{"id":"https://openalex.org/W4416758652","doi":"https://doi.org/10.1145/3777450","title":"A Semantic Threat Model to Evaluate Security Threats in Cyber-Physical Systems","display_name":"A Semantic Threat Model to Evaluate Security Threats in Cyber-Physical Systems","publication_year":2025,"publication_date":"2025-11-27","ids":{"openalex":"https://openalex.org/W4416758652","doi":"https://doi.org/10.1145/3777450"},"language":"en","primary_location":{"id":"doi:10.1145/3777450","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3777450","pdf_url":null,"source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5031594674","display_name":"Andreas Aigner","orcid":"https://orcid.org/0000-0001-8990-4775"},"institutions":[{"id":"https://openalex.org/I202671389","display_name":"University of Applied Sciences Landshut","ror":"https://ror.org/056z5bx32","country_code":"DE","type":"education","lineage":["https://openalex.org/I202671389"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Andreas Aigner","raw_affiliation_strings":["Computer Science, University of Applied Science Landshut, Landshut, Germany","Landshut University of Applied Science"],"raw_orcid":"https://orcid.org/0000-0001-8990-4775","affiliations":[{"raw_affiliation_string":"Computer Science, University of Applied Science Landshut, Landshut, Germany","institution_ids":["https://openalex.org/I202671389"]},{"raw_affiliation_string":"Landshut University of Applied Science","institution_ids":["https://openalex.org/I202671389"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065919137","display_name":"Abdelmajid Khelil","orcid":"https://orcid.org/0000-0002-4536-8058"},"institutions":[{"id":"https://openalex.org/I202671389","display_name":"University of Applied Sciences Landshut","ror":"https://ror.org/056z5bx32","country_code":"DE","type":"education","lineage":["https://openalex.org/I202671389"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Abdelmajid Khelil","raw_affiliation_strings":["Computer Science, University of Applied Science Landshut, Landshut, Germany","Landshut University of Applied Science"],"raw_orcid":"https://orcid.org/0000-0002-4536-8058","affiliations":[{"raw_affiliation_string":"Computer Science, University of Applied Science Landshut, Landshut, Germany","institution_ids":["https://openalex.org/I202671389"]},{"raw_affiliation_string":"Landshut University of Applied Science","institution_ids":["https://openalex.org/I202671389"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5031594674"],"corresponding_institution_ids":["https://openalex.org/I202671389"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.41670035,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"10","issue":"1","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.5022000074386597,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.5022000074386597,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.16290000081062317,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11807","display_name":"Infrastructure Resilience and Vulnerability Analysis","score":0.10300000011920929,"subfield":{"id":"https://openalex.org/subfields/2205","display_name":"Civil and Structural Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.6481999754905701},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.5449000000953674},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.5123999714851379},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.4230000078678131},{"id":"https://openalex.org/keywords/point","display_name":"Point (geometry)","score":0.41260001063346863},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.40630000829696655}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7455999851226807},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6990000009536743},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.6481999754905701},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.5449000000953674},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.5123999714851379},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.45570001006126404},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.4230000078678131},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.41260001063346863},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.40630000829696655},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.38359999656677246},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3781999945640564},{"id":"https://openalex.org/C90312973","wikidata":"https://www.wikidata.org/wiki/Q7449052","display_name":"Semantic data model","level":2,"score":0.3197000026702881},{"id":"https://openalex.org/C6881194","wikidata":"https://www.wikidata.org/wiki/Q7449091","display_name":"Semantic technology","level":4,"score":0.30709999799728394},{"id":"https://openalex.org/C2778180026","wikidata":"https://www.wikidata.org/wiki/Q18378163","display_name":"Semantic heterogeneity","level":4,"score":0.3037000000476837},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.28360000252723694},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.2678000032901764}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3777450","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3777450","pdf_url":null,"source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W2939946271","https://openalex.org/W4244221631","https://openalex.org/W4244983850","https://openalex.org/W4388579691"],"related_works":[],"abstract_inverted_index":{"Cyber-Physical":[0],"Systems":[1],"(CPS)":[2],"implement":[3],"critical":[4,43],"infrastructures,":[5],"in":[6,107,231,238],"which":[7,140],"physical":[8],"objects":[9],"interact":[10],"with":[11],"services":[12],"of":[13,29,38,53,74,173,186,202,228,234,241],"the":[14,27,154,158,170,174,203,211,224,229,232,239],"cyber":[15],"domain":[16,240],"consequently":[17],"building":[18],"a":[19,36,50,93,108,134,148,194,235],"heterogeneous":[20],"System-of-Systems":[21],"(SoS).":[22],"Although":[23],"this":[24,81,129],"marriage":[25],"extends":[26],"functionality":[28],"traditionally":[30],"closed":[31],"systems,":[32],"it":[33],"also":[34],"introduces":[35],"variety":[37],"challenges\u2014especially":[39],"for":[40],"engineers.":[41],"One":[42],"aspect":[44],"relates":[45],"to":[46,88,102,178,192,209,216],"establishing":[47],"and":[48,78,143,161,169,226],"sustaining":[49],"sufficient":[51],"level":[52],"security,":[54],"as":[55,111],"exploited":[56],"vulnerabilities":[57],"may":[58,98],"cause":[59],"severe":[60,213],"effects,":[61],"either":[62],"toward":[63,147],"involved":[64],"humans":[65],"or":[66,215],"sensitive":[67],"information.":[68],"Consequently,":[69],"engineers":[70],"must":[71],"be":[72,100,207],"aware":[73],"potential":[75,145],"security-related":[76],"threats":[77,106,146],"vulnerabilities.":[79],"To":[80,127],"end,":[82],"threat":[83],"models":[84],"are":[85],"usually":[86],"used":[87,208],"identify":[89,104,142,210],"such":[90],"weaknesses":[91],"within":[92],"specification.":[94,151],"However,":[95],"existing":[96,179],"solutions":[97],"not":[99,115],"able":[101],"comprehensively":[103],"all":[105,117],"CPS-like":[109],"environment,":[110],"they":[112],"often":[113],"do":[114],"consider":[116],"relevant":[118],"dependencies":[119],"between":[120,164],"interacting":[121],"systems":[122],"on":[123,157,197],"an":[124,183],"SoS":[125,184],"level.":[126],"address":[128],"gap,":[130],"we":[131],"have":[132],"elaborated":[133],"methodology\u2014called":[135],"Semantic":[136],"Threat":[137],"Model":[138],"(STM),":[139],"can":[141,205],"evaluate":[144],"given":[149],"CPS":[150],"In":[152,176],"detail,":[153],"framework":[155],"focuses":[156],"semantic":[159,190],"relationships":[160],"side":[162],"effects":[163],"security":[165,220],"objects,":[166],"e.g.,":[167],"attacks,":[168],"actual":[171],"specification":[172],"CPS.":[175],"contrast":[177],"solutions,":[180],"STM":[181,230],"takes":[182],"point":[185,217],"view,":[187],"while":[188],"analyzing":[189],"data":[191],"gain":[193],"comprehensive":[195],"view":[196],"security.":[198],"The":[199],"quantitative":[200],"output":[201],"method":[204],"then":[206],"most":[212],"attacks":[214],"out":[218],"necessary":[219],"enhancements.":[221],"We":[222],"highlight":[223],"usage":[225],"benefits":[227],"form":[233],"case":[236],"study":[237],"intelligent":[242],"transportation":[243],"systems.":[244]},"counts_by_year":[],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-11-28T00:00:00"}