{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T13:49:56Z","timestamp":1767793796811,"version":"3.49.0"},"reference-count":57,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T00:00:00Z","timestamp":1767744000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T00:00:00Z","timestamp":1767744000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001786","name":"University of Adelaide","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001786","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001778","name":"Deakin University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100001778","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>The Internet of Things (IoT) has rapidly emerged as a ubiquitous and pervasive paradigm in software development, significantly impacting both social life and business environments. However, this growth has also led to a corresponding increase in the number and sophistication of threats and attacks targeting IoT devices and services. The vulnerability of IoT software to security breaches has become a significant concern for the research community. Managing software vulnerabilities in IoT is a hugely challenging process involving several socio-technical decisions. Despite the rapid increase in primary studies focusing on Software Vulnerability Management (SVM) in IoT systems, no secondary studies specifically identify and analyse the socio-technical challenges, solutions, and state-of-the-art evaluation studies in SVM in IoT systems. This paper aims to address this gap by systematically identifying, classifying, comparing, and evaluating state of the art of SVM in IoT systems from a socio-technical point of view. We conducted a systematic mapping study (SMS) based on 73 qualitatively selected studies to i) classify the types, frequency, and demography of published research; ii) identify the socio-technical challenges in this regard; iii) classify the reported solutions; and iv) understand the rigour of the evaluation, including real-world application. In summary, our results point to 32 socio-technical challenges in IoT vulnerability management, where most are practice-related. In terms of the solutions, we found a maximum number of solutions proposed for the software vulnerability identification stage, with 22 frameworks. The software vulnerability disclosure stage has the least amount of solutions reported. This SMS also reveals that there needs to be more rigorous evaluation using more mature forms of evaluations like simulation with real data and case studies. Based on the findings that highlight the important concerns in this domain, we recommend a list of future research directions.<\/jats:p>","DOI":"10.1186\/s42400-025-00543-6","type":"journal-article","created":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T10:44:13Z","timestamp":1767782653000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Software vulnerability management in IoT systems: a systematic mapping study"],"prefix":"10.1186","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1119-6056","authenticated-orcid":false,"given":"Fariha Tasmin","family":"Jaigirdar","sequence":"first","affiliation":[]},{"given":"Asangi","family":"Jayatilaka","sequence":"additional","affiliation":[]},{"given":"M. Ali","family":"Babar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,7]]},"reference":[{"issue":"3","key":"543_CR1","doi-asserted-by":"publisher","first-page":"691","DOI":"10.1007\/s10796-022-10313-1","volume":"24","author":"B Abedin","year":"2022","unstructured":"Abedin B, Meske C, Junglas I, Rabhi F, Motahari-Nezhad HR (2022) Designing and managing human-AI interactions. Inf Syst Front 24(3):691\u2013697","journal-title":"Inf Syst Front"},{"issue":"10","key":"543_CR2","doi-asserted-by":"publisher","first-page":"7639","DOI":"10.1109\/JIOT.2021.3138073","volume":"9","author":"MT Ahvanooey","year":"2021","unstructured":"Ahvanooey MT, Zhu MX, Li Q, Mazurczyk W, Choo K-KR, Gupta BB, Conti M (2021) Modern authentication schemes in smartphones and IoT devices: an empirical survey. IEEE Internet