ID;Item Type;Publication Year;Author;Title;Publication Title;ISBN;ISSN;DOI;Url;Abstract Note;Date;Date Added;Date Modified;Access Date;Pages;Num Pages;Issue;Volume;Number Of Volumes;Journal Abbreviation;Short Title;Series;Series Number;Series Text;Series Title;Publisher;Place;Language;Rights;Type;Archive;Archive Location;Library Catalog;Call Number;Extra;Notes;File Attachments;Link Attachments;Manual Tags;Automatic Tags;Editor;Series Editor;Translator;Contributor;Attorney Agent;Book Author;Cast Member;Commenter;Composer;Cosponsor;Counsel;Interviewer;Producer;Recipient;Reviewed Author;Scriptwriter;Words By;Guest;Number;Edition;Running Time;Scale;Medium;Artwork Size;Filing Date;Application Number;Assignee;Issuing Authority;Country;Meeting Name;Conference Name;Court;References;Reporter;Legal Status;Priority Numbers;Programming Language;Version;System;Code;Code Number;Section;Session;Committee;History;Legislative Body
1;conferencePaper;2021;"do Amaral, Thiago Melo Stuckert; Gondim, João José Costa";Integrating Zero Trust in the cyber supply chain security;2021 Workshop on Communication Networks and Power Systems (WCNPS);;;10.1109/WCNPS53648.2021.9626299;;;2021;45772,38242;45772,38242;;1-6;;;;;;;;;;;;;;;;;;;;;;;;"Organizations; Software; Visualization; Zero Trust; DevSecOps; SBOM; Bills of materials; Software Bill of Materials; Supply chains; Computer architecture; Conferences; Cyber Supply Chain; Gap analysis";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
2;journalArticle;2021;"Carmody, Seth; Coravos, Andrea; Fahs, Ginny; Hatch, Audra; Medina, Janine; Woods, Beau; Corman, Joshua";Building resilient medical technology supply chains with a software bill of materials;npj Digital Medicine;;2398-6352;10.1038/s41746-021-00403-w;https://www.nature.com/articles/s41746-021-00403-w;Abstract             An exploited vulnerability in a single software component of healthcare technology can affect patient care. The risk of including third-party software components in healthcare technologies can be managed, in part, by leveraging a software bill of materials (SBOM). Analogous to an ingredients list on food packaging, an SBOM is a list of all included software components. SBOMs provide a transparency mechanism for securing software product supply chains by enabling faster identification and remediation of vulnerabilities, towards the goal of reducing the feasibility of attacks. SBOMs have the potential to benefit all supply chain stakeholders of medical technologies without significantly increasing software production costs. Increasing transparency unlocks and enables trustworthy, resilient, and safer healthcare technologies for all.;2021-02-23;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;34;;1;4;;npj Digit. Med.;;;;;;;;en;;;;;DOI.org (Crossref);;;;C:\Users\Xabier\Zotero\storage\9TCJ3TNG\Carmody et al. - 2021 - Building resilient medical technology supply chains with a software bill of materials.pdf;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
3;conferencePaper;2022;"Caven, Peter J.; Gopavaram, Shakthidhar Reddy; Camp, L. Jean";Integrating Human Intelligence to Bypass Information Asymmetry in Procurement Decision-Making;MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM);;;10.1109/MILCOM55135.2022.10017736;;;2022;45772,38242;45772,38242;;687-692;;;;;;;;;;;;;;;;;;;;;;;;"Software; Security; NIST; SBOM; Bills of materials; Supply chains; Decision making; Label; Procurement; Secure Supply Chain; Stars";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
4;journalArticle;2022;"Henriques, João; Caldeira, Filipe; Cruz, Tiago; Simões, Paulo";An automated closed-loop framework to enforce security policies from anomaly detection;Computers & Security;;0167-4048;https://doi.org/10.1016/j.cose.2022.102949;https://www.sciencedirect.com/science/article/pii/S0167404822003418;Due to the growing complexity and scale of IT systems, there is an increasing need to automate and streamline routine maintenance and security management procedures, to reduce costs and improve productivity. In the case of security incidents, the implementation and application of response actions require significant efforts from operators and developers in translating policies to code. Even if Machine Learning (ML) models are used to find anomalies, they need to be regularly trained/updated to avoid becoming outdated. In an evolving environment, a ML model with outdated training might put at risk the organization it was supposed to defend. To overcome those issues, in this paper we propose an automated closed-loop process with three stages. The first stage focuses on obtaining the Decision Trees (DT) that classify anomalies. In the second stage, DTs are translated into security Policies as Code based on languages recognized by the Policy Engine (PE). In the last stage, the translated security policies feed the Policy Engines that enforce them by converting them into specific instruction sets. We also demonstrate the feasibility of the proposed framework, by presenting an example that encompasses the three stages of the closed-loop process. The proposed framework may integrate a broad spectrum of domains and use cases, being able for instance to support the decide and the act stages of the ETSI Zero-touch Network & Service Management (ZSM) framework.;2022;25/04/2025 8:41;25/04/2025 8:41;;102949;;;123;;;;;;;;;;;;;;;;;;;;;"Decision trees; Machine learning; Automation; Policy as code; Zero-touch network and service management (ZSM)";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
