{"id":"https://openalex.org/W3139021040","doi":"https://doi.org/10.1109/msec.2021.3050433","title":"SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?","display_name":"SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?","publication_year":2021,"publication_date":"2021-03-01","ids":{"openalex":"https://openalex.org/W3139021040","doi":"https://doi.org/10.1109/msec.2021.3050433","mag":"3139021040"},"language":"en","primary_location":{"id":"doi:10.1109/msec.2021.3050433","is_oa":true,"landing_page_url":"https://doi.org/10.1109/msec.2021.3050433","pdf_url":"https://ieeexplore.ieee.org/ielx7/8013/9382368/09382358.pdf","source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security & Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://ieeexplore.ieee.org/ielx7/8013/9382368/09382358.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5085639552","display_name":"Fabio Massacci","orcid":"https://orcid.org/0000-0002-1091-8486"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]},{"id":"https://openalex.org/I865915315","display_name":"Vrije Universiteit Amsterdam","ror":"https://ror.org/008xxew50","country_code":"NL","type":"education","lineage":["https://openalex.org/I865915315"]}],"countries":["IT","NL"],"is_corresponding":true,"raw_author_name":"Fabio Massacci","raw_affiliation_strings":["University of Trento and Vrije Universiteit Amsterdam"],"raw_orcid":"https://orcid.org/0000-0002-1091-8486","affiliations":[{"raw_affiliation_string":"University of Trento and Vrije Universiteit Amsterdam","institution_ids":["https://openalex.org/I865915315","https://openalex.org/I193223587"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055045569","display_name":"Trent Jaeger","orcid":"https://orcid.org/0000-0002-4964-1170"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Trent Jaeger","raw_affiliation_strings":["Pennsylvania State University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Pennsylvania State University","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067720069","display_name":"Sean Peisert","orcid":"https://orcid.org/0000-0003-3566-9719"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sean Peisert","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0003-3566-9719","affiliations":[]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5085639552"],"corresponding_institution_ids":["https://openalex.org/I193223587","https://openalex.org/I865915315"],"apc_list":null,"apc_paid":null,"fwci":1.7284,"has_fulltext":true,"cited_by_count":19,"citation_normalized_percentile":{"value":0.84139889,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":98},"biblio":{"volume":"19","issue":"2","first_page":"14","last_page":"19"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12238","display_name":"Green IT and Sustainability","score":0.9718000292778015,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12238","display_name":"Green IT and Sustainability","score":0.9718000292778015,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9697999954223633,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9602000117301941,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3336179256439209},{"id":"https://openalex.org/keywords/art","display_name":"Art","score":0.3221118748188019},{"id":"https://openalex.org/keywords/history","display_name":"History","score":0.3216201961040497}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3336179256439209},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.3221118748188019},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.3216201961040497}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.1109/msec.2021.3050433","is_oa":true,"landing_page_url":"https://doi.org/10.1109/msec.2021.3050433","pdf_url":"https://ieeexplore.ieee.org/ielx7/8013/9382368/09382358.pdf","source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security & Privacy","raw_type":"journal-article"},{"id":"pmh:oai:escholarship.org:ark:/13030/qt0m27w0hf","is_oa":true,"landing_page_url":"https://escholarship.org/uc/item/0m27w0hf","pdf_url":"https://escholarship.org/uc/item/0m27w0hf","source":{"id":"https://openalex.org/S4306400115","display_name":"eScholarship (California Digital Library)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2801248553","host_organization_name":"California Digital Library","host_organization_lineage":["https://openalex.org/I2801248553"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Security & Privacy, vol 19, iss 