{"id":"https://openalex.org/W4312250199","doi":"https://doi.org/10.1109/access.2022.3219063","title":"ThreMA: Ontology-Based Automated Threat Modeling for ICT Infrastructures","display_name":"ThreMA: Ontology-Based Automated Threat Modeling for ICT Infrastructures","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W4312250199","doi":"https://doi.org/10.1109/access.2022.3219063"},"language":"en","primary_location":{"id":"doi:10.1109/access.2022.3219063","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3219063","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09936611.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09936611.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107502272","display_name":"Fabio De Rosa","orcid":null},"institutions":[{"id":"https://openalex.org/I4210152452","display_name":"Consorzio Interuniversitario Nazionale per l'Informatica","ror":"https://ror.org/03v8v5y65","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210152452"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Fabio De Rosa","raw_affiliation_strings":["National Interuniversity Consortium for Informatics, Rome, Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Interuniversity Consortium for Informatics, Rome, Italy","institution_ids":["https://openalex.org/I4210152452"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055234714","display_name":"Nicol\u00f2 Maunero","orcid":"https://orcid.org/0000-0002-4331-1066"},"institutions":[{"id":"https://openalex.org/I177477856","display_name":"Politecnico di Torino","ror":"https://ror.org/00bgk9508","country_code":"IT","type":"education","lineage":["https://openalex.org/I177477856"]},{"id":"https://openalex.org/I4210152452","display_name":"Consorzio Interuniversitario Nazionale per l'Informatica","ror":"https://ror.org/03v8v5y65","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210152452"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Nicolo Maunero","raw_affiliation_strings":["National Interuniversity Consortium for Informatics, Rome, Italy","Department of Control and Computer Engineering, Polytechnic of Turin, Turin, Italy"],"raw_orcid":"https://orcid.org/0000-0002-4331-1066","affiliations":[{"raw_affiliation_string":"National Interuniversity Consortium for Informatics, Rome, Italy","institution_ids":["https://openalex.org/I4210152452"]},{"raw_affiliation_string":"Department of Control and Computer Engineering, Polytechnic of Turin, Turin, Italy","institution_ids":["https://openalex.org/I177477856"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036258272","display_name":"P. Prinetto","orcid":"https://orcid.org/0000-0003-2400-8245"},"institutions":[{"id":"https://openalex.org/I127077003","display_name":"IMT School for Advanced Studies Lucca","ror":"https://ror.org/035gh3a49","country_code":"IT","type":"education","lineage":["https://openalex.org/I127077003"]},{"id":"https://openalex.org/I177477856","display_name":"Politecnico di Torino","ror":"https://ror.org/00bgk9508","country_code":"IT","type":"education","lineage":["https://openalex.org/I177477856"]},{"id":"https://openalex.org/I4210152452","display_name":"Consorzio Interuniversitario Nazionale per l'Informatica","ror":"https://ror.org/03v8v5y65","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210152452"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Paolo Prinetto","raw_affiliation_strings":["National Interuniversity Consortium for Informatics, Rome, Italy","System Security Modelling and Analysis Group, IMT School for Advanced Studies, Lucca, Italy","Department of Control and Computer Engineering, Polytechnic of Turin, Turin, Italy"],"raw_orcid":"https://orcid.org/0000-0003-2400-8245","affiliations":[{"raw_affiliation_string":"National Interuniversity Consortium for Informatics, Rome, Italy","institution_ids":["https://openalex.org/I4210152452"]},{"raw_affiliation_string":"System Security Modelling and Analysis Group, IMT School for Advanced Studies, Lucca, Italy","institution_ids":["https://openalex.org/I127077003"]},{"raw_affiliation_string":"Department of Control and Computer Engineering, Polytechnic of Turin, Turin, Italy","institution_ids":["https://openalex.org/I177477856"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073932804","display_name":"Federico Talentino","orcid":null},"institutions":[{"id":"https://openalex.org/I4210152452","display_name":"Consorzio Interuniversitario Nazionale per l'Informatica","ror":"https://ror.org/03v8v5y65","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210152452"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Federico