Things J 9(10):7639\u20137663","journal-title":"IEEE Internet Things J"},{"key":"543_CR3","doi-asserted-by":"crossref","unstructured":"Ali RF, Muneer A, Dominic P, Taib SM, Ghaleb EA (2021) Internet of things (iot) security challenges and solutions: a systematic literature review. In: Advances in Cyber Security: Third International Conference, ACeS 2021, Penang, Malaysia, August 24\u201325, 2021, Revised Selected Papers 3, pp. 128\u2013154. Springer","DOI":"10.1007\/978-981-16-8059-5_9"},{"issue":"3","key":"543_CR4","doi-asserted-by":"publisher","first-page":"1502","DOI":"10.25046\/aj0203188","volume":"2","author":"SM Alnaeli","year":"2017","unstructured":"Alnaeli SM, Sarnowski M, Aman M, Abdelgawad A, Yelamarthi K (2017) Source code vulnerabilities in IoT software systems. Adv Sci Technol Eng Syst J 2(3):1502\u20131507","journal-title":"Adv Sci Technol Eng Syst J"},{"key":"543_CR5","doi-asserted-by":"publisher","first-page":"90597","DOI":"10.1109\/ACCESS.2022.3185069","volume":"10","author":"RR Althar","year":"2022","unstructured":"Althar RR, Samanta D, Kaur M, Singh D, Lee H-N (2022) Automated risk management based software security vulnerabilities management. IEEE Access 10:90597\u201390608","journal-title":"IEEE Access"},{"key":"543_CR6","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2019.100050","volume":"6","author":"M Aly","year":"2019","unstructured":"Aly M, Khomh F, Haoues M, Quintero A, Yacout S (2019) Enforcing security in internet of things frameworks: a systematic literature review. Internet Things 6:100050","journal-title":"Internet Things"},{"key":"543_CR7","doi-asserted-by":"publisher","first-page":"168825","DOI":"10.1109\/ACCESS.2020.3022842","volume":"8","author":"P Anand","year":"2020","unstructured":"Anand P, Singh Y, Selwal A, Alazab M, Tanwar S, Kumar N (2020) IoT vulnerability assessment for sustainable computing: threats, current solutions, and open challenges. IEEE Access 8:168825\u2013168853","journal-title":"IEEE Access"},{"key":"543_CR8","unstructured":"Angrishi K (2017) Turning internet of things (iot) into internet of vulnerabilities (iov): Iot botnets. arXiv preprint arXiv:1702.03681"},{"issue":"15\u201316","key":"543_CR9","doi-asserted-by":"publisher","first-page":"4719","DOI":"10.1080\/00207543.2017.1402140","volume":"57","author":"M Ben-Daya","year":"2019","unstructured":"Ben-Daya M, Hassini E, Bahroun Z (2019) Internet of things and supply chain management: a literature review. Int J Prod Res 57(15\u201316):4719\u20134742","journal-title":"Int J Prod Res"},{"issue":"4","key":"543_CR10","doi-asserted-by":"publisher","first-page":"344","DOI":"10.1016\/j.infsof.2010.12.006","volume":"53","author":"L Chen","year":"2011","unstructured":"Chen L, Babar MA (2011) A systematic review of evaluation of variability management approaches in software product lines. Inf Softw Tech 53(4):344\u2013362","journal-title":"Inf Softw Tech"},{"key":"543_CR11","unstructured":"CISCO (2025) Powering an Inclusive, Digital Future for All. https:\/\/newsroom.cisco.com\/c\/r\/newsroom\/en\/us\/a\/y2023\/m01\/powering-an-inc%lusive-digital-future-for-all.html Accessed 2025-10-10"},{"key":"543_CR12","doi-asserted-by":"crossref","unstructured":"Croft RL (2023) Data quality for data-driven software vulnerability analysis. PhD thesis, University of Adelaide","DOI":"10.1109\/ICSE48619.2023.00022"},{"issue":"5","key":"543_CR13","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1109\/MNET.010.2100152","volume":"35","author":"Y Cui","year":"2021","unstructured":"Cui Y, Liu F, Jing X, Mu J (2021) Integrating sensing and communications for ubiquitous IoT: applications, trends, and challenges. IEEE Network 35(5):158\u2013167","journal-title":"IEEE Network"},{"key":"543_CR14","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2025.104677","volume":"159","author":"V Dam","year":"2025","unstructured":"Dam V, Jaigirdar FT, Karmakar KK, Anwar A (2025) Security-aware data provenance for multi-domain software-defined networks. Comput Secur 159:104677. https:\/\/doi.org\/10.1016\/j.cose.2025.104677","journal-title":"Comput