{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,22]],"date-time":"2026-06-22T12:55:20Z","timestamp":1782132920042,"version":"3.54.5"},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2026,5,20]],"date-time":"2026-05-20T00:00:00Z","timestamp":1779235200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,5,20]],"date-time":"2026-05-20T00:00:00Z","timestamp":1779235200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100018693","name":"HORIZON EUROPE Framework Programme","doi-asserted-by":"publisher","award":["101119747"],"award-info":[{"award-number":["101119747"]}],"id":[{"id":"10.13039\/100018693","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100014013","name":"UK Research and Innovation","doi-asserted-by":"publisher","award":["10087006"],"award-info":[{"award-number":["10087006"]}],"id":[{"id":"10.13039\/100014013","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SN COMPUT. SCI."],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Internet of things (IoT) ecosystems introduce significant cybersecurity challenges due to device heterogeneity, firmware opacity, constrained resources, distributed deployment, and the integration of devices within wider socio-technical systems where they are used. Existing approaches to address IoT cybersecurity typically address isolated aspects of this problem, such as vulnerability enumeration, anomaly detection, or risk assessment; but without integrating them across the full lifecycle of devices and systems. This paper presents an extensible architecture that unifies cybersecurity testing, runtime monitoring, contextual risk modelling, secure update mechanisms, and auditable evidence management for IoT ecosystems that aims to address these challenges. The framework supports both device under test and system under test perspectives and integrates component-level techniques (such as SBOM generation, network fuzzing, machine learning-based anomaly detection, and access control risk evaluation) with system-level, knowledge-based, risk modelling to capture threat propagation across interconnected assets. A distributed ledger-backed auditable data infrastructure ensures integrity and traceability of indicators, results, and decisions. Automated workflow orchestration enables flexible tool chaining and lifecycle-aware execution aligned with established security development lifecycles. The approach is validated through three industrial use cases in aviation cargo monitoring, smart manufacturing, and telecommunication residential gateways. Results demonstrate the feasibility of combining static analysis, runtime indicators, and dynamic risk assessment to prioritise vulnerabilities contextually, detect anomalous behaviour, and support secure patch deployment in resource-constrained environments. The work advances lifecycle-integrated, system-aware cybersecurity assurance for IoT ecosystems and highlights the need for contextualised, interoperable tooling to address systemic vulnerability and risk propagation in complex systems where IoT, ICT and people interact.<\/jats:p>","DOI":"10.1007\/s42979-026-05048-8","type":"journal-article","created":{"date-parts":[[2026,5,20]],"date-time":"2026-05-20T12:07:30Z","timestamp":1779278850000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Toward Cybersecurity Testing and Monitoring of IoT Ecosystems"],"prefix":"10.1007","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9937-1762","authenticated-orcid":false,"given":"Steve","family":"Taylor","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7127-6694","authenticated-orcid":false,"given":"Martin