{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T22:03:25Z","timestamp":1772057005671,"version":"3.50.1"},"reference-count":40,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Open J. Comput. Soc."],"published-print":{"date-parts":[[2026]]},"DOI":"10.1109\/ojcs.2026.3663493","type":"journal-article","created":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T21:07:05Z","timestamp":1770757625000},"page":"480-491","source":"Crossref","is-referenced-by-count":0,"title":["Risk Model for Choosing Signature Thresholds for Software Updates"],"prefix":"10.1109","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-9356-5872","authenticated-orcid":false,"given":"Brian","family":"Romansky","sequence":"first","affiliation":[{"name":"George Washington University, Washington, DC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4584-4018","authenticated-orcid":false,"given":"Thomas","family":"Mazzuchi","sequence":"additional","affiliation":[{"name":"George Washington University, Washington, DC, USA"}]},{"given":"Shahram","family":"Sarkani","sequence":"additional","affiliation":[{"name":"George Washington University, Washington, DC, USA"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.22215\/timreview\/888"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866315"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-09234-3_43"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2021.3050433"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2021.3051235"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-145"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-208"},{"key":"ref8","article-title":"Security for industrial automation and control systems part 2-3: Patch management in the IACS environment","year":"2015"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2017.3151334"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2018.3761724"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103883"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1111\/risa.13511"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2023.3302066"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.7880\/abas.0220914a"},{"key":"ref15","volume-title":"Industrial Network Security : Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems","author":"Knapp","year":"2024"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.3390\/fi4040971"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.3390\/jcp3040031"},{"key":"ref18","article-title":"DoD enterprise DevSecOps reference design: Version 1.0","volume":"28","author":"Lam","year":"2021","journal-title":"Defense AR J."},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/JSYST.2020.3015595"},{"key":"ref20","article-title":"Resilient post-quantum software updates for critical infrastructure systems","author":"Romansky","year":"2026"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1111\/risa.13838"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1111\/risa.12844"},{"issue":"7","key":"ref23","first-page":"32","article-title":"Understand the cyber-attack lifecycle","volume":"66","author":"Capano","year":"2019","journal-title":"Control Eng."},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2022.3202589"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.113"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.130"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2012.11.009"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179304"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3538969.3544421"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2003.12.001"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2017.3151328"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2005.11.006"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/ieeestd.2023.10264835"},{"key":"ref34","article-title":"Elector-based root management system to manage a public key infrastructure","author":"Brecht","year":"2016"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1203227"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1002\/0471729000"},{"key":"ref37","article-title":"Mathematical statistics","volume-title":"A Wiley Publication in Mathematical Statistics","author":"Wilks","year":"1962"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.2307\/2528767"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/24.257839"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1214\/aos\/1176347751"}],"container-title":["IEEE Open Journal of the Computer Society"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8782664\/11319293\/11389194.pdf?arnumber=11389194","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T20:59:28Z","timestamp":1772053168000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11389194\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"references-count":40,"URL":"https:\/\/doi.org\/10.1109\/ojcs.2026.3663493","relation":{},"ISSN":["2644-1268"],"issn-type":[{"value":"2644-1268","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]}}}