5;journalArticle;2022;"Liang, Long; Wu, Xiaobo; Deng, Jing; Lv, Xin";Research on Risk Analysis and Governance Measures of Open-source Components of Information System in Transportation Industry;Procedia Computer Science;;1877-0509;https://doi.org/10.1016/j.procs.2022.10.017;https://www.sciencedirect.com/science/article/pii/S1877050922014582;The rise of a new round of scientific and technological revolution has accelerated the integration of a new generation of information technology and transportation, and promoted the intelligent and green development of the transportation industry. With the vigorous development of intelligent transportation, it is inevitable to introduce open source components, but with the continuous increase of open source components, a large number of third-party open source components are put into software, resulting in the software supply chain becoming more and more complex, and the security risk is also unprecedented severe. This paper analyzes the security risks faced by the application of open source components, summarizes the three problems faced by the use of open source components in the transportation industry, and puts forward the governance measures of open source components in the transportation industry. By building an industry open source component governance platform, we can improve the security and availability of the industry information system.;2022;25/04/2025 8:41;25/04/2025 8:41;;106-110;;;208;;;;;;;;;;;;;;;;;;;;;"component identification; open-source components; risk analysis; Transportation";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
6;journalArticle;2022;"Lin, Jiahuei; Zhang, Haoxiang; Adams, Bram; Hassan, Ahmed E.";Upstream bug management in Linux distributions: An empirical study of Debian and Fedora practices;Empirical Software Engineering;;1382-3256, 1573-7616;10.1007/s10664-022-10173-y;https://link.springer.com/10.1007/s10664-022-10173-y;;2022-11;25/04/2025 8:55;25/04/2025 8:55;25/04/2025 8:55;134;;6;27;;Empir Software Eng;Upstream bug management in Linux distributions;;;;;;;en;;;;;DOI.org (Crossref);;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
7;conferencePaper;2023;"Xia, Boming; Bi, Tingting; Xing, Zhenchang; Lu, Qinghua; Zhu, Liming";An Empirical Study on Software Bill of Materials: Where We Stand and the Road Ahead;2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE);;;10.1109/ICSE48619.2023.00219;;;2023;45772,38242;45772,38242;;2630-2642;;;;;;;;;;;;;;;;;;;;;;;;"Software; Industries; Security; SBOM; Bills of materials; Supply chains; bill of materials; empirical study; responsible AI; Roads; software bill of materials; Surveys";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
8;conferencePaper;2023;"Nocera, Sabato; Romano, Simone; Penta, Massimiliano Di; Francese, Rita; Scanniello, Giuseppe";Software Bill of Materials Adoption: A Mining Study from GitHub;2023 IEEE International Conference on Software Maintenance and Evolution (ICSME);;;10.1109/ICSME58846.2023.00016;;;2023;45772,38242;45772,38242;;39-49;;;;;;;;;;;;;;;;;;;;;;;;"Software; Standards organizations; SBOM; Bills of materials; Supply chains; Licenses; Software Supply Chain; Bill of Materials; Market research; Pressing";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
9;journalArticle;2023;"Balliu, Musard; Baudry, Benoit; Bobadilla, Sofia; Ekstedt, Mathias; Monperrus, Martin; Ron, Javier; Sharma, Aman; Skoglund, Gabriel; Soto-Valero, César; Wittlinger, Martin";Challenges of Producing Software Bill of Materials for Java;IEEE Security & Privacy;;;10.1109/MSEC.2023.3302956;;;2023;45772,38242;45772,38242;;12-23;;6;21;;;;;;;;;;;;;;;;;;;;;"Software; Standards; Supply chain management; Software reliability; Production; Bills of materials; Java";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
10;conferencePaper;2023;"Hyeon, Da Eun; Park, Jun Hyung; Youm, Heung Youl";A secure firmware and software update model based on blockchains for Internet of Things devices using SBOM;2023 18th Asia Joint Conference on Information Security (AsiaJCIS);;;10.1109/AsiaJCIS60284.2023.00019;;;2023;45772,38242;45772,38242;;53-58;;;;;;;;;;;;;;;;;;;;;;;;"Software; Industries; Internet of Things; Blockchain; DLT; Security; IoT; SBOM; Supply chains; Blockchains; Analytical models; FW/SW update; Software Supply Attack";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
11;journalArticle;2023;"Torres-Arias, Santiago; Geer, Dan; Meyers, John Speed";A Viewpoint on Knowing Software: Bill of Materials Quality When You See It;IEEE Security & Privacy;;;10.1109/MSEC.2023.3315887;;;2023;45772,38242;45772,38242;;50-54;;6;21;;;;;;;;;;;;;;;;;;;;;"Software; Privacy; Supply chain management; Security; Bills of materials; Quality assessment";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
12;journalArticle;2023;"Zahan, Nusrat; Lin, Elizabeth; Tamanna, Mahzabin; Enck, William; Williams, Laurie";Software Bills of Materials Are Required. Are We There Yet?;IEEE Security & Privacy;;1540-7993, 1558-4046;10.1109/MSEC.2023.3237100;https://ieeexplore.ieee.org/document/10102604/;;2023-03;45776,59133;45776,59133;45776,59133;82-88;;2;21;;IEEE Secur. Privacy;;;;;;;;;https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html;;;;DOI.org (Crossref);;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
