{"id":"https://openalex.org/W7118190443","doi":"https://doi.org/10.1007/s43926-025-00279-2","title":"Analyzing cybersecurity gaps in medical device procurement using NLP and vulnerability databases","display_name":"Analyzing cybersecurity gaps in medical device procurement using NLP and vulnerability databases","publication_year":2026,"publication_date":"2026-01-05","ids":{"openalex":"https://openalex.org/W7118190443","doi":"https://doi.org/10.1007/s43926-025-00279-2"},"language":"en","primary_location":{"id":"doi:10.1007/s43926-025-00279-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s43926-025-00279-2","pdf_url":null,"source":{"id":"https://openalex.org/S4210230675","display_name":"Discover Internet of Things","issn_l":"2730-7239","issn":["2730-7239"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Discover Internet of Things","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1007/s43926-025-00279-2","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5121926660","display_name":"S. Pandey","orcid":null},"institutions":[{"id":"https://openalex.org/I4210148827","display_name":"Birla Institute of Technology and Science, Pilani - Goa Campus","ror":"https://ror.org/046sh6j17","country_code":"IN","type":"education","lineage":["https://openalex.org/I4210148827","https://openalex.org/I74796645"]},{"id":"https://openalex.org/I74796645","display_name":"Birla Institute of Technology and Science, Pilani","ror":"https://ror.org/001p3jz28","country_code":"IN","type":"education","lineage":["https://openalex.org/I74796645"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"S. Pandey","raw_affiliation_strings":["Department of Computer Science and Information Systems, Birla Institute of Technology and Science, K K Birla Goa Campus, Zuarinagar, Goa, India"],"raw_orcid":"https://orcid.org/0009-0005-0297-2617","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Information Systems, Birla Institute of Technology and Science, K K Birla Goa Campus, Zuarinagar, Goa, India","institution_ids":["https://openalex.org/I4210148827","https://openalex.org/I74796645"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5121949115","display_name":"R.  Lohith Kumar","orcid":null},"institutions":[{"id":"https://openalex.org/I74796645","display_name":"Birla Institute of Technology and Science, Pilani","ror":"https://ror.org/001p3jz28","country_code":"IN","type":"education","lineage":["https://openalex.org/I74796645"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"R. Kumar","raw_affiliation_strings":["Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani Campus, 333031, Rajasthan, Jhunjhunu, India"],"raw_orcid":"https://orcid.org/0000-0002-8151-4673","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani Campus, 333031, Rajasthan, Jhunjhunu, India","institution_ids":["https://openalex.org/I74796645"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5121926660"],"corresponding_institution_ids":["https://openalex.org/I4210148827","https://openalex.org/I74796645"],"apc_list":{"value":990,"currency":"EUR","value_usd":1067},"apc_paid":{"value":990,"currency":"EUR","value_usd":1067},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.01489276,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"6","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.1404999941587448,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.1404999941587448,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12878","display_name":"Pharmaceutical Quality and Counterfeiting","score":0.04479999840259552,"subfield":{"id":"https://openalex.org/subfields/2739","display_name":"Public Health, Environmental and Occupational Health"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T10350","display_name":"Electronic Health Records Systems","score":0.04270000010728836,"subfield":{"id":"https://openalex.org/subfields/3605","display_name":"Health Information Management"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/procurement","display_name":"Procurement","score":0.7735999822616577},{"id":"https://openalex.org/keywords/vendor","display_name":"Vendor","score":0.5543000102043152},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5324000120162964},{"id":"https://openalex.org/keywords/terminology","display_name":"Terminology","score":0.3869999945163727},{"id":"https://openalex.org/keywords/accountability","display_name":"Accountability","score":0.3257000148296356},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.29750001430511475}],"concepts":[{"id":"https://openalex.org/C201650216","wikidata":"https://www.wikidata.org/wiki/Q829492","display_name":"Procurement","level":2,"score":0.7735999822616577},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6133000254631042},{"id":"https://openalex.org/C2777338717","wikidata":"https://www.wikidata.org/wiki/Q1762621","display_name":"Vendor","level":2,"score":0.5543000102043152},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5372999906539917},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5324000120162964},{"id":"https://openalex.org/C547195049","wikidata":"https://www.wikidata.org/wiki/Q1725664","display_name":"Terminology","level":2,"score":0.3869999945163727},{"id":"https://openalex.org/C2776007630","wikidata":"https://www.wikidata.org/wiki/Q2798912","display_name":"Accountability","level":2,"score":0.3257000148296356},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.29750001430511475},{"id":"https://openalex.org/C138816342","wikidata":"https://www.wikidata.org/wiki/Q189603","display_name":"Public