{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T02:22:28Z","timestamp":1771467748790,"version":"3.50.1"},"reference-count":92,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2025,7,1]],"date-time":"2025-07-01T00:00:00Z","timestamp":1751328000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,7,1]],"date-time":"2025-07-01T00:00:00Z","timestamp":1751328000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"Istanbul Gedik University"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,8]]},"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>In recent years, substantial progress has been made in the design and development of unmanned aerial vehicles (UAVs) with diverse functional capabilities for avionic applications. Beyond addressing performance bottlenecks, the growing threat of cybersecurity attacks introduces additional complexity to the UAV design process. Developing a high-performance UAV system involves navigating technical security challenges that must be addressed pragmatically. Implementing excessive security measures can increase costs and degrade system performance, while insufficient protection of vulnerable components may expose the UAV to potential exploitation. This study introduces a multi-layered drone system, thoroughly examines threats to its components, and outlines corresponding safeguards in trusted layers. The security requirements for UAV systems were defined using the Common Criteria framework. To strengthen UAV security under real-world operational conditions, a novel threat modeling approach, xT-STRIDE, has been developed. This method incorporates the UAV\u2019s communication and embedded system architecture, modeled with realistic security elements. The xT-STRIDE framework was evaluated theoretically in conjunction with traditional threat modeling techniques.<\/jats:p>","DOI":"10.1007\/s10207-025-01082-4","type":"journal-article","created":{"date-parts":[[2025,7,1]],"date-time":"2025-07-01T06:49:25Z","timestamp":1751352565000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["xT-STRIDE threat model for unmanned air vehicle security"],"prefix":"10.1007","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3886-802X","authenticated-orcid":false,"given":"Aytac Ugur","family":"Yerden","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3064-4176","authenticated-orcid":false,"given":"Sinan","family":"Senol","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7312-0503","authenticated-orcid":false,"given":"Mehmet","family":"Kara","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4777-7995","authenticated-orcid":false,"given":"Savas","family":"Dilibal","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,1]]},"reference":[{"key":"1082_CR1","doi-asserted-by":"publisher","DOI":"10.1016\/j.techfore.2018.05.004","volume":"153","author":"N Mohamed","year":"2020","unstructured":"Mohamed, N., et al.: Unmanned aerial vehicles applications in future smart cities. Technol. Forecast. Soc. Chang. 153, 119293 (2020). https:\/\/doi.org\/10.1016\/j.techfore.2018.05.004","journal-title":"Technol. Forecast. Soc. Chang."},{"issue":"3","key":"1082_CR2","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1016\/j.ijtst.2017.02.001","volume":"5","author":"EN Barmpounakis","year":"2016","unstructured":"Barmpounakis, E.N., Vlahogianni, E.I., Golias, J.C.: Unmanned Aerial Aircraft Systems for transportation engineering: Current practice and future challenges. International Journal of Transportation Science and Technology 5(3), 111\u2013122 (2016)","journal-title":"International Journal of Transportation Science and Technology"},{"issue":"3","key":"1082_CR3","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1177\/1548512915617252","volume":"13","author":"C Rani","year":"2016","unstructured":"Rani, C., et al.: Security of unmanned aerial vehicle systems against cyber-physical attacks. The Journal of Defense Modeling and Simulation 13(3), 331\u2013342 (2016). https:\/\/doi.org\/10.1177\/1548512915617252","journal-title":"The Journal of Defense Modeling and Simulation"},{"key":"1082_CR4","doi-asserted-by":"publisher","unstructured":"Du Du, H., and Heldeweg, M. A. \"Responsible design of drones and drone services.