13;journalArticle;2023;"Bracciale, Lorenzo; Loreti, Pierpaolo; Bianchi, Giuseppe";Cybersecurity vulnerability analysis of medical devices purchased by national health services;Scientific Reports;;2045-2322;10.1038/s41598-023-45927-1;https://www.nature.com/articles/s41598-023-45927-1;Abstract             The growing integration of software within medical devices introduces the potential for cybersecurity threats. How significant is this risk, and to what extent are citizens currently exposed? In this study, we adopt a new data-gathering methodology using datasets provided in Open Contracting Data Standard (OCDS). This allowed us to perform an extensive analysis across over 36 countries within a 12-year range, searching 92 million public administration purchase records for potentially vulnerable medical devices. The findings reveal a concerning landscape wherein numerous medical devices purchased by national health services possessed or still possess 661 distinct vulnerabilities—more than half of which are deemed critical or high-severity. These vulnerabilities enable relatively simple attacks to impact data confidentiality, integrity, and accessibility severely. Even if patches were applied immediately upon discovery, these vulnerabilities would still result in roughly 3.2 years of system exposure from the time a device is purchased until a software vulnerability is announced, with all classes of devices affected, including high-risk IIB and III devices which accounts for 74% of instances. While a full analysis requires interactivity, this noninvasive methodology enables a large-scale study, emphasizing the need to move faster from the safety to the security of medical devices.;2023-11-09;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;19509;;1;13;;Sci Rep;;;;;;;;en;;;;;DOI.org (Crossref);;;;C:\Users\Xabier\Zotero\storage\EKDEZX7K\Bracciale et al. - 2023 - Cybersecurity vulnerability analysis of medical devices purchased by national health services.pdf;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
14;journalArticle;2023;"Butler, Simon; Gamalielsson, Jonas; Lundell, Björn; Brax, Christoffer; Mattsson, Anders; Gustavsson, Tomas; Feist, Jonas; Kvarnström, Bengt; Lönroth, Erik";On business adoption and use of reproducible builds for open and closed source software;Software Quality Journal;;0963-9314, 1573-1367;10.1007/s11219-022-09607-z;https://link.springer.com/10.1007/s11219-022-09607-z;Abstract             Reproducible builds (R-Bs) are software engineering practices that reliably create bit-for-bit identical binary executable files from specified source code. R-Bs are applied in some open source software (OSS) projects and distributions to allow verification that the distributed binary has been built from the released source code. The use of R-Bs has been advocated in software maintenance and R-Bs are applied in the development of some OSS security applications. Nonetheless, industry application of R-Bs appears limited, and we seek to understand whether awareness is low or if significant technical and business reasons prevent wider adoption. Through interviews with software practitioners and business managers, this study explores the utility of applying R-Bs in businesses in the primary and secondary software sectors and the business and technical reasons supporting their adoption. We find businesses use R-Bs in the safety-critical and security domains, and R-Bs are valuable for traceability and support collaborative software development. We also found that R-Bs are valued as engineering processes and are seen as a badge of software quality, but without a tangible value proposition. There are good engineering reasons to use R-Bs in industrial software development, and the principle of establishing correspondence between source code and binary offers opportunities for the development of further applications.;2023-09;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;687-719;;3;31;;Software Qual J;;;;;;;;en;;;;;DOI.org (Crossref);;;;C:\Users\Xabier\Zotero\storage\ZFALF5UN\Butler et al. - 2023 - On business adoption and use of reproducible builds for open and closed source software.pdf;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
15;bookSection;2023;Udayakumar, Puthiyavan;Design and Deploy Security for Infrastructure, Data, and Applications;Design and Deploy a Secure Azure Environment;978-1-4842-9677-6 978-1-4842-9678-3;;;https://link.springer.com/10.1007/978-1-4842-9678-3_2;;2023;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;75-148;;;;;;;;;;;Apress;Berkeley, CA;en;;;;;DOI.org (Crossref);;DOI: 10.1007/978-1-4842-9678-3_2;;;;;;;;;;;Udayakumar, Puthiyavan;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
16;conferencePaper;2024;"O'Donoghue, Eric; Reinhold, Ann Marie; Izurieta, Clemente";Assessing Security Risks of Software Supply Chains Using Software Bill of Materials;2024 IEEE International Conference on Software Analysis, Evolution and Reengineering - Companion (SANER-C);;;10.1109/SANER-C62648.2024.00023;;;2024;45772,38242;45772,38242;;134-140;;;;;;;;;;;;;;;;;;;;;;;;"Software; Static analysis; Bills of materials; Focusing; Libraries; Microservice architectures; Mining Software Repositories; Software Bill of Materials; Software Supply Chain Security; Supply chains; Third Party Code";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
17;conferencePaper;2024;"Nocera, Sabato; Di Penta, Massimiliano; Francese, Rita; Romano, Simone; Scanniello, Giuseppe";If it's not SBOM, then what? How Italian Practitioners Manage the Software Supply Chain;2024 IEEE International Conference on Software Maintenance and Evolution (ICSME);;;10.1109/ICSME58944.2024.00077;;;2024;45772,38242;45772,38242;;730-740;;;;;;;;;;;;;;;;;;;;;;;;"Software; Monitoring; Industries; Security; SBOM; Software Bill of Materials; Supply chains; Surveys; Interviews; Licenses; Regulation; Software maintenance; Software Supply Chain";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
18;conferencePaper;2024;"Xia, Boming; Zhang, Dawen; Liu, Yue; Lu, Qinghua; Xing, Zhenchang; Zhu, Liming";Trust in Software Supply Chains: Blockchain-Enabled SBOM and the AIBOM Future;2024 IEEE/ACM 4th International Workshop on Engineering and Cybersecurity of Critical Systems and 2024 IEEE/ACM Second International Workshop on Software Vulnerability (EnCyCriS/SVM);;;;;;2024;45772,38242;45772,38242;;12-19;;;;;;;;;;;;;;;;;;;;;;;;"Software; Bills of materials; Supply chains; software bill of materials; Computer architecture; Conferences; Blockchains; Critical infrastructure; selective disclosure; verifiable credential";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
