{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,22]],"date-time":"2026-02-22T10:31:20Z","timestamp":1771756280051,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T00:00:00Z","timestamp":1722297600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,30]]},"DOI":"10.1145\/3664476.3670867","type":"proceedings-article","created":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T12:35:50Z","timestamp":1721910950000},"page":"1-6","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["RMF: A Risk Measurement Framework for Machine Learning Models"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-1222-0747","authenticated-orcid":false,"given":"Jan","family":"Schr\u00f6der","sequence":"first","affiliation":[{"name":"HTW Berlin, Germany and Fraunhofer FOKUS, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7844-5267","authenticated-orcid":false,"given":"Jakub","family":"Breier","sequence":"additional","affiliation":[{"name":"TTControl GmbH, Austria"}]}],"member":"320","published-online":{"date-parts":[[2024,7,30]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Information technoloy - Security techniques - Information security management - Measurement","unstructured":"2016. Information technoloy - Security techniques - Information security management - Measurement (1st ed.). ISO.","edition":"1"},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 34th International Conference on Machine Learning, ICML 2017","author":"Arpit Devansh","year":"2017","unstructured":"Devansh Arpit, Stanislaw Jastrzebski, Nicolas Ballas, David Krueger, Emmanuel Bengio, Maxinder\u00a0S. Kanwal, Tegan Maharaj, Asja Fischer, Aaron\u00a0C. Courville, Yoshua Bengio, and Simon Lacoste-Julien. 2017. A Closer Look at Memorization in Deep Networks. In Proceedings of the 34th International Conference on Machine Learning, ICML 2017, Sydney, NSW, Australia, 6-11 August 2017(Proceedings of Machine Learning Research, Vol.\u00a070), Doina Precup and Yee\u00a0Whye Teh (Eds.). PMLR, 233\u2013242. http:\/\/proceedings.mlr.press\/v70\/arpit17a.html"},{"key":"e_1_3_2_1_3_1","volume-title":"Risk Management Framework for Machine Learning Security. CoRR abs\/2012.04884","author":"Breier Jakub","year":"2020","unstructured":"Jakub Breier, Adrian Baldwin, Helen Balinsky, and Yang Liu. 2020. Risk Management Framework for Machine Learning Security. CoRR abs\/2012.04884 (2020). arXiv:2012.04884https:\/\/arxiv.org\/abs\/2012.04884"},{"key":"e_1_3_2_1_4_1","volume-title":"How practical are fault injection attacks, really?IEEE Access 10","author":"Breier Jakub","year":"2022","unstructured":"Jakub Breier and Xiaolu Hou. 2022. How practical are fault injection attacks, really?IEEE Access 10 (2022), 113122\u2013113130."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3278519"},{"key":"e_1_3_2_1_6_1","volume-title":"FooBaR: Fault Fooling Backdoor Attack on Neural Network Training","author":"Breier Jakub","year":"2022","unstructured":"Jakub Breier, Xiaolu Hou, Mart\u00edn Ochoa, and Jesus Solano. 2022. FooBaR: Fault Fooling Backdoor Attack on Neural Network Training. IEEE Transactions on Dependable and Secure Computing (2022)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-68887-5_22"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCB48548.2020.9304875"},{"key":"e_1_3_2_1_9_1","unstructured":"Bundesamt f\u00fcr Sicherheit in\u00a0der Informationstechnik\u00a0(BSI). 2013. Application of Attack Potential to Smartcards. https:\/\/www.commoncriteriaportal.org\/files\/supdocs\/CCDB-2013-05-002.pdf accessed on 2022-15-04."},{"key":"e_1_3_2_1_10_1","volume-title":"Gradient Matching. In 9th International Conference on Learning Representations, ICLR 2021","author":"Geiping Jonas","year":"2021","unstructured":"Jonas Geiping, Liam\u00a0H. Fowl, W.\u00a0Ronny Huang, Wojciech Czaja, Gavin Taylor, Michael Moeller, and Tom Goldstein. 2021. Witches\u2019 Brew: Industrial Scale Data Poisoning via Gradient Matching. In 9th International Conference on Learning Representations, ICLR 2021, Virtual Event, Austria, May 3-7, 2021. OpenReview.net. https:\/\/openreview.net\/forum?id=01olnfLIbD"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2909068"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00057"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00035"},{"key":"e_1_3_2_1_14_1","volume-title":"Backdoor learning: A survey","author":"Li Yiming","year":"2022","unstructured":"Yiming Li, Yong Jiang, Zhifeng Li, and Shu-Tao Xia. 2022. Backdoor learning: A survey. IEEE Transactions on Neural Networks and Learning Systems (2022)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081870.1081950"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v29i1.9569"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.282"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2019.2915318"},{"key":"e_1_3_2_1_19_1","volume-title":"Adversarial Robustness Toolbox v1.0.0. CoRR abs\/1807.01069","author":"Nicolae Maria-Irina","year":"2019","unstructured":"Maria-Irina Nicolae, Mathieu Sinn, Tran\u00a0Ngoc Minh, Ambrish Rawat, Martin Wistuba, Valentina Zantedeschi, Ian\u00a0M. Molloy, and Benjamin Edwards. 2019. Adversarial Robustness Toolbox v1.0.0. CoRR abs\/1807.01069 (2019). arXiv:1807.01069https:\/\/arxiv.org\/pdf\/1807.01069.pdf"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053009"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR42600.2020.01321"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1609\/AAAI.V34I07.6871"},{"key":"e_1_3_2_1_23_1","unstructured":"[23] Benjamin Scherbaum. 2022. https:\/\/cybersecurity-navigator.de\/norm\/293 accessed on 2022-05-19."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2011.6033395"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3394486.3403064"},{"key":"e_1_3_2_1_27_1","unstructured":"Alexander Turner Dimitris Tsipras and Aleksander Madry. 2018. Clean-label backdoor attacks. (2018). https:\/\/people.csail.mit.edu\/madry\/lab\/cleanlabel.pdf"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2023.3344808"},{"key":"e_1_3_2_1_29_1","volume-title":"6th International Conference on Learning Representations, ICLR","author":"Weng Tsui-Wei","year":"2018","unstructured":"Tsui-Wei Weng, Huan Zhang, Pin-Yu Chen, Jinfeng Yi, Dong Su, Yupeng Gao, Cho-Jui Hsieh, and Luca Daniel. 2018. Evaluating the Robustness of Neural Networks: An Extreme Value Theory Approach. In 6th International Conference on Learning Representations, ICLR 2018, Vancouver, BC, Canada, April 30 - May 3, 2018, Conference Track Proceedings. OpenReview.net. https:\/\/openreview.net\/forum?id=BkUHlMZ0b"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2022.118101"}],"event":{"name":"ARES 2024: The 19th International Conference on Availability, Reliability and Security","location":"Vienna Austria","acronym":"ARES 2024"},"container-title":["Proceedings of the 19th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3670867","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664476.3670867","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T16:53:28Z","timestamp":1755881608000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3670867"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,30]]},"references-count":30,"alternative-id":["10.1145\/3664476.3670867","10.1145\/3664476"],"URL":"https:\/\/doi.org\/10.1145\/3664476.3670867","relation":{},"subject":[],"published":{"date-parts":[[2024,7,30]]},"assertion":[{"value":"2024-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}