{"id":"https://openalex.org/W3169253752","doi":"https://doi.org/10.1109/indin45582.2020.9442219","title":"How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics","display_name":"How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics","publication_year":2020,"publication_date":"2020-07-20","ids":{"openalex":"https://openalex.org/W3169253752","doi":"https://doi.org/10.1109/indin45582.2020.9442219","mag":"3169253752"},"language":"en","primary_location":{"id":"doi:10.1109/indin45582.2020.9442219","is_oa":false,"landing_page_url":"https://doi.org/10.1109/indin45582.2020.9442219","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 18th International Conference on Industrial Informatics (INDIN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=165008","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5073614809","display_name":"\u00c1ngel Longueira-Romero","orcid":"https://orcid.org/0000-0001-6085-820X"},"institutions":[{"id":"https://openalex.org/I4210121514","display_name":"GAIKER Technology Centre","ror":"https://ror.org/02pwsw017","country_code":"ES","type":"facility","lineage":["https://openalex.org/I4210121514"]},{"id":"https://openalex.org/I4210140267","display_name":"Ikerlan","ror":"https://ror.org/03hp1m080","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210140267"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Angel Longueira-Romero","raw_affiliation_strings":["Industrial Cybersecurity, Ikerlan Technology Research Centre (BRTA), Arrasate/Mondrag\u00f3n, Spain"],"affiliations":[{"raw_affiliation_string":"Industrial Cybersecurity, Ikerlan Technology Research Centre (BRTA), Arrasate/Mondrag\u00f3n, Spain","institution_ids":["https://openalex.org/I4210121514","https://openalex.org/I4210140267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084009111","display_name":"Rosa Iglesias","orcid":"https://orcid.org/0000-0003-1036-3035"},"institutions":[{"id":"https://openalex.org/I4210121514","display_name":"GAIKER Technology Centre","ror":"https://ror.org/02pwsw017","country_code":"ES","type":"facility","lineage":["https://openalex.org/I4210121514"]},{"id":"https://openalex.org/I4210140267","display_name":"Ikerlan","ror":"https://ror.org/03hp1m080","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210140267"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Rosa Iglesias","raw_affiliation_strings":["Industrial Cybersecurity, Ikerlan Technology Research Centre (BRTA), Arrasate/Mondrag\u00f3n, Spain"],"affiliations":[{"raw_affiliation_string":"Industrial Cybersecurity, Ikerlan Technology Research Centre (BRTA), Arrasate/Mondrag\u00f3n, Spain","institution_ids":["https://openalex.org/I4210121514","https://openalex.org/I4210140267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103086504","display_name":"David Gonz\u00e1lez","orcid":"https://orcid.org/0000-0001-5021-2130"},"institutions":[{"id":"https://openalex.org/I4210140267","display_name":"Ikerlan","ror":"https://ror.org/03hp1m080","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210140267"]},{"id":"https://openalex.org/I4210121514","display_name":"GAIKER Technology Centre","ror":"https://ror.org/02pwsw017","country_code":"ES","type":"facility","lineage":["https://openalex.org/I4210121514"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"David Gonzalez","raw_affiliation_strings":["Industrial Cybersecurity, Ikerlan Technology Research Centre (BRTA), Arrasate/Mondrag\u00f3n, Spain"],"affiliations":[{"raw_affiliation_string":"Industrial Cybersecurity, Ikerlan Technology Research Centre (BRTA), Arrasate/Mondrag\u00f3n, Spain","institution_ids":["https://openalex.org/I4210121514","https://openalex.org/I4210140267"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5060154154","display_name":"I\u00f1aki Garitano","orcid":"https://orcid.org/0000-0002-0387-9167"},"institutions":[{"id":"https://openalex.org/I162361429","display_name":"Mondragon Unibertsitatea","ror":"https://ror.org/00wvqgd19","country_code":"ES","type":"education","lineage":["https://openalex.org/I162361429"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Inaki Garitano","raw_affiliation_strings":["Dept. of Electronics and Computing, Mondragon Unibertsitatea, Arrasate/Mondrag\u00f3n, Spain"],"affiliations":[{"raw_affiliation_string":"Dept. of Electronics and Computing, Mondragon