Gilje","family":"Jaatun","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8868-597X","authenticated-orcid":false,"given":"Aida","family":"Omerovic","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2874-3650","authenticated-orcid":false,"given":"Ravi","family":"Borgaonkar","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8518-8433","authenticated-orcid":false,"given":"Robert","family":"Seidl","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-6277-6916","authenticated-orcid":false,"given":"Norbert","family":"Goetze","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-6818-9380","authenticated-orcid":false,"given":"Jens","family":"Kuhr","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1336-8731","authenticated-orcid":false,"given":"Dmytro","family":"Prosvirin","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-3707-2882","authenticated-orcid":false,"given":"Manuel","family":"Leone","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8431-0550","authenticated-orcid":false,"given":"Andrey","family":"Kuznetsov","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7676-2808","authenticated-orcid":false,"given":"Anatoliy","family":"Gritskevich","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-1304-530X","authenticated-orcid":false,"given":"Antonis","family":"Mpantis","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-0781-6141","authenticated-orcid":false,"given":"Oscar Garcia","family":"Perales","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2034-253X","authenticated-orcid":false,"given":"Bernd-Ludwig","family":"Wenning","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3495-4641","authenticated-orcid":false,"given":"Sayon","family":"Duttagupta","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2026,5,20]]},"reference":[{"key":"5048_CR1","doi-asserted-by":"crossref","unstructured":"Taylor S, Jaatun M, McGibney A, Seidl R, Hrynchenko P, Prosvirin D, Mancilla R. A framework addressing challenges in cybersecurity testing of IoT ecosystems and components. In: Proceedings of the 9th International Conference on Internet of Things, Big Data and Security. 2024. pp. 226\u2013234. ISBN 978-989-758-699-6. ISSN 2184\u20134976.","DOI":"10.5220\/0012676300003705"},{"key":"5048_CR2","unstructured":"Digital agenda for Europe. European Parliament Fact Sheets. 2025. https:\/\/www.europarl.europa.eu\/factsheets\/en\/sheet\/64\/digital-agenda-for-europe"},{"key":"5048_CR3","unstructured":"Next Generation Internet initiative. Shaping Europe\u2019s digital future. 2021. https:\/\/digital-strategy.ec.europa.eu\/en\/policies\/next-generation-internet-initiative."},{"issue":"2","key":"5048_CR4","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MSECP.2004.1281254","volume":"2","author":"G McGraw","year":"2004","unstructured":"McGraw G. Software security. IEEE Secur Priv. 2004;2(2):80\u20133. https:\/\/doi.org\/10.1109\/MSECP.2004.1281254.","journal-title":"IEEE Secur Priv"},{"key":"5048_CR5","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1016\/j.jisa.2017.11.002","volume":"38","author":"M Ammar","year":"2018","unstructured":"Ammar M, Russello G, Crispo B. Internet of Things: A survey on the security of IoT frameworks. J Inform Secur Appl Internet Things. 2018;38:8\u201327. https:\/\/doi.org\/10.1016\/j.jisa.2017.11.002.","journal-title":"J Inform Secur Appl Internet Things"},{"key":"5048_CR6","doi-asserted-by":"publisher","unstructured":"Sommer R, Paxson V. Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE symposium on security and privacy. Oakland; 2010. pp. 305\u2013316. https:\/\/doi.org\/10.1109\/SP.2010.25.","DOI":"10.1109\/SP.2010.25"},{"key":"5048_CR7","doi-asserted-by":"publisher","first-page":"152379","DOI":"10.1109\/ACCESS.2021.3126834","volume":"9","author":"S Wang","year":"2021","unstructured":"Wang S, Balarezo JF, Kandeepan S, Al-Hourani A, Chavez KG, Rubinstein B. Machine learning in network anomaly detection: a survey. IEEE Access. 