{"id":"https://openalex.org/W7163703066","doi":"https://doi.org/10.48550/arxiv.2606.05459","title":"CRESS: Quantifying Vulnerabilities of Attack Scenarios in Hardware Reverse Engineering","display_name":"CRESS: Quantifying Vulnerabilities of Attack Scenarios in Hardware Reverse Engineering","publication_year":2026,"publication_date":"2026-06-03","ids":{"openalex":"https://openalex.org/W7163703066","doi":"https://doi.org/10.48550/arxiv.2606.05459"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2606.05459","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2606.05459","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2606.05459","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5138002332","display_name":"Alexander Hepp","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hepp, Alexander","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079145092","display_name":"Matthias Ludwig","orcid":"https://orcid.org/0000-0003-1296-8898"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ludwig, Matthias","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052000068","display_name":"Michaela Brunner","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Brunner, Michaela","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031924513","display_name":"Johanna Baehr","orcid":"https://orcid.org/0000-0002-3264-907X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Baehr, Johanna","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5138014933","display_name":"Georg Sigl","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sigl, Georg","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.0019000000320374966,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.0010000000474974513,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7092000246047974},{"id":"https://openalex.org/keywords/reverse-engineering","display_name":"Reverse engineering","score":0.6703000068664551},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.6348999738693237},{"id":"https://openalex.org/keywords/measure","display_name":"Measure (data warehouse)","score":0.51419997215271},{"id":"https://openalex.org/keywords/rating-system","display_name":"Rating system","score":0.48890000581741333},{"id":"https://openalex.org/keywords/scoring-system","display_name":"Scoring system","score":0.44749999046325684},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4406999945640564},{"id":"https://openalex.org/keywords/strengths-and-weaknesses","display_name":"Strengths and weaknesses","score":0.37310001254081726}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7092000246047974},{"id":"https://openalex.org/C207850805","wikidata":"https://www.wikidata.org/wiki/Q269608","display_name":"Reverse engineering","level":2,"score":0.6703000068664551},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.6348999738693237},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6313999891281128},{"id":"https://openalex.org/C2780009758","wikidata":"https://www.wikidata.org/wiki/Q6804172","display_name":"Measure (data warehouse)","level":2,"score":0.51419997215271},{"id":"https://openalex.org/C2988118254","wikidata":"https://www.wikidata.org/wiki/Q16881889","display_name":"Rating system","level":2,"score":0.48890000581741333},{"id":"https://openalex.org/C2984538763","wikidata":"https://www.wikidata.org/wiki/Q2260590","display_name":"Scoring system","level":2,"score":0.44749999046325684},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.446399986743927},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4406999945640564},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.37310001254081726},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3725000023841858},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.36980000138282776},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.362199991941452},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.3549000024795532},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.3416000008583069},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.30000001192092896},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.29350000619888306},{"id":"https://openalex.org/C31352089","wikidata":"https://www.wikidata.org/wiki/Q3750474","display_name":"Systems design","level":2,"score":0.2856000065803528},{"id":"https://openalex.org/C95986675","wikidata":"https://www.wikidata.org/wiki/Q185168","display_name":"Quantitative analysis (chemistry)","level":2,"score":0.275299996137619},{"id":"https://openalex.org/C92446256","wikidata":"https://www.wikidata.org/wiki/Q3306762","display_name":"Data validation","level":2,"score":0.27399998903274536},{"id":"https://openalex.org/C2984588014","wikidata":"https://www.wikidata.org/wiki/Q730675","display_name":"Quantitative assessment","level":2,"score":0.2644999921321869},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.26339998841285706},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.262800008058548}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2606.05459","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2606.05459","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"Preprint"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2606.05459","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2606.05459","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"The":[0,56,73,111,128,142,179],"safety,":[1],"security,":[2],"and":[3,15,154,177],"reliability":[4],"of":[5,59,66,79,123,148,158,165],"microelectronic":[6],"systems":[7],"depend":[8],"on":[9,32],"a":[10,53,76,83,97],"trustworthy,":[11],"secured":[12],"supply":[13,20],"chain":[14],"design":[16,24],"flow.":[17],"Globally":[18],"distributed":[19],"chains":[21],"or":[22,42],"unintentional":[23],"weaknesses":[25],"leave":[26],"the":[27,33,64,67,90,109,121,138,145,156,163,166,189],"door":[28],"open":[29],"for":[30,82],"attacks":[31,62],"hardware":[34,40,47],"level.":[35],"These":[36],"scenarios":[37,81],"encompass":[38],"counterfeiting,":[39],"trojans,":[41],"on-device":[43],"attacks.":[44],"For":[45],"these,":[46],"reverse":[48],"engineering":[49],"(RE)":[50],"results":[51,113],"play":[52],"pivotal":[54],"role.":[55],"ongoing":[57],"publication":[58],"new":[60],"RE-involved":[61,80,125],"motivated":[63],"development":[65,157],"common":[68],"RE":[69],"scoring":[70],"system":[71,74,93],"(CRESS).":[72],"enables":[75,144],"general":[77],"classification":[78],"common,":[84],"consistent":[85],"rating.":[86],"In":[87],"this":[88],"work,":[89],"originally":[91],"qualitative":[92],"is":[94],"extended":[95],"to":[96,116,183],"quantitative":[98,167],"system.":[99],"We":[100],"performed":[101],"an":[102,131],"extensive":[103],"interview":[104,112],"study":[105],"with":[106],"experts":[107],"in":[108,137],"field.":[110],"allowed":[114],"us":[115],"derive":[117],"weights":[118,129],"that":[119,133],"measure":[120],"severity":[122],"different":[124],"attack":[126],"categories.":[127],"form":[130],"equation":[132],"quantifies":[134],"scenarios,":[135,150],"resulting":[136],"severity-indicating":[139],"CRESS":[140,168,180],"score.":[141],"score":[143],"coherent":[146],"rating":[147],"novel":[149],"renders":[151],"them":[152],"comparable,":[153],"supports":[155],"effective":[159],"countermeasures.":[160],"To":[161],"showcase":[162],"effectiveness":[164],"Score,":[169],"six":[170],"selected":[171],"case":[172],"studies":[173],"are":[174],"rated":[175],"qualitatively":[176],"quantitatively.":[178],"Score":[181],"proves":[182],"be":[184],"significantly":[185],"more":[186],"expressive":[187],"than":[188],"industry-standard":[190],"Common":[191],"Vulnerability":[192],"Scoring":[193],"System":[194],"(CVSS).":[195]},"counts_by_year":[],"updated_date":"2026-07-01T06:00:48.157686","created_date":"2026-06-06T00:00:00"}
