{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T02:06:29Z","timestamp":1773194789639,"version":"3.50.1"},"reference-count":26,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,12,8]]},"DOI":"10.1109\/acsacw69556.2025.00037","type":"proceedings-article","created":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T19:56:13Z","timestamp":1773086173000},"page":"290-297","source":"Crossref","is-referenced-by-count":0,"title":["Goal-Driven Risk Assessment for LLM-Powered Systems: A Healthcare Case Study"],"prefix":"10.1109","author":[{"given":"Neha","family":"Nagaraja","sequence":"first","affiliation":[{"name":"Northern Arizona University,School of Informatics, Computing, and Cyber Systems,Flagstaff,USA"}]},{"given":"Hayretdin","family":"Bahsi","sequence":"additional","affiliation":[{"name":"Northern Arizona University,School of Informatics, Computing, and Cyber Systems,Flagstaff,USA"}]}],"member":"263","reference":[{"key":"ref1","article-title":"GPT-4 Technical Report","volume-title":"OpenAI, Tech. Rep.","author":"Achiam","year":"2024"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.2196\/52399"},{"key":"ref3","article-title":"Winning the race: America\u2019s ai action plan","year":"2025"},{"key":"ref4","first-page":"e60083","article-title":"Ethical considerations and fundamental principles of large language models in medical education: Viewpoint","volume-title":"Journal of Medical Internet Research","volume":"26","author":"Zhui","year":"2024"},{"key":"ref5","article-title":"An early categorization of prompt injection attacks on large language models","author":"Rossi","year":"2024"},{"key":"ref6","article-title":"Comprehensive assessment of jailbreak attacks against llms","author":"Chu","year":"2024"},{"key":"ref7","article-title":"Owasp top 10 for large language model applications","year":"2023"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.5220\/0013289700003899"},{"key":"ref9","article-title":"Mapping llm security landscapes: A comprehensive stakeholder risk assessment proposal","author":"Pankajakshan","year":"2024"},{"key":"ref10","article-title":"Threat modelling and risk analysis for large language model (llm)-powered applications","author":"Tete","year":"2024"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.3390\/bdcc8110161"},{"key":"ref12","article-title":"Prompt injection attacks on large language models in oncology","author":"Clusmann","year":"2024"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/s42979-023-02221-1"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3689942.3694754"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1080\/19361610.2019.1545278"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2022.3144130"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom60117.2023.00157"},{"key":"ref18","first-page":"4909","article-title":"There are rabbit holes i want to go down that i\u2019m not allowed to go down: An investigation of security expert threat modeling practices for medical device","volume-title":"Proc. USENIX Security 2024","author":"Thompson"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-48393-1_24"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/access.2024.3497011"},{"key":"ref21","article-title":"A limited technical background is sufficient for attack-defense tree acceptability","author":"Schiele","year":"2025"},{"key":"ref22","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2025.241772","article-title":"I know what you asked: Prompt leakage via kv-cache sharing in multi-tenant llm serving","volume-title":"NDSS","author":"Wu"},{"key":"ref23","article-title":"Ssa toolkit: Set risk criteria"},{"key":"ref24","article-title":"Shadowray: First known attack campaign targeting ai workloads actively exploited in the wild","volume-title":"Oligo Security Blog","author":"Lumelsky","year":"2024"},{"key":"ref25","doi-asserted-by":"crossref","DOI":"10.18653\/v1\/2025.findings-acl.349","article-title":"Red-teaming llm multi-agent systems via communication attacks","author":"He","year":"2025"},{"key":"ref26","doi-asserted-by":"crossref","DOI":"10.21203\/rs.3.rs-3970015\/v1","article-title":"Applications of llms for generating cyber security exercise scenarios","volume-title":"Research Square Preprint","author":"Yamin","year":"2024"}],"event":{"name":"2025 Annual Computer Security Applications Conference Workshops (ACSAC Workshops)","location":"Honolulu, HI, USA","start":{"date-parts":[[2025,12,8]]},"end":{"date-parts":[[2025,12,9]]}},"container-title":["2025 Annual Computer Security Applications Conference Workshops (ACSAC Workshops)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11417955\/11417996\/11418030.pdf?arnumber=11418030","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T05:28:47Z","timestamp":1773120527000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11418030\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,8]]},"references-count":26,"URL":"https:\/\/doi.org\/10.1109\/acsacw69556.2025.00037","relation":{},"subject":[],"published":{"date-parts":[[2025,12,8]]}}}