{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,17]],"date-time":"2026-06-17T16:02:14Z","timestamp":1781712134429,"version":"3.54.5"},"reference-count":76,"publisher":"MDPI AG","issue":"10","license":[{"start":{"date-parts":[[2023,9,28]],"date-time":"2023-09-28T00:00:00Z","timestamp":1695859200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>Traditional information security risk assessment (RA) methodologies and standards, adopted by information security management systems and frameworks as a foundation stone towards robust environments, face many difficulties in modern environments where the threat landscape changes rapidly and new vulnerabilities are being discovered. In order to overcome this problem, dynamic risk assessment (DRA) models have been proposed to continuously and dynamically assess risks to organisational operations in (near) real time. The aim of this work is to analyse the current state of DRA models that have been proposed for cybersecurity, through a systematic literature review. The screening process led us to study 50 DRA models, categorised based on the respective primary analysis methods they used. The study provides insights into the key characteristics of these models, including the maturity level of the examined models, the domain or application area in which these models flourish, and the information they utilise in order to produce results. The aim of this work is to answer critical research questions regarding the development of dynamic risk assessment methodologies and provide insights on the already developed methods as well as future research directions.<\/jats:p>","DOI":"10.3390\/fi15100324","type":"journal-article","created":{"date-parts":[[2023,9,29]],"date-time":"2023-09-29T02:47:30Z","timestamp":1695955650000},"page":"324","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":48,"title":["Dynamic Risk Assessment in Cybersecurity: A Systematic Literature Review"],"prefix":"10.3390","volume":"15","author":[{"given":"Pavlos","family":"Cheimonidis","sequence":"first","affiliation":[{"name":"Department of Computer Science, International Hellenic University, 654 04 Kavala, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2453-3904","authenticated-orcid":false,"given":"Konstantinos","family":"Rantos","sequence":"additional","affiliation":[{"name":"Department of Computer Science, International Hellenic University, 654 04 Kavala, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2023,9,28]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Ross, R., McEvilley, M., and Oren, J.C. (2018). Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems.","DOI":"10.6028\/NIST.SP.800-160v1"},{"key":"ref_2","unstructured":"(2009). Risk Management\u2014Vocabulary. Standard No. ISO Guide 73:2009."},{"key":"ref_3","unstructured":"Joint Task Force Interagency Working Group (2020). Security and Privacy Controls for Information Systems and Organizations, Technical report."},{"key":"ref_4","unstructured":"(2018). Risk Management\u2014Guidelines. Standard No. ISO 31000:2018."},{"key":"ref_5","unstructured":"Joint Task Force Transformation Initiative (2018). Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"134","DOI":"10.1007\/s10669-014-9488-3","article-title":"Risk-based standards: Integrating top-down and bottom-up approaches","volume":"34","author":"Linkov","year":"2014","journal-title":"Environ. Syst. Decis."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Naumov, S., and Kabanov, I. (2016, January 2\u20134). Dynamic framework for assessing cyber security risks in a changing environment. Proceedings of the 2016 International Conference on Information Science and Communications Technologies (ICISCT), Tashkent, Uzbekistan.","DOI":"10.1109\/ICISCT.2016.7777406"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"462","DOI":"10.1016\/j.future.2022.12.006","article-title":"Ontology-based approach to real-time risk management and cyber-situational awareness","volume":"141","author":"Moreno","year":"2023","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cose.2015.09.009","article-title":"A review of cyber security risk assessment methods for SCADA systems","volume":"56","author":"Cherdantseva","year":"2016","journal-title":"Comput. Secur."},{"key":"ref_10","first-page":"52","article-title":"Quantitative security risk assessment for industrial control systems: Research opportunities and challenges","volume":"9","author":"Eckhart","year":"2019","journal-title":"J. Internet Serv. Inf. Secur."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"032189","DOI":"10.1088\/1742-6596\/1744\/3\/032189","article-title":"Research on Key Technologies of Network Security Multidimensional Dynamic Risk Assessment","volume":"1744","author":"Jiang","year":"2021","journal-title":"J. Phys. Conf. Ser."