Secur"},{"key":"543_CR15","first-page":"1","volume":"SOCIETY","author":"R Dasgupta","year":"2025","unstructured":"Dasgupta R, Mekala SH, Jaigirdar FT, Anwar A, Chang LY-C (2025) Unlocking australia\u2019s ai usage in law enforcement from human involvement perspective: a systematic literature review. AI & SOCIETY:1\u201328","journal-title":"AI &"},{"issue":"10","key":"543_CR16","doi-asserted-by":"publisher","first-page":"10102","DOI":"10.1109\/JIOT.2020.2983983","volume":"7","author":"BD Davis","year":"2020","unstructured":"Davis BD, Mason JC, Anwar M (2020) Vulnerability studies and security postures of IoT devices: a smart home case study. IEEE Internet Things J 7(10):10102\u201310110","journal-title":"IEEE Internet Things J"},{"key":"543_CR17","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106771","volume":"144","author":"N Dissanayake","year":"2022","unstructured":"Dissanayake N, Jayatilaka A, Zahedi M, Babar MA (2022) Software security patch management-a systematic literature review of challenges, approaches, tools, and practices. Inf Softw Technol 144:106771","journal-title":"Inf Softw Technol"},{"key":"543_CR18","doi-asserted-by":"publisher","first-page":"330","DOI":"10.1201\/9780429289651","volume-title":"Vulnerability management","author":"P Foreman","year":"2019","unstructured":"Foreman P (2019) Vulnerability management, 2nd edn. Auerbach Publications, New York, p 330. https:\/\/doi.org\/10.1201\/9780429289651","edition":"2"},{"issue":"6","key":"543_CR19","doi-asserted-by":"publisher","first-page":"640","DOI":"10.1108\/FS-05-2019-0037","volume":"21","author":"K Ghaffari","year":"2019","unstructured":"Ghaffari K, Lagzian M, Kazemi M, Malekzadeh G (2019) A socio-technical analysis of internet of things development: an interplay of technologies, tasks, structures and actors. Foresight 21(6):640\u2013653","journal-title":"Foresight"},{"issue":"3","key":"543_CR20","doi-asserted-by":"publisher","first-page":"58","DOI":"10.4018\/JCIT.20210701.oa5","volume":"23","author":"A Ghansiyal","year":"2021","unstructured":"Ghansiyal A, Mittal M, Kar AK (2021) Information management challenges in autonomous vehicles: a systematic literature review. J Cases Inf Tech (JCIT) 23(3):58\u201377","journal-title":"J Cases Inf Tech (JCIT)"},{"key":"543_CR21","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/978-3-031-60533-8","volume-title":"Qualitative Research with Socio-Technical Grounded Theory","author":"R Hoda","year":"2024","unstructured":"Hoda R (2024) Qualitative Research with Socio-Technical Grounded Theory, 1st edn. Springer, Cham, p 368. https:\/\/doi.org\/10.1007\/978-3-031-60533-8","edition":"1st edn"},{"key":"543_CR22","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1016\/j.infsof.2018.07.007","volume":"104","author":"S Hosseinzadeh","year":"2018","unstructured":"Hosseinzadeh S, Rauti S, Laur\u00e9n S, M\u00e4kel\u00e4 J-M, Holvitie J, Hyrynsalmi S, Lepp\u00e4nen V (2018) Diversification and obfuscation techniques for software security: a systematic literature review. Inf Softw Technol 104:72\u201393","journal-title":"Inf Softw Technol"},{"issue":"2","key":"543_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3305268","volume":"52","author":"C Islam","year":"2019","unstructured":"Islam C, Babar MA, Nepal S (2019) A multi-vocal review of security orchestration. ACM Comput Surv (CSUR) 52(2):1\u201345","journal-title":"ACM Comput Surv (CSUR)"},{"key":"543_CR24","doi-asserted-by":"publisher","first-page":"150081","DOI":"10.1109\/ACCESS.2020.3015962","volume":"8","author":"LH Iwaya","year":"2020","unstructured":"Iwaya LH, Ahmad A, Babar MA (2020) Security and privacy for mhealth and uhealth systems: a systematic mapping study. IEEE Access 8:150081\u2013150112","journal-title":"IEEE Access"},{"key":"543_CR25","doi-asserted-by":"crossref","unstructured":"Jaigirdar FT, Rudolph C, Bain C (2019) Can I Trust the Data I See? A Physician\u2019s Concern on Medical Data in IoT Health Architectures. In: Proceedings of the Australasian Computer Science Week Multiconference, Sydney, NSW, Australia, pp. 