{"id":"https://openalex.org/W4390189209","doi":"https://doi.org/10.1109/dasc/picom/cbdcom/cy59711.2023.10361509","title":"Safeguarding Healthcare: A Comprehensive Threat Analysis of Clinical Decision Support Systems","display_name":"Safeguarding Healthcare: A Comprehensive Threat Analysis of Clinical Decision Support Systems","publication_year":2023,"publication_date":"2023-11-14","ids":{"openalex":"https://openalex.org/W4390189209","doi":"https://doi.org/10.1109/dasc/picom/cbdcom/cy59711.2023.10361509"},"language":"en","primary_location":{"id":"doi:10.1109/dasc/picom/cbdcom/cy59711.2023.10361509","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dasc/picom/cbdcom/cy59711.2023.10361509","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093577333","display_name":"Aleksandra Ursula Charlotte Hamel","orcid":null},"institutions":[{"id":"https://openalex.org/I102248843","display_name":"Vienna University of Economics and Business","ror":"https://ror.org/03yn8s215","country_code":"AT","type":"education","lineage":["https://openalex.org/I102248843"]}],"countries":["AT"],"is_corresponding":true,"raw_author_name":"Aleksandra Ursula Charlotte Hamel","raw_affiliation_strings":["Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","institution_ids":["https://openalex.org/I102248843"]},{"raw_affiliation_string":"Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria","institution_ids":["https://openalex.org/I102248843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093577334","display_name":"Bogdan-Cristian Zarcu","orcid":null},"institutions":[{"id":"https://openalex.org/I102248843","display_name":"Vienna University of Economics and Business","ror":"https://ror.org/03yn8s215","country_code":"AT","type":"education","lineage":["https://openalex.org/I102248843"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Bogdan-Cristian Zarcu","raw_affiliation_strings":["Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","institution_ids":["https://openalex.org/I102248843"]},{"raw_affiliation_string":"Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria","institution_ids":["https://openalex.org/I102248843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093577335","display_name":"Andr\u00e1s-Gergely Csenteri","orcid":null},"institutions":[{"id":"https://openalex.org/I102248843","display_name":"Vienna University of Economics and Business","ror":"https://ror.org/03yn8s215","country_code":"AT","type":"education","lineage":["https://openalex.org/I102248843"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Andr\u00e1s-Gergely Csenteri","raw_affiliation_strings":["Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","institution_ids":["https://openalex.org/I102248843"]},{"raw_affiliation_string":"Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria","institution_ids":["https://openalex.org/I102248843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093577336","display_name":"Tamara Pfliegler","orcid":null},"institutions":[{"id":"https://openalex.org/I102248843","display_name":"Vienna University of Economics and Business","ror":"https://ror.org/03yn8s215","country_code":"AT","type":"education","lineage":["https://openalex.org/I102248843"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Tamara Pfliegler","raw_affiliation_strings":["Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","institution_ids":["https://openalex.org/I102248843"]},{"raw_affiliation_string":"Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria","institution_ids":["https://openalex.org/I102248843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084521751","display_name":"Sajjad Khan","orcid":"https://orcid.org/0000-0002-6608-5065"},"institutions":[{"id":"https://openalex.org/I102248843","display_name":"Vienna University of Economics and Business","ror":"https://ror.org/03yn8s215","country_code":"AT","type":"education","lineage":["https://openalex.org/I102248843"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Sajjad Khan","raw_affiliation_strings":["Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"Vienna University of Economics and Business,Information Systems and Operations Management,Vienna,Austria","institution_ids":["https://openalex.org/I102248843"]},{"raw_affiliation_string":"Information Systems and Operations Management, Vienna University of Economics and Business, Vienna, Austria","institution_ids":["https://openalex.org/I102248843"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5049821727","display_name":"Davor