2021;9:152379\u201396. https:\/\/doi.org\/10.1109\/ACCESS.2021.3126834.","journal-title":"IEEE Access"},{"key":"5048_CR8","doi-asserted-by":"crossref","unstructured":"Vigneswaran RK, Vinayakumar R, Soman KP, Poornachandran P. Evaluating shallow and deep neural networks for network intrusion detection systems in cyber security. In: 2018 9th International conference on computing, communication and networking technologies (ICCCNT). IEEE; 2018. pp. 1\u20136.","DOI":"10.1109\/ICCCNT.2018.8494096"},{"issue":"15","key":"5048_CR9","doi-asserted-by":"publisher","first-page":"5690","DOI":"10.3390\/s22155690","volume":"22","author":"MM Alani","year":"2022","unstructured":"Alani MM, et al. Towards an explainable universal feature set for IoT intrusion detection. Sensors. 2022;22(15):5690. https:\/\/doi.org\/10.3390\/s22155690.","journal-title":"Sensors"},{"key":"5048_CR10","doi-asserted-by":"publisher","first-page":"101589","DOI":"10.1016\/j.iot.2025.101589","volume":"31","author":"S Bin Hulayyil","year":"2025","unstructured":"Bin Hulayyil S, Li S, Saxena N. Explainable AI-based intrusion detection in IoT systems. Internet Things. 2025;31:101589. https:\/\/doi.org\/10.1016\/j.iot.2025.101589.","journal-title":"Internet Things"},{"key":"5048_CR11","doi-asserted-by":"publisher","unstructured":"Alrawi O, Lever C, Antonakakis M, Monrose F. SoK: security evaluation of home-based IoT deployments. In: 2019 IEEE symposium on security and privacy. San Francisco; 2019. pp. 1362\u20131380. https:\/\/doi.org\/10.1109\/SP.2019.00013.","DOI":"10.1109\/SP.2019.00013"},{"key":"5048_CR12","doi-asserted-by":"publisher","first-page":"82482","DOI":"10.1109\/ACCESS.2024.3404264","volume":"12","author":"SC Phillips","year":"2024","unstructured":"Phillips SC, Taylor S, Boniface M, Modafferi S, Surridge M. Automated knowledge-based cybersecurity risk assessment of cyber-physical systems. IEEE Access. 2024;12:82482\u2013505. https:\/\/doi.org\/10.1109\/ACCESS.2024.3404264.","journal-title":"IEEE Access"},{"key":"5048_CR13","doi-asserted-by":"publisher","unstructured":"Jaatun LA, S\u00f8rlien SM, Borgaonkar R, Taylor S, Jaatun MG. Software bill of materials in critical infrastructure. In: 2023 IEEE international conference on cloud computing technology and science (CloudCom). Naples; 2023. pp. 319\u2013324. https:\/\/doi.org\/10.1109\/CloudCom59040.2023.00059.","DOI":"10.1109\/CloudCom59040.2023.00059"},{"key":"5048_CR14","doi-asserted-by":"publisher","unstructured":"Jacobs J, Romanosky S, Suciu O, Edwards B, Sarabi A. Enhancing vulnerability prioritization: data-driven exploit predictions with community-driven insights. In: 2023 IEEE European symposium on security and privacy workshops (EuroS&PW). Delft; 2023. pp. 194\u2013206. https:\/\/doi.org\/10.1109\/EuroSPW59978.2023.00027.","DOI":"10.1109\/EuroSPW59978.2023.00027"},{"key":"5048_CR15","doi-asserted-by":"publisher","unstructured":"Taylor S, Melas P, Surridge M, De Lutiis P, Leone M, Jaatun MG, Borgaonkar R. Cybersecurity vulnerability prioritisation via risk assessment. In: International conference on availability, reliability and security. Cham: Springer Nature Switzerland; 2025. pp. 57\u201369. https:\/\/doi.org\/10.1007\/978-3-032-00639-4_4.","DOI":"10.1007\/978-3-032-00639-4_4"},{"issue":"12","key":"5048_CR16","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1145\/96267.96279","volume":"33","author":"BP Miller","year":"1990","unstructured":"Miller BP, Fredriksen L, So B. An empirical study of the reliability of UNIX utilities. Commun ACM. 1990;33(12):32\u201344.","journal-title":"Commun ACM"},{"issue":"3","key":"5048_CR17","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1109\/TSE.2009.91","volume":"36","author":"J Antunes","year":"2010","unstructured":"Antunes J, Neves N, Correia M, Verissimo P, Neves R. Vulnerability Discovery with Attack Injection. IEEE Trans Software Eng. 2010;36(3):357\u201370. https:\/\/doi.org\/10.1109\/TSE.2009.91.","journal-title":"IEEE Trans Software Eng"},{"issue":"1","key":"5048_CR18","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1109\/JAS.2022.105860","volume":"10","author":"X Feng","year":"2023","unstructured":"Feng X, Zhu X, Han Q-L, Zhou W, Wen S, Xiang Y. Detecting Vulnerability on IoT Device Firmware: A Survey. IEEE\/CAA J Automatica Sinica. 