{"id":"https://openalex.org/W4368408198","doi":"https://doi.org/10.1145/3576841.3589614","title":"PIRAT - Tool for Automated Cyber-risk Assessment of PLC Components &amp; Systems Deploying NVD CVE &amp; MITRE ATT&amp;CK Databases","display_name":"PIRAT - Tool for Automated Cyber-risk Assessment of PLC Components &amp; Systems Deploying NVD CVE &amp; MITRE ATT&amp;CK Databases","publication_year":2023,"publication_date":"2023-05-04","ids":{"openalex":"https://openalex.org/W4368408198","doi":"https://doi.org/10.1145/3576841.3589614"},"language":"en","primary_location":{"id":"doi:10.1145/3576841.3589614","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3576841.3589614","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 14th International Conference on Cyber-Physical Systems (with CPS-IoT Week 2023)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079596413","display_name":"Natalija Vlajic","orcid":"https://orcid.org/0000-0001-9921-0128"},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Natalija Vlajic","raw_affiliation_strings":["York University, Toronto, Canada"],"raw_orcid":"https://orcid.org/0000-0001-9921-0128","affiliations":[{"raw_affiliation_string":"York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080871604","display_name":"Stefan Petrovic","orcid":"https://orcid.org/0009-0007-4880-9131"},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Stefan Petrovic","raw_affiliation_strings":["York University, Toronto, Canada"],"raw_orcid":"https://orcid.org/0009-0007-4880-9131","affiliations":[{"raw_affiliation_string":"York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5086722279","display_name":"Gabriele Cianfarani","orcid":"https://orcid.org/0009-0006-2807-7490"},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Gabriele Cianfarani","raw_affiliation_strings":["York University, Toronto, Canada"],"raw_orcid":"https://orcid.org/0009-0006-2807-7490","affiliations":[{"raw_affiliation_string":"York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I192455969"],"apc_list":null,"apc_paid":null,"fwci":0.3397,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.55449273,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"237","last_page":"238"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11357","display_name":"Risk and Safety Analysis","score":0.9872000217437744,"subfield":{"id":"https://openalex.org/subfields/1804","display_name":"Statistics, Probability and Uncertainty"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9825999736785889,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.6559264063835144},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.6219351887702942},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5302296280860901},{"id":"https://openalex.org/keywords/programmable-logic-controller","display_name":"Programmable logic controller","score":0.5292030572891235},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.4784303307533264},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4389249384403229},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.41127273440361023},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3241986334323883},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.21394917368888855},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.1468176543712616}],"concepts":[{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.6559264063835144},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.6219351887702942},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5302296280860901},{"id":"https://openalex.org/C37374048","wikidata":"https://www.wikidata.org/wiki/Q188674","display_name":"Programmable logic controller","level":2,"score":0.5292030572891235},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.4784303307533264},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4389249384403229},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.41127273440361023},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3241986334323883},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.21394917368888855},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.1468176543712616},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3576841.3589614","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3576841.3589614","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 14th International Conference on Cyber-Physical Systems (with CPS-IoT Week 2023)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5199999809265137,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2356021081","https://openalex.org/W2963077982","https://openalex.org/W2357256365","https://openalex.org/W2791185517","https://openalex.org/W2348502264","https://openalex.org/W2376416114","https://openalex.org/W2365486383","https://openalex.org/W2362059367","https://openalex.org/W4297199789","https://openalex.org/W2380314794"],"abstract_inverted_index":{"Programmable":[0],"Logic":[1],"Controllers":[2],"(PLCs)":[3],"are":[4],"the":[5,40,114,120,125,144,152,165,173,185,191],"backbone":[6],"of":[7,53,79,84,100,143,177],"modern-day":[8],"Industrial":[9],"Control":[10],"Systems":[11],"(ICSs),":[12],"and":[13,27,34,63,73,130,135,175],"as":[14,104,106],"such":[15],"play":[16],"a":[17,51,55,90],"key":[18],"role":[19],"in":[20],"many":[21,48],"critical":[22,36,49,193],"infrastructure":[23,194],"sectors":[24],"(e.g.,":[25],"water":[26,72],"water-waste":[28],"management,":[29],"power":[30],"distribution,":[31],"transportation,":[32],"food":[33,74],"agriculture,":[35],"manufacturing,":[37],"etc.).":[38],"Given":[39],"important":[41],"functions":[42],"that":[43],"PLCs":[44],"carry":[45],"out":[46],"within":[47],"infrastructures,":[50],"cyber-compromise":[52],"even":[54],"single":[56],"PLC":[57,102,109,116,154,167,187],"device":[58],"can":[59],"have":[60],"far-reaching":[61],"impact":[62],"consequences,":[64],"ranging":[65],"from":[66,124],"distribution-system":[67],"outages,":[68],"environmental":[69],"pollution,":[70],"mass":[71],"poisoning,":[75],"to":[76,88],"outright":[77],"loss":[78],"human":[80],"life.":[81],"The":[82,111,141,156],"objective":[83],"this":[85],"work-in-progress":[86],"is":[87,146,159],"develop":[89],"free":[91],"open":[92],"source":[93],"tool,":[94],"named":[95],"PIRAT,":[96],"for":[97,151],"cyber-risk":[98],"assessment":[99],"individual":[101],"components,":[103],"well":[105],"more":[107],"complex":[108],"systems.":[110],"tool":[112,145],"synthesizes":[113],"user-provided":[115],"component/system":[117,188],"information":[118],"with":[119],"readily":[121],"available":[122],"data":[123],"National":[126],"Vulnerability":[127],"Database":[128],"(NVD)":[129],"MITRE":[131],"Adversarial":[132],"Tactics,":[133],"Techniques":[134],"Common":[136],"Knowledge":[137],"(MITRE":[138],"ATT&CK)":[139],"database.":[140],"output":[142],"an":[147],"aggregate":[148],"risk":[149,157],"scores":[150],"given":[153,186],"component/system.":[155],"score":[158],"derived":[160],"not":[161],"only":[162],"based":[163,171],"on":[164,172],"known":[166],"vulnerabilities,":[168],"but":[169],"also":[170],"presence":[174],"capabilities":[176],"advance":[178],"persistent":[179],"threat":[180],"(APT)":[181],"groups":[182],"potentially":[183],"targeting":[184,190],"and/or":[189],"respective":[192],"industry.":[195]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}