1\u201310","DOI":"10.1145\/3290688.3290731"},{"key":"543_CR26","doi-asserted-by":"publisher","first-page":"55677","DOI":"10.1109\/ACCESS.2023.3280928","volume":"11","author":"FT Jaigirdar","year":"2023","unstructured":"Jaigirdar FT, Tan B, Rudolph C, Bain C (2023) Security-aware provenance for transparency in IoT data propagation. IEEE Access 11:55677\u201355691. https:\/\/doi.org\/10.1109\/ACCESS.2023.3280928","journal-title":"IEEE Access"},{"issue":"3","key":"543_CR27","doi-asserted-by":"publisher","first-page":"49","DOI":"10.3390\/jcp5030049","volume":"5","author":"FT Jaigirdar","year":"2025","unstructured":"Jaigirdar FT, Rudolph C, Anwar M, Tan B (2025) Empowering end-users with cybersecurity situational awareness: findings from iot-health table-top exercises. J Cybersecur Privacy 5(3):49","journal-title":"J Cybersecur Privacy"},{"issue":"1","key":"543_CR28","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1016\/j.infsof.2008.09.009","volume":"51","author":"B Kitchenham","year":"2009","unstructured":"Kitchenham B, Brereton OP, Budgen D, Turner M, Bailey J, Linkman S (2009) Systematic literature reviews in software engineering-a systematic literature review. Inf Softw Technol 51(1):7\u201315","journal-title":"Inf Softw Technol"},{"key":"543_CR29","doi-asserted-by":"publisher","DOI":"10.1049\/sfw2.12074","author":"K Kotzias","year":"2022","unstructured":"Kotzias K, Bukhsh FA, Arachchige JJ, Daneva M, Abhishta A (2022) Industry 4.0 and healthcare: context, applications, benefits and challenges. IET Softw. https:\/\/doi.org\/10.1049\/sfw2.12074","journal-title":"IET Softw"},{"key":"543_CR30","doi-asserted-by":"publisher","DOI":"10.7717\/peerj-cs.62","volume":"2","author":"M Kuhrmann","year":"2016","unstructured":"Kuhrmann M, Diebold P, M\u00fcnch J (2016) Software process improvement: a systematic mapping study on the state of the art. PeerJ Comput Sci 2:62","journal-title":"PeerJ Comput Sci"},{"issue":"5","key":"543_CR31","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3529757","volume":"55","author":"TH Le","year":"2022","unstructured":"Le TH, Chen H, Babar MA (2022) A survey on data-driven software vulnerability assessment and prioritization. ACM Comput Surv 55(5):1\u201339","journal-title":"ACM Comput Surv"},{"issue":"9","key":"543_CR32","doi-asserted-by":"publisher","first-page":"157","DOI":"10.3390\/fi12090157","volume":"12","author":"I Lee","year":"2020","unstructured":"Lee I (2020) Internet of things (IoT) cybersecurity: literature review and IoT cyber risk management. Future Internet 12(9):157","journal-title":"Future Internet"},{"key":"543_CR33","doi-asserted-by":"publisher","first-page":"120331","DOI":"10.1109\/ACCESS.2020.3006358","volume":"8","author":"B Liao","year":"2020","unstructured":"Liao B, Ali Y, Nazir S, He L, Khan HU (2020) Security analysis of IoT devices by using mobile computing: a systematic literature review. IEEE Access 8:120331\u2013120350","journal-title":"IEEE Access"},{"issue":"2","key":"543_CR34","doi-asserted-by":"publisher","first-page":"2103","DOI":"10.1109\/JIOT.2018.2869847","volume":"6","author":"Y Lu","year":"2018","unstructured":"Lu Y, Da Xu L (2018) Internet of things (IoT) cybersecurity research: a review of current research topics. IEEE Internet Things J 6(2):2103\u20132115","journal-title":"IEEE Internet Things J"},{"issue":"10","key":"543_CR35","doi-asserted-by":"publisher","DOI":"10.3390\/en14102818","volume":"14","author":"C-M Mathas","year":"2021","unstructured":"Mathas C-M, Vassilakis C, Kolokotronis N, Zarakovitis CC, Kourtis M-A (2021) On the design of iot security: analysis of software vulnerabilities for smart grids. Energies 14(10):2818","journal-title":"Energies"},{"issue":"5","key":"543_CR36","doi-asserted-by":"publisher","first-page":"8182","DOI":"10.1109\/JIOT.2019.2935189","volume":"6","author":"F Meneghello","year":"2019","unstructured":"Meneghello F, Calore M, Zucchetto D, Polese M, Zanella A (2019) IoT: internet of threats? a survey of practical security vulnerabilities in real IoT devices. IEEE Internet Things J 6(5):8182\u20138201","journal-title":"IEEE