2023;10(1):25\u201341. https:\/\/doi.org\/10.1109\/JAS.2022.105860.","journal-title":"IEEE\/CAA J Automatica Sinica"},{"key":"5048_CR19","doi-asserted-by":"publisher","first-page":"103389","DOI":"10.1016\/j.cose.2023.103389","volume":"132","author":"M Akiyama","year":"2023","unstructured":"Akiyama M, Shiraishi S, Fukumoto A, Yoshimoto R, Shioji E, Yamauchi T. Seeing is not always believing: insights on IoT manufacturing from firmware composition analysis and vendor survey. Comput Secur. 2023;132:103389. https:\/\/doi.org\/10.1016\/j.cose.2023.103389.","journal-title":"Comput Secur"},{"key":"5048_CR20","unstructured":"Regulation (EU). 2017\/745 of the European Parliament and of the Council of 5 April 2017 on medical devices. https:\/\/eur-lex.europa.eu\/eli\/reg\/2017\/745\/oj\/eng."},{"key":"5048_CR21","unstructured":"ISO\/IEC 27001. 2022. Information security, cybersecurity and privacy protection\u2014Information security management systems\u2014requirements. International Organization for Standardization; 2022. https:\/\/www.iso.org\/standard\/27001."},{"key":"5048_CR22","unstructured":"Cardenas AA, Amin S, Sastry S. Research challenges for the security of control systems. In: Proceedings of the 3rd USENIX workshop on hot topics in security (HotSec). 2008. Available at: https:\/\/www.usenix.org\/legacy\/event\/hotsec08\/tech\/full_papers\/cardenas\/cardenas.pdf."},{"issue":"5","key":"5048_CR23","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MITP.2017.3680959","volume":"19","author":"JRC De Nurse","year":"2017","unstructured":"Nurse JRC, Creese S, De Roure D. Security Risk Assessment in Internet of Things Systems. IT Prof. 2017;19(5):20\u20136. https:\/\/doi.org\/10.1109\/MITP.2017.3680959.","journal-title":"IT Prof"},{"key":"5048_CR24","doi-asserted-by":"crossref","unstructured":"Androulaki E, Barger A, Bortnikov V, Cachin C, Christidis K, De Caro A, Enyeart D, Ferris C, Laventman G, Manevich Y, Muralidharan S, Murthy C, Nguyen B, Sethi M, Singh G, Smith K, Sorniotti A, Stathakopoulou C, Vukoli\u0107 M, Cocco S, Yellick J. Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the thirteenth EuroSys conference. 2018. pp. 1\u201315.","DOI":"10.1145\/3190508.3190538"},{"issue":"10","key":"5048_CR25","doi-asserted-by":"publisher","first-page":"6575","DOI":"10.1109\/TII.2020.2976747","volume":"16","author":"JE Rubio","year":"2020","unstructured":"Rubio JE, Roman R, Lopez J. Integration of a threat traceability solution in the industrial internet of things. IEEE Trans Industr Inf. 2020;16(10):6575\u201383. https:\/\/doi.org\/10.1109\/TII.2020.2976747.","journal-title":"IEEE Trans Industr Inf"},{"key":"5048_CR26","unstructured":"Ornstein D, Rice T. Building the next generation of the Microsoft Security Development Lifecycle (SDL). Microsoft Security Blog; 2024. https:\/\/www.microsoft.com\/en-us\/security\/blog\/2024\/03\/07\/evolving-microsoft-security-development-lifecycle-sdl-how-continuous-sdl-can-help-you-build-more-secure-software\/. Accessed 7 Mar."},{"key":"5048_CR27","doi-asserted-by":"publisher","unstructured":"Taylor S, Goetze N, Abendroth J, Kuhr J, Mancilla RO, Wenning BL, Kuruppuarachchi P, Omerovic A, Borgaonkar R, Skytterholm AN, Mpantis A, Triantafyllou G, Garcia O, Zaritskyi O. Cybersecurity indicators within a cybersecurity testing and monitoring framework. In: Proceedings of the 10th international conference on internet of things, big data and security. 