Talentino","raw_affiliation_strings":["National Interuniversity Consortium for Informatics, Rome, Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Interuniversity Consortium for Informatics, Rome, Italy","institution_ids":["https://openalex.org/I4210152452"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080081051","display_name":"Martina Trussoni","orcid":"https://orcid.org/0000-0003-0472-9280"},"institutions":[{"id":"https://openalex.org/I4210152452","display_name":"Consorzio Interuniversitario Nazionale per l'Informatica","ror":"https://ror.org/03v8v5y65","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210152452"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Martina Trussoni","raw_affiliation_strings":["National Interuniversity Consortium for Informatics, Rome, Italy"],"raw_orcid":"https://orcid.org/0000-0003-0472-9280","affiliations":[{"raw_affiliation_string":"National Interuniversity Consortium for Informatics, Rome, Italy","institution_ids":["https://openalex.org/I4210152452"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5107502272"],"corresponding_institution_ids":["https://openalex.org/I4210152452"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":4.785,"has_fulltext":true,"cited_by_count":16,"citation_normalized_percentile":{"value":0.95476179,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"10","issue":null,"first_page":"116514","last_page":"116526"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9866999983787537,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.765772819519043},{"id":"https://openalex.org/keywords/vocabulary","display_name":"Vocabulary","score":0.6131693720817566},{"id":"https://openalex.org/keywords/ontology","display_name":"Ontology","score":0.5811136960983276},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.5536916851997375},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5386298894882202},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5187142491340637},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.4962964653968811},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.48101598024368286},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.46766936779022217},{"id":"https://openalex.org/keywords/knowledge-representation-and-reasoning","display_name":"Knowledge representation and reasoning","score":0.46346890926361084},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.4185448884963989},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3517497777938843},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.33199116587638855},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.10570615530014038},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.09257039427757263}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.765772819519043},{"id":"https://openalex.org/C2777601683","wikidata":"https://www.wikidata.org/wiki/Q6499736","display_name":"Vocabulary","level":2,"score":0.6131693720817566},{"id":"https://openalex.org/C25810664","wikidata":"https://www.wikidata.org/wiki/Q44325","display_name":"Ontology","level":2,"score":0.5811136960983276},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.5536916851997375},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5386298894882202},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5187142491340637},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.4962964653968811},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.48101598024368286},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.46766936779022217},{"id":"https://openalex.org/C161301231","wikidata":"https://www.wikidata.org/wiki/Q3478658","display_name":"Knowledge representation and reasoning","level":2,"score":0.46346890926361084},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.4185448884963989},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3517497777938843},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.33199116587638855},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.10570615530014038},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.09257039427757263},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2022.3219063","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3219063","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09936611.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:762877933bde49d299e51e7e39e18acc","is_oa":true,"landing_page_url":"https://doaj.org/article/762877933bde49d299e51e7e39e18acc","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 10, Pp 116514-116526 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2022.3219063","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3219063","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09936611.