{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,12]],"date-time":"2026-03-12T10:42:38Z","timestamp":1773312158630,"version":"3.50.1"},"publisher-location":"Cham","reference-count":13,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032006387","type":"print"},{"value":"9783032006394","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-00639-4_4","type":"book-chapter","created":{"date-parts":[[2025,8,9]],"date-time":"2025-08-09T09:58:08Z","timestamp":1754733488000},"page":"57-69","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Cybersecurity Vulnerability Prioritisation via\u00a0Risk Assessment"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9937-1762","authenticated-orcid":false,"given":"Steve","family":"Taylor","sequence":"first","affiliation":[]},{"given":"Panos","family":"Melas","sequence":"additional","affiliation":[]},{"given":"Mike","family":"Surridge","sequence":"additional","affiliation":[]},{"given":"Paolo","family":"De Lutiis","sequence":"additional","affiliation":[]},{"given":"Manuel","family":"Leone","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7507-6366","authenticated-orcid":false,"given":"Martin Gilje","family":"Jaatun","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7127-6694","authenticated-orcid":false,"given":"Ravishankar","family":"Borgaonkar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,8,10]]},"reference":[{"key":"4_CR1","unstructured":"MITRE: Mitre corporation. https:\/\/www.mitre.org\/"},{"key":"4_CR2","unstructured":"Ireann Leverett: Vulnerability forecast for 2025. https:\/\/www.first.org\/blog\/20250607-Vulnerability-Forecast-for-2025 (2025) FIRST"},{"key":"4_CR3","unstructured":"Weidenbach, P., vom Dorp, J.: Home router security report 2020. Technical report, Fraunhofer Institute for Communication, Information Processing and Ergonomics FKIE (2020)"},{"key":"4_CR4","unstructured":"CVSS Special Interest Group: Common vulnerability scoring system version 3.1: Specification document (2019), Accessed 2025"},{"key":"4_CR5","unstructured":"Roytman, M., Jacobs, J.: Predictive vulnerability scoring system. In: Black Hat USA, Las Vegas, August 2019"},{"key":"4_CR6","unstructured":"Tenable: vulnerability priority rating. https:\/\/docs.tenable.com\/vulnerability-management\/best-practices\/security\/Content\/VulnerabilityPriorityRating.htm"},{"key":"4_CR7","unstructured":"Cybersecurity infrastructure security agency (CISA): known exploited vulnerabilities catalog. https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog"},{"key":"4_CR8","unstructured":"Cisco: cisco vulnerability management. https:\/\/www.cisco.com\/site\/us\/en\/products\/security\/vulnerability-management\/index.html"},{"key":"4_CR9","unstructured":"Spring, J., Hatleback, E., Householder, A.D., Manion, A., Shick, D.: Towards improving CVSS. Carnegie Mellon University - Software Engineering Institute, White paper (2018)"},{"key":"4_CR10","unstructured":"FIRST: EPSS - frequently asked questions. https:\/\/www.first.org\/epss\/faq"},{"key":"4_CR11","doi-asserted-by":"publisher","first-page":"82482","DOI":"10.1109\/ACCESS.2024.3404264","volume":"12","author":"SC Phillips","year":"2024","unstructured":"Phillips, S.C., Taylor, S., Boniface, M., Modafferi, S., Surridge, M.: Automated knowledge-based cybersecurity risk assessment of cyber-physical systems. IEEE Access 12, 82482\u201382505 (2024)","journal-title":"IEEE Access"},{"key":"4_CR12","unstructured":"Messner, M., Kuehne, B., Eckmann, P., Hoxha, E.: Emba - the security analyzer for firmware of embedded devices. https:\/\/github.com\/e-m-b-a\/emba (Multiple other contributors)"},{"key":"4_CR13","unstructured":"Linux: strings(1) - linux man page. https:\/\/linux.die.net\/man\/1\/strings"}],"container-title":["Lecture Notes in Computer Science","Availability, Reliability and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-00639-4_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T16:14:44Z","timestamp":1773245684000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-00639-4_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032006387","9783032006394"],"references-count":13,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-00639-4_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"10 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ARES","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Availability, Reliability and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ghent","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ares-12025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2025.ares-conference.eu","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}