19;conferencePaper;2024;"Zhao, Yunze; Zhang, Yuchen; Chacko, Dan; Cappos, Justin";CovSBOM: Enhancing Software Bill of Materials with Integrated Code Coverage Analysis;2024 IEEE 35th International Symposium on Software Reliability Engineering (ISSRE);;;10.1109/ISSRE62328.2024.00031;;;2024;45772,38242;45772,38242;;228-237;;;;;;;;;;;;;;;;;;;;;;;;"Usability; Scalability; Security; Software reliability; Open source software; Bills of materials; Libraries; Software Supply Chain; Codes; Java; Limiting; SBOMs";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
20;conferencePaper;2024;"Yu, Sheng; Song, Wei; Hu, Xunchao; Yin, Heng";On the Correctness of Metadata-Based SBOM Generation: A Differential Analysis Approach;2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN);;;10.1109/DSN58291.2024.00018;;;2024;45772,38242;45772,38242;;29-36;;;;;;;;;;;;;;;;;;;;;;;;"Software; SBOM; Bills of materials; Supply chains; software bill of materials; Benchmark testing; Generators; software supply chain; Systematics; Vectors";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
21;conferencePaper;2024;"Sorocean, Oleg; Ayala-Rivera, Vanessa; Portillo-Dominguez, A. Omar";Enhancing Visibility of Components and Dependencies Across Diverse IT Environments with Open-Source Software-Bill-of-Materials Generation Tools;2024 12th International Conference in Software Engineering Research and Innovation (CONISOFT);;;10.1109/CONISOFT63288.2024.00030;;;2024;45772,38242;45772,38242;;165-174;;;;;;;;;;;;;;;;;;;;;;;;"Software; Software engineering; Software Engineering; Programming; Open source software; SBOM; Supply chains; Complexity theory; Computer languages; Costs; Linux; Open-Source Soft-ware; Software Inventory; Technological innovation";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
22;conferencePaper;2024;"Kawaguchi, Nobutaka; Hart, Charlie";On the Deployment Control and Runtime Monitoring of Containers Based on Consumer Side SBOMs;2024 IEEE 21st Consumer Communications & Networking Conference (CCNC);;;10.1109/CCNC51664.2024.10454654;;;2024;45772,38242;45772,38242;;1022-1025;;;;;;;;;;;;;;;;;;;;;;;;"Software; Government; Libraries; Supply chains; Container Security; Containers; Logic gates; Runtime; SBOM(Software bill of Materials); Security Operation; Vulnerability Management";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
23;conferencePaper;2024;"Stalnaker, Trevor; Wintersgill, Nathan; Chaparro, Oscar; Di Penta, Massimiliano; German, Daniel M; Poshyvanyk, Denys";BOMs Away! Inside the Minds of Stakeholders: A Comprehensive Study of Bills of Materials for Software Systems;2024 IEEE/ACM 46th International Conference on Software Engineering (ICSE);;;10.1145/3597503.3623347;;;2024;45772,38242;45772,38242;;517-529;;;;;;;;;;;;;;;;;;;;;;;;"Bills of materials; Software Bill of Materials; Surveys; Interviews; Software Supply Chain; Complexity theory; Law; Maintenance; Open Source Software; Sociology; Software systems; Survey";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
24;conferencePaper;2024;"Otoda, Wataru; Kanda, Tetsuya; Manabe, Yuki; Inoue, Katsuro; Higo, Yoshiki";SBOM Challenges for Developers: From Analysis of Stack Overflow Questions;2024 IEEE/ACIS 22nd International Conference on Software Engineering Research, Management and Applications (SERA);;;10.1109/SERA61261.2024.10685624;;;2024;45772,38242;45772,38242;;43-46;;;;;;;;;;;;;;;;;;;;;;;;"Software; Software engineering; Security; SBOM; Bills of materials; Libraries; Software Supply Chain; CycloneDX; Software development management; SPDX; Stack Overflow";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
25;conferencePaper;2024;"Sun, Jiamou; Chen, Jieshan; Xing, Zhenchang; Lu, Qinghua; Xu, Xiwei; Zhu, Liming";Where is it? Tracing the Vulnerability-Relevant Files from Vulnerability Reports;2024 IEEE/ACM 46th International Conference on Software Engineering (ICSE);;;10.1145/3597503.3639202;;;2024;45772,38242;45772,38242;;2469-2481;;;;;;;;;;;;;;;;;;;;;;;;"Deep learning; security; Bills of materials; Focusing; Supply chains; software supply chain; Databases; Metadata; Search engines; vulnerability-relevant file";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
26;journalArticle;2024;"Jang, Gwi-sook; Koo, Seo Ryong";Design challenges and response plans for intelligent decision support systems for Korean nuclear power plants under normal and abnormal conditions;Progress in Nuclear Energy;;0149-1970;https://doi.org/10.1016/j.pnucene.2024.105442;https://www.sciencedirect.com/science/article/pii/S0149197024003925;In nuclear power plants (NPPs), an intelligent decision support system (IDSS) aids the decision-making process of main control room operators. It achieves this by monitoring and diagnosing conditions, predicting progress, and providing preventive advice during both normal and abnormal operations. Despite ongoing research in Korea, few IDSS for NPPs have been effectively applied and verified. Furthermore, established designs and validation guidelines for IDSSs for Korean NPPs remain lacking. To address this gap, this study systematically identifies problems and corresponding countermeasures for applying artificial intelligence-based design and validation technologies, while complying with licensing regulatory standards. The aim is to develop a practical and effective IDSS. This study identifies design challenges in the practical application of fundamental IDSS technology, outlining necessary design and validation technologies. Additionally, it suggests technology-specific response plans for the identified design challenges.;2024;25/04/2025 8:41;25/04/2025 8:41;;105442;;;177;;;;;;;;;;;;;;;;;;;;;"Computerized operator support system; Intelligent decision support system; Nuclear power plant";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