Internet Things J"},{"issue":"4","key":"543_CR37","doi-asserted-by":"publisher","first-page":"586","DOI":"10.1109\/TETC.2016.2606384","volume":"5","author":"A Mosenia","year":"2016","unstructured":"Mosenia A, Jha NK (2016) A comprehensive study of security of internet-of-things. IEEE Trans Emerg Top Comput 5(4):586\u2013602","journal-title":"IEEE Trans Emerg Top Comput"},{"issue":"3","key":"543_CR38","doi-asserted-by":"publisher","first-page":"2702","DOI":"10.1109\/COMST.2019.2910750","volume":"21","author":"N Neshenko","year":"2019","unstructured":"Neshenko N, Bou-Harb E, Crichigno J, Kaddoum G, Ghani N (2019) Demystifying iot security: an exhaustive survey on iot vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Commun Surv Tutor 21(3):2702\u20132733","journal-title":"IEEE Commun Surv Tutor"},{"key":"543_CR39","unstructured":"NIST (2025) National vulnerability database. https:\/\/nvd.nist.gov\/vuln Accessed 2025-10-10"},{"key":"543_CR40","doi-asserted-by":"crossref","unstructured":"Petersen K, Feldt R, Mujtaba S, Mattsson M (2008) Systematic mapping studies in software engineering. In: 12th International Conference on Evaluation and Assessment in Software Engineering (EASE) 12, pp. 1\u201310","DOI":"10.14236\/ewic\/EASE2008.8"},{"key":"543_CR41","doi-asserted-by":"crossref","unstructured":"Petersen K, Feldt R, Mujtaba S, Mattsson M (2008) Systematic mapping studies in software engineering. In: Proceedings of the 12th International Conference on Evaluation and Assessment in Software Engineering (EASE 2008), pp. 68\u201377. British Computer Society, Italy","DOI":"10.14236\/ewic\/EASE2008.8"},{"issue":"3","key":"543_CR42","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4018\/IJEHMC.20210501.oa1","volume":"12","author":"Z Prodanoff","year":"2021","unstructured":"Prodanoff Z, White-Williams C, Chi H (2021) Regulations and standards aware framework for recording of mhealth app vulnerabilities. Int J E-Health Med Commun (IJEHMC) 12(3):1\u201316","journal-title":"Int J E-Health Med Commun (IJEHMC)"},{"key":"543_CR43","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106700","volume":"141","author":"RN Rajapakse","year":"2022","unstructured":"Rajapakse RN, Zahedi M, Babar MA, Shen H (2022) Challenges and solutions when adopting devsecops: a systematic review. Inf Softw Technol 141:106700","journal-title":"Inf Softw Technol"},{"key":"543_CR45","doi-asserted-by":"crossref","unstructured":"Rico S, Engstr\u00f6m E, H\u00f6st M (2019) A taxonomy for improving industry-academia communication in iot vulnerability management. In: 2019 45th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), pp. 38\u201345. IEEE","DOI":"10.1109\/SEAA.2019.00014"},{"issue":"1","key":"543_CR46","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1515\/comp-2020-0220","volume":"11","author":"JS Rueda-Rueda","year":"2021","unstructured":"Rueda-Rueda JS, Portocarrero JM (2021) Framework-based security measures for internet of thing: a literature review. Open Comput Sci 11(1):346\u2013354","journal-title":"Open Comput Sci"},{"key":"543_CR47","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103053","volume":"125","author":"M Saqib","year":"2022","unstructured":"Saqib M, Moon AH (2022) A systematic security assessment and review of internet of things in the context of authentication. Comput Secur 125:103053","journal-title":"Comput Secur"},{"key":"543_CR48","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2023.111899","volume":"208","author":"O Sarker","year":"2024","unstructured":"Sarker O, Jayatilaka A, Haggag S, Liu C, Babar MA (2024) A multi-vocal literature review on challenges and critical success factors of phishing education, training and awareness. J Syst Softw 208:111899","journal-title":"J Syst Softw"},{"key":"543_CR49","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1007\/s13198-020-01021-7","volume":"12","author":"R Sharma","year":"2021","unstructured":"Sharma R, Sibal R, Sabharwal S (2021) Software vulnerability prioritization using vulnerability description. Int J Syst Assur Eng Manag 