{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,12]],"date-time":"2026-05-12T20:13:26Z","timestamp":1778616806961,"version":"3.51.4"},"reference-count":32,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"6","license":[{"start":{"date-parts":[[2018,12,1]],"date-time":"2018-12-01T00:00:00Z","timestamp":1543622400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/3.0\/legalcode"}],"funder":[{"DOI":"10.13039\/100002186","name":"Lockheed Martin","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100002186","id-type":"DOI","asserted-by":"publisher"}]},{"name":"CyberSecurity@CSAIL"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Internet Things J."],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1109\/jiot.2018.2822842","type":"journal-article","created":{"date-parts":[[2018,4,6]],"date-time":"2018-04-06T19:52:00Z","timestamp":1523044320000},"page":"4486-4495","source":"Crossref","is-referenced-by-count":116,"title":["IIoT Cybersecurity Risk Modeling for SCADA Systems"],"prefix":"10.1109","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6463-7719","authenticated-orcid":false,"given":"Gregory","family":"Falco","sequence":"first","affiliation":[]},{"given":"Carlos","family":"Caldera","sequence":"additional","affiliation":[]},{"given":"Howard","family":"Shrobe","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref32","year":"2016","journal-title":"National Vulnerability Database"},{"key":"ref31","year":"2018","journal-title":"CWE-200 Information Exposure (3 0)&#x2014;Potential Mitigations"},{"key":"ref30","year":"2018","journal-title":"CWE-20 Improper Input Validation (3 0)&#x2014;Potential Mitigations"},{"key":"ref10","author":"weiss","year":"2010","journal-title":"Protecting Industrial Control Systems from Electronic Threats"},{"key":"ref11","first-page":"16","article-title":"Guide to industrial control systems (ICS) security","volume":"800","author":"stouffer","year":"2011","journal-title":"NIST Special Publication"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.isatra.2007.04.003"},{"key":"ref13","author":"obama","year":"2013","journal-title":"Executive Order-Improving Critical Infrastructure Cybersecurity"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.22215\/timreview\/837"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1017\/S1466046611000275"},{"key":"ref16","article-title":"Mandatory reliability standards for critical infrastructure protection","year":"2008","journal-title":"Federal Energy Regul Comm"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.124"},{"key":"ref18","year":"2016","journal-title":"Common Weakness Enumeration National Vulnerability Database 2016"},{"key":"ref19","year":"2016","journal-title":"2011 CWE\/SANS Top 25 Most Dangerous Software Errors"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2692956.2663188"},{"key":"ref4","year":"2016","journal-title":"Dimensional Research Trends in Security Framework Adoption A Survey of it and Security Professionals"},{"key":"ref27","article-title":"APT1 exposing one of china&#x2019;s cyber espionage units","year":"2013"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_21"},{"key":"ref6","first-page":"169","author":"pak","year":"2015","journal-title":"Typologies of Attacks and Vulnerabilities Related to the National Critical Infrastructure London U K Palgrave"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2005.112"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/s10708-011-9411-0"},{"key":"ref8","first-page":"73","article-title":"Lessons learned from the Maroochy water breach","author":"slay","year":"2008","journal-title":"Critical Infrastructure Protection"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/iThings\/CPSCom.2011.34"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/2382416.2382427"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2012.071812.00124"},{"key":"ref1","article-title":"Analysis of the cyber attack on the Ukrainian power grid, defense use case","year":"2016"},{"key":"ref20","author":"luallen","year":"2014","journal-title":"Breaches on the Rise in Control Systems A SANS Survey"},{"key":"ref22","year":"2016","journal-title":"Offensive security's exploit database archive"},{"key":"ref21","author":"sarwate","year":"2011","journal-title":"SCADA security Why is it so hard?"},{"key":"ref24","year":"2016","journal-title":"Exploit Database"},{"key":"ref23","year":"2016","journal-title":"CVE Security Vulnerability Database Security Vulnerabilities Exploits References and More"},{"key":"ref26","year":"2016","journal-title":"Common Vulnerability Scoring System (CVSS-SIG)"},{"key":"ref25","year":"2016","journal-title":"CVE&#x2013;About CVE"}],"container-title":["IEEE Internet of Things Journal"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6488907\/8614370\/08332467.pdf?arnumber=8332467","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T16:08:39Z","timestamp":1642003719000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8332467\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12]]},"references-count":32,"journal-issue":{"issue":"6"},"URL":"https:\/\/doi.org\/10.1109\/jiot.2018.2822842","relation":{},"ISSN":["2327-4662","2372-2541"],"issn-type":[{"value":"2327-4662","type":"electronic"},{"value":"2372-2541","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,12]]}}}