27;bookSection;2024;Mylrea, Michael;11 - Building a trustworthy digital twin: A brave new world of human machine teams and autonomous biological internet of things (BIoT);Putting AI in the Critical Loop;978-0-443-15988-6;;;https://www.sciencedirect.com/science/article/pii/B9780443159886000054;Abstract This study examines cybersecurity and digital data integrity challenges in biopharma manufacturing, focusing on gaps in trust and security between human-machine teams’ application of artificial intelligence (AI) and machine learning (ML). The chapter explores the security, economic, and societal implications of these vulnerabilities being exploited in advanced biopharma manufacturing. Answering these questions through a lens of applied research highlights how digital twins, or a high-fidelity representation of the Biological Internet of Things (BIoT) environment, can improve modeling, analytics, and related cyber-physical-biological safeguards. This section includes a biosecurity digital twin framework to improve trust in BIoT with a focus on defining and measuring the people, process, and technology trust anchors that are needed to underpin biopharma modeling, processes, and analytics. The digital twin trust framework is applied to the specific use case of pandemic preparedness and response to highlight the dynamic of societal opportunities and challenges that must be overcome in deploying autonomous, high-assurance digital twin systems. The application of the framework helps answer the following questions: i. How can trust be measured in digital twin technology? What are the security and privacy implications for human-machine teams that increasingly combine cyber, physical, and biological worlds? For this chapter, trust is defined as the contract of assumptions based on humans’ perception of and experience with how the system will perform a task or process as designed [J.D. Lee, K.A. See, Trust in Automation: designing for appropriate reliance, Hum. Factors 46 (1) (2004) 50–80.]. Trust is multidimensional and includes a dialectic between humans and machines operating autonomous AI/ML systems. The proper calibration of trust is critical to safe operation of an autonomous system, such as AI driven digital twins used for optimization and anomaly detection in the biopharma sector. This exploration is timely, as BIoT explorations through human-machine trust lenses are a gap in the literature. The evolving Covid-19 pandemic reaffirms that filling this gap is imperative as its next iteration might be more deadly. Finally, the chapter concludes by proposing future research on AI and human-machine team use of privacy-preserving technology to enable trust without sacrificing confidentiality, integrity, and availability of data.;2024;25/04/2025 8:41;25/04/2025 8:41;;219-243;;;;;;;;;;;Academic Press;;;;;;;;;DOI: https://doi.org/10.1016/B978-0-443-15988-6.00005-4;;;;"Cybersecurity; Privacy; Machine learning; Artificial intelligence; Digital twin; Cyber-physical systems; Resilience; Autonomy; Biological internet of things; BIoT; High assurance; Human-machine teams; Operational technology; Trust";;"Dasgupta, Prithviraj; Llinas, James; Gillespie, Tony; Fouse, Scott; Lawless, William; Mittu, Ranjeev; Sofge, Donald";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
28;journalArticle;2024;"Lee, Sung Une; Fernando, Niroshinie; Lee, Kevin; Schneider, Jean-Guy";A survey of energy concerns for software engineering;Journal of Systems and Software;;0164-1212;https://doi.org/10.1016/j.jss.2023.111944;https://www.sciencedirect.com/science/article/pii/S0164121223003394;There is growing attention to energy efficiency in the software engineering field. This has been driven by modern technologies, for example, Internet of Things (IoT), Social Networking Services (SNS) and quantum computing. In addition to this, recent trends and concerns such as Environment, Social, and Governance (ESG) and human/societal/environmental well-being for responsible Artificial Intelligence (AI) have accelerated the use of energy efficient software. Despite this, energy concerns in this field have been less explored and studied. This limitation results in falling short to address and overcome greenability issues at the software level, and leaving critical challenges to be solved in this space. This study aims to address this limitation and fill the gap between previous studies. We survey green in software engineering framed by the ten knowledge areas of software engineering to not only cover the entire development life-cycle but also widen the scope of discussion to software process, method, and model management. Based on our comprehensive investigation, we discuss open challenges, trade-offs and implications of this study for both researchers and practitioners.;2024;25/04/2025 8:41;25/04/2025 8:41;;111944;;;210;;;;;;;;;;;;;;;;;;;;;"Software engineering; Sustainability; Energy; Green";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
29;bookSection;2024;"Narasimhan, V. Lakshmi; Ramaswamy, S.; Mphale, O.";Software Supply Chain Resiliency at Scale;ICT: Applications and Social Interfaces;978-981-97-0209-1 978-981-97-0210-7;;;https://link.springer.com/10.1007/978-981-97-0210-7_37;;2024;25/04/2025 8:52;25/04/2025 8:52;25/04/2025 8:52;455-466;;;908;;;;;;;;Springer Nature Singapore;Singapore;en;;;;;DOI.org (Crossref);;Series Title: Lecture Notes in Networks and Systems DOI: 10.1007/978-981-97-0210-7_37;;;;;;"Joshi, Amit; Mahmud, Mufti; Ragel, Roshan G.; Kartik, S.";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
