NRI Secure Technologies has begun providing what it claims is Japan’s first-ever security assessment service designed for systems and services that use blockchain technology.
As blockchain technology has become more widespread, the presence of security-related vulnerabilities has also become increasingly apparent – in particular, smart contracts, which are programmed and can be automatically executed, and are being considered for use in securities settlements, real property transactions, the sharing economy, and numerous other fields that involve contracts.
A cyberattack carried out on any vulnerable programs could lead to major threats or even to actual damage by causing services to behave differently than originally intended (last year’s DAO Incident being a textbook example, as the attack was pulled off by exploiting vulnerabilities in The DAO’s smart contract programming code).
In response to these issues, NRI Secure says it will launch a Blockchain Assessment service that will initially focus on security assessment for smart contracts. The service performs assessment from the dual perspectives of static analysis, which carefully analyzes a program, and dynamic analysis, which involves simulating a real attack, in order to identify vulnerabilities.
The service is only available in English and Japanese.
More assessment menus for other elements of the blockchain will be added in the future, as illustrated in the chart below.
“DApps” in the chart stands for “decentralized applications” that enable the use of highly-reliable, low-cost applications via blockchain technology, without the need for a centralized system manager.