{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T18:08:38Z","timestamp":1771092518932,"version":"3.50.1"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032168856","type":"print"},{"value":"9783032168863","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-16886-3_2","type":"book-chapter","created":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T17:36:53Z","timestamp":1771090613000},"page":"24-40","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Linking Architectural Threat Modeling of\u00a0AI Systems to\u00a0MITRE ATLAS via\u00a0Semantic Knowledge Graphs"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8511-6867","authenticated-orcid":false,"given":"Joakim","family":"Rosell","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3906-7611","authenticated-orcid":false,"given":"Maria","family":"Ulan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1139-4266","authenticated-orcid":false,"given":"Max","family":"Fransson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2026,2,15]]},"reference":[{"key":"2_CR1","doi-asserted-by":"publisher","unstructured":"Al-Sada, B., Sadighian, A., Oligeri, G.: Mitre att &ck: State of the art and way forward. ACM Comput. Surv. 57(1) (2024). https:\/\/doi.org\/10.1145\/3687300","DOI":"10.1145\/3687300"},{"key":"2_CR2","doi-asserted-by":"publisher","unstructured":"Von\u00a0der Assen, J., Huertas, A., Sharif, J., Feng, C., Bovet, G., Stiller, B.: Threatfinderai: automated threat modeling applied to LLM system integration. In: 2024 20th International Conference on Network and Service Management (CNSM), pp.\u00a01\u20133 (2024). https:\/\/doi.org\/10.23919\/CNSM62983.2024.10814632","DOI":"10.23919\/CNSM62983.2024.10814632"},{"key":"2_CR3","doi-asserted-by":"publisher","unstructured":"Von\u00a0der Assen, J., Sharif, J., Feng, C., Killer, C., Bovet, G., Stiller, B.: Asset-centric threat modeling for ai-based systems. In: 2024 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 437\u2013444 (2024). https:\/\/doi.org\/10.1109\/CSR61664.2024.10679445","DOI":"10.1109\/CSR61664.2024.10679445"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Barattin, S., Tzelepis, C., Patras, I., Sebe, N.: Attribute-preserving face dataset anonymization via latent code optimization. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, pp. 8001\u20138010 (2023)","DOI":"10.1109\/CVPR52729.2023.00773"},{"key":"2_CR5","unstructured":"European Union Agency for Cybersecurity (ENISA): Enisa threat landscape 2024. Technical Report, ENISA (2024). https:\/\/www.enisa.europa.eu\/publications\/enisa-threat-landscape-2024. European Union Agency for Cybersecurity"},{"key":"2_CR6","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)"},{"key":"2_CR7","doi-asserted-by":"crossref","unstructured":"Habbal, A., Ali, M.K., Abuzaraida, M.A.: Artificial intelligence trust, risk and security management (AI TRISM): frameworks, applications, challenges and future research directions. Expert Syst. Appl. 240, 122442 (2024)","DOI":"10.1016\/j.eswa.2023.122442"},{"key":"2_CR8","doi-asserted-by":"publisher","unstructured":"Hu, Y., et al.: Artificial intelligence security: Threats and countermeasures. ACM Comput. Surv. 55(1) (2021). https:\/\/doi.org\/10.1145\/3487890","DOI":"10.1145\/3487890"},{"key":"2_CR9","doi-asserted-by":"crossref","unstructured":"Hukkel\u00e5s, H., Lindseth, F.: Deepprivacy2: Towards realistic full-body anonymization. In: Proceedings of the IEEE\/CVF winter Conference on Applications of Computer Vision, pp. 1329\u20131338 (2023)","DOI":"10.1109\/WACV56688.2023.00138"},{"key":"2_CR10","unstructured":"Hussain, S., et al.: Reface: Real-time adversarial attacks on face recognition systems. arXiv preprint arXiv:2206.04783 (2022)"},{"key":"2_CR11","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2024.103988","volume":"145","author":"FV Jedrzejewski","year":"2024","unstructured":"Jedrzejewski, F.V., Thode, L., Fischbach, J., Gorschek, T., Mendez, D., Lavesson, N.: Adversarial machine learning in industry: a systematic literature review. Comput. Secur. 145, 103988 (2024)","journal-title":"Comput. Secur."},{"key":"2_CR12","doi-asserted-by":"publisher","unstructured":"Mauri, L., Damiani, E.: Modeling threats to ai-ml systems using stride. Sensors 22 (2022). https:\/\/doi.org\/10.3390\/s22176662","DOI":"10.3390\/s22176662"},{"issue":"2","key":"2_CR13","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1037\/h0043158","volume":"63","author":"GA Miller","year":"1956","unstructured":"Miller, G.A.: The magical number seven, plus or minus two: some limits on our capacity for processing information. Psychol. Rev. 63(2), 81 (1956)","journal-title":"Psychol. Rev."