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6100000143051147,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4312250199.pdf","grobid_xml":"https://content.openalex.org/works/W4312250199.grobid-xml"},"referenced_works_count":38,"referenced_works":["https://openalex.org/W918786342","https://openalex.org/W1551337616","https://openalex.org/W1562643504","https://openalex.org/W1605327505","https://openalex.org/W1909163279","https://openalex.org/W2109540106","https://openalex.org/W2144973807","https://openalex.org/W2146395073","https://openalex.org/W2149142614","https://openalex.org/W2154486111","https://openalex.org/W2154829072","https://openalex.org/W2155617465","https://openalex.org/W2279424608","https://openalex.org/W2316687690","https://openalex.org/W2588184971","https://openalex.org/W2805750930","https://openalex.org/W2912775330","https://openalex.org/W2919469235","https://openalex.org/W2921968294","https://openalex.org/W2946408872","https://openalex.org/W3004063772","https://openalex.org/W3090907514","https://openalex.org/W3103855027","https://openalex.org/W3114160048","https://openalex.org/W3114627546","https://openalex.org/W3131988611","https://openalex.org/W3171854780","https://openalex.org/W3176289544","https://openalex.org/W3180551661","https://openalex.org/W3197211612","https://openalex.org/W4225795307","https://openalex.org/W4244983850","https://openalex.org/W4246100533","https://openalex.org/W6636281025","https://openalex.org/W6745017399","https://openalex.org/W6758802906","https://openalex.org/W6810494478","https://openalex.org/W6812742317"],"related_works":["https://openalex.org/W2003333417","https://openalex.org/W2349784553","https://openalex.org/W3022596247","https://openalex.org/W2601444686","https://openalex.org/W4307058054","https://openalex.org/W2045726866","https://openalex.org/W2354320020","https://openalex.org/W4247277368","https://openalex.org/W1998044538","https://openalex.org/W2057110953"],"abstract_inverted_index":{"<italic":[0,51,130],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[1,52,131],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Threat":[2,53],"Modelling</i>":[3,54],"allows":[4],"defenders":[5],"to":[6,9,24,27,30,65,134,172],"identify":[7,31],"threats":[8,26],"which":[10],"the":[11,35,44,70,84,99,111,129,144,149,174,198],"target":[12],"system":[13,71],"is":[14,37],"exposed.":[15],"Such":[16],"a":[17,20,87,102,114,154,162,166],"process":[18,36,121,176],"requires":[19],"detailed":[21],"infrastructure":[22],"analysis":[23,73],"map":[25],"assets":[28],"and":[29,42,92,109,165],"possible":[32,67],"flaws.":[33],"Unfortunately,":[34],"still":[38],"mostly":[39],"done":[40],"manually":[41],"without":[43],"support":[45,173],"of":[46,61,90,98,151,168,197],"formally":[47],"sound":[48],"approaches.":[49],"Moreover,":[50],"often":[55],"involves":[56],"teams":[57],"with":[58,79],"different":[59,66,195],"levels":[60],"security":[62],"knowledge,":[63],"leading":[64],"interpretation":[68],"in":[69,95],"under":[72],"representation.":[74],"Threat":[75],"modelling":[76,137,158],"automation":[77,122,146],"comes":[78],"two":[80],"main":[81],"challenges:":[82],"(i)":[83],"need":[85],"for":[86,105,113,123,138,157,177],"standard":[88],"representation":[89],"models":[91],"data":[93],"used":[94],"various":[96],"stages":[97],"process,":[100],"establishing":[101],"formal":[103,155],"vocabulary":[104,156],"all":[106],"involved":[107],"parties,":[108],"(ii)":[110],"requirement":[112],"well-defined":[115],"inference":[116,169],"rule":[117],"set":[118,167],"enabling":[119],"reasoning":[120,175],"threat":[124,136,163,178],"identification.":[125],"The":[126,182],"paper":[127],"presents":[128],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">ThreMA</i>":[132],"approach":[133,184],"automating":[135],"ICT":[139,160],"infrastructures,":[140],"aiming":[141],"at":[142],"addressing":[143],"key":[145],"issues":[147],"through":[148],"use":[150],"ontologies.":[152],"Specifically,":[153],"an":[159],"infrastructure,":[161],"catalog":[164],"rules":[170],"needed":[171],"identification":[179],"are":[180],"provided.":[181],"proposed":[183],"has":[185],"been":[186],"validated":[187],"against":[188],"actual":[189],"significant":[190],"case":[191],"studies":[192],"provided":[193],"by":[194],"Stakeholders":[196],"Italian":[199],"Public":[200],"Sector.":[201]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":2}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}