2025. pp. 416\u2013427. https:\/\/doi.org\/10.5220\/0013465100003944.","DOI":"10.5220\/0013465100003944"},{"key":"5048_CR28","unstructured":"Bakurova AV, Zaritskyi OV, Gritskevich AA, Hrynchenko PV, Tereschenko EV, Shyrokorad DV. Assessment of the vulnerability of the information system based on fuzzy mathematics. In: Combinatorial configurations and their applications: materials of the XXVI international scientific and practical seminar. 2024. pp. 20\u201325."},{"key":"5048_CR29","unstructured":"Lytvyn V, Bakurova A, Zaritskyi O, Gritskevich A, Hrynchenko P, Tereschenko E, Shyrokorad D. Fuzzy logic-based methodology for building access control systems. In: Proceedings of MoDaST-2024: 6th international workshop on modern data science technologies. 2024. CEUR-WS Vol-3723. https:\/\/ceur-ws.org\/Vol-3723\/paper7.pdf."},{"key":"5048_CR30","doi-asserted-by":"publisher","unstructured":"Zaritskyi OV, Bakurova AV, Gritskevich AA, Hrynchenko PV, Tereschenko EV, Shyrokorad DV. AI-driven access control system for smart factory devices. In: 2025 IEEE international conference on smart computing (SMARTCOMP). Cork, Ireland; 2025. pp. 264\u2013269. https:\/\/doi.org\/10.1109\/SMARTCOMP65954.2025.00084.","DOI":"10.1109\/SMARTCOMP65954.2025.00084"},{"key":"5048_CR31","doi-asserted-by":"publisher","unstructured":"Arguello-Ron D, Aguayo-Mendoza A, Garc\u00eda-Perales O, Mpantis A, Triantafyllou G, Goetze N, Mancilla RO. Anomaly detection tools for the lifecycle security of smart systems. In: 2025 IEEE international conference on smart computing (SMARTCOMP). Cork, Ireland; 2025. pp. 276\u2013281. https:\/\/doi.org\/10.1109\/SMARTCOMP65954.2025.00086.","DOI":"10.1109\/SMARTCOMP65954.2025.00086"},{"key":"5048_CR32","unstructured":"Lee W, Stolfo SJ. Data mining approaches for intrusion detection. In: Proceedings of the 7th USENIX security symposium. 1998. pp. 79\u201393."},{"key":"5048_CR33","doi-asserted-by":"publisher","first-page":"100080","DOI":"10.1016\/j.iot.2019.100080","volume":"7","author":"V De Casola","year":"2019","unstructured":"Casola V, De Benedictis A, Riccio A, Rivera D, Mallouli W, Montes de Oca E. A security monitoring system for internet of things. Internet Things. 2019;7:100080. https:\/\/doi.org\/10.1016\/j.iot.2019.100080.","journal-title":"Internet Things"},{"key":"5048_CR34","doi-asserted-by":"publisher","unstructured":"Shao J, Wei H, Wang Q, Mei H. A runtime model based monitoring approach for cloud. In: 2010 IEEE 3rd international conference on cloud computing. Miami; 2010. pp. 313\u201320. https:\/\/doi.org\/10.1109\/CLOUD.2010.31.","DOI":"10.1109\/CLOUD.2010.31"},{"key":"5048_CR35","doi-asserted-by":"publisher","first-page":"112744","DOI":"10.1109\/ACCESS.2021.3067106","volume":"9","author":"M Fuentes-Garc\u00eda","year":"2021","unstructured":"Fuentes-Garc\u00eda M, Camacho J, Maci\u00e1-Fern\u00e1ndez G. Present and future of network security monitoring. IEEE Access. 2021;9:112744\u201360. https:\/\/doi.org\/10.1109\/ACCESS.2021.3067106.","journal-title":"IEEE Access"},{"key":"5048_CR36","unstructured":"Lundberg SM, Lee SI. A unified approach to interpreting model predictions. In: Proceedings of the 31st international conference on neural information processing systems (NIPS\u201917). 2017. pp. 4768\u201377."},{"key":"5048_CR37","doi-asserted-by":"publisher","unstructured":"Duttagupta S, Singel\u00e9e D, Preneel B. T-HIBE: a novel key establishment solution for decentralized, multi-tenant IoT systems. In: 2022 IEEE 19th annual consumer communications & networking conference (CCNC). Las Vegas; 2022. pp. 766\u2013774. https:\/\/doi.org\/10.1109\/CCNC49033.2022.9700537.","DOI":"10.1109\/CCNC49033.2022.9700537"},{"key":"5048_CR38","doi-asserted-by":"publisher","unstructured":"Duttagupta S, Marin E, Singel\u00e9e D, Preneel B. HAT: secure and practical key establishment for implantable medical devices. In: Proceedings of the thirteenth ACM conference on data and application security and privacy (CODASPY \u201923). 