\" (2017). https:\/\/doi.org\/10.2139\/ssrn.3096573","DOI":"10.2139\/ssrn.3096573"},{"key":"1082_CR5","unstructured":"RTCA DO 326: A2014 AIRWORTHINESS SECURITY PROCESS SPECIFICATION. (n.d.). Retrieved September 21, 2024, from https:\/\/shop.standards.ie\/en-ie\/standards\/"},{"key":"1082_CR6","unstructured":"EUROCAE, W. (2010). ED202-Airworthiness Security Process Specification."},{"key":"1082_CR7","unstructured":"Florence Esselin, Karl Coulon. EBIOS RISK MANAGER : ACCESSIBLE METHODOLOGY TO SECURE DIGITAL TRANSFORMATION. Les Notes du CREOGN, 2021, N\u00b0 62. \u27e8hal-03813843\u27e9"},{"issue":"183","key":"1082_CR8","first-page":"800","volume":"800","author":"J Voas","year":"2016","unstructured":"Voas, J.: Networks of \u2018things.\u2019 NIST Spec. Publ. 800(183), 800\u2013183 (2016)","journal-title":"NIST Spec. Publ."},{"key":"1082_CR9","unstructured":"Standard, I. S. O. (2021). ISO\/SAE 21434-Road Vehicles\u2013Cybersecurity engineering."},{"key":"1082_CR10","doi-asserted-by":"crossref","unstructured":"Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2017, September). STRIDE-based threat modeling for cyber-physical systems. In 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) (pp. 1\u20136). IEEE.","DOI":"10.1109\/ISGTEurope.2017.8260283"},{"key":"1082_CR11","unstructured":"ISO\/IEC 15408\u20131:2022. (2022, November 29). ISO. Retrieved December 1, 2023, from https:\/\/www.iso.org\/standard\/72891.html"},{"key":"1082_CR12","doi-asserted-by":"publisher","unstructured":"Jacobsen, R. H. and Marandi, A. (2021). Security threats analysis of the unmanned aerial vehicle system. MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM). https:\/\/doi.org\/10.1109\/milcom52596.2021.9652900","DOI":"10.1109\/milcom52596.2021.9652900"},{"key":"1082_CR13","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.102775","volume":"58","author":"A Gassara","year":"2021","unstructured":"Gassara, A., Rodriguez, I.B.: Describing correct UAVs cooperation architectures applied on an anti-terrorism scenario. Journal of Information Security and Applications 58, 102775 (2021). https:\/\/doi.org\/10.1016\/j.jisa.2021.102775","journal-title":"Journal of Information Security and Applications"},{"key":"1082_CR14","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.102864","volume":"59","author":"KN Qureshi","year":"2021","unstructured":"Qureshi, K.N., et al.: Trust and priority-based drone assisted routing and mobility and service-oriented solution for the internet of vehicles networks. Journal of Information Security and Applications 59, 102864 (2021). https:\/\/doi.org\/10.1016\/j.jisa.2021.102864","journal-title":"Journal of Information Security and Applications"},{"key":"1082_CR15","doi-asserted-by":"publisher","first-page":"290","DOI":"10.1016\/j.tra.2020.11.004","volume":"142","author":"A Almulhem","year":"2020","unstructured":"Almulhem, A.: Threat modeling of a multi-UAV system. Transportation Research Part A: policy and practice 142, 290\u2013295 (2020). https:\/\/doi.org\/10.1016\/j.tra.2020.11.004","journal-title":"Transportation Research Part A: policy and practice"},{"key":"1082_CR16","doi-asserted-by":"publisher","unstructured":"Singh, K. and Verma, A. K. \"Threat modeling for multi-UAV Adhoc networks.\" TENCON 2017\u20132017 IEEE Region 10 Conference. IEEE, 2017. https:\/\/doi.org\/10.1109\/TENCON.2017.8228102","DOI":"10.1109\/TENCON.2017.8228102"},{"key":"1082_CR17","unstructured":"Shostack, Adam. Threat modeling: Designing for security. John Wiley & Sons, 2014."