{"id":"https://openalex.org/W2955431809","doi":"https://doi.org/10.1109/tse.2020.2981310","title":"Incidents are Meant for Learning, Not Repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems","display_name":"Incidents are Meant for Learning, Not Repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems","publication_year":2020,"publication_date":"2020-03-17","ids":{"openalex":"https://openalex.org/W2955431809","doi":"https://doi.org/10.1109/tse.2020.2981310","mag":"2955431809"},"language":"en","primary_location":{"id":"doi:10.1109/tse.2020.2981310","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2020.2981310","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1907.00199","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010945101","display_name":"Faeq Alrimawi","orcid":"https://orcid.org/0000-0002-2236-5073"},"institutions":[{"id":"https://openalex.org/I230495080","display_name":"University of Limerick","ror":"https://ror.org/00a0n9e72","country_code":"IE","type":"education","lineage":["https://openalex.org/I230495080"]}],"countries":["IE"],"is_corresponding":true,"raw_author_name":"Faeq Alrimawi","raw_affiliation_strings":["Lero-The Irish Software Research Centre, University of Limerick, Limerick, Ireland","[Lero-The Irish Software Research Centre, University of Limerick, 8808 Limerick, Munster Ireland (e-mail: faeq.rimawi@gmail.com)]"],"affiliations":[{"raw_affiliation_string":"Lero-The Irish Software Research Centre, University of Limerick, Limerick, Ireland","institution_ids":["https://openalex.org/I230495080"]},{"raw_affiliation_string":"[Lero-The Irish Software Research Centre, University of Limerick, 8808 Limerick, Munster Ireland (e-mail: faeq.rimawi@gmail.com)]","institution_ids":["https://openalex.org/I230495080"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049622460","display_name":"Liliana Pasquale","orcid":"https://orcid.org/0000-0001-9673-3054"},"institutions":[{"id":"https://openalex.org/I100930933","display_name":"University College Dublin","ror":"https://ror.org/05m7pjf47","country_code":"IE","type":"education","lineage":["https://openalex.org/I100930933"]},{"id":"https://openalex.org/I2802024501","display_name":"Irish Research Council","ror":"https://ror.org/051xex213","country_code":"IE","type":"funder","lineage":["https://openalex.org/I2802024501"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Liliana Pasquale","raw_affiliation_strings":["Irish Software Research Centre, University College Dublin and Lero, Ireland","[Computer Science, University College Dublin, 8797 Dublin, Belfield Ireland (e-mail: liliana.pasquale@ucd.ie)]"],"affiliations":[{"raw_affiliation_string":"Irish Software Research Centre, University College Dublin and Lero, Ireland","institution_ids":["https://openalex.org/I2802024501","https://openalex.org/I100930933"]},{"raw_affiliation_string":"[Computer Science, University College Dublin, 8797 Dublin, Belfield Ireland (e-mail: liliana.pasquale@ucd.ie)]","institution_ids":["https://openalex.org/I100930933"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037396242","display_name":"Deepak Mehta","orcid":"https://orcid.org/0000-0001-8502-1203"},"institutions":[{"id":"https://openalex.org/I4210159603","display_name":"United Technologies Research Center","ror":"https://ror.org/04vxc1c96","country_code":"IE","type":"company","lineage":["https://openalex.org/I4210159603"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Deepak Mehta","raw_affiliation_strings":["United Technologies Research Center, Cork, Ireland","[UTRC, United Technologies Research Center, 129535 Cork, Munster Ireland (e-mail: MehtaD@utrc.utc.com)]"],"affiliations":[{"raw_affiliation_string":"United Technologies Research Center, Cork, Ireland","institution_ids":["https://openalex.org/I4210159603"]},{"raw_affiliation_string":"[UTRC, United Technologies Research Center, 129535 Cork, Munster Ireland (e-mail: MehtaD@utrc.utc.com)]","institution_ids":["https://openalex.org/I4210159603"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018128809","display_name":"Nobukazu Yoshioka","orcid":"https://orcid.org/0000-0002-1986-5675"},"institutions":[{"id":"https://openalex.org/I184597095","display_name":"National Institute of Informatics","ror":"https://ror.org/04ksd4g47","country_code":"JP","type":"facility","lineage":["https://openalex.org/I1319490839","https://openalex.org/I184597095","https://openalex.org/I4210158934"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Nobukazu Yoshioka","raw_affiliation_strings":["National Institute of Informatics, Chiyoda-ku, Tokyo, Japan","[NII, National Institute of Informatics, 13513 Chiyoda-ku, Tokyo Japan (e-mail: nobukazu@nii.ac.jp)]"],"affiliations":[{"raw_affiliation_string":"National Institute of Informatics, Chiyoda-ku, Tokyo, Japan","institution_ids":["https://openalex.org/I184597095"]},{"raw_affiliation_string":"[NII, National Institute of Informatics, 13513 Chiyoda-ku, Tokyo Japan (e-mail: nobukazu@nii.ac.jp)]","institution_ids":["https://openalex.org/I184597095"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5060861082","display_name":"Bashar