},{"key":"2_CR14","unstructured":"Mink, J., Kaur, H., Schm\u00fcser, J., Fahl, S., Acar, Y.: $$\\{$$Security$$\\}$$ is not my field,$$\\{$$I\u2019m$$\\}$$ a stats $$\\{$$guy$$\\}$$: a qualitative root cause analysis of barriers to adversarial machine learning defenses in industry. In: 32nd USENIX Security Symposium (USENIX Security 23), pp. 3763\u20133780 (2023)"},{"key":"2_CR15","unstructured":"MITRE Corporation: Mitre atlas (adversarial threat landscape for artificial-intelligence systems) (2023). https:\/\/atlas.mitre.org\/. global, living knowledge base of AI adversarial tactics and techniques"},{"key":"2_CR16","doi-asserted-by":"publisher","unstructured":"Neupane, S., et al.: Security considerations in ai-robotics: A survey of current methods, challenges, and opportunities. IEEE Access 12, 22072\u201322097 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3363657","DOI":"10.1109\/ACCESS.2024.3363657"},{"key":"2_CR17","unstructured":"OWASP AI Exchange Project: Owasp ai security & privacy guide (2021). https:\/\/owasp.org\/www-project-ai-security-and-privacy-guide\/. working online guide"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"Reimers, N., Gurevych, I.: Sentence-BERT: Sentence embeddings using Siamese BERT-networks (2019). https:\/\/arxiv.org\/abs\/1908.10084","DOI":"10.18653\/v1\/D19-1410"},{"issue":"3","key":"2_CR19","doi-asserted-by":"crossref","first-page":"346","DOI":"10.1016\/j.eng.2019.12.012","volume":"6","author":"K Ren","year":"2020","unstructured":"Ren, K., Zheng, T., Qin, Z., Liu, X.: Adversarial attacks and defenses in deep learning. Engineering 6(3), 346\u2013360 (2020)","journal-title":"Engineering"},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"Rosberg, F., Aksoy, E.E., Englund, C., Alonso-Fernandez, F.: Fiva: facial image and video anonymization and anonymization defense. In: Proceedings of the IEEE\/CVF International Conference on Computer Vision, pp. 362\u2013371 (2023)","DOI":"10.1109\/ICCVW60793.2023.00043"},{"key":"2_CR21","unstructured":"Rosberg, F.: FaceDancer: Facial Identity Manipulation for Privacy-Preserving Computer Vision. Ph.D. thesis, Chalmers University of Technology, Gothenburg, Sweden (2023). https:\/\/www.diva-portal.org\/smash\/get\/diva2:1845212\/FULLTEXT01.pdf"},{"key":"2_CR22","unstructured":"Samangouei, P., Kabkab, M., Chellappa, R.: Defense-GAN: Protecting classifiers against adversarial attacks using generative models. arXiv preprint arXiv:1805.06605 (2018)"},{"key":"2_CR23","unstructured":"Stock, P., Shilov, I., Mironov, I., Sablayrolles, A.: Defending against reconstruction attacks with r\u00e9nyi differential privacy. arXiv preprint arXiv:2202.07623 (2022)"},{"key":"2_CR24","doi-asserted-by":"crossref","first-page":"92735","DOI":"10.1109\/ACCESS.2021.3092646","volume":"9","author":"F Vakhshiteh","year":"2021","unstructured":"Vakhshiteh, F., Nickabadi, A., Ramachandra, R.: Adversarial attacks against face recognition: a comprehensive study. IEEE Access 9, 92735\u201392756 (2021)","journal-title":"IEEE Access"},{"key":"2_CR25","doi-asserted-by":"crossref","unstructured":"Wang, Z., Song, M., Zhang, Z., Song, Y., Wang, Q., Qi, H.: Beyond inferring class representatives: User-level privacy leakage from federated learning. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 2512\u20132520. IEEE (2019)","DOI":"10.1109\/INFOCOM.2019.8737416"},{"key":"2_CR26","doi-asserted-by":"crossref","unstructured":"Wymberry, C., Jahankhani, H.: An approach to measure the effectiveness of the mitre atlas framework in safeguarding machine learning systems against data poisoning attack. In: Cybersecurity and artificial intelligence: transformational strategies and disruptive innovation, pp. 81\u2013116. Springer (2024)","DOI":"10.1007\/978-3-031-52272-7_4"},{"key":"2_CR27","unstructured":"W\u00e4spi, R.: Design and evaluation of a large language model-powered threat modeling approach with applications to ai security (2025)"}],"container-title":["Lecture Notes in Computer Science","Responsible AI for Value Creation"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-16886-3_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T17:36:56Z","timestamp":1771090616000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-16886-3_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032168856","9783032168863"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-16886-3_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"15 February 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"REPAI-W","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Interdisciplinary Workshop on Responsible AI for Value Creation","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 December 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 December 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"repai-w2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/vap.aau.dk\/repai-w\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}