{"id":"https://openalex.org/W4413679407","doi":"https://doi.org/10.1109/csr64739.2025.11130100","title":"Securing firmware updates using Transparency and Traceability services","display_name":"Securing firmware updates using Transparency and Traceability services","publication_year":2025,"publication_date":"2025-08-04","ids":{"openalex":"https://openalex.org/W4413679407","doi":"https://doi.org/10.1109/csr64739.2025.11130100"},"language":"en","primary_location":{"id":"doi:10.1109/csr64739.2025.11130100","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr64739.2025.11130100","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5052879509","display_name":"Nikos Fotiou","orcid":"https://orcid.org/0000-0001-9100-1081"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Nikos Fotiou","raw_affiliation_strings":["ExcID,Athens,Greece"],"affiliations":[{"raw_affiliation_string":"ExcID,Athens,Greece","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5119437420","display_name":"Lefteris Georgiadis","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Lefteris Georgiadis","raw_affiliation_strings":["ExcID,Athens,Greece"],"affiliations":[{"raw_affiliation_string":"ExcID,Athens,Greece","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088432697","display_name":"George C. Polyzos","orcid":"https://orcid.org/0000-0003-0030-4808"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"George C. Polyzos","raw_affiliation_strings":["ExcID,Athens,Greece"],"affiliations":[{"raw_affiliation_string":"ExcID,Athens,Greece","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5064354689","display_name":"Vasilios A. Siris","orcid":"https://orcid.org/0000-0001-8521-3774"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Vasilios A. Siris","raw_affiliation_strings":["ExcID,Athens,Greece"],"affiliations":[{"raw_affiliation_string":"ExcID,Athens,Greece","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5052879509"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.3319383,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1127","last_page":"1132"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9161999821662903,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9161999821662903,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9203809499740601},{"id":"https://openalex.org/keywords/traceability","display_name":"Traceability","score":0.9151819944381714},{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.6893000602722168},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6650378108024597},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5568147301673889},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.27370139956474304},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.1905767321586609}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9203809499740601},{"id":"https://openalex.org/C153876917","wikidata":"https://www.wikidata.org/wiki/Q899704","display_name":"Traceability","level":2,"score":0.9151819944381714},{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.6893000602722168},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6650378108024597},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5568147301673889},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.27370139956474304},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.1905767321586609}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr64739.2025.11130100","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr64739.2025.11130100","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W2954429763","https://openalex.org/W2962892760","https://openalex.org/W3153226602","https://openalex.org/W3155459340","https://openalex.org/W4308463084","https://openalex.org/W4308562523","https://openalex.org/W4324007072","https://openalex.org/W4386361517","https://openalex.org/W4388857973","https://openalex.org/W4390043315","https://openalex.org/W4391725257"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2582981600","https://openalex.org/W4389238932","https://openalex.org/W4387467152","https://openalex.org/W4212885212","https://openalex.org/W4379115910","https://openalex.org/W3010413952","https://openalex.org/W4253989935"],"abstract_inverted_index":{"Firmware":[0],"update":[1,54,74],"mechanisms":[2],"are":[3,92,165],"a":[4,22,81,137,150],"critical":[5],"part":[6],"of":[7,24,31,51,63,80,121],"the":[8,28,49,52,72,78],"software":[9],"supply":[10,162],"chain":[11,163],"in":[12],"IoT":[13],"and":[14,68,100,107,130,146,168],"embedded":[15],"systems,":[16],"yet":[17],"they":[18],"remain":[19],"vulnerable":[20],"to":[21,41,117],"range":[23],"attacks-particularly":[25],"those":[26],"targeting":[27],"signing":[29,36,90,102,122],"keys":[30],"firmware":[32,44,73,89,161],"authors.":[33],"A":[34],"compromised":[35],"key":[37,98],"can":[38,104],"be":[39,105],"used":[40],"distribute":[42],"malicious":[43],"that":[45,157],"appears":[46],"legitimate,":[47],"undermining":[48],"integrity":[50],"entire":[53],"process.":[55],"In":[56],"this":[57,61,96,126],"paper,":[58],"we":[59,128],"address":[60],"class":[62],"attacks":[64,164],"by":[65],"introducing":[66],"transparency":[67,82,139],"traceability":[69],"services":[70],"into":[71],"pipeline.":[75],"We":[76],"propose":[77],"use":[79],"registry-an":[83],"immutable,":[84],"append-only":[85],"log":[86],"where":[87],"all":[88],"events":[91],"recorded.":[93],"By":[94],"monitoring":[95],"registry,":[97],"compromise":[99],"unauthorized":[101],"activity":[103],"detected":[106],"mitigated.":[108],"Our":[109],"approach":[110],"shifts":[111],"trust":[112],"from":[113],"opaque":[114],"signature":[115],"validation":[116],"verifiable,":[118],"auditable":[119],"records":[120],"activity.":[123],"To":[124],"evaluate":[125],"approach,":[127],"design":[129],"implement":[131],"two":[132],"systems:":[133],"one":[134],"based":[135,148],"on":[136,149],"centralized":[138],"registry":[140],"built":[141],"using":[142],"Merkle":[143],"tree":[144],"structures,":[145],"another":[147],"decentralized,":[151],"permissioned":[152],"blockchain.":[153],"Both":[154],"implementations":[155],"demonstrate":[156],"transparency-based":[158],"defenses":[159],"against":[160],"practical,":[166],"scalable,":[167],"effective.":[169]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}