Search

JP-2026075074-A - Database construction method and system for complying with cybersecurity regulations

JP2026075074AJP 2026075074 AJP2026075074 AJP 2026075074AJP-2026075074-A

Abstract

[Problem] To provide a database construction method and system that can efficiently respond to cybersecurity regulations. [Solution] A database construction method for complying with cybersecurity regulations includes the following steps: an operational server displays a first interface for one or more pre-configured pre-configured items related to cybersecurity in step 801; a second interface can input a dataset relating to the attributes of the pre-configured items included in the first interface in step 802; a third interface establishes a relationship between two pre-configured items from among a plurality of pre-configured items in step 804; and a third interface establishes a relationship between a specific dataset of the first pre-configured item and a specific dataset of the second pre-configured item from among a plurality of pre-configured items using values obtained from a user terminal via the third interface in step 806. [Selection Diagram] Figure 8

Inventors

  • ホン,ソクミン
  • イ,ヒョンジュン

Assignees

  • フェスカロ カンパニー リミテッド

Dates

Publication Date
20260507
Application Date
20251020
Priority Date
20241021

Claims (15)

  1. As a method for building a database to comply with cybersecurity regulations, A step of displaying a first interface for one or more pre-configured items related to cybersecurity, The steps include providing a second interface that can input a dataset for the attributes of pre-configured items included in the first interface, The step of providing a third interface that can establish a relationship between two pre-configured pre-configuration items from among a plurality of pre-configuration items, A method for building a database for cybersecurity regulatory compliance, comprising the step of establishing a relationship between a specific dataset of a first preconfiguration item and a specific dataset of a second preconfiguration item among a plurality of preconfiguration items, using values obtained through the third interface.
  2. After the step of establishing the relationships between the aforementioned datasets, Steps to obtain threat scenarios, A step of providing a fourth interface that can establish a relationship between acquired threat scenarios and predefined threats, The method according to claim 1, further comprising the step of using values obtained via the fourth interface to configure one or more specific datasets of predefined threats that are mapped to specific datasets of the threat scenario.
  3. After the step of establishing the relationships between the aforementioned datasets, Among the aforementioned threat scenarios, the step of obtaining security objectives corresponding to a specific threat scenario, The steps include providing a fifth interface that can establish a relationship between the acquired security objective and the security control, The method according to claim 2, further comprising the step of using values obtained via the fifth interface to configure one or more specific datasets of security controls connected to specific datasets of security objectives.
  4. The method according to claim 2, wherein the fourth interface provides a list of predefined threats that can be mapped to the threat scenario dataset, and maps the dataset of predefined threats corresponding to a user selection from the list to a specific dataset of the threat scenario.
  5. The method according to claim 3, wherein the fifth interface provides a list of security control datasets that can be mapped to specific datasets of the security objective, and maps a dataset corresponding to a user selection from the security control dataset list to a specific dataset of the security objective.
  6. The method according to claim 5, wherein the predefined threat dataset list or the security control dataset list is based on values obtained using the second interface.
  7. The method according to claim 5, wherein a specific dataset of one or more pre-configured items is linked to a specific dataset of the threat scenario or the security objective.
  8. The method according to claim 1, wherein one or more pre-configured items on the first interface can be changed by operator input.
  9. The method according to claim 1, wherein the first interface provides an interface for adding pre-configured items or item-specific attributes by user input, in addition to pre-configured pre-configured items or item-specific attributes, and the first interface provides change history information regarding the attributes of the pre-configured items.
  10. The method according to claim 1, wherein the dataset input by the second interface includes the value of an identifier field among the attributes of the pre-configured item that uniquely distinguishes individual datasets.
  11. The method according to claim 1, wherein the step of providing the third interface is to provide an interface that allows a specific dataset of the first preconfiguration item and a specific dataset of the second preconfiguration item to be linked and input.
  12. The method according to claim 1, wherein the third interface includes the step of mapping an ID value corresponding to a specific dataset of the first preconfiguration item to an ID value corresponding to a specific dataset of one or more second preconfiguration items, or mapping an ID value corresponding to a specific dataset of the second preconfiguration item to an ID value corresponding to a specific dataset of one or more first preconfiguration items.
  13. The method according to claim 1, wherein the third interface is an interface that can establish a relationship between two pre-configured pre-configuration items from among a plurality of pre-configuration items.
  14. The method according to claim 1, wherein the first and second pre-configured pre-configured items among the aforementioned pre-configured items are one of the following: "security control - security request," "functional verification test case - security request," "pre-defined threat - non-functional verification test case," and "pre-defined threat - pre-defined mitigation."
  15. As a database construction system for complying with cybersecurity regulations, It displays a first interface for one or more pre-configured items, A second interface is provided that can input a dataset relating to the attributes of the pre-configured items included in the first interface. A third interface is provided that can establish a relationship between two pre-configured pre-configuration items from among a plurality of pre-configuration items. The system is configured to use the values obtained through the third interface to establish a relationship between a specific dataset of a first preconfiguration item and a specific dataset of a second preconfiguration item among the plurality of preconfiguration items. A database construction system for complying with cybersecurity regulations.