},{"key":"ref_12","unstructured":"Lopez, D., Pastor, O., and Garcia Villalba, L. (2013, January 8\u201310). Dynamic Risk Assessment in Information Systems: State-of-the-Art. Proceedings of the 6th International Conference on Information Technology, Jordan, Aman."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Erdogan, G., Garcia-Ceja, E., Hugo, A., Nguyen, P.H., and Sen, S. (2021, January 12\u201316). A Systematic Mapping Study on Approaches for Al-Supported Security Risk Assessment. Proceedings of the 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC), Madrid, Spain.","DOI":"10.1109\/COMPSAC51774.2021.00107"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Barrett, M., Marron, J., Pillitteri, V.Y., Boyens, J., Quinn, S., Witte, G., and Feldman, L. (2021). Approaches for Federal Agencies to Use the Cybersecurity Framework, Technical report.","DOI":"10.6028\/NIST.IR.8170-upd"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s11432-013-5018-z","article-title":"Data model extension for security event notification with dynamic risk assessment purpose","volume":"56","author":"Lopez","year":"2013","journal-title":"Sci. China Inf. Sci."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"500","DOI":"10.1007\/s10669-013-9468-z","article-title":"Mission assurance policy and risk management in cybersecurity","volume":"33","author":"Cam","year":"2013","journal-title":"Environ. Syst. Decis."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"945809","DOI":"10.1117\/12.2177405","article-title":"Risk assessment by dynamic representation of vulnerability, exploitation, and impact","volume":"Volume 9458","author":"Ternovskiy","year":"2015","journal-title":"Proceedings of the Cyber Sensing 2015"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Henshel, D., Alexeev, A., Cains, M., Rowe, J., Cam, H., Hoffman, B., and Neamtiu, I. (2016, January 10\u201311). Modeling cybersecurity risks: Proof of concept of a holistic approach for integrated risk quantification. Proceedings of the 2016 IEEE Symposium on Technologies for Homeland Security (HST), Waltham, MA, USA.","DOI":"10.1109\/THS.2016.7568937"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"1429","DOI":"10.1109\/TSMC.2015.2503399","article-title":"Multimodel-Based Incident Prediction and Risk Assessment in Dynamic Cybersecurity Protection for Industrial Control Systems","volume":"46","author":"Zhang","year":"2016","journal-title":"IEEE Trans. Syst. Man Cybern. Syst."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Huang, K., Zhou, C., Tian, Y.C., Tu, W., and Peng, Y. (2017, January 22\u201324). Application of Bayesian network to data-driven cyber-security risk assessment in SCADA networks. Proceedings of the 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), Melbourne, VIC, Australia.","DOI":"10.1109\/ATNAC.2017.8215355"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Peng, Y., Huang, K., Tu, W., and Zhou, C. (2018, January 25\u201327). A Model-Data Integrated Cyber Security Risk Assessment Method for Industrial Control Systems. Proceedings of the 2018 IEEE 7th Data Driven Control and Learning Systems Conference (DDCLS), Enshi, China.","DOI":"10.1109\/DDCLS.2018.8516022"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Zhu, Q., Qin, Y., Zhou, C., and Gao, W. (2018). Extended multilevel flow model-based dynamic risk assessment for cybersecurity protection in industrial production systems. Int. J. Distrib. Sens. Netw., 14.","DOI":"10.1177\/1550147718779564"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2497","DOI":"10.1109\/TII.2017.2768998","article-title":"A Fuzzy Probability Bayesian Network Approach for Dynamic Cybersecurity Risk Assessment in Industrial Control Systems","volume":"14","author":"Zhang","year":"2018","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Zhu, Q., Zhao, Y., Fei, L., and Zhou, C. (2018, January 19\u201323). A Dynamic Decision-Making Approach for Cyber-Risk Reduction in Critical Infrastructure. Proceedings of the 2018 IEEE 8th Annual International Conference on CYBER Technology in Automation, Control, and Intelligent Systems (CYBER), Tianjin, China.","DOI":"10.1109\/CYBER.2018.8688105"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Debnath, J.K., and Xie, D. (2022, January 25\u201328). CVSS-based Vulnerability and Risk Assessment for High Performance Computing Networks. Proceedings of the 2022 IEEE International Systems Conference (SysCon), Montreal, QC, Canada.","DOI":"10.1109\/SysCon53536.2022.9773931"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Zhou, B., Sun, B., Zang, T., Cai, Y., Wu, J., and Luo, H. (2022). Security Risk Assessment Approach