},{"issue":"2","key":"1082_CR18","doi-asserted-by":"publisher","first-page":"1123","DOI":"10.1109\/COMST.2015.2495297","volume":"18","author":"L Gupta","year":"2015","unstructured":"Gupta, L., Jain, R., Vaszkun, G.: Survey of important issues in UAV communication networks. IEEE communications surveys & tutorials 18(2), 1123\u20131152 (2015). https:\/\/doi.org\/10.1109\/COMST.2015.2495297","journal-title":"IEEE communications surveys & tutorials"},{"key":"1082_CR19","unstructured":"Bouhamed, Omar, et al. \"Lightweight ids for uav networks: A periodic deep reinforcement learning-based approach.\" 2021 IFIP\/IEEE International Symposium on Integrated Network Management (IM). IEEE, 2021."},{"key":"1082_CR20","doi-asserted-by":"publisher","unstructured":"Seo, Jong Wan, et al. \"Blockchain-Based Secure Firmware Update Using an UAV.\" Electronics 12.10 (2023): 2189. https:\/\/doi.org\/10.3390\/electronics12102189","DOI":"10.3390\/electronics12102189"},{"key":"1082_CR21","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/s11370-022-00452-4","volume":"16","author":"SAH Mohsan","year":"2023","unstructured":"Mohsan, S.A.H., Othman, N.Q.H., Li, Y., et al.: Unmanned aerial vehicles (UAVs): practical aspects, applications, open challenges, security issues, and future trends. Intel Serv Robotics 16, 109\u2013137 (2023). https:\/\/doi.org\/10.1007\/s11370-022-00452-4","journal-title":"Intel Serv Robotics"},{"key":"1082_CR22","doi-asserted-by":"publisher","first-page":"115295","DOI":"10.1109\/ACCESS.2022.3218673","volume":"10","author":"S Kim","year":"2022","unstructured":"Kim, S., Cho, H., Jung, D.: Circular Formation Guidance of Fixed-Wing UAVs Using Mesh Network. IEEE Access 10, 115295\u2013115306 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3218673","journal-title":"IEEE Access"},{"key":"1082_CR23","doi-asserted-by":"publisher","unstructured":"Jahangeer, Mustafa, Z. & Aldabbas, H. Utilizing a Hybrid Cat-Swarm Optimization Algorithm for Seamless Vertical Handoff in Vanet. Wireless Personal Communication,July (2024). https:\/\/doi.org\/10.1007\/s11277-024-11424-5","DOI":"10.1007\/s11277-024-11424-5"},{"key":"1082_CR24","doi-asserted-by":"publisher","unstructured":"Naskath. Fast multicriteria network selection scheme using hybrid of cat swarm optimization and TOPSIS algorithm for optimal handover in VANET. Trans Emerging Tel Tech. 2023;e4743. https:\/\/doi.org\/10.1002\/ett.4743.","DOI":"10.1002\/ett.4743"},{"key":"1082_CR25","doi-asserted-by":"crossref","unstructured":"\u201cA GAN-based Hybrid Deep Learning Approach for Enhancing Intrusion Detection in IoT Networks\u201d, S. Balaji, G. Dhanabalan, C. Umarani and J. Naskath\u201d, International Journal of Advanced Computer Science and Applications (IJACSA), 15(6), 2024. \u2013 (SCI Indexed)","DOI":"10.14569\/IJACSA.2024.0150637"},{"key":"1082_CR26","doi-asserted-by":"publisher","first-page":"70353","DOI":"10.1109\/ACCESS.2023.3293203","volume":"11","author":"A Sonny","year":"2023","unstructured":"Sonny, A., Yeduri, S.R., Cenkeramaddi, L.R.: Autonomous UAV Path Planning Using Modified PSO for UAV-Assisted Wireless Networks. IEEE Access 11, 70353\u201370367 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3293203","journal-title":"IEEE Access"},{"key":"1082_CR27","unstructured":"Naskath, J,Dr. Nithyanantham,M.Pappathi Jancy Rani, \u201cDesign Secure Connectivity Protocol to mitigate malicious activity using Game Theory in VANET\u201d,PERIODICO di MINERALOGIA,ISSN: 0369\u2013896,Volume 91, No. 5, 2022."},{"key":"1082_CR28","doi-asserted-by":"publisher","unstructured":"\"Jawhar, I., et al. \"\"Communication and networking of UAV-based systems: Classification and associated architectures.\"\" Journal of Network and Computer Applications 84 (2017): 93\u2013108. https:\/\/doi.org\/10.1016\/j.jnca.2017.02.008","DOI":"10.1016\/j.jnca.2017.02.008"},{"key":"1082_CR29","doi-asserted-by":"publisher","unstructured":"Tran, Trung Duc, et al. \"Methodology for risk management related to cyber-security of Unmanned Aircraft Systems.\" 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). IEEE, 2019. https:\/\/doi.org\/10.1109\/ETFA.2019.8869200","DOI":"10.1109\/ETFA.2019.8869200"},{"key":"1082_CR30","doi-asserted-by":"publisher","unstructured":"Zhang, Yunru, et al. \"\"A lightweight authentication and key agreement scheme for Internet of Drones.