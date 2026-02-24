¤³¤Á¤é¤Ï¡¢¡ÖDigital PR Platform¡×¤è¤êÄó¶¡¤µ¤ì¤¿´ë¶È¤äÃÄÂÎÅù¤Î¥×¥ì¥¹¥ê¥ê¡¼¥¹¤ò¸¶Ê¸¤Î¤Þ¤Þ·ÇºÜ¤·¤Æ¤ª¤ê¤Þ¤¹¡£ÆâÍÆ¤Èºï½ü¡¦½¤ÀµÅù¤Î¤ªÌä¤¤¹ç¤ï¤»¤Ï¡¢¡ÖDigital PR Platform¡×¤Þ¤Ç¤´Ï¢Íí¤ò¤ª´ê¤¤Ã×¤·¤Þ¤¹¡£
¥½¥Õ¥È¥¦¥§¥¢³«È¯¥×¥í¥»¥¹¤Î¥»¥¥å¥ê¥Æ¥£¼ÂÁ©¤òË¸¤²¤ëÍ×°ø¤òÂçµ¬ÌÏ¥³¡¼¥ÉÊ¬ÀÏ¤È³«È¯¼ÔÄ´ºº¤Ë¤è¤ê²òÌÀ¡Á³«È¯¼Ô¤Î¡ÖÇ§ÃÎÉÔÂ¡¦ÉéÃ´¡¦¸í²ò¡×¤òÆÃÄê¤·¡¢AI¡¿¼«Æ°²½»þÂå¤Î¥»¥¥å¥¢¤Ê³«È¯¥×¥í¥»¥¹¤ò²ÃÂ®¡Á
È¯É½¤Î¥Ý¥¤¥ó¥È¡§
Âçµ¬ÌÏ¤Ê¥½¥Õ¥È¥¦¥§¥¢¥ê¥Ý¥¸¥È¥êÊ¬ÀÏ¢¨1¤Ë¤è¤ê¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Ë¤ª¤±¤ë³«È¯¡¦¸ø³«¡¦¹¹¿·¤ò¼«Æ°²½¤¹¤ë»ÅÁÈ¤ß¡ÊCI/CD¡¤·ÑÂ³Åª¥¤¥ó¥Æ¥°¥ì¡¼¥·¥ç¥ó¡¿·ÑÂ³Åª¥Ç¥ê¥Ð¥ê¡¼¡Ë¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£ÂÐºö¤¬¡¢¼Â±¿ÍÑ¤Ç¤É¤ÎÄøÅÙ¼ÂÁ©¤µ¤ì¤Æ¤¤¤ë¤«¤òÌÀ¤é¤«¤Ë¤·¤Þ¤·¤¿¡£
³«È¯¼Ô¤Ø¤Î¥¢¥ó¥±¡¼¥ÈÄ´ºº¤Ë¤è¤Ã¤Æ¡¢¾åµ¤Î¥»¥¥å¥ê¥Æ¥£ÂÐºö¤¬¼ÂÁ©¤µ¤ì¤Ê¤¤ÇØ·Ê¤Ë¤¢¤ëÇ§ÃÎÉÔÂ¡¢±¿ÍÑ¾å¤ÎÉéÃ´¡¢¤ª¤è¤Ó¸í²ò¤È¤¤¤Ã¤¿¿ÍÅªÍ×°ø¤òÌÀ¤é¤«¤Ë¤·¤Þ¤·¤¿¡£
¤³¤ì¤é¤ÎÃÎ¸«¤ò³èÍÑ¤¹¤ë¤³¤È¤Ç¡¢CI/CD¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£ÂÐºö¤Î¼Â¸úÀ¤ò¹â¤á¡¢³«È¯¸½¾ì¤Ø¤ÎÄêÃå¤òÂ¥¿Ê¤¹¤ë¤È¤È¤â¤Ë¡¢¤è¤ê°ÂÁ´¤Ê¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Î¿ä¿Ê¤¬´üÂÔ¤Ç¤¤Þ¤¹¡£
¡¡NTT³ô¼°²ñ¼Ò(°Ê²¼ NTT)¤ÈNTT¥É¥³¥â¥Ó¥¸¥Í¥¹³ô¼°²ñ¼Ò(µì NTT¥³¥ß¥å¥Ë¥±¡¼¥·¥ç¥ó¥º³ô¼°²ñ¼Ò¡¢°Ê²¼ NTT¥É¥³¥â¥Ó¥¸¥Í¥¹)¤Ï¡¢Áá°ðÅÄÂç³Ø¤È¡¢CI/CD´ðÈ×¤È¤·¤Æ¹¤¯ÍøÍÑ¤µ¤ì¤Æ¤¤¤ë ¡ÖGitHub Actions¢¨2¡×¤òÂÐ¾Ý¤Ë¡¢¸ø¼°¤Ë¿ä¾©¤µ¤ì¤Æ¤¤¤ë¥»¥¥å¥ê¥Æ¥£ÂÐºö¤Î¼Â»Ü¾õ¶·¤È¡¢¤½¤Î¼ÂÁ©¤òË¸¤²¤ëÍ×°ø¤Ë¤Ä¤¤¤ÆÄ´ºº¤ò¼Â»Ü¤·¤Þ¤·¤¿(°Ê²¼ ËÜ¸¦µæ)¡£Ìó34Ëü·ï¤Î¸ø³«¥ê¥Ý¥¸¥È¥ê¤ËÂÐ¤¹¤ëÂçµ¬ÌÏÊ¬ÀÏ¤È100Ì¾°Ê¾å¤Î³«È¯¼Ô¤Ø¤Î¥¢¥ó¥±¡¼¥ÈÄ´ºº¤òÁÈ¤ß¹ç¤ï¤»¤ë¤³¤È¤Ç¡¢¡ÖGitHub Actions¡×¤Î5¼ïÎà¤Î¼çÍ×¤Ê¥»¥¥å¥ê¥Æ¥£ÂÐºö¤Î¼Â»ÜÎ¨¤¬Ê¿¶Ñ17.5%¡ÊºÇ¾®0.6¡ó¡ÁºÇÂç52.9¡ó¡Ë¤ÈÄã¿å½à¤Ë¤È¤É¤Þ¤Ã¤Æ¤¤¤ë¼ÂÂÖ¤òÄêÎÌÅª¤ËÌÀ¤é¤«¤Ë¤¹¤ë¤È¤È¤â¤Ë¡¢¤½¤ÎÇØ·Ê¤È¤·¤Æ¡¢ÂÐºö¤ËÂÐ¤¹¤ëÇ§ÃÎÉÔÂ¤äÅ¬ÍÑÂÐ¾Ý¤Ë´Ø¤¹¤ë¸í²ò¡¢±¿ÍÑÉéÃ´¤Ø¤Î·üÇ°¤È¤¤¤Ã¤¿¿ÍÅªÍ×°ø¤¬¼ÂÁ©¤òË¸¤²¤Æ¤¤¤ë¤³¤È¤ò¼¨¤·¤Þ¤·¤¿(°Ê²¼¡¡ËÜÀ®²Ì)¡£ËÜÀ®²Ì¤òÆ§¤Þ¤¨¡¢CI/CD¤ò³èÍÑ¤·¤Æ³«È¯¡¦Äó¶¡¤¹¤ë¥µ¡¼¥Ó¥¹Á´ÂÎ¤Î¥»¥¥å¥ê¥Æ¥£¶¯²½¤ò¿ä¿Ê¤·¡¢¤ªµÒ¤µ¤Þ¤¬°Â¿´¤·¤ÆÍøÍÑ¤Ç¤¤ë¥µ¡¼¥Ó¥¹Äó¶¡¤Ë¤Ä¤Ê¤²¤Æ¤¤¤¤Þ¤¹¡£
¡¡¤Ê¤ª¡¢ËÜÀ®²Ì¤Ï¡¢2026Ç¯2·î¤ËÊÆ¹ñ¥µ¥ó¥Ç¥£¥¨¥´¤Ç³«ºÅ¤µ¤ì¤ë¥µ¥¤¥Ð¡¼¥»¥¥å¥ê¥Æ¥£Ê¬Ìî¤Î¥È¥Ã¥×¹ñºÝ²ñµÄ¤Î°ì¤Ä¤Ç¤¢¤ë ¡ÖNetwork and Distributed System Security Symposium¢¨3 2026¡ÊNDSS 2026¡Ë¡×¤ËºÎÂò¤µ¤ì¤Þ¤·¤¿¡£
1. ÇØ·Ê
¡¡¶áÇ¯¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Î¸úÎ¨²½¤òÌÜÅª¤È¤·¤Æ¡¢CI/CD¤¬¹¤¯ÉáµÚ¤·¤Æ¤¤¤Þ¤¹¡£CI/CD¤Ï¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¥é¥¤¥Õ¥µ¥¤¥¯¥ë¤Ë¤ª¤±¤ë¥×¥í¥°¥é¥à¤Î¥Æ¥¹¥È¤ä¸ø³«ºî¶È¤Ê¤É¤Î³Æ¼ï¥×¥í¥»¥¹¤ò¼«Æ°²½¤¹¤ë»ÅÁÈ¤ß¤Ç¤¢¤ê¡¢³«È¯¤Î¿×Â®²½¤ä¿ÍÅª¥ß¥¹¤Îºï¸º¡¢ÉÊ¼Á¤Î°ÂÄê²½¤Ê¤É¤Ë¹×¸¥¤·¤Æ¤¤¤Þ¤¹¡£¸½ºß¤Ç¤ÏÂ¿¤¯¤Î´ë¶È¤Î³«È¯¼Ô¤¬¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Î´ðÈ×µ»½Ñ¤È¤·¤ÆÆü¾ïÅª¤ËÍøÍÑ¤·¤Æ¤¤¤Þ¤¹¢¨4¡£
¡¡¤Ê¤«¤Ç¤â¡ÖGitHub