a non-volatile auxiliary storage device containing firmware that causes the image forming apparatus, which is a first image forming apparatus, to operate;

a manipulation detection device that analyzes the firmware stored in the auxiliary storage device and accompanied with a digital signature, and decides, using the digital signature, whether the firmware has been manipulated;

a firmware restoration device that deletes the firmware decided to have been manipulated, requests a second image forming apparatus connected to the network to provide firmware compatible with the deleted firmware, and installs the firmware provided by the second image forming apparatus;

a firmware provision device that provides, upon receipt of a request, from a third image forming apparatus connected to the network, for compatible firmware compatible with firmware of the third image forming apparatus, the compatible firmware to the third image forming apparatus; and

a control device that controls the manipulation detection device, the firmware restoration device, and the firmware provision device,

wherein the auxiliary storage device includes a boot block writing in which is restricted, and contains firmware that realizes the manipulation detection device, the firmware restoration device, the firmware provision device, and the control device, in the boot block.