Unibertsitatea, Arrasate/Mondrag\u00f3n, Spain","institution_ids":["https://openalex.org/I162361429"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5073614809"],"corresponding_institution_ids":["https://openalex.org/I4210121514","https://openalex.org/I4210140267"],"apc_list":null,"apc_paid":null,"fwci":0.8344,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.82953523,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"153","last_page":"158"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7640783786773682},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.6313952207565308},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.6264902353286743},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6155081987380981},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5538342595100403},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.5492045283317566},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.533532977104187},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.5017638206481934},{"id":"https://openalex.org/keywords/security-convergence","display_name":"Security convergence","score":0.46841374039649963},{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.46234336495399475},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.4462965130805969},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.43516767024993896},{"id":"https://openalex.org/keywords/taxonomy","display_name":"Taxonomy (biology)","score":0.4305880665779114},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.42306530475616455},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3180690407752991},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.22836363315582275},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.1295703947544098},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10606703162193298},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.07963180541992188}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7640783786773682},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.6313952207565308},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.6264902353286743},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6155081987380981},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5538342595100403},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.5492045283317566},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.533532977104187},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.5017638206481934},{"id":"https://openalex.org/C52420254","wikidata":"https://www.wikidata.org/wiki/Q7445028","display_name":"Security convergence","level":5,"score":0.46841374039649963},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.46234336495399475},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.4462965130805969},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.43516767024993896},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.4305880665779114},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.42306530475616455},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3180690407752991},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.22836363315582275},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.1295703947544098},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10606703162193298},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.07963180541992188},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/indin45582.2020.9442219","is_oa":false,"landing_page_url":"https://doi.org/10.1109/indin45582.2020.9442219","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 18th International Conference on Industrial Informatics (INDIN)","raw_type":"proceedings-article"},{"id":"pmh:oai:ebiltegia.mondragon.edu:20.500.11984/5560","is_oa":true,"landing_page_url":"https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=165008","pdf_url":null,"source":{"id":"https://openalex.org/S4377196532","display_name":"eRepository Mondragon University (Mondragon University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I162361429","host_organization_name":"Mondragon Unibertsitatea","host_organization_lineage":["https://openalex.org/I162361429"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE International Conference on Industrial Informatics (INDIN). Vol. 2020-July. N. art\u00edculo. 9442219. Pp. 153-158, 2020","raw_type":"info:eu-repo/semantics/acceptedVersion"},{"id":"pmh:oai:dsp.tecnalia.com:11556/7637","is_oa":true,"landing_page_url":"https://hdl.handle.net/11556/7637","pdf_url":null,"source":{"id":"https://openalex.org/S4306402037","display_name":"TECNALIA Publications (Fundaci\u00f3n TECNALIA Research & Innovation)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210113430","host_organization_name":"Tecnalia","host_organization_lineage":["https://openalex.org/I4210113430"],"host_organization_lineage_names":[],"type":"repository"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference output"}],"best_oa_location":{"id":"pmh:oai:ebiltegia.mondragon.edu:20.500.11984/5560","is_oa":true,"landing_page_url":"https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=165008","pdf_url":null,"source":{"id":"https://openalex.org/S4377196532","display_name":"eRepository Mondragon University (Mondragon University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I162361429","host_organization_name":"Mondragon Unibertsitatea","host_organization_lineage":["https://openalex.org/I162361429"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE International Conference on Industrial Informatics (INDIN). Vol. 2020-July. N. art\u00edculo. 