Svetinovi\u0107","orcid":"https://orcid.org/0000-0002-3020-9556"},"institutions":[{"id":"https://openalex.org/I176601375","display_name":"Khalifa University of Science and Technology","ror":"https://ror.org/05hffr360","country_code":"AE","type":"education","lineage":["https://openalex.org/I176601375"]}],"countries":["AE"],"is_corresponding":false,"raw_author_name":"Davor Svetinovic","raw_affiliation_strings":["Khalifa University,Center for Cyber-Physical Systems, Electrical Engineering and Computer Science,Abu Dhabi,UAE","Center for Cyber-Physical Systems, Electrical Engineering and Computer Science, Khalifa University, Abu Dhabi, UAE"],"affiliations":[{"raw_affiliation_string":"Khalifa University,Center for Cyber-Physical Systems, Electrical Engineering and Computer Science,Abu Dhabi,UAE","institution_ids":["https://openalex.org/I176601375"]},{"raw_affiliation_string":"Center for Cyber-Physical Systems, Electrical Engineering and Computer Science, Khalifa University, Abu Dhabi, UAE","institution_ids":["https://openalex.org/I176601375"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5093577333"],"corresponding_institution_ids":["https://openalex.org/I102248843"],"apc_list":null,"apc_paid":null,"fwci":0.9271,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.82003498,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"0478","last_page":"0485"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9689000248908997,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9689000248908997,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9672999978065491,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9535999894142151,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/clinical-decision-support-system","display_name":"Clinical decision support system","score":0.542790412902832},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5425142049789429},{"id":"https://openalex.org/keywords/safeguarding","display_name":"Safeguarding","score":0.5201675891876221},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.4910445213317871},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4546852111816406},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.40603119134902954},{"id":"https://openalex.org/keywords/decision-support-system","display_name":"Decision support system","score":0.30309566855430603},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.17099463939666748},{"id":"https://openalex.org/keywords/medicine","display_name":"Medicine","score":0.15155398845672607},{"id":"https://openalex.org/keywords/nursing","display_name":"Nursing","score":0.08590349555015564}],"concepts":[{"id":"https://openalex.org/C63527458","wikidata":"https://www.wikidata.org/wiki/Q5133829","display_name":"Clinical decision support system","level":3,"score":0.542790412902832},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5425142049789429},{"id":"https://openalex.org/C2776743756","wikidata":"https://www.wikidata.org/wiki/Q5097921","display_name":"Safeguarding","level":2,"score":0.5201675891876221},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.4910445213317871},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4546852111816406},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.40603119134902954},{"id":"https://openalex.org/C107327155","wikidata":"https://www.wikidata.org/wiki/Q330268","display_name":"Decision support system","level":2,"score":0.30309566855430603},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.17099463939666748},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.15155398845672607},{"id":"https://openalex.org/C159110408","wikidata":"https://www.wikidata.org/wiki/Q121176","display_name":"Nursing","level":1,"score":0.08590349555015564},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/dasc/picom/cbdcom/cy59711.2023.10361509","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dasc/picom/cbdcom/cy59711.2023.10361509","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)","raw_type":"proceedings-article"},{"id":"pmh:oai:research.wu.ac.at:openaire_cris_publications/efe615fc-4afe-4614-b642-c7aa61833e01","is_oa":false,"landing_page_url":"https://research.wu.ac.at/de/publications/efe615fc-4afe-4614-b642-c7aa61833e01","pdf_url":null,"source":{"id":"https://openalex.org/S7407055123","display_name":"WU Research","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Hamel, A U C, Zarcu, B-C, Csenteri, A-G, Pfliegler, T, Khan, S & Svetinovic, D 2023, Safeguarding Healthcare: A Comprehensive Threat Analysis of Clinical Decision Support Systems. in 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) : 14-17 November 2023 : Abu Dhabi, United Arab Emirates . IEEE, New York, IEEE Xplore, pp. 478-485. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361509","raw_type":"info:eu-repo/semantics/conferenceObject"},{"id":"pmh:oai:research.wu.ac.at:publications/efe615fc-4afe-4614-b642-c7aa61833e01","is_oa":false,"landing_page_url":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10361509","pdf_url":null,"source":{"id":"https://openalex.org/S7407055123","display_name":"WU Research","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Hamel, A U C, Zarcu, B-C, Csenteri, A-G, Pfliegler, T, Khan, S & Svetinovic, D 2023, Safeguarding Healthcare: A Comprehensive Threat Analysis of Clinical Decision Support Systems. in 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) : 14-17 November 2023 : Abu Dhabi, United Arab Emirates . IEEE, New York, IEEE Xplore, pp. 478-485. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361509","raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7699999809265137,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W572872720","https://openalex.org/W1563548484","https://openalex.org/W1968060304","https://openalex.org/W1968181708","https://openalex.org/W2118991740","https://openalex.org/W2150010995","https://openalex.org/W2491683995","https://openalex.org/W2694044524","https://openalex.org/W2749414669","https://openalex.org/W2752243939","https://openalex.org/W2800426337","https://openalex.org/W2806594193","https://openalex.org/W2890212356","https://openalex.org/W2910070300","https://openalex.org/W2912418746","https://openalex.org/W2924305987","https://openalex.org/W2964203712","https://openalex.org/W2971024714","https://openalex.org/W3114627546","https://openalex.org/W3116409445","https://openalex.org/W3123744197","https://openalex.org/W3134051239","https://openalex.org/W3168072522","https://openalex.org/W3174380182","https://openalex.org/W3176230507","https://openalex.org/W3186653824","https://openalex.org/W3210329055","https://openalex.org/W4224295195","https://openalex.org/W4251323996","https://openalex.org/W4285176469","https://openalex.org/W4288758078","https://openalex.org/W4293676882","https://openalex.org/W4313325293","https://openalex.org/W4317600335","https://openalex.org/W4320004330","https://openalex.org/W4365998533"],"related_works":["https://openalex.org/W2046929026","https://openalex.org/W2779278343","https://openalex.org/W1996434451","https://openalex.org/W1569026615","https://openalex.org/W2791725133","https://openalex.org/W2338117633","https://openalex.org/W2112831187","https://openalex.org/W2122149485","https://openalex.org/W4232131108","https://openalex.org/W2128124510"],"abstract_inverted_index":{"Using":[0],"digital":[1],"data":[2,28,71],"gathering":[3],"and":[4,10,14,61,73,93,103],"analytics":[5],"in":[6,42,128],"healthcare":[7],"brings":[8],"benefits":[9],"risks":[11],"to":[12,46,50,65,76,85,97,114,132,142],"patients":[13],"practitioners.":[15],"Smart":[16],"Health":[17],"Information":[18],"Systems,":[19],"such":[20],"as":[21],"Clinical":[22],"Decision":[23],"Support":[24],"Systems":[25],"(CDSSs),":[26],"consolidate":[27],"from":[29],"various":[30,47],"sources,":[31],"utilizing":[32],"artificial":[33],"intelligence":[34],"for":[35,147],"decision":[36],"support.":[37],"However,":[38],"machine":[39],"learning":[40],"models":[41],"CDSSs":[43,99,119,133],"are":[44,120],"vulnerable":[45],"attacks,":[48],"leading":[49],"incorrect":[51],"predictions":[52],"with":[53],"severe":[54],"consequences.":[55],"This":[56,139],"paper":[57],"systematically":[58],"investigates":[59],"security":[60,86,130,145],"privacy":[62,88],"threats":[63,95,131],"related":[64],"CDSSs.":[66,148],"First,":[67],"we":[68,91],"leverage":[69],"the":[70,78,98,106,115,118],"flow":[72],"sequence":[74],"diagrams":[75],"identify":[77,92],"critical":[79],"use":[80],"cases":[81],"that":[82],"might":[83],"lead":[84],"or":[87],"breaches.":[89],"Second,":[90],"classify":[94],"imminent":[96],"using":[100],"Security":[101],"Cards":[102],"STRIDE.":[104],"Lastly,":[105],"persona":[107],"non-grata":[108],"who":[109],"pose":[110],"a":[111],"significant":[112],"threat":[113],"integrity":[116],"of":[117],"identified.":[121],"Implementing":[122],"our":[123],"method":[124],"can":[125],"assist":[126],"teams":[127],"addressing":[129],"by":[134],"considering":[135],"their":[136],"unique":[137],"vulnerabilities.":[138],"research":[140],"contributes":[141],"developing":[143],"comprehensive":[144],"strategies":[146]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2026-03-12T08:34:05.389933","created_date":"2025-10-10T00:00:00"}