for Distribution Network Cyber Physical Systems Considering Cyber Attack Vulnerabilities. Entropy, 25.","DOI":"10.3390\/e25010047"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Kotenko, I., and Doynikova, E. (2013, January 12\u201314). Security metrics for risk assessment of distributed information systems. Proceedings of the 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), Berlin, Germany.","DOI":"10.1109\/IDAACS.2013.6663004"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Ji, X., Yu, H., Fan, G., and Fu, W. (June, January 30). Attack-defense trees based cyber security analysis for CPSs. Proceedings of the 2016 17th IEEE\/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel\/Distributed Computing (SNPD), Shanghai, China.","DOI":"10.1109\/SNPD.2016.7515980"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Abraham, S., and Nair, S. (2015, January 20\u201322). A novel architecture for predictive cybersecurity using non-homogenous markov models. Proceedings of the 2015 IEEE Trustcom\/BigDataSE\/ISPA, Helsinki, Finland.","DOI":"10.1109\/Trustcom.2015.446"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Kanoun, W., Papillon, S., and Dubus, S. (2015, January 23\u201327). Elementary risks: Bridging operational and strategic security realms. Proceedings of the 2015 11th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS), Bangkok, Thailand.","DOI":"10.1109\/SITIS.2015.130"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"535","DOI":"10.1016\/j.future.2017.05.043","article-title":"Dynamic risk management response system to handle cyber threats","volume":"83","author":"Dubus","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Wu, S., Zhang, Y., and Chen, X. (2018, January 7\u201310). Security assessment of dynamic networks with an approach of integrating semantic reasoning and attack graphs. Proceedings of the 2018 IEEE 4th International Conference on Computer and Communications (ICCC), Chengdu, China.","DOI":"10.1109\/CompComm.2018.8780998"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Ivanov, D., Kalinin, M., Krundyshev, V., and Orel, E. (2020, January 27\u201328). Automatic security management of smart infrastructures using attack graph and risk analysis. Proceedings of the 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), London, UK.","DOI":"10.1109\/WorldS450073.2020.9210410"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Fu, Y., Zhu, J., and Gao, S. (2017, January 26\u201329). CPS information security risk evaluation system based on Petri net. Proceedings of the 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), Shenzhen, China.","DOI":"10.1109\/DSC.2017.65"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Ashiku, L., and Dagli, C. (November, January 12). Agent based cybersecurity model for business entity risk assessment. Proceedings of the 2020 IEEE International Symposium on Systems Engineering (ISSE), Vienna, Austria.","DOI":"10.1109\/ISSE49799.2020.9272234"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Krundyshev, V. (2020, January 4\u20137). Neural network approach to assessing cybersecurity risks in large-scale dynamic networks. Proceedings of the 13th International Conference on Security of Information and Networks, Merkez, Turkey.","DOI":"10.1145\/3433174.3433603"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Lin, P., Yang, J., Li, T., and Ai, L. (2018, January 18\u201321). An immune based dynamic risk control system. Proceedings of the 2018 IEEE Symposium Series on Computational Intelligence (SSCI), Bangalore, India.","DOI":"10.1109\/SSCI.2018.8628904"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"102134","DOI":"10.1016\/j.cose.2020.102134","article-title":"An immune-based risk assessment method for digital virtual assets","volume":"102","author":"He","year":"2021","journal-title":"Comput. Secur."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"1423","DOI":"10.1109\/JSYST.2020.3010977","article-title":"Association Analysis-Based Cybersecurity Risk Assessment for Industrial Control Systems","volume":"15","author":"Qin","year":"2021","journal-title":"IEEE Syst. J."