30;bookSection;2024;"Bonacci, James; Martin, Reese";Software Bill of Materials (SBOM) Approach to IoT Security Vulnerability Assessment;ITNG 2024: 21st International Conference on Information Technology-New Generations;978-3-031-56598-4 978-3-031-56599-1;;;https://link.springer.com/10.1007/978-3-031-56599-1_8;;2024;25/04/2025 8:52;25/04/2025 8:52;25/04/2025 8:52;57-62;;;1456;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Advances in Intelligent Systems and Computing DOI: 10.1007/978-3-031-56599-1_8;;;;;;Latifi, Shahram;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
31;bookSection;2024;"Sehgal, Vandana Verma; Ambili, P. S.";A Taxonomy and Survey of Software Bill of Materials (SBOM) Generation Approaches;AGC 2023;978-3-031-50814-1 978-3-031-50815-8;;;https://link.springer.com/10.1007/978-3-031-50815-8_3;;2024;25/04/2025 8:52;25/04/2025 8:52;25/04/2025 8:52;40-51;;;2008;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Communications in Computer and Information Science DOI: 10.1007/978-3-031-50815-8_3;;;;;;"Dhar, Suparna; Goswami, Sanjay; Dinesh Kumar, U.; Bose, Indranil; Dubey, Rameshwar; Mazumdar, Chandan";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
32;bookSection;2024;"Wu, Yanjun; Liang, Guanyu; Tian, Siyang; Zhao, Chen";Open Source Software Supply Chain for RISC-V Ecosystem;China’s e-Science Blue Book 2023;978-981-99-8269-1 978-981-99-8270-7;;;https://link.springer.com/10.1007/978-981-99-8270-7_16;;2024;25/04/2025 8:52;25/04/2025 8:52;25/04/2025 8:52;291-303;;;;;;;;;;;Springer Nature Singapore;Singapore;en;;;;;DOI.org (Crossref);;DOI: 10.1007/978-981-99-8270-7_16;;;;;;"Chinese Academy of Sciences; Ministry of Education of the PRC; Ministry of Science and Technology of the PRC; China Association for Science and Technology; Chinese Academy of Social Sciences; Chinese Academy of Engineering; National Natural Science Foundation of China; Chinese Academy of Agricultural Sciences";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
33;bookSection;2024;Syed, Aamiruddin;Best Practices for Application Security;Supply Chain Software Security;979-8-8688-0798-5 979-8-8688-0799-2;;;https://link.springer.com/10.1007/979-8-8688-0799-2_4;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;127-170;;;;;;;;;;;Apress;Berkeley, CA;en;;;;;DOI.org (Crossref);;DOI: 10.1007/979-8-8688-0799-2_4;;;;;;;;;;;Syed, Aamiruddin;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
34;bookSection;2024;Syed, Aamiruddin;Key Technologies in Supply Chain Security;Supply Chain Software Security;979-8-8688-0798-5 979-8-8688-0799-2;;;https://link.springer.com/10.1007/979-8-8688-0799-2_2;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;37-82;;;;;;;;;;;Apress;Berkeley, CA;en;;;;;DOI.org (Crossref);;DOI: 10.1007/979-8-8688-0799-2_2;;;;;;;;;;;Syed, Aamiruddin;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
35;bookSection;2024;"Yousefnezhad, Narges; Costin, Andrei";Understanding SBOMs in Real-World Systems – A Practical DevOps/SecOps Perspective;Business Modeling and Software Design;978-3-031-64072-8 978-3-031-64073-5;;;https://link.springer.com/10.1007/978-3-031-64073-5_20;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;293-304;;;523;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Lecture Notes in Business Information Processing DOI: 10.1007/978-3-031-64073-5_20;;;;;;Shishkov, Boris;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
36;bookSection;2024;"Wei, Yinxing; Zheng, Jun; Zhong, Hong";A Systematic Method for Constructing ICT Supply Chain Security Requirements;Emerging Information Security and Applications;978-981-99-9613-1 978-981-99-9614-8;;;https://link.springer.com/10.1007/978-981-99-9614-8_4;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;58-76;;;2004;;;;;;;;Springer Nature Singapore;Singapore;en;;;;;DOI.org (Crossref);;Series Title: Communications in Computer and Information Science DOI: 10.1007/978-981-99-9614-8_4;;;;;;"Shao, Jun; Katsikas, Sokratis K.; Meng, Weizhi";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
37;bookSection;2024;"Jaatun, Martin Gilje; Sæle, Hanne";A Checklist for Supply Chain Security for Critical Infrastructure Operators;Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media;978-981-99-6973-9 978-981-99-6974-6;;;https://link.springer.com/10.1007/978-981-99-6974-6_14;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;235-249;;;;;;;;;;;Springer Nature Singapore;Singapore;en;;;;;DOI.org (Crossref);;Series Title: Springer Proceedings in Complexity DOI: 10.1007/978-981-99-6974-6_14;;;;;;"Onwubiko, Cyril; Rosati, Pierangelo; Rege, Aunshul; Erola, Arnau; Bellekens, Xavier; Hindy, Hanan; Jaatun, Martin Gilje";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
38;bookSection;2024;"Basu, Anirban; Kai, Satoshi";Software and its Perceived Trustworthiness;Trust Management XIV;978-3-031-76713-5 978-3-031-76714-2;;;https://link.springer.com/10.1007/978-3-031-76714-2_7;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;105-120;;;694;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: IFIP Advances in Information and Communication Technology DOI: 10.1007/978-3-031-76714-2_7;;;;;;"Muller, Tim; Fernandez-Gago, Carmen; Ceolin, Davide; Gudes, Ehud; Gal-Oz, Nurit";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
39;bookSection;2024;"Huang, Jerry; Huang, Ken; Heide, Sean";Web3 and Supply Chain Risks;Web3 Applications Security and New Security Landscape;978-3-031-58001-7 978-3-031-58002-4;;;https://link.springer.com/10.1007/978-3-031-58002-4_7;;2024;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;127-151;;;;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Future of Business and Finance DOI: 10.1007/978-3-031-58002-4_7;;;;;;"Huang, Ken; Parisi, Carlo; Tan, Lisa Jy; Ma, Winston; Zhang, Zhijun William";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
40;bookSection;2024;Syed, Aamiruddin;DevSecOps Integration in Supply Chain Security;Supply Chain Software Security;979-8-8688-0798-5 979-8-8688-0799-2;;;https://link.springer.com/10.1007/979-8-8688-0799-2_5;;2024;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;171-245;;;;;;;;;;;Apress;Berkeley, CA;en;;;;;DOI.org (Crossref);;DOI: 10.1007/979-8-8688-0799-2_5;;;;;;;;;;;Syed, Aamiruddin;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