Description

The following embodiments relate to a method and system for constructing a database to comply with cybersecurity regulations. Currently, the mobility industry is facing a significant increase in cyberattack threats due to the growing electrification and connectivity of vehicles. This has led to a trend towards strengthening cybersecurity regulations internationally. For example, the United Nations Economic Commission for Europe (UNECE) has established UNR 155, an international standard for automotive cybersecurity, and the South Korean Ministry of Land, Infrastructure and Transport has amended its Automobile Management Act to stipulate that only automobile manufacturers and import/sales companies with CSMS (Cyber Security Management System) certification can sell vehicles domestically. Furthermore, the Cyber Resistance Act (CRA), a bill mandating enhanced and managed cybersecurity throughout the entire lifecycle of all products (hardware and software) including digital elements, is also scheduled to be implemented in the European Union (EU) market, impacting the entire mobility industry. Various cybersecurity regulations require organized processes and management systems to manage cyber threats and risks and protect mobility devices from cyberattacks. Compliance with these regulations necessitates a system that ensures cybersecurity throughout the entire lifecycle of mobility devices, including design, development, production, and maintenance. This is a system diagram of a database construction method for complying with cybersecurity regulations according to one embodiment.This figure shows the first screen of the first interface according to one embodiment of the present invention.This figure shows the second screen of the first interface according to one embodiment of the present invention.This figure shows a second interface for dataset input for pre-configured item attributes according to one embodiment of the present invention.This figure shows a third interface for establishing relationships between datasets of pre-configured items according to one embodiment of the present invention.This figure shows a fourth interface for establishing a relationship between a threat scenario and a predefined threat according to one embodiment of the present invention.This figure shows a fifth interface for establishing a relationship between security objectives and security controls according to one embodiment of the present invention.This diagram shows a flowchart illustrating the operation of the operational server and user terminal during the pre-configuration step according to one embodiment.This diagram shows a flowchart illustrating the operation of the operational server and user terminal in individual engineering steps according to one embodiment.This is a block diagram of a server according to one embodiment. The advantages and features of the present invention, and the methods for achieving them, will become apparent by referring to the embodiments described in detail with the accompanying drawings. However, it should be understood that the present invention is not limited to the embodiments presented below, but can be realized in a variety of different forms, encompassing all transformations, equivalents, and substitutes that fall within the spirit and technical scope of the present invention. The terminology used in this application is used solely to describe specific embodiments and is not intended to limit the invention. Singular expressions include plural expressions unless otherwise clearly indicated in the context. In this application, terms such as “includes” or “having” are intended to specify the existence of features, figures, steps, actions, components, parts, or combinations thereof described in the specification, and should be understood not to preemptively exclude the possibility of the existence or addition of one or more other features or figures, steps, actions, components, parts, or combinations thereof. Some embodiments of this disclosure can be represented by functional block configurations and various processing steps. Some or all of such functional blocks may be implemented by various hardware and/or software configurations that perform specific functions. For example, a functional block of this disclosure may be implemented by one or more microprocessors, or by a circuit configuration for a given function. Furthermore, for example, a functional block of this disclosure may be implemented in various programming or scripting languages. A functional block may be implemented by an algorithm executed by one or more processors. Furthermore, this disclosure may employ prior art for electronic environment configuration, signal processing, and/or data processing. Terms such as “mechanism,” “element,” “means,” and “configuration” can be used broadly and are not limited to mechanical and physical configurations. Furthermore, the connecting lines or members shown in the drawings between compone