Actions¡×¤Ï¡¢À¤³¦ºÇÂçµé¤Î¥½¥Õ¥È¥¦¥§¥¢³«È¯¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¤Ç¤¢¤ë¡ÖGitHub¢¨5¡×¾å¤ÇÍøÍÑ¤Ç¤¤ëCI/CD¥µ¡¼¥Ó¥¹¤Ç¤¢¤ê¡¢¸Ä¿Í³«È¯¼Ô¤«¤é´ë¶È¤ÎÂçµ¬ÌÏ³«È¯¤Þ¤Ç¡¢Éý¹¤¤³«È¯¸½¾ì¤ÇÍøÍÑ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¡¡°ìÊý¤Ç¡¢CI/CD´Ä¶¤Ï¥½¥Õ¥È¥¦¥§¥¢¤ÎÇÛÉÛ¤ä¹¹¿·¤ò¼«Æ°¤Ç¹Ô¤¦»ÅÁÈ¤ß¤Ç¤¢¤ë¤¿¤á¡¢Ç§¾Ú¾ðÊó¤Î´ÉÍýÉÔÈ÷¤ä¡¢ÀßÄêÊÑ¹¹»þ¤Î¥ì¥Ó¥å¡¼ÉÔÂ¤Ê¤É¤Î±¿ÍÑ¾å¤ÎÌäÂê¤¬¤¢¤ë¤È¡¢ÉÔÀµ¤Ê¥×¥í¥°¥é¥à¤Îº®Æþ¤Ê¤É¡¢¥½¥Õ¥È¥¦¥§¥¢¥µ¥×¥é¥¤¥Á¥§¡¼¥óÁ´ÂÎ¤Ë±Æ¶Á¤ò¤ª¤è¤Ü¤¹½ÅÂç¤Ê¥»¥¥å¥ê¥Æ¥£¥¤¥ó¥·¥Ç¥ó¥È¤Ë¤Ä¤Ê¤¬¤ë¥ê¥¹¥¯¤¬¤¢¤ê¤Þ¤¹¡£¼ÂºÝ¤Ë¡¢2020Ç¯¤Ë¤Ï¥½¥Õ¥È¥¦¥§¥¢¤Î¹¹¿·¥×¥í¥»¥¹¤¬°ÍÑ¤µ¤ì¡¢ºÇÂçÌó18,000¤ÎÁÈ¿¥¤¬±Æ¶Á¤ò¼õ¤±¤ë²ÄÇ½À¤Î¤¢¤ëÂçµ¬ÌÏ¤Ê¥µ¥×¥é¥¤¥Á¥§¡¼¥ó¹¶·â¤¬È¯À¸¤·¡¢À¯ÉÜµ¡´Ø¤äÌ±´Ö´ë¶È¤Ç¼ÂºÝ¤Î¿¯³²¤¬³ÎÇ§¤µ¤ì¤Þ¤·¤¿¡£
¡¡¤Þ¤¿¡¢2025Ç¯¤Ë¤Ï¡¢¡ÖGitHub Actions¡×¾å¤ÇÂ¿¤¯¤Î³«È¯¼Ô¤¬ÍøÍÑ¤·¤Æ¤¤¤¿³«È¯ºî¶È¤ò¼«Æ°²½¤¹¤ë¶¦ÄÌ¥×¥í¥°¥é¥à¤¬ÉÔÀµ¤Ë½ñ¤´¹¤¨¤é¤ì¡¢³«È¯»þ¤ËÍøÍÑ¤µ¤ì¤ëÇ§¾Ú¾ðÊó¤¬³°Éô¤ËÏ³¤¨¤¤¤¹¤ë»ö°Æ¤âÊó¹ð¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¡¡¡ÖGitHub Actions¡×¤Ç¤Ï¡¢¤³¤¦¤·¤¿¥ê¥¹¥¯¤òÄã¸º¤¹¤ë¤¿¤á¤Î¥»¥¥å¥ê¥Æ¥£ÂÐºö¤ä¿ä¾©ÀßÄê¤¬¼¨¤µ¤ì¤Æ¤¤¤Þ¤¹¤¬¡¢¼ÂºÝ¤Î³«È¯¸½¾ì¤Ç¤½¤ì¤é¤¬¤É¤ÎÄøÅÙ¼ÂÁ©¤µ¤ì¤Æ¤¤¤ë¤Î¤«¡¢¤Þ¤¿¼ÂÁ©¤òË¸¤²¤Æ¤¤¤ëÍ×°ø¤Ë¤Ä¤¤¤Æ¤Ï¡¢¤³¤ì¤Þ¤Ç½½Ê¬¤ËÌÀ¤é¤«¤Ë¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¤Ç¤·¤¿¡£
2. ËÜ¸¦µæ¤Î³µÍ×
¡¡ËÜ¸¦µæ¤Ç¤Ï¡¢¡ÖGitHub Actions¡×¤òÍøÍÑ¤¹¤ë¸ø³«¥½¥Õ¥È¥¦¥§¥¢¥ê¥Ý¥¸¥È¥ê¤ª¤è¤Ó³«È¯¼Ô¤òÂÐ¾Ý¤È¤·¤¿Ä´ºº(°Ê²¼ ËÜÄ´ºº)¤ò¼Â»Ü¤·¤Þ¤·¤¿¡£
ËÜ¸¦µæ¤Î¥Ý¥¤¥ó¥È¤Ï2ÅÀ¤¢¤ê¤Þ¤¹¡£
¡¼ÂºÝ¤ÎCI/CDÀßÄê¤òÂÐ¾Ý¤È¤·¤¿Âçµ¬ÌÏ¥Ç¡¼¥¿Ê¬ÀÏ
¡¡¡ÖGitHub Actions¡×¤òÍøÍÑ¤¹¤ë¥ê¥Ý¥¸¥È¥ê¤Î¤¦¤Á¡¢°ìÄêÄøÅÙÀµ¾ï¤Ë¡ÖGitHub Action¡×¤òÍøÍÑ¤·¤Æ¤¤¤ë¤ÈÈ½ÃÇ¤Ç¤¤ë¢¨6¤¹¤Ù¤Æ¤Î¥ê¥Ý¥¸¥È¥ê(Ìó34Ëü·ï)¤òÂÐ¾Ý¤Ë¡¢CI/CD¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤ò¼«Æ°Åª¤ËÊ¬ÀÏ¤·¤Þ¤·¤¿¡£¼ÂºÝ¤Î³«È¯¸½¾ì¤Ç¡¢¥»¥¥å¥ê¥Æ¥£ÂÐºö¤¬¤É¤ÎÄøÅÙÅ¬ÀÚ¤ËÀßÄê¤µ¤ì¤Æ¤¤¤ë¤«¤ò¡¢Éý¹¤¯¿ôÃÍ¤ÇÌÀ¤é¤«¤Ë¤·¤Æ¤¤¤Þ¤¹¡£