\"\" Computer Communications 154 (2020): 455\u2013464. https:\/\/doi.org\/10.1016\/j.comcom.2020.02.067","DOI":"10.1016\/j.comcom.2020.02.067"},{"key":"1082_CR31","doi-asserted-by":"publisher","unstructured":"Ossamah, Almotery. \"Blockchain as a solution to drone cybersecurity.\" 2020 IEEE 6th World Forum on Internet of Things (WF-IoT). IEEE, 2020. https:\/\/doi.org\/10.1109\/WF-IoT48130.2020.9221466","DOI":"10.1109\/WF-IoT48130.2020.9221466"},{"key":"1082_CR32","doi-asserted-by":"publisher","unstructured":"Yazdinejad, Abbas, et al. \"Enabling drones in the internet of things with decentralized blockchain-based security.\" IEEE Internet of Things Journal 8.8 (2020): 6406\u20136415. https:\/\/doi.org\/10.1109\/JIOT.2020.3015382","DOI":"10.1109\/JIOT.2020.3015382"},{"key":"1082_CR33","doi-asserted-by":"publisher","unstructured":"Sharma, Vishal, et al. \"Neural-blockchain-based ultrareliable caching for edge-enabled UAV networks.\" IEEE Transactions on Industrial Informatics 15.10 (2019): 5723\u20135736. https:\/\/doi.org\/10.1109\/TII.2019.2922039","DOI":"10.1109\/TII.2019.2922039"},{"key":"1082_CR34","doi-asserted-by":"publisher","first-page":"3721","DOI":"10.1109\/ACCESS.2017.2684128","volume":"5","author":"J Won","year":"2017","unstructured":"Won, J., Seo, S.-H., Bertino, E.: Certificateless cryptographic protocols for efficient drone-based smart city applications. IEEE Access 5, 3721\u20133749 (2017). https:\/\/doi.org\/10.1109\/ACCESS.2017.2684128","journal-title":"IEEE Access"},{"key":"1082_CR35","doi-asserted-by":"publisher","unstructured":"Ogidan, Ezekiel T., Kamil Dimililer, and Yoney Kirsal-Ever. \"\"Machine learning for cyber security frameworks: a review.\"\" Drones in Smart-Cities (2020): 27\u201336. https:\/\/doi.org\/10.1016\/B978-0-12-819972-5.00002-1","DOI":"10.1016\/B978-0-12-819972-5.00002-1"},{"key":"1082_CR36","doi-asserted-by":"publisher","unstructured":"Wazid, Mohammad, et al. \"Design and analysis of secure lightweight remote user authentication and key agreement scheme in internet of drones deployment.\" IEEE Internet of Things Journal 6.2 (2018): 3572\u20133584. https:\/\/doi.org\/10.1109\/JIOT.2018.2888821","DOI":"10.1109\/JIOT.2018.2888821"},{"key":"1082_CR37","doi-asserted-by":"crossref","unstructured":"Marchetti, Eda, Tauheed Waheed, and Antonello Calabr\u00f2. \"Cybersecurity Testing in Drones domain: a Systematic Literature Review.\" IEEE Access (2024). https:\/\/ieeexplore.ieee.org\/document\/10750190","DOI":"10.1109\/ACCESS.2024.3495994"},{"key":"1082_CR38","doi-asserted-by":"crossref","unstructured":"Kumar, Naveen, and Ankit Chaudhary. \"Surveying cybersecurity vulnerabilities and countermeasures for enhancing UAV security.\" Computer Networks 252 (2024): 110695. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S1389128624005279","DOI":"10.1016\/j.comnet.2024.110695"},{"key":"1082_CR39","doi-asserted-by":"crossref","unstructured":"Miao, Shangting, Quan Pan, and Dongxiao Zheng. \"Unmanned aerial vehicle intrusion detection: Deep-meta-heuristic system.\" Vehicular Communications 46 (2024): 100726. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S2214209624000019","DOI":"10.1016\/j.vehcom.2024.100726"},{"key":"1082_CR40","doi-asserted-by":"crossref","unstructured":"Liu, Guangshuai, et al. \"Design of a multi-component system-based fixed-wing unmanned aerial vehicle maintenance policy and its case study.\" Computers & Industrial Engineering (2024): 110701. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S0360835224008234","DOI":"10.1016\/j.cie.2024.110701"},{"key":"1082_CR41","doi-asserted-by":"crossref","unstructured":"Zhao, Dongmei, et al. \"Security situation assessment in UAV swarm networks using TransReSE: A Transformer-ResNeXt-SE based approach.\" Vehicular Communications 50 (2024): 100842. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S2214209624001177","DOI":"10.1016\/j.vehcom.2024.100842"},{"key":"1082_CR42","doi-asserted-by":"crossref","unstructured":"Chandran, Indu, and Kizheppatt Vipin. \"A PUF secured lightweight mutual authentication protocol for multi-UAV networks.