2023. pp. 213\u201324. https:\/\/doi.org\/10.1145\/3577923.3583646.","DOI":"10.1145\/3577923.3583646"},{"key":"5048_CR39","unstructured":"McGibney A, Ranathunga T, Pospisil R. SmartQC: an extensible DLT-based framework for trusted data workflows in smart manufacturing. arXiv preprint arXiv:2402.17868; 2024. http:\/\/arxiv.org\/abs\/2402.17868."},{"key":"5048_CR40","unstructured":"McConaghy T, Marques R, M\u00fcller A, De Jonghe D, McConaghy T, McMullen G, Henderson R, Bellemare S, Granzotto A. BigchainDB: A scalable blockchain database (DRAFT). BigchainDB; 2016. pp. 1\u201365. Available at: https:\/\/www.the-blockchain.com\/docs\/bigchaindb-whitepaper.pdf."},{"key":"5048_CR41","unstructured":"vom Dorp J, Helmke R. Home router security report 2022. Fraunhofer Institute for Communication, Information Processing and Ergonomics FKIE; 2022. https:\/\/www.fkie.fraunhofer.de."},{"key":"5048_CR42","unstructured":"Korolov M. Supply chain attacks show why you should be wary of third-party providers. CSO Online. 2021. Available at: https:\/\/www.csoonline.com\/article\/561323\/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html."},{"key":"5048_CR43","unstructured":"Weidenbach P, vom Dorp J. Home router security report 2020. Fraunhofer Institute for Communication, Information Processing and Ergonomics FKIE; 2020. https:\/\/www.fkie.fraunhofer.de."}],"container-title":["SN Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-026-05048-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s42979-026-05048-8","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-026-05048-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,22]],"date-time":"2026-06-22T12:34:56Z","timestamp":1782131696000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s42979-026-05048-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,5,20]]},"references-count":43,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2026,6]]}},"alternative-id":["5048"],"URL":"https:\/\/doi.org\/10.1007\/s42979-026-05048-8","relation":{},"ISSN":["2661-8907"],"issn-type":[{"value":"2661-8907","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,5,20]]},"assertion":[{"value":"4 October 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 April 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 May 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 June 2026","order":5,"name":"change_date","label":"Change Date","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"Update","order":6,"name":"change_type","label":"Change Type","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The original online version of this article was revised due to several errors in the references. Now, the references has been corrected.","order":7,"name":"change_details","label":"Change Details","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"On behalf of all authors, the corresponding author states that there is no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"The authors used generative artificial intelligence tools to support the drafting and stylistic refinement of the literature review. The tools were not used to generate original scientific claims, analyses, or interpretations. All cited sources were selected, verified, and interpreted by the authors, who assume full responsibility for the content of the manuscript.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Generative AI"}},{"value":"N\/A\u2014no research involving humans or animals was undertaken in this paper.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Research involving human and \/or animals"}},{"value":"N\/A\u2014not required since no research involving human participants was undertaken.","order":5,"name":"Ethics","group":{"name":"EthicsHeading","label":"Informed consent"}}],"article-number":"468"}}