¢²áµîºÇÂçµ¬ÌÏ¤Î³«È¯¼Ô¥¢¥ó¥±¡¼¥È¤Ç¼ÂÂÖ¤ÈÍ×°ø¤ò²òÌÀ
¡¡¡ÖGitHub Actions¡×¤òÍøÍÑ¤¹¤ë³«È¯¼Ô102Ì¾¤ËÂÐ¤·¤Æ¥¢¥ó¥±¡¼¥ÈÄ´ºº¤ò¼Â»Ü¤·¡¢¥»¥¥å¥ê¥Æ¥£ÂÐºö¤ò¼ÂÁ©¤·¤Æ¤¤¤Ê¤¤ÍýÍ³¤ä¡¢¤½¤ÎÈ½ÃÇ¤Ë»ê¤ëÇØ·Ê¤òÊ¬ÀÏ¤·¤Þ¤·¤¿¡£½¾Íè¤Î³«È¯¼Ô¤Ê¤É¼ÂÌ³¼Ô¤ËÂÐ¤¹¤ë¸¦µæ¡Ê²óÅú¼Ô¿ô80¡Á90¿Íµ¬ÌÏ¡Ë¤ò¾å²ó¤ë²áµîºÇÂçµ¬ÌÏ¤Ç¤¢¤ê¡¢¿Í¤È¥·¥¹¥Æ¥à¤Î´Ø·¸À¤ò¸¦µæ¤¹¤ë¥Ò¥å¡¼¥Þ¥ó¥³¥ó¥Ô¥å¡¼¥¿¥¤¥ó¥¿¥é¥¯¥·¥ç¥óÊ¬Ìî¤Ç¡¢³Ø½ÑÅª¤Ë³ÎÎ©¤µ¤ì¤¿Ä´ºº¼êË¡¤Ë¤â¤È¤Å¤¤¤ÆÀß·×¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
3. ËÜ¸¦µæ¤ÎÀ®²Ì
¡¡ËÜÄ´ºº¤«¤é¡¢¡ÖGitHub Actions¡×¤Î5¼ïÎà¤Î¼çÍ×¤Ê¥»¥¥å¥ê¥Æ¥£ÂÐºö¤Ï¡¢¼Â»ÜÎ¨¤¬Ê¿¶Ñ17.5¡ó¡ÊºÇ¾®0.6¡ó¡ÁºÇÂç52.9¡ó¡Ë¤ÈÁ´ÂÎÅª¤ËÄã¤¤¿å½à¤Ë¤È¤É¤Þ¤Ã¤Æ¤¤¤ë¤³¤È¤¬Ê¬¤«¤ê¤Þ¤·¤¿¡£ÆÃ¤Ë¡¢ÀìÍÑ¤Î¥Ä¡¼¥ë¤äµ¡Ç½¤ò³èÍÑ¤¹¤ëÂÐºö¤Ë¤Ä¤¤¤Æ¤Ï¡¢½½Ê¬¤Ë³èÍÑ¤µ¤ì¤Æ¤¤¤Ê¤¤¼ÂÂÖ¤¬³ÎÇ§¤µ¤ì¤Þ¤·¤¿¡£¤Þ¤¿¡¢³«È¯¼ÔÄ´ºº¤Î·ë²Ì¡¢¥»¥¥å¥ê¥Æ¥£ÂÐºö¤¬¼ÂÁ©¤µ¤ì¤Ê¤¤¼ç¤ÊÍ×°ø¤È¤·¤Æ¡¢ÂÐºö¤ÎÂ¸ºß¤¬½½Ê¬¤ËÇ§ÃÎ¤µ¤ì¤Æ¤¤¤Ê¤¤¤³¤È¤ª¤è¤Ó±¿ÍÑ¤Î¼ê´Ö¤¬Áý¤¨¤ë¤È¤¤¤¦ÉéÃ´´¶¤¬µó¤²¤é¤ì¤Þ¤·¤¿¡£²Ã¤¨¤Æ¡¢¡Ö¼«¿È¤Î³«È¯¤Ë¤Ï´Ø·¸¤Ê¤¤¡×¤È¤¤¤Ã¤¿¸í²ò¤â°ìÉô¤Ç³ÎÇ§¤µ¤ì¤Þ¤·¤¿¡£
¡¡¤³¤ì¤é¤ÎÃÎ¸«¤Ï¡¢CI/CD¥»¥¥å¥ê¥Æ¥£¤Î¸þ¾å¤Ë¤Ï¥¬¥¤¥É¥é¥¤¥ó¤ÎÄó¼¨¤À¤±¤Ç¤ÏÉÔ½½Ê¬¤Ç¤¢¤ê¡¢³«È¯¼Ô¤ÎÍý²ò¤äÉéÃ´´¶¤ò¹ÍÎ¸¤·¤¿µ»½ÑÅª¤Ê»Ù±ç¤ä³«È¯¤Î»ÅÁÈ¤ß¤¬ÉÔ²Ä·ç¤Ç¤¢¤ë¤³¤È¤ò¼¨¤·¤Æ¤¤¤Þ¤¹¡£ËÜ¸¦µæ¤ÇÆÀ¤é¤ì¤¿·ë²Ì¤Ï¡¢³«È¯¼Ô¤Ø¤ÎÅ¬ÀÚ¤ÊÄÌÃÎÀß·×¡¢¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¤äIDE¢¨7¤Ë¤è¤ë»Ù±ç¶¯²½¤Ê¤É¡¢¥»¥¥å¥ê¥Æ¥£ÂÐºö¤Î¼Â¸úÀ¤ò¹â¤á¤ë¤¿¤á¤Î¶ñÂÎÅª¤Ê»Üºö¸¡Æ¤¤Ë³èÍÑ²ÄÇ½¤Ç¤¹¡£