Nuseibeh","orcid":"https://orcid.org/0000-0002-3476-053X"},"institutions":[{"id":"https://openalex.org/I230495080","display_name":"University of Limerick","ror":"https://ror.org/00a0n9e72","country_code":"IE","type":"education","lineage":["https://openalex.org/I230495080"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Bashar Nuseibeh","raw_affiliation_strings":["Lero-The Irish Software Research Centre, University of Limerick, Limerick, Ireland","[Lero-The Irish Software Research Centre, University of Limerick, 8808 Limerick, Munster Ireland (e-mail: bashar.nuseibeh@lero.ie)]"],"affiliations":[{"raw_affiliation_string":"Lero-The Irish Software Research Centre, University of Limerick, Limerick, Ireland","institution_ids":["https://openalex.org/I230495080"]},{"raw_affiliation_string":"[Lero-The Irish Software Research Centre, University of Limerick, 8808 Limerick, Munster Ireland (e-mail: bashar.nuseibeh@lero.ie)]","institution_ids":["https://openalex.org/I230495080"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5010945101"],"corresponding_institution_ids":["https://openalex.org/I230495080"],"apc_list":null,"apc_paid":null,"fwci":0.2782,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.61900086,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"48","issue":"1","first_page":"120","last_page":"134"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/incident-report","display_name":"Incident report","score":0.7223449349403381},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6966087222099304},{"id":"https://openalex.org/keywords/incident-response","display_name":"Incident response","score":0.6719805002212524},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.6581497192382812},{"id":"https://openalex.org/keywords/cyber-physical-system","display_name":"Cyber-physical system","score":0.646317183971405},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6207376718521118},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.55448979139328},{"id":"https://openalex.org/keywords/incident-management","display_name":"Incident management","score":0.5409560799598694},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.4257253110408783},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.14652559161186218}],"concepts":[{"id":"https://openalex.org/C2909164965","wikidata":"https://www.wikidata.org/wiki/Q6014597","display_name":"Incident report","level":2,"score":0.7223449349403381},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6966087222099304},{"id":"https://openalex.org/C2985105721","wikidata":"https://www.wikidata.org/wiki/Q13479512","display_name":"Incident response","level":2,"score":0.6719805002212524},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.6581497192382812},{"id":"https://openalex.org/C179768478","wikidata":"https://www.wikidata.org/wiki/Q1120057","display_name":"Cyber-physical system","level":2,"score":0.646317183971405},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6207376718521118},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.55448979139328},{"id":"https://openalex.org/C2780952636","wikidata":"https://www.wikidata.org/wiki/Q13479512","display_name":"Incident management","level":2,"score":0.5409560799598694},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.4257253110408783},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.14652559161186218},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1109/tse.2020.2981310","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2020.2981310","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1907.00199","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1907.00199","pdf_url":"https://arxiv.org/pdf/1907.00199","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:2955431809","is_oa":true,"landing_page_url":"http://export.arxiv.org/pdf/1907.00199","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"pmh:oai:oro.open.ac.uk:70726","is_oa":false,"landing_page_url":"https://oro.open.ac.uk/70726/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401187","display_name":"Open Research Online (The Open University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I204136569","host_organization_name":"The Open University","host_organization_lineage":["https://openalex.org/I204136569"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Journal Item"},{"id":"doi:10.48550/arxiv.1907.00199","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1907.00199","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1907.00199","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1907.00199","pdf_url":"https://arxiv.org/pdf/1907.00199","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"score":0.4699999988079071,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G7736775806","display_name":null,"funder_award_id":"13/RC/2094","funder_id":"https://openalex.org/F4320320847","funder_display_name":"Science Foundation Ireland"},{"id":"https://openalex.org/G8552073814","display_name":null,"funder_award_id":"15/SIRG/3501","funder_id":"https://openalex.org/F4320320847","funder_display_name":"Science Foundation