2","raw_type":"article"},{"id":"pmh:oai:iris.unitn.it:11572/309076","is_oa":true,"landing_page_url":"https://ieeexplore.ieee.org/document/9382358/authors#authors","pdf_url":null,"source":{"id":"https://openalex.org/S4306401913","display_name":"Institutional Research Information System (Universit\u00e0 degli Studi di Trento)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I193223587","host_organization_name":"University of Trento","host_organization_lineage":["https://openalex.org/I193223587"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:research.vu.nl:openaire_cris_publications/3fda89a1-6371-45e9-9d11-4fa7e0b7136d","is_oa":true,"landing_page_url":"https://hdl.handle.net/1871.1/3fda89a1-6371-45e9-9d11-4fa7e0b7136d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Massacci, F & Jaeger, T 2021, 'SolarWinds and the Challenges of Patching : Can We Ever Stop Dancing with the Devil?', IEEE Security and Privacy, vol. 19, no. 2, 9382358, pp. 14-19. https://doi.org/10.1109/MSEC.2021.3050433","raw_type":"info:eu-repo/semantics/annotation"},{"id":"pmh:oai:research.vu.nl:publications/3fda89a1-6371-45e9-9d11-4fa7e0b7136d","is_oa":true,"landing_page_url":"http://www.scopus.com/inward/citedby.url?scp=85103379799&partnerID=8YFLogxK","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Massacci, F & Jaeger, T 2021, 'SolarWinds and the Challenges of Patching : Can We Ever Stop Dancing with the Devil?', IEEE Security and Privacy, vol. 19, no. 2, 9382358, pp. 14-19. https://doi.org/10.1109/MSEC.2021.3050433","raw_type":"info:eu-repo/semantics/annotation"},{"id":"pmh:vu:oai:research.vu.nl:publications/3fda89a1-6371-45e9-9d11-4fa7e0b7136d","is_oa":true,"landing_page_url":"https://research.vu.nl/en/publications/3fda89a1-6371-45e9-9d11-4fa7e0b7136d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Security and Privacy, 19(2):9382358, 14 - 19. Institute of Electrical and Electronics Engineers Inc.","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1109/msec.2021.3050433","is_oa":true,"landing_page_url":"https://doi.org/10.1109/msec.2021.3050433","pdf_url":"https://ieeexplore.ieee.org/ielx7/8013/9382368/09382358.pdf","source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security & Privacy","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2507725256","display_name":null,"funder_award_id":"952647","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"},{"id":"https://openalex.org/G4937468798","display_name":null,"funder_award_id":"H2020","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5066738871","display_name":null,"funder_award_id":"952647","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5356549776","display_name":null,"funder_award_id":"830929","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5832694360","display_name":null,"funder_award_id":"CNS-1801534; CNS-1801601","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6064471443","display_name":null,"funder_award_id":"830929; 952647","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G6384328479","display_name":null,"funder_award_id":"830929","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3139021040.pdf","grobid_xml":"https://content.openalex.org/works/W3139021040.grobid-xml"},"referenced_works_count":15,"referenced_works":["https://openalex.org/W6385438","https://openalex.org/W1608091202","https://openalex.org/W1966636435","https://openalex.org/W2170761533","https://openalex.org/W2274324447","https://openalex.org/W2525155683","https://openalex.org/W2589098023","https://openalex.org/W2766188225","https://openalex.org/W2791591648","https://openalex.org/W2965799842","https://openalex.org/W2974889942","https://openalex.org/W2988741178","https://openalex.org/W3000501050","https://openalex.org/W6600256889","https://openalex.org/W6767084022"],"related_works":["https://openalex.org/W4387497383","https://openalex.org/W3183948672","https://openalex.org/W3173606202","https://openalex.org/W3110381201","https://openalex.org/W2948807893","https://openalex.org/W2899084033","https://openalex.org/W2778153218","https://openalex.org/W2748952813","https://openalex.org/W1531601525","https://openalex.org/W4391375266"],"abstract_inverted_index":{"Professors":[0],"Fabio":[1],"Massacci":[2],"(University":[3],"of":[4,19],"Trento":[5],"and":[6,10],"Vrije":[7],"Universiteit":[8],"Amsterdam)":[9],"Trent":[11],"Jaeger":[12],"(Pennsylvania":[13],"State":[14],"University)":[15],"discuss":[16],"the":[17],"limits":[18],"our":[20],"security":[21],"practices:":[22],"damned":[23,27],"if":[24,28],"you":[25,29],"patch,":[26],"don\u2019t.":[30]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2021-03-29T00:00:00"}