\" Computer Networks 253 (2024): 110717. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S1389128624005498","DOI":"10.1016\/j.comnet.2024.110717"},{"key":"1082_CR43","doi-asserted-by":"crossref","unstructured":"Yang, Hanlin, Yajun Guo, and Yimin Guo. \"Fault-tolerant security-efficiency combined authentication scheme for manned-unmanned teaming.\" Computers & Security 146 (2024): 104052. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S0167404824003572","DOI":"10.1016\/j.cose.2024.104052"},{"key":"1082_CR44","doi-asserted-by":"crossref","unstructured":"Zhou, Li, et al. \"A Comprehensive Survey of Artificial Intelligence Applications in UAV-Enabled Wireless Networks.\" Digital Communications and Networks (2024). https:\/\/www.sciencedirect.com\/science\/article\/pii\/S2352864824001536","DOI":"10.1016\/j.dcan.2024.11.005"},{"key":"1082_CR45","doi-asserted-by":"crossref","unstructured":"Li, Zhihao, et al. \"A secure and efficient UAV network defense strategy: Convergence of blockchain and deep learning.\" Computer Standards & Interfaces 90 (2024): 103844. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S0920548924000138","DOI":"10.1016\/j.csi.2024.103844"},{"key":"1082_CR46","doi-asserted-by":"crossref","unstructured":"Akram, Muhammad Arslan, et al. \"Blockchain-based privacy-preserving authentication protocol for UAV networks.\" Computer Networks 224 (2023): 109638. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S138912862300083X","DOI":"10.1016\/j.comnet.2023.109638"},{"key":"1082_CR47","doi-asserted-by":"crossref","unstructured":"Zhao, Xu, et al. \"SAC-based UAV mobile edge computing for energy minimization and secure data transmission.\" Ad Hoc Networks 157 (2024): 103435. https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S1570870524000465","DOI":"10.1016\/j.adhoc.2024.103435"},{"key":"1082_CR48","unstructured":"OWASP, S. Software assurance maturity model version 2. (2022)."},{"key":"1082_CR49","unstructured":"Microsoft. \"Simplified Implementation of the Microsoft SDL.\" (2010)."},{"key":"1082_CR50","doi-asserted-by":"publisher","unstructured":"Thuraisingham, B. and Hamlen, K. W. . \"Challenges and future directions of software technology: Secure software development.\" 2010 IEEE 34th Annual Computer Software and Applications Conference. IEEE, 2010. https:\/\/doi.org\/10.1109\/COMPSAC.2010.88","DOI":"10.1109\/COMPSAC.2010.88"},{"issue":"2","key":"1082_CR51","doi-asserted-by":"publisher","first-page":"83","DOI":"10.5121\/ijcsit.2012.4207","volume":"4","author":"M Kara","year":"2012","unstructured":"Kara, M.: Review on common criteria as a secure software development model. International Journal of Computer Science & Information Technology 4(2), 83 (2012). https:\/\/doi.org\/10.5121\/ijcsit.2012.4207","journal-title":"International Journal of Computer Science & Information Technology"},{"key":"1082_CR52","unstructured":"Solutions, C.-W.D. Curtiss-Wright Defense Solutions Data Transport System 1-Slot Hardware Encryption Layer version 5.1 (FDEEEcPP20E\/FDEAAcPP20E) Security Target. 2020; Available from: https:\/\/commoncriteriaportal.org\/files\/epfiles\/st_vid11096-st.pdf."},{"key":"1082_CR53","unstructured":"EADS-CASA. EADS Air Segment System Protection Profile. 2011; Available from: https:\/\/www.commoncriteriaportal.org\/files\/ppfiles\/2010-35-INF-627.pdf."},{"key":"1082_CR54","unstructured":"Board, C.C. Common Evaluation Methodology CEM. 2022 Rev1. Retrieved March 1, 2023. Available from: https:\/\/www.commoncriteriaportal.org\/files\/ccfiles\/CEM2022R1.pdf"},{"key":"1082_CR55","doi-asserted-by":"publisher","unstructured":"Ozmen, Muslum Ozgur, and Attila A. Yavuz. \"Dronecrypt-an efficient cryptographic framework for small aerial drones.