Collection of Use Case Examples Compiled Regarding Management Methods for Utilizing Open Source Software and Ensuring Its Security
April 21, 2021
The Ministry of Economy, Trade and Industry (METI) publishes a "Collection of Use Case Examples Regarding Management Methods for Utilizing OSS and Ensuring Its Security." The collection summarizes the points to note when utilizing open source software (OSS), and for each point, provides information including use case examples of companies that are conducting instructive initiatives.
1. Background and purpose
On September 5, 2019, METI inaugurated a Task Force for Evaluating Software Management Methods, etc. toward Ensuring Cyber/Physical Security (Software Task Force), placing it under the Cross-sectoral Sub-Working Group of the Study Group for Industrial Cybersecurity's Working Group 1 (WG1). The Software Task Force has been examining appropriate software management methods, responses to vulnerability and license issues, etc. ever since.
The importance of software in industry has grown in recent years, and is now used to control industrial machinery and automobiles. In addition, developing systems on generic hardware will enable software to perform a variety of functions, and this in turn is expected to create various kinds of value added.
In particular, the source code for OSS is accessible to the public and available to be used, modified, and redistributed for both commercial and non-commercial purposes. Therefore, OSS is being actively used in commercial products and services, particularly in General Utility Library Programs, etc. It is now difficult to create products and services without using OSS.
In this way, the importance of utilizing OSS in the industrial world has been increasing, and the Software Task Force has understood that sharing knowledge and experience among stakeholders will be beneficial in the current situation, in which many companies are having problems addressing issues such as vulnerability and appropriate management of software that contains OSS. To that end, the Software Task Force conducted interviews and other research targeting companies that are conducting instructive initiatives regarding OSS management methods, etc.
The Task Force has now compiled the results of the interviews, etc., and publishes a report titled the "Collection of Use Case Examples Regarding Management Methods for Utilizing OSS and Ensuring Its Security." This collection summarizes the points to note when utilizing OSS, and provides use case examples for each point. METI hopes that it will promote appropriate use of OSS that takes into account the necessary points to note, enabling industry to benefit from OSS properly and leading to improved competitiveness.
2. Related materials
- Collection of Use Case Examples Regarding Management Methods for Utilizing Open Source Software and Ensuring Its Security
3. Related websites
- Study Group for Industrial Cybersecurity Working Group (WG) 1 (Systems, Technologies and Standardization)
- Cross-sectoral Sub-Working Group
- Task Force for Evaluating Software Management Methods toward Ensuring Cyber/Physical Security
Division in Charge
Cybersecurity Division, Commerce and Information Policy Bureau