41;bookSection;2024;Sternhell, Amir;A Trusted Global Data Supply Chain;Data, Security, and Trust in Smart Cities;978-3-031-61116-2 978-3-031-61117-9;;;https://link.springer.com/10.1007/978-3-031-61117-9_1;;2024;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;3-31;;;;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Signals and Communication Technology DOI: 10.1007/978-3-031-61117-9_1;;;;;;McClellan, Stan;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
42;journalArticle;2024;Radanliev, Petar;The rise and fall of cryptocurrencies: defining the economic and social values of blockchain technologies, assessing the opportunities, and defining the financial and cybersecurity risks of the Metaverse;Financial Innovation;;2199-4730;10.1186/s40854-023-00537-8;https://jfin-swufe.springeropen.com/articles/10.1186/s40854-023-00537-8;"Abstract             This study examines blockchain technologies and their pivotal role in the evolving Metaverse, shedding light on topics such as how to invest in cryptocurrency, the mechanics behind crypto mining, and strategies to effectively buy and trade cryptocurrencies. While it contextualises the common queries of ""why is crypto crashing?"" and ""why is crypto down?"", the research transcends beyond the frequent market fluctuations to unravel how cryptocurrencies fundamentally work and the step-by-step process on how to create a cryptocurrency. Contrasting existing literature, this comprehensive investigation encompasses both the economic and cybersecurity risks inherent in the blockchain and fintech spheres. Through an interdisciplinary approach, the research transitions from the fundamental principles of fintech investment strategies to the overarching implications of blockchain within the Metaverse. Alongside exploring machine learning potentials in financial sectors and risk assessment methodologies, the study critically assesses whether developed or developing nations are poised to reap greater benefits from these technologies. Moreover, it probes into both enduring and dubious crypto projects, drawing a distinct line between genuine blockchain applications and Ponzi-like schemes. The conclusion resolutely affirms the staying power of blockchain technologies, underlined by a profound exploration of their intrinsic value and a reflective commentary by the author on the potential risks confronting individual investors.";2024-01-31;25/04/2025 8:55;25/04/2025 8:55;25/04/2025 8:55;1;;1;10;;Financ Innov;The rise and fall of cryptocurrencies;;;;;;;en;;;;;DOI.org (Crossref);;;;C:\Users\Xabier\Zotero\storage\RRJMD27P\Radanliev - 2024 - The rise and fall of cryptocurrencies defining the economic and social values of blockchain technol.pdf;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
43;bookSection;2024;Gupta, Arun;External Communities;Fostering Open Source Culture;979-8-8688-0976-7 979-8-8688-0977-4;;;https://link.springer.com/10.1007/979-8-8688-0977-4_6;;2024;25/04/2025 8:55;25/04/2025 8:55;25/04/2025 8:55;217-281;;;;;;;;;;;Apress;Berkeley, CA;en;;;;;DOI.org (Crossref);;DOI: 10.1007/979-8-8688-0977-4_6;;;;;;;;;;;Gupta, Arun;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
44;journalArticle;2025;"Okhravi, Hamed; Burow, Nathan; Schneider, Fred B.";Software Bill of Materials as a Proactive Defense;IEEE Security & Privacy;;;10.1109/MSEC.2025.3528535;;;2025;45772,38242;45772,38242;;101-106;;2;23;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
45;journalArticle;2025;Riehle, Dirk;The Software Bill of Materials;Computer;;;10.1109/MC.2025.3530276;;;2025;45772,38242;45772,38242;;115-120;;4;58;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
46;journalArticle;2025;"Shin, Daemin; Kim, Jiyoon; Pawana, I. Wayan Adi Juliawan; You, Ilsun";Enhancing cloud-native DevSecOps: A Zero Trust approach for the financial sector;Computer Standards & Interfaces;;0920-5489;https://doi.org/10.1016/j.csi.2025.103975;https://www.sciencedirect.com/science/article/pii/S0920548925000042;Financial institutions increasingly adopt cloud-native environments and microservices architectures in response to digital transformation and application modernization, leading to a growing demand for cloud-native services. This transition accelerates the development of sophisticated Continuous Integration/Continuous Deployment (CI/CD) pipelines while simultaneously increasing the complexity of DevSecOps environments and expanding the attack surface. As a result, the financial sector is paying greater attention to the Zero Trust security model to overcome traditional perimeter-based security’s limitations and achieve automated, advanced cybersecurity capabilities. However, financial institutions need more concrete examples and foundational material to adopt Zero Trust. This study provides a foundational framework for financial institutions to evaluate and implement Zero Trust policies and technologies independently. It analyzes the relationship between cloud-native initiatives, microservices-based DevSecOps environments, and Zero Trust and identifies key considerations for implementing Zero Trust through a stage-by-stage analysis of the Software Development Life Cycle (SDLC). Furthermore, the study proposes a Zero Trust framework to enhance security and evaluates its applicability based on nine assessment criteria.;2025;25/04/2025 8:41;25/04/2025 8:41;;103975;;;93;;;;;;;;;;;;;;;;;;;;;"Security; Zero Trust; Microservices; Cloud-native; DevSecOps";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
