{"id":"https://openalex.org/W3092149959","doi":"https://doi.org/10.15439/2020f21","title":"Developing Defense Strategies from Attack Probability Trees in Software Risk Assessment","display_name":"Developing Defense Strategies from Attack Probability Trees in Software Risk Assessment","publication_year":2020,"publication_date":"2020-09-26","ids":{"openalex":"https://openalex.org/W3092149959","doi":"https://doi.org/10.15439/2020f21","mag":"3092149959"},"language":"en","primary_location":{"id":"doi:10.15439/2020f21","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2020f21","pdf_url":"https://annals-csis.org/proceedings/2020/drp/pdf/21.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://annals-csis.org/proceedings/2020/drp/pdf/21.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030905363","display_name":"Marko Esche","orcid":"https://orcid.org/0009-0001-7110-5665"},"institutions":[{"id":"https://openalex.org/I1285933455","display_name":"Physikalisch-Technische Bundesanstalt","ror":"https://ror.org/05r3f7h03","country_code":"DE","type":"government","lineage":["https://openalex.org/I1285933455","https://openalex.org/I4210136623"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marko Esche","raw_affiliation_strings":["Physikalisch-Technische Bundesanstalt, Abbestra\u00dfe 2-12, 10587 Berlin, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Physikalisch-Technische Bundesanstalt, Abbestra\u00dfe 2-12, 10587 Berlin, Germany","institution_ids":["https://openalex.org/I1285933455"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059822587","display_name":"Federico Grasso Toro","orcid":"https://orcid.org/0000-0002-9041-0868"},"institutions":[{"id":"https://openalex.org/I4210103407","display_name":"Swiss Federal Institute of Metrology","ror":"https://ror.org/0115xv923","country_code":"CH","type":"government","lineage":["https://openalex.org/I4210103407"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Federico Grasso Toro","raw_affiliation_strings":["Federal Institute of Metrology METAS, Lindenweg 50, 3003 Bern-Wabern, Switzerland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Federal Institute of Metrology METAS, Lindenweg 50, 3003 Bern-Wabern, Switzerland","institution_ids":["https://openalex.org/I4210103407"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.6603,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.70724931,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":"21","issue":null,"first_page":"527","last_page":"536"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/directive","display_name":"Directive","score":0.709673285484314},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.7064992189407349},{"id":"https://openalex.org/keywords/conformity-assessment","display_name":"Conformity assessment","score":0.7034163475036621},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.6089156866073608},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5966059565544128},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5519489645957947},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5291113257408142},{"id":"https://openalex.org/keywords/european-union","display_name":"European union","score":0.522045373916626},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4382181167602539},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.40879547595977783},{"id":"https://openalex.org/keywords/reliability-engineering","display_name":"Reliability engineering","score":0.36228084564208984},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.3038560748100281},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.12170624732971191}],"concepts":[{"id":"https://openalex.org/C2779547435","wikidata":"https://www.wikidata.org/wiki/Q1121492","display_name":"Directive","level":2,"score":0.709673285484314},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.7064992189407349},{"id":"https://openalex.org/C5911748","wikidata":"https://www.wikidata.org/wiki/Q4072285","display_name":"Conformity assessment","level":2,"score":0.7034163475036621},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.6089156866073608},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5966059565544128},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5519489645957947},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5291113257408142},{"id":"https://openalex.org/C2910001868","wikidata":"https://www.wikidata.org/wiki/Q458","display_name":"European union","level":2,"score":0.522045373916626},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4382181167602539},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.40879547595977783},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.36228084564208984},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.3038560748100281},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.12170624732971191},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C105639569","wikidata":"https://www.wikidata.org/wiki/Q582577","display_name":"Economic policy","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.15439/2020f21","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2020f21","pdf_url":"https://annals-csis.org/proceedings/2020/drp/pdf/21.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},{"id":"pmh:oai:doaj.org/article:9f4252a3391145ea890d52ec114e24e6","is_oa":false,"landing_page_url":"https://doaj.org/article/9f4252a3391145ea890d52ec114e24e6","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Annals of computer science and information systems, Vol 21, Pp 527-536 (2020)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.15439/2020f21","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2020f21","pdf_url":"https://annals-csis.org/proceedings/2020/drp/pdf/21.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3092149959.pdf","grobid_xml":"https://content.openalex.org/works/W3092149959.grobid-xml"},"referenced_works_count":8,"referenced_works":["https://openalex.org/W1427174644","https://openalex.org/W1895443579","https://openalex.org/W1936722698","https://openalex.org/W2059451986","https://openalex.org/W2146024157","https://openalex.org/W2333543981","https://openalex.org/W2760559096","https://openalex.org/W2883613460"],"related_works":["https://openalex.org/W2382205735","https://openalex.org/W1883246888","https://openalex.org/W1499594587","https://openalex.org/W2370114625","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W3157230915","https://openalex.org/W2062873522","https://openalex.org/W1756374135","https://openalex.org/W2789975780"],"abstract_inverted_index":{"Since":[0],"the":[1,4,18,42,45,54,119,140,144],"introduction":[2],"of":[3,10,121,131,143],"Measuring":[5],"Instruments":[6],"Directive":[7],"2014/32/EU,":[8],"prototypes":[9],"measuring":[11],"instruments":[12],"subject":[13],"to":[14,73,87,118,127,138],"legal":[15],"control":[16],"in":[17,102],"European":[19],"Union":[20],"must":[21],"be":[22],"accompanied":[23],"by":[24],"a":[25,67],"risk":[26,68,80,94,123],"assessment,":[27],"when":[28],"being":[29],"submitted":[30],"for":[31,44,93],"conformity":[32],"assessment.Taximeters,":[33],"water":[34],"meters,":[35],"electricity":[36],"meters":[37],"or":[38],"fuel":[39],"pumps":[40],"form":[41],"basis":[43],"economic":[46],"sector":[47],"usually":[48],"known":[49],"as":[50],"Legal":[51],"Metrology,":[52],"where":[53],"development":[55],"towards":[56],"cheaper":[57],"allpurpose":[58],"hardware":[59],"combined":[60],"with":[61],"more":[62],"sophisticated":[63],"software":[64,79,122],"is":[65,136],"imminent.Therefore,":[66],"assessment":[69,81,124],"will":[70],"always":[71],"have":[72],"include":[74],"software-related":[75],"issues.Hitherto,":[76],"publications":[77],"about":[78],"methods":[82],"lack":[83],"an":[84],"efficient":[85],"means":[86],"derive":[88],"and":[89,125],"assess":[90],"suitable":[91],"countermeasures":[92],"mitigation.To":[95],"this":[96,106],"end,":[97],"attack":[98,114],"trees":[99,110],"are":[100,111],"used":[101,126,137],"related":[103],"research":[104],"fields.In":[105],"paper,":[107],"defense":[108],"probability":[109,115],"derived":[112],"from":[113],"trees,":[116],"well-suited":[117],"requirements":[120],"identify":[128],"optimal":[129],"sets":[130],"countermeasures.The":[132],"infamous":[133],"Meltdown":[134],"vulnerability":[135],"highlight":[139],"experimental":[141],"application":[142],"method.":[145]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}