12:58\u201364","journal-title":"Int J Syst Assur Eng Manag"},{"key":"543_CR50","doi-asserted-by":"crossref","unstructured":"Shaw M (2003) Writing good software engineering research papers. In: 25th International Conference on Software Engineering, 2003. Proceedings., pp. 726\u2013736. IEEE","DOI":"10.1109\/ICSE.2003.1201262"},{"issue":"39","key":"543_CR51","first-page":"3","volume":"182","author":"Z Shouran","year":"2019","unstructured":"Shouran Z, Ashari A, Priyambodo T (2019) Internet of things (IoT) of smart home: privacy and security. Int J Comput Appl 182(39):3\u20138","journal-title":"Int J Comput Appl"},{"issue":"4","key":"543_CR52","doi-asserted-by":"publisher","first-page":"521","DOI":"10.1016\/j.dsx.2020.04.041","volume":"14","author":"RP Singh","year":"2020","unstructured":"Singh RP, Javaid M, Haleem A, Suman R (2020) Internet of things (IoT) applications to fight against covid-19 pandemic. Diabetes Metab Syndr Clin Res Rev 14(4):521\u2013524","journal-title":"Diabetes Metab Syndr Clin Res Rev"},{"key":"543_CR53","doi-asserted-by":"crossref","unstructured":"Stellios I, Mokos K, Kotzanikolaou P (2021) Assessing vulnerabilities and iot-enabled attacks on smart lighting systems. In: European Symposium on Research in Computer Security, pp. 199\u2013217. Springer","DOI":"10.1007\/978-3-030-95484-0_13"},{"key":"543_CR54","doi-asserted-by":"crossref","unstructured":"Svacina J, Raffety J, Woodahl C, Stone B, Cerny T, Bures M, Shin D, Frajtak K, Tisnovsky P (2020) On vulnerability and security log analysis: A systematic literature review on recent trends. In: Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp. 175\u2013180","DOI":"10.1145\/3400286.3418261"},{"issue":"3","key":"543_CR55","doi-asserted-by":"publisher","first-page":"2782","DOI":"10.1109\/TII.2022.3211888","volume":"19","author":"B Wang","year":"2022","unstructured":"Wang B, Wang R, Song H (2022) Toward the trustworthiness of industrial robotics using differential fuzz testing. IEEE Trans Ind Inform 19(3):2782\u20132791","journal-title":"IEEE Trans Ind Inform"},{"issue":"6","key":"543_CR56","doi-asserted-by":"publisher","first-page":"2418","DOI":"10.3390\/s22062418","volume":"22","author":"F Ying","year":"2022","unstructured":"Ying F, Zhao S, Deng H (2022) Microservice security framework for IoT by mimic defense mechanism. Sensors 22(6):2418","journal-title":"Sensors"},{"issue":"6","key":"543_CR57","first-page":"995","volume":"36","author":"M Zahedi","year":"2016","unstructured":"Zahedi M, Shahin M, Babar MA (2016) A systematic review of knowledge sharing challenges and practices in global software development. Int J Inf Manage 36(6):995\u20131019","journal-title":"Int J Inf Manage"},{"issue":"9","key":"543_CR58","doi-asserted-by":"publisher","first-page":"2346","DOI":"10.1002\/smr.2346","volume":"33","author":"M Zahid","year":"2021","unstructured":"Zahid M, Inayat I, Daneva M, Mehmood Z (2021) Security risks in cyber physical systems-a systematic mapping study. J Softw Evol Process 33(9):2346","journal-title":"J Softw Evol Process"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00543-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00543-6","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00543-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T10:44:18Z","timestamp":1767782658000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-025-00543-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,7]]},"references-count":57,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["543"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00543-6","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,7]]},"assertion":[{"value":"13 August 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 December 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 January 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"All the authors have provided consent for publication in this journal.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"The authors declare that they have no conflict of interest.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"96"}}