

In this way, only when it is determined that the configuration collection program has been executed in the collection target device, the information on the configuration of the asset is stored in the storage device, so that the storage device has an incorrect configuration of the asset in the control device 10. It is possible to prevent the information from being stored.

Further, in the asset information management system of each embodiment, input / output that outputs at least one of the estimated configuration information of the control system and the acquired asset configuration information managed by the collection target device. It may be provided with a part.

In this way, by displaying the information on the configuration of the control system 50 or the information on the configuration of the assets managed by the collection target device, the user can use the current state of the control system 50 and the control important for control in the control system 50. Information on the device 10 can be known.

Further, in the asset information management system of each embodiment, the collection target identification unit sets priority information as a candidate for the collection target device based on the risk as the predetermined condition, and the input / output unit. May output the priority information together with the configuration information of the collection target device.

In this way, the control system 50 sets the priority condition based on the risk regarding the determination of the collection target device, and outputs the priority information together with the configuration information of the collection target device. More detailed information can be obtained about the importance of each control device 10 in control.

1 Asset information management system, 10 control device, 70 device, 20 asset management device, 30 external storage medium, 50 control system, 215 system configuration estimation unit, 203 risk evaluation unit, 204 collection target identification unit, 206 asset composition management unit, 1001 Vulnerability information

Claims (9)

With a processor and memory
A system configuration estimation unit that acquires communication status information of a control system configured to include a plurality of control devices that perform predetermined control and estimates the configuration of the control system based on the acquired communication status information.
A risk assessment unit that estimates the risk of each control of the control device based on the vulnerability information about the control device and the configuration of the estimated control system.
A collection target identification unit that identifies a collection target device that is a control device whose control risk satisfies a predetermined condition,
An asset information management system including an asset composition management unit that acquires information on the composition of assets managed by the specified collection target device. A configuration information collection program generation unit that generates a predetermined program for acquiring information on the asset configuration of the collection target device based on the information of the specified collection target device is further provided.
The asset composition management unit acquires information on the composition of the asset based on the generated program.
The asset information management system according to claim 1. The risk assessment unit estimates the magnitude of each control risk of the control device according to the length of time from the past estimation time to the predetermined time of the configuration of the control system.
The asset information management system according to claim 1. The risk assessment unit estimates the magnitude of each control risk of the control device according to the length of time from the setting of the vulnerability information to the predetermined time.
The asset information management system according to claim 1. The configuration information collection program generation unit stores the generated program in a predetermined storage device, and stores the generated program in a predetermined storage device.
The collection target device includes a program execution unit that executes the stored program and stores information on the configuration of the asset managed by the collection target device in the storage device.
The asset composition management unit acquires information on the composition of the stored assets from the storage device.
The asset information management system according to claim 2. The program execution unit determines whether or not the program has been executed by the collection target device, and only when it is determined that the program has been executed by the collection target device, the configuration of the assets managed by the collection target device. Information is stored in the storage device,
The asset information management system according to claim 5. It includes an input / output unit that outputs at least one of the estimated configuration information of the control system and the acquired asset configuration information managed by the collection target device.
The asset information management system according to claim 1. As the predetermined condition, the collection target identification unit sets the priority information as a candidate of the collection target device based on the risk, and sets the information.
The input / output unit outputs the priority information together with the configuration information of the collection target device.
The asset information management system according to claim 1. An information processing device that has a processor and memory
A system configuration estimation process that acquires communication status information of a control system configured to include a plurality of control devices that perform predetermined control and estimates the configuration of the control system based on the acquired communication status information.
Based on the vulnerability information about the control device and the configuration of the estimated control system, the risk assessment process for estimating the control risk of each of the control devices, and the risk assessment process.
Collection target identification processing that identifies a collection target device that is a control device whose control risk satisfies a predetermined condition,
An asset information management method that executes an asset configuration management process for acquiring information on the asset configuration managed by the specified collection target device.

Images