Ireland"}],"funders":[{"id":"https://openalex.org/F4320320847","display_name":"Science Foundation Ireland","ror":"https://ror.org/0271asj38"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2955431809.pdf","grobid_xml":"https://content.openalex.org/works/W2955431809.grobid-xml"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W72510116","https://openalex.org/W132885894","https://openalex.org/W185406290","https://openalex.org/W1733513950","https://openalex.org/W1770527767","https://openalex.org/W1969001723","https://openalex.org/W2014151884","https://openalex.org/W2031999883","https://openalex.org/W2040102554","https://openalex.org/W2059700593","https://openalex.org/W2108389203","https://openalex.org/W2142925340","https://openalex.org/W2166490913","https://openalex.org/W2243727816","https://openalex.org/W2293702630","https://openalex.org/W2296205740","https://openalex.org/W2296237248","https://openalex.org/W2404532944","https://openalex.org/W2460834910","https://openalex.org/W2480724917","https://openalex.org/W2490428321","https://openalex.org/W2491980965","https://openalex.org/W2518642658","https://openalex.org/W2767794223","https://openalex.org/W2792308754","https://openalex.org/W2802329999","https://openalex.org/W2807945522","https://openalex.org/W2968681831","https://openalex.org/W3186276894","https://openalex.org/W4256531287","https://openalex.org/W4294621147","https://openalex.org/W6603173816","https://openalex.org/W6607448945","https://openalex.org/W6637690812","https://openalex.org/W6696948755","https://openalex.org/W6749361917","https://openalex.org/W7048041916"],"related_works":["https://openalex.org/W3011036794","https://openalex.org/W2724898928","https://openalex.org/W2327197856","https://openalex.org/W3010615709","https://openalex.org/W203201158","https://openalex.org/W3197362451","https://openalex.org/W2891205261","https://openalex.org/W2884589593","https://openalex.org/W2800094582","https://openalex.org/W2899547794","https://openalex.org/W2980671025","https://openalex.org/W2182899594","https://openalex.org/W2609425222","https://openalex.org/W3203867453","https://openalex.org/W2898883186","https://openalex.org/W3092225018","https://openalex.org/W3205033750","https://openalex.org/W2974219526","https://openalex.org/W2886282970","https://openalex.org/W2592627133"],"abstract_inverted_index":{"Cyber-physical":[0],"systems":[1,121,219],"(CPSs)":[2],"are":[3,102,113],"part":[4],"of":[5,63,107,196,203],"many":[6],"critical":[7],"infrastructures":[8],"such":[9,91],"as":[10,92],"industrial":[11],"automation":[12],"and":[13,27,61,145,210,220],"transportation":[14],"systems.":[15,191],"Thus,":[16],"security":[17],"incidents":[18,30,38,67],"targeting":[19],"CPSs":[20],"can":[21,39,88,134,170],"have":[22],"disruptive":[23],"consequences":[24],"to":[25,32,45,58,116,119,152,183,189],"assets":[26,144],"people.":[28],"As":[29],"tend":[31],"re-occur,":[33],"sharing":[34,62],"knowledge":[35,64,77],"about":[36,65,141],"these":[37],"help":[40],"organizations":[41],"be":[42,117],"more":[43,104],"prepared":[44],"prevent,":[46],"mitigate":[47],"or":[48,95],"investigate":[49],"future":[50],"incidents.":[51,221],"This":[52],"paper":[53],"proposes":[54],"a":[55,103,160],"novel":[56],"approach":[57,198],"enable":[59],"representation":[60,106],"CPS":[66],"across":[68],"different":[69,123],"organizations.":[70],"To":[71,164],"support":[72],"sharing,":[73],"we":[74,177],"represent":[75],"incident":[76,85,93,109,130,157,162,168,187],"(":[78],"<italic":[79,153,184],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[80,154,185],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">incident":[81],"patterns</i>":[82],")":[83],"capturing":[84],"characteristics":[86],"that":[87],"manifest":[89,171],"again,":[90],"activities":[94],"vulnerabilities":[96],"exploited":[97],"by":[98,217],"offenders.":[99],"Incident":[100],"patterns":[101,188],"abstract":[105],"specific":[108,161,190],"instances":[110],"and,":[111],"thus,":[112],"general":[114],"enough":[115],"applicable":[118],"various":[120],"-":[122],"from":[124,159],"the":[125,129,194,200],"one":[126],"in":[127,173,199],"which":[128],"originally":[131],"occurred.":[132],"They":[133],"also":[135,178],"avoid":[136],"disclosing":[137],"potentially":[138],"sensitive":[139],"information":[140],"an":[142,149,156,167,180],"organization's":[143],"resources.":[146],"We":[147,192,206],"provide":[148,179],"automated":[150,181],"technique":[151,182],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">extract</i>":[155],"pattern":[158,169],"instance.":[163],"understand":[165],"how":[166],"again":[172],"other":[174],"cyber-physical":[175],"systems,":[176],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">instantiate</i>":[186],"demonstrate":[193],"feasibility":[195],"our":[197],"application":[201],"domain":[202],"smart":[204],"buildings.":[205],"evaluate":[207],"correctness,":[208],"scalability,":[209],"performance":[211],"using":[212],"two":[213],"substantive":[214],"scenarios":[215],"inspired":[216],"real-world":[218]},"counts_by_year":[{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}