{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T01:08:59Z","timestamp":1774141739216,"version":"3.50.1"},"reference-count":15,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/USG.html"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Secur. Privacy"],"published-print":{"date-parts":[[2026,3]]},"DOI":"10.1109\/msec.2025.3591358","type":"journal-article","created":{"date-parts":[[2025,8,11]],"date-time":"2025-08-11T17:45:36Z","timestamp":1754934336000},"page":"4-12","source":"Crossref","is-referenced-by-count":1,"title":["Obstacles to Practical Supply Chain Risk Management for Digital Components"],"prefix":"10.1109","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2622-1894","authenticated-orcid":false,"given":"Gabriel A.","family":"Weaver","sequence":"first","affiliation":[{"name":"Idaho National Laboratory, Idaho Falls, ID, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-1431-3541","authenticated-orcid":false,"given":"Matthew","family":"Perrie","sequence":"additional","affiliation":[{"name":"Idaho National Laboratory, Idaho Falls, ID, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8929-6770","authenticated-orcid":false,"given":"Bri","family":"Rolston","sequence":"additional","affiliation":[{"name":"Sandia National Laboratory, Albuquerque, NM, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7431-5195","authenticated-orcid":false,"given":"Doug","family":"Buddenbohm","sequence":"additional","affiliation":[{"name":"Idaho National Laboratory, Idaho Falls, ID, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3872-1466","authenticated-orcid":false,"given":"Robert","family":"Erbes","sequence":"additional","affiliation":[{"name":"Idaho National Laboratory, Idaho Falls, ID, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/msec.2023.3316568"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102324"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/msec.2023.3247946"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1002\/inst.12389"},{"key":"ref5","author":"Huang","year":"2019","journal-title":"Supply Chain Security: If I Were a Nation State"},{"key":"ref6","first-page":"1","article-title":"Designing and implementing malicious hardware","volume-title":"Proc. 1st Usenix Workshop Large-Scale Exploits Emergent Threats (LEET)","author":"King","year":"2008"},{"key":"ref7","article-title":"Hardware backdoor discovered in RFID cards used in hotels and offices worldwide","author":"Lakshmanan","year":"2204","journal-title":"Hacker News"},{"key":"ref8","article-title":"Pacific Rim: Chronicling a 5-year hacking escapade","author":"Bazhaniuk","year":"2024","journal-title":"Eclypsium Blog"},{"key":"ref9","article-title":"8 million requests later, we made the solarwinds supply chain attack look amateur","year":"2025","journal-title":"WatchTowr Labs Blog"},{"issue":"4","key":"ref10","first-page":"28","article-title":"How do committees invent","volume":"14","author":"Conway","year":"1968","journal-title":"Datamation"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/msec.2023.3266775"},{"key":"ref12","article-title":"As clock ticks, vendors slowly patch critical flaw in AMI MegaRAC BMC firmware","author":"Dunn","year":"2025","journal-title":"Network World"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/jsyst.2012.2222000"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/proc.1975.9939"},{"key":"ref15","article-title":"ENISA threat landscape for supply chain attacks","author":"Lella","year":"2021","journal-title":"ENISA"}],"container-title":["IEEE Security & Privacy"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8013\/11435537\/11121660.pdf?arnumber=11121660","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T19:41:40Z","timestamp":1773862900000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11121660\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3]]},"references-count":15,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/msec.2025.3591358","relation":{},"ISSN":["1540-7993","1558-4046"],"issn-type":[{"value":"1540-7993","type":"print"},{"value":"1558-4046","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3]]}}}