¡¡¤µ¤é¤ËËÜ¸¦µæ¤Ç¤Ï¡¢ÆÀ¤é¤ì¤¿Ê¬ÀÏ·ë²Ì¤È²þÁ±¤Ë¸þ¤±¤¿¼¨º¶¤ò¡¢GitHub¼Ò¤Ë¶¦Í¤·¤Þ¤·¤¿¡£ CI/CD¥¨¥³¥·¥¹¥Æ¥àÁ´ÂÎ¤Î°ÂÁ´À¸þ¾å¤Ë»ñ¤¹¤ëÃÎ¸«¤È¤·¤Æ¤³¤Î¤è¤¦¤Ê¥Õ¥£¡¼¥É¥Ð¥Ã¥¯¤ò¹Ô¤¦¤³¤È¤Ç¡¢¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¥ì¥Ù¥ë¤Ç¤Î¥»¥¥å¥ê¥Æ¥£²þÁ±¤Ë¤â¹×¸¥¤·¤Þ¤·¤¿¡£
4. ³Æ¼Ò¤ÎÌò³ä
¡¦£Î£Ô£Ô¡§³«È¯¼Ô¥¢¥ó¥±¡¼¥ÈÄ´ºº¤Ë¤ª¤±¤ëÊ¬ÀÏ¼êË¡¤ÎÀß·×¡¢¤ª¤è¤ÓÂçµ¬ÌÏÊ¬ÀÏ¡¦³«È¯¼ÔÄ´ºº¤Î·ë²Ì¤Ë¤â¤È¤Å¤¯²þÁ±Êýºö¡¦Äó¸À¤Î¸¡Æ¤¡£
¡¦NTT¥É¥³¥â¥Ó¥¸¥Í¥¹¡§¡ÖGitHub ¡×¾å¤ÎÂçµ¬ÌÏ¥ê¥Ý¥¸¥È¥êÊ¬ÀÏ¤Ë¤ª¤±¤ëÊ¬ÀÏ¼êË¡¤ÎÀß·×¤ª¤è¤ÓÄ´ºº¡¢¤Ê¤é¤Ó¤Ë³«È¯¼Ô¥¢¥ó¥±¡¼¥ÈÄ´ºº¤Î¼Â»Ü¡£
¡¦Áá°ðÅÄÂç³Ø¡§³«È¯¼Ô¥¢¥ó¥±¡¼¥ÈÄ´ºº¡¢¤ª¤è¤ÓÂçµ¬ÌÏ¥ê¥Ý¥¸¥È¥êÊ¬ÀÏ¤Ë´Ø¤¹¤ë¥¢¥É¥Ð¥¤¥¹¡£
5. º£¸å¤ÎÅ¸³«
¡¡NTT¤Ï¡¢NTT¥É¥³¥â¥Ó¥¸¥Í¥¹¤ÈÏ¢·È¤·¡¢¤³¤ì¤é¤Î¼è¤êÁÈ¤ß¤òNTT¥°¥ë¡¼¥×Á´ÂÎ¤ËÅ¸³«¤¹¤ë¤³¤È¤Ç¡¢¥°¥ë¡¼¥×²£ÃÇ¤Î¥»¥¥å¥ê¥Æ¥£´ðÈ×¤Î¹âÅÙ²½¤ò¿ä¿Ê¤·¤Þ¤¹¡£
¡¡NTT¥É¥³¥â¥Ó¥¸¥Í¥¹¤Ï¡¢ËÜ¸¦µæ¤ÇÆÀ¤é¤ì¤¿ÃÎ¸«¤ò¤â¤È¤Ë¡¢CI/CD¤ò³èÍÑ¤·¤Æ³«È¯¡¦Äó¶¡¤¹¤ë¥µ¡¼¥Ó¥¹Á´ÂÎ¤Î¥»¥¥å¥ê¥Æ¥£¶¯²½¤ò¿ä¿Ê¤·¤Þ¤¹¡£³«È¯¥×¥í¥»¥¹¤Ø¤Î¥»¥¥å¥ê¥Æ¥£ÂÐºö¤ÎÁÈ¤ß¹þ¤ß¤òÄÌ¤¸¤Æ¡¢¥»¥¥å¥ê¥Æ¥£¡¦¥Ð¥¤¡¦¥Ç¥¶¥¤¥ó¢¨9¤Ë´ð¤Å¤¯¥µ¡¼¥Ó¥¹³«È¯¤ò¶¯²½¤·¤Þ¤¹¡£²Ã¤¨¤Æ¡¢¼«¼Ò¤¬Äó¶¡¤¹¤ëCI/CD¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¡ÖQmonus Value Stream¢¨10¡×¤Ë¤ª¤¤¤Æ¤â¡¢ËÜ¸¦µæÀ®²Ì¤òº£¸å¤Î²þÁ±¤Ë³èÍÑ¤¹¤ë¤³¤È¤ò¸¡Æ¤¤·¤Þ¤¹¡£¤³¤ì¤Ë¤è¤ê¡¢¤ªµÒ¤µ¤Þ¤¬°Â¿´¡¦°ÂÁ´¤ËÍøÍÑ¤Ç¤¤ë¿®ÍêÀ¤Î¹â¤¤¥µ¡¼¥Ó¥¹Äó¶¡¤Ë¤Ä¤Ê¤²¤Æ¤¤¤¤Þ¤¹¡£
¡ÚÏÀÊ¸¾ðÊó¡Û
¡¦Yusuke Kubo, Fumihiro Kanei, Mitsuaki Akiyama, Takuro Wakai, Tatsuya Mori, "Action Required: A Mixed-Methods Study of Security Practices in GitHub Actions," NDSS 2026.