\" MILCOM 2018\u20132018 IEEE Military Communications Conference (MILCOM). IEEE, 2018. https:\/\/doi.org\/10.1109\/MILCOM.2018.8599784","DOI":"10.1109\/MILCOM.2018.8599784"},{"key":"1082_CR56","doi-asserted-by":"publisher","unstructured":"Feng, Zhiwei, et al. \"\"Efficient drone hijacking detection using two-step GA-XGBoost.\"\" Journal of Systems Architecture 103 (2020): 101694. https:\/\/doi.org\/10.1016\/j.sysarc.2019.101694","DOI":"10.1016\/j.sysarc.2019.101694"},{"key":"1082_CR57","doi-asserted-by":"publisher","unstructured":"Abdi, Fardin, et al. \"Guaranteed physical security with restart-based design for cyber-physical systems.\" 2018 ACM\/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS). IEEE, 2018. https:\/\/doi.org\/10.1109\/ICCPS.2018.00010","DOI":"10.1109\/ICCPS.2018.00010"},{"key":"1082_CR58","doi-asserted-by":"publisher","unstructured":"Zhu, Haibei, et al. \"Operator strategy model development in UAV hacking detection.\" IEEE Transactions on Human-Machine Systems 49.6 (2019): 540\u2013549. https:\/\/doi.org\/10.1109\/THMS.2018.2888578","DOI":"10.1109\/THMS.2018.2888578"},{"key":"1082_CR59","doi-asserted-by":"publisher","unstructured":"Abdi, Fardin, et al. \"Preserving physical safety under cyber attacks.\" IEEE Internet of Things Journal 6.4 (2018): 6285\u20136300. https:\/\/doi.org\/10.1109\/JIOT.2018.2889866","DOI":"10.1109\/JIOT.2018.2889866"},{"key":"1082_CR60","doi-asserted-by":"publisher","unstructured":"Cheon, Jung Hee, et al. \"Toward a secure drone system: Flying with real-time homomorphic authenticated encryption.\" IEEE access 6 (2018): 24325\u201324339. https:\/\/doi.org\/10.1109\/ACCESS.2018.2819189","DOI":"10.1109\/ACCESS.2018.2819189"},{"key":"1082_CR61","doi-asserted-by":"publisher","unstructured":"Ch, Rupa, et al. \"\"Security and privacy of UAV data using blockchain technology.\"\" Journal of Information security and Applications 55 (2020): 102670. https:\/\/doi.org\/10.1016\/j.jisa.2020.102670","DOI":"10.1016\/j.jisa.2020.102670"},{"issue":"4","key":"1082_CR62","doi-asserted-by":"publisher","first-page":"1326","DOI":"10.1016\/j.jnca.2011.03.018","volume":"34","author":"S Senol","year":"2011","unstructured":"Senol, S., Leblebicioglu, K., Schmidt, E.G.: INtERCEDE: An algorithmic approach to networked control system design. J. Netw. Comput. Appl. 34(4), 1326\u20131341 (2011). https:\/\/doi.org\/10.1016\/j.jnca.2011.03.018","journal-title":"J. Netw. Comput. Appl."},{"issue":"2","key":"1082_CR63","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3001836","volume":"1","author":"R Altawy","year":"2016","unstructured":"Altawy, R., Youssef, A.M.: Security, privacy, and safety aspects of civilian drones: A survey. ACM Transactions on Cyber-Physical Systems 1(2), 1\u201325 (2016). https:\/\/doi.org\/10.1145\/3001836","journal-title":"ACM Transactions on Cyber-Physical Systems"},{"key":"1082_CR64","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2020.100218","volume":"11","author":"JP Yaacoub","year":"2020","unstructured":"Yaacoub, J.P., et al.: Security analysis of drones systems: Attacks, limitations, and recommendations. Internet of Things 11, 100218 (2020). https:\/\/doi.org\/10.1016\/j.iot.2020.100218","journal-title":"Internet of Things"},{"key":"1082_CR65","doi-asserted-by":"publisher","unstructured":"Gupta, Maanak, et al. \"Security and privacy in smart farming: Challenges and opportunities.\" IEEE access 8 (2020): 34564\u201334584. https:\/\/doi.org\/10.1109\/ACCESS.2020.2975142","DOI":"10.1109\/ACCESS.2020.2975142"},{"issue":"11","key":"1082_CR66","doi-asserted-by":"publisher","first-page":"6990","DOI":"10.1109\/TCOMM.2020.3010289","volume":"68","author":"A Sanjab","year":"2020","unstructured":"Sanjab, A., Saad, W., Ba\u015far, T.: A game of drones: Cyber-physical security of time-critical UAV applications with cumulative prospect theory perceptions and valuations. IEEE Trans. Commun. 68(11), 6990\u20137006 (2020). https:\/\/doi.org\/10.1109\/TCOMM.2020.3010289","journal-title":"IEEE Trans. Commun."},{"key":"1082_CR67","doi-asserted-by":"publisher","unstructured":"Sedjelmaci, Hichem, et al. \"An efficient cyber defense framework for UAV-Edge computing network.