{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,7]],"date-time":"2026-07-07T13:31:16Z","timestamp":1783431076940,"version":"3.54.6"},"publisher-location":"New York, NY, USA","reference-count":18,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T00:00:00Z","timestamp":1722297600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/4.0\/"}],"funder":[{"name":"PERSEUS, a European Union?s Horizon 2020 research and innovation program under the Marie Sk?odowska-Curie grant","award":["101034240"],"award-info":[{"award-number":["101034240"]}]},{"name":"Research Council of Norway through the SFI Norwegian Centre for Cybersecurity in Critical Sectors (NORCICS)","award":["310105"],"award-info":[{"award-number":["310105"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,30]]},"DOI":"10.1145\/3664476.3671013","type":"proceedings-article","created":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T12:35:50Z","timestamp":1721910950000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Vulnerability management digital twin for energy systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-8146-1404","authenticated-orcid":false,"given":"Jessica","family":"B. Heluany","sequence":"first","affiliation":[{"name":"Department of Information Security and Communication Technology (IIK), Norwegian University of Science and Technology, Norway"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-0665-8783","authenticated-orcid":false,"given":"Johannes","family":"Goetzfried","sequence":"additional","affiliation":[{"name":"Siemens Energy AG - Industrial Cybersecurity, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-9295-4161","authenticated-orcid":false,"given":"Bernhard","family":"Mehlig","sequence":"additional","affiliation":[{"name":"Siemens Energy AG - Industrial Cybersecurity, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7304-3835","authenticated-orcid":false,"given":"Vasileios","family":"Gkioulos","sequence":"additional","affiliation":[{"name":"Department of Information Security and Communication Technology (IIK), Norwegian University of Science and Technology, Norway"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,7,30]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32022L2555 visited on","author":"European Commission","year":"2024","unstructured":"European Commission. 2020. DIRECTIVE (EU) 2022\/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32022L2555 visited on April 2024."},{"key":"e_1_3_2_1_2_1","volume-title":"What is NIS2 directive. https:\/\/nis2directive.eu\/what-is-nis2\/ visited on","author":"European Commission","year":"2024","unstructured":"European Commission. 2020. What is NIS2 directive. https:\/\/nis2directive.eu\/what-is-nis2\/ visited on April 2024."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106771"},{"key":"e_1_3_2_1_4_1","volume-title":"Developing National Vulnerabilities Programmes. https:\/\/www.enisa.europa.eu\/publications\/developing-national-vulnerabilities-programmes visited on","author":"ENISA.","year":"2024","unstructured":"ENISA. 2023. Developing National Vulnerabilities Programmes. https:\/\/www.enisa.europa.eu\/publications\/developing-national-vulnerabilities-programmes visited on February 2024."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196884"},{"key":"e_1_3_2_1_6_1","volume-title":"d.]. Common Vulnerability Scoring System v3.1: Specification Document. https:\/\/www.first.org\/cvss\/v3.1\/specification-document visited on","author":"Org T.","year":"2024","unstructured":"FIRST.Org. [n. d.]. Common Vulnerability Scoring System v3.1: Specification Document. https:\/\/www.first.org\/cvss\/v3.1\/specification-document visited on March 2024."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM.2009.5314230"},{"key":"e_1_3_2_1_8_1","unstructured":"IEC. 2009. IEC 62443-1-1: Network and system security Part 1-1: Terminology concepts and models. Technical Report. International Electrotechnical Commission."},{"key":"e_1_3_2_1_9_1","unstructured":"IEC. 2015. IEC TR 62443-2-3: Security for industrial automation and control systems - Part 2-3: Patch management in the IACS environment. Technical Report. International Electrotechnical Commission."},{"key":"e_1_3_2_1_10_1","unstructured":"IEC. 2023. IEC 63278-1 Asset Administration Shell for industrial applications \u2013 Part 1: Asset Administration Shell structure. Technical Report. International Electrotechnical Commission."},{"key":"e_1_3_2_1_11_1","unstructured":"ISO. 2021. ISO 23247-2 Automation systems and integration - Digital twin framework for manufacturing - Part 2: Reference architecture. Technical Report. International Organization for Standardization."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3529757"},{"key":"e_1_3_2_1_13_1","volume-title":"d.]. Common Vulnerability Scoring System v2 Calculator (\u2019Show Equations","author":"NIST.","year":"2024","unstructured":"NIST. [n. d.]. Common Vulnerability Scoring System v2 Calculator (\u2019Show Equations\u2019 button information). https:\/\/nvd.nist.gov\/vuln-metrics\/cvss\/v2-calculator visited on March 2024."},{"key":"e_1_3_2_1_14_1","unstructured":"NIST. 2022. NIST IR 8409 - Measuring the Common Vulnerability Scoring System Base Score Equatione. Technical Report. National Institute of Standards and Technologies."},{"key":"e_1_3_2_1_15_1","volume-title":"Art Manion, and Deana Shick","author":"Spring Jonathan","year":"2021","unstructured":"Jonathan Spring, Eric Hatleback, Allen Householder, Art Manion, and Deana Shick. 2021. Time to Change the CVSS?IEEE Security & Privacy 19, 2 (2021), 74\u201378."},{"key":"e_1_3_2_1_16_1","unstructured":"V.L. Trevathan. 2006. A Guide to the Automation Body of Knowledge. ISA The Instrumentation Systems and Automation Society. https:\/\/books.google.no\/books?id=yKPgAAAAMAAJ"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.3390\/fi12020027"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRS.2020.2986455"}],"event":{"name":"ARES 2024: The 19th International Conference on Availability, Reliability and Security","location":"Vienna Austria","acronym":"ARES 2024"},"container-title":["Proceedings of the 19th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3671013","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664476.3671013","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T16:49:13Z","timestamp":1755881353000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3671013"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,30]]},"references-count":18,"alternative-id":["10.1145\/3664476.3671013","10.1145\/3664476"],"URL":"https:\/\/doi.org\/10.1145\/3664476.3671013","relation":{},"subject":[],"published":{"date-parts":[[2024,7,30]]},"assertion":[{"value":"2024-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}