¡ÚÍÑ¸ì²òÀâ¡Û
¢¨1¡§¡Ö¥½¥Õ¥È¥¦¥§¥¢¥ê¥Ý¥¸¥È¥êÊ¬ÀÏ¡×¤È¤Ï¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È¾å¤Ç¸ø³«¤µ¤ì¤Æ¤¤¤ë¥½¥Õ¥È¥¦¥§¥¢¤ÎÊÝ´É¾ì½ê¡Ê¥ê¥Ý¥¸¥È¥ê¡Ë¤Ë´Þ¤Þ¤ì¤ë³«È¯¥Ç¡¼¥¿¤äÀßÄê¥Õ¥¡¥¤¥ë¤ò¼ý½¸¡¦²òÀÏ¤·¡¢³«È¯¤Î¼ÂÂÖ¤ä¥»¥¥å¥ê¥Æ¥£ÂÐºö¤Î¼Â»Ü¾õ¶·¤Ê¤É¤òÌÀ¤é¤«¤Ë¤¹¤ëÊ¬ÀÏ¤ò¤µ¤·¤Þ¤¹¡£
¢¨2¡§¡ÖGitHub Actions¡×¤È¤Ï¡¢GitHub¤¬Äó¶¡¤¹¤ëCI/CD¡Ê·ÑÂ³Åª¥¤¥ó¥Æ¥°¥ì¡¼¥·¥ç¥ó¡¿·ÑÂ³Åª¥Ç¥ê¥Ð¥ê¡¼¡Ë¥µ¡¼¥Ó¥¹¤Ç¤¹¡£ ¥½¥Õ¥È¥¦¥§¥¢¤Î¥Æ¥¹¥È¡¢¥Ó¥ë¥É¡¢¸ø³«¡¢¹¹¿·¤È¤¤¤Ã¤¿ºî¶È¤ò¤¢¤é¤«¤¸¤áÄêµÁ¤·¤¿¼ê½ç¤Ë¤â¤È¤Å¤¤¤Æ¼«Æ°¼Â¹Ô¤¹¤ë¤³¤È¤¬¤Ç¤¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Î¸úÎ¨²½¤ä¿ÍÅª¥ß¥¹¤Îºï¸º¤Ë¹¤¯ÍøÍÑ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¢¨3¡§Network and Distributed System Security Symposium (NDSS)¤È¤Ï¡¢ USENIX Security IEEE Security and Privacy ¡ÊS&P¡Ë¡¢ACM CCS¤ÈÊÂ¤Ó¡¢Æ±Ê¬Ìî¤ÇÆÃ¤ËÉ¾²Á¤Î¹â¤¤¼çÍ×¤Ê¹ñºÝ²ñµÄ¤Î°ì¤Ä¤È¤·¤Æ°ÌÃÖ¤Å¤±¤é¤ì¤Æ¤¤¤Þ¤¹¡£Åê¹ÆÏÀÊ¸¤Î¤¦¤Á¸·³Ê¤ÊÀìÌç²È¤Ë¤è¤ëººÆÉ¤òÄÌ²á¤·¤¿¤â¤Î¤Î¤ß¤¬ºÎÂò¤µ¤ì¤Þ¤¹¡£
¢¨4¡§Continuous Delivery Foundation¡ÊCD Foundation¡Ë¤ª¤è¤ÓSlashData™¤¬¸ø³«¤·¤¿¡ÖState of CI/CD Report 2024 : The Evolution of Software Delivery Performance¡×¤Ë¤è¤ë¤È¡¢2024Ç¯Âè1»ÍÈ¾´ü»þÅÀ¤Ç¡¢³«È¯¼Ô¤Î83¡ó¤¬DevOps´ØÏ¢¤Î³èÆ°¤Ë·È¤ï¤Ã¤Æ¤ª¤ê¡¢CI/CD¤ò´Þ¤à³«È¯¼«Æ°²½¤Î¼è¤êÁÈ¤ß¤¬¹¤¯ÉáµÚ¤·¤Æ¤¤¤ë¤³¤È¤¬¼¨¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
½ÐÅµ¡§Continuous Delivery Foundation / SlashData™, ¡ÈState of CI/CD Report 2024: The Evolution of Software Delivery Performance¡É, https://cd.foundation/state-of-cicd-2024/