health","level":2,"score":0.2919999957084656},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2872999906539917},{"id":"https://openalex.org/C182408735","wikidata":"https://www.wikidata.org/wiki/Q2432075","display_name":"Request for proposal","level":3,"score":0.2867000102996826},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.2705000042915344},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.2703999876976013},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.2669999897480011},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.26420000195503235}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s43926-025-00279-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s43926-025-00279-2","pdf_url":null,"source":{"id":"https://openalex.org/S4210230675","display_name":"Discover Internet of Things","issn_l":"2730-7239","issn":["2730-7239"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Discover Internet of Things","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:466d8506b44840ebad8d2c737be6a73f","is_oa":true,"landing_page_url":"https://doaj.org/article/466d8506b44840ebad8d2c737be6a73f","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Discover Internet of Things, Vol 6, Iss 1, Pp 1-19 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1007/s43926-025-00279-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s43926-025-00279-2","pdf_url":null,"source":{"id":"https://openalex.org/S4210230675","display_name":"Discover Internet of Things","issn_l":"2730-7239","issn":["2730-7239"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Discover Internet of Things","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6442405581474304,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1986958759","https://openalex.org/W2011301426","https://openalex.org/W2012459171","https://openalex.org/W2046334230","https://openalex.org/W2080366903","https://openalex.org/W2097141591","https://openalex.org/W2146292423","https://openalex.org/W2155173942","https://openalex.org/W2325537724","https://openalex.org/W2330892251","https://openalex.org/W2530676541","https://openalex.org/W2559853975","https://openalex.org/W2567202376","https://openalex.org/W2724896508","https://openalex.org/W2796791937","https://openalex.org/W2955777581","https://openalex.org/W2958790925","https://openalex.org/W3007817019","https://openalex.org/W3094740520","https://openalex.org/W3118714613","https://openalex.org/W3137094842","https://openalex.org/W3150635270","https://openalex.org/W3209329320","https://openalex.org/W3212311212","https://openalex.org/W4220739531","https://openalex.org/W4229011615","https://openalex.org/W4231009926","https://openalex.org/W4297200613","https://openalex.org/W4320016815","https://openalex.org/W4385304812","https://openalex.org/W4388540853"],"related_works":[],"abstract_inverted_index":{"Medical":[0],"devices":[1],"are":[2,47,108,147],"increasingly":[3],"connected":[4],"to":[5,22,30,93,110],"public":[6,54,67],"networks,":[7],"offering":[8],"benefits":[9],"such":[10,45,142],"as":[11,143],"remote":[12],"diagnosis":[13],"but":[14],"also":[15],"introducing":[16],"new":[17],"cybersecurity":[18,37,130],"risks.":[19],"One":[20],"pathway":[21],"strengthening":[23],"protection":[24],"at":[25],"the":[26,70,111],"design":[27,172],"stage":[28],"is":[29],"ensure":[31],"that":[32],"procurement":[33,51,171],"requirements":[34],"explicitly":[35],"incorporate":[36],"terms":[38,151],"and":[39,59,72,90,124,139,173],"controls.":[40],"This":[41],"study":[42],"examines":[43],"how":[44],"considerations":[46],"represented":[48],"in":[49,105,133],"medical":[50,106],"within":[52],"Indian":[53],"healthcare":[55],"sector.":[56],"We":[57],"compile":[58],"standardize":[60],"760":[61],"e-procurement":[62],"documents":[63,123],"(2014\u20132024)":[64],"from":[65],"major":[66],"hospitals":[68],"across":[69],"country":[71],"analyze":[73],"them":[74],"using":[75],"natural":[76],"language":[77],"processing":[78],"techniques,":[79],"including":[80],"Term":[81],"Frequency-Inverse":[82],"Document":[83],"Frequency":[84],"(TF-IDF),":[85],"Non-negative":[86],"Matrix":[87],"Factorization":[88],"(NMF),":[89],"regular":[91],"expressions,":[92],"identify":[94],"security-related":[95],"clauses.":[96],"In":[97],"parallel,":[98],"123":[99],"CISA":[100,125],"advisories":[101],"(2018\u20132024)":[102],"highlighting":[103],"vulnerabilities":[104],"systems":[107],"mapped":[109],"MITRE":[112],"Common":[113],"Weakness":[114],"Enumeration":[115],"(CWE)":[116],"framework.":[117],"Bridging":[118],"these":[119],"two":[120],"datasets":[121],"(tender":[122],"advisories)":[126],"reveals":[127],"significant":[128],"gaps:":[129],"specifications":[131],"appear":[132],"only":[134],"15%":[135],"(114/760)":[136],"of":[137,167],"tenders,":[138],"high-risk":[140],"CWEs":[141],"CWE-287":[144],"(Authentication":[145],"Bypass)":[146],"largely":[148],"unaddressed.":[149],"Operational":[150],"(e.g.,":[152,159],"\u201cwarranty\u201d:":[153],"82%)":[154],"dominate":[155],"over":[156],"technical":[157],"controls":[158],"\u201cencryption\u201d:":[160],"<5%).":[161],"The":[162],"findings":[163],"indicate":[164],"limited":[165],"integration":[166],"threat":[168],"intelligence":[169],"into":[170],"suggest":[174],"stronger":[175],"policy":[176],"measures":[177],"for":[178],"enhancing":[179],"vendor":[180],"accountability":[181],"through":[182],"security-aligned":[183],"tender":[184],"specifications.":[185]},"counts_by_year":[],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2026-01-05T00:00:00"}