Cyber/Physical Security Framework (CPSF)

“Society 5.0”, where cyber and physical spaces are highly integrated, enables dynamic and flexible supply chains while facing new risks such as increasing sources of attacks and adverse impacts on physical space.
The Ministry of Economy, Trade and Industry (METI) published the “Cyber-Physical Security Framework (CPSF) Ver1.0” on April 18, 2019, which outlines security measures against the new risks in Society 5.0.

Software TF

Collection of Use Case Examples Regarding Management Methods for Utilizing Open-Source Software and Ensuring Its Security

The collection summarizes the points to keep in mind when utilizing open-source software (OSS), and for each point, provides information including use case examples for companies that are conducting instructive initiatives.

Guidance on Introduction of Software Bill of Materials (SBOM) for Software Management

METI has formulated guidance mainly targeting software suppliers as a compilation of the advantages of introducing SBOM in companies and the key points that companies should recognize and undertake in actually introducing SBOM.

『2nd layer』 TF

The purpose of the Framework is to provide the “basic common infrastructure” that will enable players in different fields/industries to use the same approach to review the security and safety of devices and systems that connect cyberspace and physical space, and to enable society to effectively accept  the new IoT mechanisms.

『3rd layer』 TF

Data Management Framework for Collaborative Data Utilization

This framework is intended to make it possible to implement the measures necessary to ensure the security of data flowing between entities through appropriate data management, in order for the value creation process to create added value by ensuring the trustworthiness of the data.

JP-US-EU ICS Cybersecurity Week for the Indo-Pacific Region

METI and the Industrial Cyber Security Center of Excellence (ICSCoE) under the Information-technology Promotion Agency, Japan (IPA), hosted the JP-US-EU Industrial Control Systems Cybersecurity Week in collaboration with the US government (DHS/CISA, DOS and DOE, INL) as well as the European Commission (DG CONNECT).
The hands-on training brought together participants invited from the Indo-Pacific region.

FY2023: Oct 9-13, 2023

FY2022: Oct 24-28, 2022

FY2021: Oct 25 – 29, 2021

Cybersecurity Management Guidelines for Japanese Enterprise Executives

These guidelines are aimed at the corporate management of major companies as well as small and medium-sized companies and include, from the viewpoint of protecting companies from cyberattacks, three principles which management needs to recognize and ten important items which management should direct their executive in charge (e.g. CISO) to incorporate in implementing cybersecurity measures.

Press Releases and Related Information

Division in Charge

Cybersecurity Division, Commerce and Information Policy Bureau

Note: Provisional translations of the original documents are subject to revision for purposes of accuracy.

Last updated:2023-11-22