9442219. Pp. 153-158, 2020","raw_type":"info:eu-repo/semantics/acceptedVersion"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W7393850","https://openalex.org/W594014660","https://openalex.org/W605027309","https://openalex.org/W858436891","https://openalex.org/W1529728259","https://openalex.org/W1993575476","https://openalex.org/W2020062968","https://openalex.org/W2034448154","https://openalex.org/W2064553186","https://openalex.org/W2069033598","https://openalex.org/W2084175160","https://openalex.org/W2089020037","https://openalex.org/W2099775215","https://openalex.org/W2108967081","https://openalex.org/W2136674011","https://openalex.org/W2139371379","https://openalex.org/W2142993476","https://openalex.org/W2143877366","https://openalex.org/W2156763327","https://openalex.org/W2295299152","https://openalex.org/W2498029175","https://openalex.org/W2564147261","https://openalex.org/W2584005932","https://openalex.org/W2628526097","https://openalex.org/W2753055686","https://openalex.org/W2886270586","https://openalex.org/W2905912371","https://openalex.org/W2944136255","https://openalex.org/W3097981465","https://openalex.org/W4205773144","https://openalex.org/W6681546282","https://openalex.org/W6757953905"],"related_works":["https://openalex.org/W2299494954","https://openalex.org/W2552271940","https://openalex.org/W2758682319","https://openalex.org/W88610236","https://openalex.org/W2395987867","https://openalex.org/W2979370664","https://openalex.org/W2894900144","https://openalex.org/W2418642600","https://openalex.org/W2542633692","https://openalex.org/W2176465394"],"abstract_inverted_index":{"Embedded":[0],"Systems":[1],"(ES)":[2],"development":[3],"has":[4],"been":[5],"historically":[6],"focused":[7],"on":[8,147],"functionality":[9],"rather":[10],"than":[11,160],"security,":[12],"and":[13,21,34,58,72,99,107,139,165,196],"today":[14],"it":[15,141],"still":[16],"applies":[17],"in":[18],"many":[19,47],"sectors":[20],"applications.":[22,55],"However,":[23],"there":[24],"is":[25,64,191],"an":[26,230],"increasing":[27],"number":[28],"of":[29,48,115,118,154,189,200,229],"security":[30,61,88,116,129,148,152,183,216,227],"threats":[31],"over":[32],"ES,":[33],"a":[35,104,127,134,144,215],"successful":[36],"attack":[37],"could":[38,102],"have":[39,175],"economical,":[40],"physical":[41],"or":[42,93],"even":[43],"human":[44],"consequences,":[45],"since":[46],"them":[49,190,201],"are":[50],"used":[51],"to":[52,66,75,171,178,181,194,209,224],"control":[53],"critical":[54],"A":[56],"standardized":[57],"general":[59],"accepted":[60],"testing":[62],"framework":[63],"needed":[65],"provide":[67,103],"guidance,":[68],"common":[69],"reporting":[70],"forms":[71],"the":[73,77,80,91,113,119,124,151,176,187,198,211,226],"possibility":[74],"compare":[76],"results":[78],"along":[79],"time.":[81],"This":[82,121,206],"can":[83],"be":[84,179],"achieved":[85],"by":[86],"introducing":[87],"metrics":[89,101,149,162,173,221],"into":[90],"evaluation":[92,153,217],"assessment":[94],"process.":[95],"If":[96],"carefully":[97],"designed":[98],"chosen,":[100],"quantitative,":[105],"repeatable":[106],"reproducible":[108],"value":[109],"that":[110,126,174,219],"would":[111],"reflect":[112],"level":[114,228],"protection":[117],"ES.":[120,155,231],"paper":[122],"analyzes":[123],"features":[125],"good":[128],"metric":[130],"should":[131],"exhibit,":[132],"introduces":[133],"taxonomy":[135],"for":[136,150,213],"classifying":[137],"them,":[138],"finally,":[140],"carries":[142],"out":[143],"literature":[145],"survey":[146],"In":[156],"this":[157],"review,":[158],"more":[159],"500":[161],"were":[163,169],"collected":[164],"analyzed.":[166],"Then,":[167],"they":[168],"reduced":[170],"169":[172],"potential":[177],"applied":[180],"ES":[182],"evaluation.":[184],"As":[185],"expected,":[186],"77.5%":[188],"related":[192],"exclusively":[193,203],"software,":[195],"only":[197],"0.6%":[199],"addresses":[202],"hardware":[204],"security.":[205],"work":[207],"aims":[208],"lay":[210],"foundations":[212],"constructing":[214],"methodology":[218],"uses":[220],"so":[222],"as":[223],"quantify":[225]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":3},{"year":2022,"cited_by_count":3}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2021-06-22T00:00:00"}