47;journalArticle;2025;Colonna, Liane;The end of open source? Regulating open source under the cyber resilience act and the new product liability directive;Computer Law & Security Review;;2212-473X;https://doi.org/10.1016/j.clsr.2024.106105;https://www.sciencedirect.com/science/article/pii/S0267364924001705;Rooted in idealism, the open-source model leverages collaborative intelligence to drive innovation, leading to major benefits for both industry and society. As open-source software (OSS) plays an increasingly central role in driving the digitalization of society, policymakers are examining the interactions between upstream open-source communities and downstream manufacturers. They aim to leverage the benefits of OSS, such as performance enhancements and adaptability across diverse domains, while ensuring software security and accountability. The regulatory landscape is on the brink of a major transformation with the recent adoption of both the Cyber Resilience Act (CRA) as well as the Product Liability Directive (PLD), raising concerns that these laws could threaten the future of OSS. This paper investigates how the CRA and the PDL regulate OSS, specifically exploring the scope of exemptions found in the laws. It further explores how OSS practices might adapt to the evolving regulatory landscape, focusing on the importance of documentation practices to support compliance obligations, thereby ensuring OSS's continued relevance and viability. It concludes that due diligence requirements mandate a thorough assessment of OSS components to ensure their safety for integration into commercial products and services. Documentation practices like security attestations, Software Bill of Materials (SBOMs), data cards and model cards will play an increasingly important role in the software supply chain to ensure that downstream entities can meet their obligations under these new legal frameworks.;2025;25/04/2025 8:41;25/04/2025 8:41;;106105;;;56;;;;;;;;;;;;;;;;;;;;;"Open source software; Information security; Model card; SBOM";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
48;bookSection;2025;"Landeck, Yannick; Balta, Dian; Wimmer, Martin; Knierim, Christian";Software in the Manufacturing Industry: A Review of Security Challenges and Implications;Solutions and Technologies for Responsible Digitalization;978-3-031-80121-1 978-3-031-80122-8;;;https://link.springer.com/10.1007/978-3-031-80122-8_19;;2025;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;293-311;;;75;;;Software in the Manufacturing Industry;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Lecture Notes in Information Systems and Organisation DOI: 10.1007/978-3-031-80122-8_19;;;;;;"Beverungen, Daniel; Lehrer, Christiane; Trier, Matthias";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
49;bookSection;2025;"Yoo, Hyunwoo; Chung, Manhyun; Jang, Moonsu; Kim, Woo-Nyon";Exploratory Trend Analysis of Supply Chain Cybersecurity Management;Critical Information Infrastructures Security;978-3-031-84259-7 978-3-031-84260-3;;;https://link.springer.com/10.1007/978-3-031-84260-3_4;;2025;25/04/2025 8:53;25/04/2025 8:53;25/04/2025 8:53;64-83;;;15549;;;;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Lecture Notes in Computer Science DOI: 10.1007/978-3-031-84260-3_4;;;;;;"Oliva, Gabriele; Panzieri, Stefano; Hämmerli, Bernhard; Pascucci, Federica; Faramondi, Luca";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
50;journalArticle;2025;"Shen, Yijun; Gao, Xiang; Sun, Hailong; Guo, Yu";Understanding vulnerabilities in software supply chains;Empirical Software Engineering;;1382-3256, 1573-7616;10.1007/s10664-024-10581-2;https://link.springer.com/10.1007/s10664-024-10581-2;;2025-01;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;20;;1;30;;Empir Software Eng;;;;;;;;en;;;;;DOI.org (Crossref);;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
51;bookSection;2025;"Wenzel, Julius; Berg, Andreas; Fetzer, Christof";Invited Paper: Using Signed Formulas for Online Certification;Stabilization, Safety, and Security of Distributed Systems;978-3-031-74497-6 978-3-031-74498-3;;;https://link.springer.com/10.1007/978-3-031-74498-3_5;;2025;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;71-86;;;14931;;;Invited Paper;;;;;Springer Nature Switzerland;Cham;en;;;;;DOI.org (Crossref);;Series Title: Lecture Notes in Computer Science DOI: 10.1007/978-3-031-74498-3_5;;;;;;"Masuzawa, Toshimitsu; Katayama, Yoshiaki; Kakugawa, Hirotsugu; Nakamura, Junya; Kim, Yonghwan";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
52;journalArticle;2025;"Kioskli, Kitty; Grigoriou, Elisavet; Islam, Shareeful; Yiorkas, Andrianos M.; Christofi, Loizos; Mouratidis, Haralambos";A risk and conformity assessment framework to ensure security and resilience of healthcare systems and medical supply chain;International Journal of Information Security;;1615-5262, 1615-5270;10.1007/s10207-025-01009-z;https://link.springer.com/10.1007/s10207-025-01009-z;;2025-04;25/04/2025 8:54;25/04/2025 8:54;25/04/2025 8:54;90;;2;24;;Int. J. Inf. Secur.;;;;;;;;en;;;;;DOI.org (Crossref);;;;C:\Users\Xabier\Zotero\storage\LVHLN6B8\Kioskli et al. - 2025 - A risk and conformity assessment framework to ensure security and resilience of healthcare systems a.pdf;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
53;journalArticle;2025;"Ajibode, Adekunle; Bangash, Abdul Ali; Cogo, Filipe R.; Adams, Bram; Hassan, Ahmed E.";Towards semantic versioning of open pre-trained language model releases on hugging face;Empirical Software Engineering;;1382-3256, 1573-7616;10.1007/s10664-025-10631-3;https://link.springer.com/10.1007/s10664-025-10631-3;;2025-06;25/04/2025 8:55;25/04/2025 8:55;25/04/2025 8:55;78;;3;30;;Empir Software Eng;;;;;;;;en;;;;;DOI.org (Crossref);;;;C:\Users\Xabier\Zotero\storage\VSXA7Y8D\Ajibode et al. - 2025 - Towards semantic versioning of open pre-trained language model releases on hugging face.pdf;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;