¢¨5¡§GitHub¤È¤Ï¡¢À¤³¦ºÇÂçµé¤Î¥½¥Õ¥È¥¦¥§¥¢³«È¯¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¤Ç¤¢¤ê¡¢¥×¥í¥°¥é¥à¤Î¥½¡¼¥¹¥³¡¼¥É¤ò¥¤¥ó¥¿¡¼¥Í¥Ã¥È¾å¤Ç´ÉÍý¡¦¶¦Í¡¦¶¦Æ±³«È¯¤¹¤ë¤¿¤á¤Î¥µ¡¼¥Ó¥¹¤Ç¤¹¡£À¤³¦Ãæ¤ÎÂ¿¤¯¤Î³«È¯¼Ô¤ä´ë¶È¤ËÍøÍÑ¤µ¤ì¤Æ¤ª¤ê¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Ë¤ª¤¤¤Æ¹¤¯ÉáµÚ¤·¤Æ¤¤¤ë¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¤Î°ì¤Ä¤Ç¤¹¡£
¢¨6: GitHub¤Ç¤Ï¡¢¥Ö¥é¥¦¥¶¤Î¥Ö¥Ã¥¯¥Þ¡¼¥¯¤Î¤è¤¦¤Ë¡¢¥æ¡¼¥¶¤¬¤ªµ¤¤ËÆþ¤ê¤Î¥ê¥Ý¥¸¥È¥ê¤Ë¥¹¥¿¡¼¤ò¤Ä¤±¤ë¤³¤È¤Ç¡¢¸å¤Ë¥ê¥Ý¥¸¥È¥ê¤ò»²¾È¤·¤ä¤¹¤¯¤¹¤ë»ÅÁÈ¤ß¤¬¤¢¤ê¤Þ¤¹¡£º£²ó¤Ï¥¹¥¿¡¼¤¬10°Ê¾å¤Ä¤¤¤Æ¤¤¤ë¡¢¤Ä¤Þ¤ê¥Ö¥Ã¥¯¥Þ¡¼¥¯¤·¤Æ¤¤¤ë¥æ¡¼¥¶¤¬10¿Í°Ê¾å¤¤¤ë¥ê¥Ý¥¸¥È¥ê¤òÄ´ººÂÐ¾Ý¤È¤·¤Þ¤·¤¿¡£¤¢¤Þ¤ê¤Ë¤â¥¹¥¿¡¼¤¬¾¯¤Ê¤¤¥ê¥Ý¥¸¥È¥ê¤Ï¡¢ºî¤Ã¤¿¸å¤½¤Î¤Þ¤ÞÊüÃÖ¤µ¤ì¤Æ¤¤¤¿¤ê¡¢¸Ä¿Í¤Î½¬ºî¤Î¤¿¤á¤À¤±¤ËÍøÍÑ¤µ¤ì¤¿¤ê¤Ê¤É¡¢Ä´ºº¤ËÅ¬¤·¤Ê¤¤¥ê¥Ý¥¸¥È¥ê¤òÂ¿¤¯´Þ¤à¤È¹Í¤¨¤é¤ì¤ë¤¿¤á¡¢ÂÐ¾Ý¥ê¥Ý¥¸¥È¥ê¤ÎÁªÄê¤Ë¥¹¥¿¡¼¿ô¤òÍøÍÑ¤·¤Þ¤·¤¿¡£
¢¨7¡§IDE¡ÊIntegrated Development Environment¡§Åý¹ç³«È¯´Ä¶¡Ë¤È¤Ï¡¢¥×¥í¥°¥é¥à¤ÎºîÀ®¡¢ÊÔ½¸¡¢Æ°ºî³ÎÇ§¤Ê¤É¡¢¥½¥Õ¥È¥¦¥§¥¢³«È¯¤ËÉ¬Í×¤Êµ¡Ç½¤ò°ì¤Ä¤Ë¤Þ¤È¤á¤¿³«È¯¼Ô¸þ¤±¤Î¥½¥Õ¥È¥¦¥§¥¢¤Ç¤¹¡£¶áÇ¯¤Ç¤Ï¡¢¥³¡¼¥É¤Î¸í¤ê¸¡½Ð¤ä¥»¥¥å¥ê¥Æ¥£¾å¤ÎÌäÂê¤ò³«È¯ÃÊ³¬¤Ç»Ù±ç¤¹¤ëµ¡Ç½¤âÈ÷¤¨¤é¤ì¤Æ¤¤¤Þ¤¹¡£
¢¨8: GitHub Actions¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£ÂÐºö¤È¤Ï¡¢¥½¥Õ¥È¥¦¥§¥¢¤Î³«È¯¡¦¹¹¿·¤ò¼«Æ°²½¤¹¤ë²áÄø¤Ë¤ª¤¤¤Æ¡¢ÉÔÀµ¤ÊÊÑ¹¹¤ä¾ðÊóÏ³¤¨¤¤¤Ê¤É¤Î¥ê¥¹¥¯¤òÄã¸º¤¹¤ë¤¿¤á¤ËGitHub¤¬¸ø¼°¤Ë¿ä¾©¤·¤Æ¤¤¤ëÂåÉ½Åª¤ÊÂÐºö¤ò»Ø¤·¤Þ¤¹¡£ËÜ¸¦µæ¤Ç¤Ï¡¢°Ê²¼¤Î5¤Ä¤ÎÂÐºö¤òÄ´ººÂÐ¾Ý¤È¤·¤Þ¤·¤¿¡£
¡¦ÂÐºöA. CODEOWNERS¤ÎÍøÍÑ ¡§½ÅÍ×¤ÊÀßÄê¥Õ¥¡¥¤¥ë¤ä¼«Æ°²½½èÍý¤Ë´Ø¤¹¤ë¥Õ¥¡¥¤¥ë¤ÎÊÑ¹¹¤ËÂÐ¤·¤Æ¡¢¡¡¤¢¤é¤«¤¸¤á»ØÄê¤µ¤ì¤¿Ã´Åö¼Ô¤Ë¤è¤ë³ÎÇ§¡Ê¥ì¥Ó¥å¡¼¡Ë¤òÉ¬¿Ü¤È¤¹¤ë»ÅÁÈ¤ß¡£ÉÔÀµ¤Þ¤¿¤Ï°Õ¿Þ¤·¤Ê¤¤ÊÑ¹¹¤Îº®Æþ¤òËÉ¤°¤³¤È¤òÌÜÅª¤È¤·¤Æ¤¤¤Þ¤¹¡£