\" Ad Hoc Networks\u00a094 (2019): 101970. https:\/\/doi.org\/10.1016\/j.adhoc.2019.101970","DOI":"10.1016\/j.adhoc.2019.101970"},{"key":"1082_CR68","doi-asserted-by":"publisher","unstructured":"Sharma, Vishal, et al. \"Behavior and vulnerability assessment of drones-enabled industrial internet of things (iiot).\" IEEE Access 6 (2018): 43368\u201343383. https:\/\/doi.org\/10.1109\/ACCESS.2018.2856368","DOI":"10.1109\/ACCESS.2018.2856368"},{"key":"1082_CR69","doi-asserted-by":"publisher","unstructured":"Yaacoub, Jean-Paul A., et al. \"\"Cyber-physical systems security: Limitations, issues and future trends.\"\" Microprocessors and microsystems 77 (2020): 103201. https:\/\/doi.org\/10.1016\/j.micpro.2020.103201","DOI":"10.1016\/j.micpro.2020.103201"},{"key":"1082_CR70","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2022.102894","volume":"133","author":"KY Tsao","year":"2022","unstructured":"Tsao, K.Y., Girdler, T., Vassilakis, V.G.: A survey of cyber security threats and solutions for UAV communications and flying ad-hoc networks. Ad Hoc Netw. 133, 102894 (2022)","journal-title":"Ad Hoc Netw."},{"key":"1082_CR71","doi-asserted-by":"crossref","unstructured":"Albalawi, M., & Song, H. (2019, April). Data security and privacy issues in swarms of drones. In 2019 Integrated Communications, Navigation and Surveillance Conference (ICNS) (pp. 1\u201311). IEEE.","DOI":"10.1109\/ICNSURV.2019.8735133"},{"key":"1082_CR72","unstructured":"The CORAS Method. (2023, March 16). https:\/\/coras.sourceforge.net\/"},{"key":"1082_CR73","unstructured":"Mehari. (2023, March 16). https:\/\/www.enisa.europa.eu\/topics\/risk-management\/current-risk\/risk-management-inventory\/rm-ra-methods\/m_mehari.html"},{"key":"1082_CR74","doi-asserted-by":"publisher","unstructured":"Monteuuis, JP., et al. \"Sara: Security automotive risk analysis method.\" Proceedings of the 4th ACM Workshop on Cyber-Physical System Security. 2018. https:\/\/doi.org\/10.1145\/3198458.3198465","DOI":"10.1145\/3198458.3198465"},{"key":"1082_CR75","unstructured":"NIST. (2018). Systematic Risk Analysis Method (SRAM). Retrieved from https:\/\/nvlpubs.nist.gov\/nistpubs\/Legacy\/SP\/nistspecialpublication800-40r2.pdf"},{"key":"1082_CR76","unstructured":"Security Risk Management Institute. (2017). Risk and Threat Analysis Framework (RTAF). Retrieved from https:\/\/srmiportal.org\/rta\/rta-overview\/"},{"key":"1082_CR77","unstructured":"ISO. (2020). Risk Management Framework (RMF). Retrieved from https:\/\/www.iso.org\/standard\/70102.html"},{"key":"1082_CR78","doi-asserted-by":"publisher","unstructured":"Blank, R., and P. Gallagher. \"Guide for conducting risk assessments NIST special publication 800\u201330 Revision 1 JOINT TASK FORCE TRANSFORMATION INITIATIVE.\" (2012). https:\/\/doi.org\/10.6028\/NIST.SP.800-30r1","DOI":"10.6028\/NIST.SP.800-30r1"},{"key":"1082_CR79","unstructured":"ISO\/IEC 27005:2022. (2022, November 29). ISO. Retrieved December 1, 2023, from https:\/\/www.iso.org\/standard\/80585.html"},{"key":"1082_CR80","unstructured":"DREAD Researchgate.net. [cited 2021 Jun 6]. Available from: https:\/\/www.researchgate.net\/publication\/332591691_Threat_Modeling_of_Internet_of_Things_Health_Devices"},{"key":"1082_CR81","doi-asserted-by":"publisher","unstructured":"Pape, N., & Mansour, C. (2024). PASTA Threat Modeling for Vehicular Networks Security. 2024 7th International Conference on Information and Computer Technologies (ICICT), 474\u2013478. https:\/\/doi.org\/10.1109\/ICICT62343.2024.00083","DOI":"10.1109\/ICICT62343.2024.00083"},{"key":"1082_CR82","doi-asserted-by":"publisher","unstructured":"Yadav, T., & Rao, A. M. (2015). Technical Aspects of Cyber Kill Chain. In J. H. Abawajy, S. Mukherjea, S. M. Thampi, & A. Ruiz-Mart\u00ednez (Eds.), Security in Computing and Communications (pp. 438\u2013452). Springer International Publishing. https:\/\/doi.org\/10.1007\/978-3-319-22915-7_40","DOI":"10.1007\/978-3-319-22915-7_40"},{"key":"1082_CR83","doi-asserted-by":"crossref","unstructured":"Alberts, C. J., Behrens, S. G., Pethia, R. D., & Wilson, W. R. (1999). Operationally critical threat, asset, and vulnerability evaluation (OCTAVE) framework, Version 1.0.","DOI":"10.21236\/ADA367718"},{"key":"1082_CR84","doi-asserted-by":"crossref","unstructured":"Ahmed, M., Panda, S., Xenakis, C., & Panaousis, E. (2022, August). MITRE ATT&CK-driven cyber risk assessment. In Proceedings of the 17th International Conference on Availability, Reliability and Security (pp. 1\u201310).","DOI":"10.1145\/3538969.3544420"},{"key":"1082_CR85","doi-asserted-by":"publisher","unstructured":"Khan, Rafiullah, et al. \"STRIDE-based threat modeling for cyber-physical systems.\" 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). IEEE, 2017. https:\/\/doi.org\/10.1109\/ISGTEurope.2017.8260283","DOI":"10.1109\/ISGTEurope.2017.8260283"},{"key":"1082_CR86","doi-asserted-by":"publisher","unstructured":"Rouland, Quentin, Brahim Hamid, and Jason Jaskolka. \"\"Specification, detection, and treatment of STRIDE threats for software components: Modeling, formal methods, and tool support.\"\" Journal of Systems Architecture 117 (2021): 102073. https:\/\/doi.org\/10.1016\/j.sysarc.2021.102073","DOI":"10.1016\/j.sysarc.2021.102073"},{"key":"1082_CR87","doi-asserted-by":"publisher","unstructured":"Sattar, Danish, et al. \"A stride threat model for 5g core slicing.\" 2021 IEEE 4th 5G World Forum (5GWF). IEEE, 2021. https:\/\/doi.org\/10.1109\/5GWF52925.2021.00050","DOI":"10.1109\/5GWF52925.2021.00050"},{"key":"1082_CR88","doi-asserted-by":"publisher","unstructured":"Hussain, Shafiq, Harry Erwin, and Peter Dunne. \"Threat modeling using formal methods: A new approach to develop secure web applications.\" 2011 7th International Conference on Emerging Technologies. IEEE, 2011. https:\/\/doi.org\/10.1109\/ICET.2011.6048492","DOI":"10.1109\/ICET.2011.6048492"},{"key":"1082_CR89","doi-asserted-by":"publisher","first-page":"48572","DOI":"10.1109\/access.2019.2909530","volume":"7","author":"H Shakhatreh","year":"2019","unstructured":"Shakhatreh, H., et al.: Unmanned aerial vehicles (UAVs): A survey on civil applications and key research challenges. Ieee Access 7, 48572\u201348634 (2019). https:\/\/doi.org\/10.1109\/access.2019.2909530","journal-title":"Ieee Access"},{"key":"1082_CR90","doi-asserted-by":"publisher","unstructured":"Tvaronavi\u010dien\u0117, M., et. al. \"Cyber security management model for critical infrastructure protection.\" Proceedings of the Selected papers of the International Scientific Conference \u201cContemporary Issues in Business, Management and Economics Engineering. 2021. https:\/\/doi.org\/10.3846\/cibmee.2021.611","DOI":"10.3846\/cibmee.2021.611"},{"key":"1082_CR91","unstructured":"Secure by Design. (n.d.). Retrieved September 21, 2024, from https:\/\/ieeexplore.ieee.org\/document\/10280236"},{"key":"1082_CR92","unstructured":"The National Institute of Standards and Technology (NIST) The National Institute of Standards and Technology (NIST). (2023, March). [National Vulnerability Database]. Retrieved March 17, 2023, from https:\/\/nvd.nist.gov\/general\/nvd-dashboard"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01082-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01082-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01082-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,5]],"date-time":"2025-09-05T11:32:51Z","timestamp":1757071971000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01082-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,1]]},"references-count":92,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,8]]}},"alternative-id":["1082"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01082-4","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,1]]},"assertion":[{"value":"8 June 2025","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 July 2025","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflicts of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}],"article-number":"169"}}