¡¦ÂÐºöB. ¥¹¥¯¥ê¥×¥È¥¤¥ó¥¸¥§¥¯¥·¥ç¥óÂÐºö¡ÊMitigating Script Injection¡Ë¡§³°Éô¤«¤éÅÏ¤µ¤ì¤ë¾ðÊó¤ò°ÂÁ´¤ÊÊýË¡¤Ç°·¤¦¤³¤È¤Ç¡¢¼«Æ°½èÍý¤ÎÃæ¤Ç°Õ¿Þ¤·¤Ê¤¤Ì¿Îá¤äÉÔÀµ¤Ê½èÍý¤¬¼Â¹Ô¤µ¤ì¤ë¤³¤È¤òËÉ¤°ÂÐºö¡£
¡¦ÂÐºöC. OpenSSF Scorecard¤ÎÍøÍÑ ¡§¥½¥Õ¥È¥¦¥§¥¢³«È¯¤Ë¤ª¤±¤ëÀßÄê¤Ë¤Ä¤¤¤Æ¡¢¥»¥¥å¥ê¥Æ¥£¾å¤Î´ÑÅÀ¤«¤éÌäÂê¤¬¤Ê¤¤¤«¤òÄê´üÅª¤ËÅÀ¸¡¡¦É¾²Á¤¹¤ë»ÅÁÈ¤ß¡£
¡¦ÂÐºöD. Âè»°¼ÔÀ½¥¢¥¯¥·¥ç¥ó¤Î¥Ð¡¼¥¸¥ç¥ó¸ÇÄê¡ÊPinning Third-party Actions¡Ë¡§¼«Æ°½èÍý¤ÇÍøÍÑ¤¹¤ë³°Éô¥×¥í¥°¥é¥à¤Ë¤Ä¤¤¤Æ¡¢¼Â¹Ô¤µ¤ì¤ëÆâÍÆ¤¬°Õ¿Þ¤»¤ºÊÑ¹¹¤µ¤ì¤Ê¤¤¤è¤¦¡¢¡¡ÍøÍÑ¤¹¤ë¥Ð¡¼¥¸¥ç¥ó¤ä¼±ÊÌ»Ò¤òÌÀ³Î¤Ë¸ÇÄê¤¹¤ëÂÐºö¡£
¡¦ÂÐºöE. Dependabot¤ÎÍøÍÑ¡§¼«Æ°½èÍý¤ÇÍøÍÑ¤·¤Æ¤¤¤ë³°Éô¥×¥í¥°¥é¥à¤Ë¹¹¿·¤¬¤¢¤Ã¤¿¾ì¹ç¤Ë¡¢°ÂÁ´¤ÊºÇ¿·ÈÇ¤Ø¤Î¹¹¿·¤ò»Ù±ç¤¹¤ë»ÅÁÈ¤ß¡£ÀÈ¼åÀ¤ò´Þ¤à¸Å¤¤¥Ð¡¼¥¸¥ç¥ó¤ÎÍøÍÑ¤òËÉ¤°¤³¤È¤òÌÜÅª¤È¤·¤Æ¤¤¤Þ¤¹¡£
¢¨9¡§¥»¥¥å¥ê¥Æ¥£¡¦¥Ð¥¤¡¦¥Ç¥¶¥¤¥ó¡ÊSecurity by Design¡Ë¤È¤Ï¡¢¥·¥¹¥Æ¥à¤ä¥½¥Õ¥È¥¦¥§¥¢¤òÀß·×¡¦³«È¯¤¹¤ë½é´üÃÊ³¬¤«¤é¡¢¥»¥¥å¥ê¥Æ¥£ÂÐºö¤òÁ°Äó¤È¤·¤ÆÁÈ¤ß¹þ¤à¹Í¤¨Êý¤Ç¤¹¡£¸å¤«¤éÂÐºö¤òÄÉ²Ã¤¹¤ë¤Î¤Ç¤Ï¤Ê¤¯¡¢Àß·×ÃÊ³¬¤ÇÀÈ¼åÀ¤¬À¸¤¸¤Ë¤¯¤¤¹½Â¤¤È¤¹¤ë¤³¤È¤Ç¡¢·ÑÂ³Åª¤«¤Ä¸úÎ¨Åª¤Ë°ÂÁ´À¤ò³ÎÊÝ¤¹¤ë¤³¤È¤òÌÜÅª¤È¤·¤Æ¤¤¤Þ¤¹¡£
¢¨10¡§Qmonus Value Stream¤È¤Ï¡¢NTT¥É¥³¥â¥Ó¥¸¥Í¥¹¤¬Äó¶¡¤¹¤ë¡¢¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ò¾¦ÍÑ´Ä¶¤Ë¥ê¥ê¡¼¥¹¤¹¤ë¤Þ¤Ç¤Î°ìÏ¢¤Îºî¶È¡Ê¹½ÃÛ¡¢»î¸³¤Ê¤É¡Ë¤ò¤Þ¤È¤á¤Æ´ÉÍý¤·¡¢¼«Æ°²½¤¹¤ëCI/CD¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¤Ç¤¹¡£¥¢¥×¥ê¥±¡¼¥·¥ç¥ó³«È¯¼Ô¤¬¥Ó¥¸¥Í¥¹¥í¥¸¥Ã¥¯¤Î³«È¯¤Ë½¸Ãæ¤Ç¤¤ë¤è¤¦¡¢¸¡¾ÚºÑ¤ß¤Î¥¯¥é¥¦¥É¥¢¡¼¥¥Æ¥¯¥Á¥ã¤äCI/CD¥Ñ¥¤¥×¥é¥¤¥ó¤Î¼«Æ°²½¤ò»Ù±ç¤·¡¢·ÑÂ³Åª¤Ê²ÁÃÍÄó¶¡¤ò²ÄÇ½¤Ë¤·¤Þ¤¹¡£