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Awan, M.S.K., Burnap, P., Rana, O., and Javed, A. (2015, January 24\u201326). Continuous monitoring and assessment of cybersecurity risks in large computing infrastructures. Proceedings of the 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems, New York, NY, USA.","DOI":"10.1109\/HPCC-CSS-ICESS.2015.224"},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Awan, M.S.K., Burnap, P., and Rana, O. (2015, January 26\u201328). An empirical risk management framework for monitoring network security. Proceedings of the 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, Liverpool, UK.","DOI":"10.1109\/CIT\/IUCC\/DASC\/PICOM.2015.266"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Suh-Lee, C., and Jo, J. (July, January 28). Quantifying security risk by measuring network risk conditions. Proceedings of the 2015 IEEE\/ACIS 14th International Conference on Computer and Information Science (ICIS), Las Vegas, NV, USA.","DOI":"10.1109\/ICIS.2015.7166562"},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Hong, Q., Jianwei, T., Zheng, T., Wenhui, Q., Chun, L., Xi, L., and Hongyu, Z. (2017, January 26\u201328). An information security risk assessment algorithm based on risk propagation in energy internet. Proceedings of the 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2), Beijing, China.","DOI":"10.1109\/EI2.2017.8245703"},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Hong, Q., Jianwei, T., Zheng, T., Wenhui, Q., Xi, L., Hongyu, Z., and Shengsheng, C. (2017, January 24\u201326). An information security risk assessment method based on conduct effect and dynamic threat. Proceedings of the 2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS), Beijing, China.","DOI":"10.1109\/ICSESS.2017.8343029"},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"1389","DOI":"10.1093\/comjnl\/bxy002","article-title":"Security risk assessment of critical infrastructure systems: A comparative study","volume":"61","author":"Buchanan","year":"2018","journal-title":"Comput. J."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Vega-Barbas, M., Villagr\u00e1, V., Monje, F., Riesco, R., Larriva-Novo, X., and Berrocal, J. (2019). Ontology-based system for dynamic risk management in administrative domains. Appl. Sci., 9.","DOI":"10.3390\/app9214547"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"2725","DOI":"10.1016\/j.aej.2020.05.014","article-title":"Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations","volume":"59","author":"Wang","year":"2020","journal-title":"Alex. Eng. J."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"197","DOI":"10.1016\/j.comcom.2020.03.026","article-title":"Construction of information network vulnerability threat assessment model for CPS risk assessment","volume":"155","author":"Xiong","year":"2020","journal-title":"Comput. Commun."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"995","DOI":"10.1109\/TCC.2019.2896632","article-title":"Dynamic Resource Management to Defend against Advanced Persistent Threats in Fog Computing: A Game Theoretic Approach","volume":"9","author":"Feng","year":"2021","journal-title":"IEEE Trans. Cloud Comput."},{"key":"ref_50","unstructured":"Vaddi, P.K., Zhao, Y., and Smidts, C. (July, January 26). Dynamic Probabilistic Risk Assessment for Cyber Security Risk Analysis in Nuclear Reactors. Proceedings of the Probabilistic Safety Assessment & Management Conference\u2014PSAM 16, Honolulu, HI, USA."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"1082442","DOI":"10.3389\/fenrg.2022.1082442","article-title":"A dynamic game model for assessing risk of coordinated physical-cyber attacks in an AC\/DC hybrid transmission system","volume":"10","author":"Liu","year":"2023","journal-title":"Front. Energy Res."},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"2018","DOI":"10.1109\/JSYST.2022.3215591","article-title":"A Cyber-Physical Power System Risk Assessment Model Against Cyberattacks","volume":"17","author":"Yan","year":"2023","journal-title":"IEEE Syst. J."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/MS.2017.4541031","article-title":"Probabilistic Threat Detection for Risk Management in Cyber-physical Medical Systems","volume":"35","author":"Rao","year":"2017","journal-title":"IEEE Softw."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"608","DOI":"10.1109\/TII.2017.2740571","article-title":"Asset-based dynamic impact assessment of cyberattacks for risk analysis in industrial control systems","volume":"14","author":"Li","year":"2018","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_55","first-page":"244","article-title":"A method for developing qualitative security risk assessment algorithms","volume":"Volume 10694","author":"Erdogan","year":"2018","journal-title":"Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"113580","DOI":"10.1016\/j.dss.2021.113580","article-title":"A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs","volume":"147","author":"Armenia","year":"2021","journal-title":"Decis. Support Syst."},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Antunes, L., Naldi, M., Italiano, G.F., Rannenberg, K., and Drogkaris, P. (2020). Privacy Technologies and Policy, Springer.","DOI":"10.1007\/978-3-030-55196-4"},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Gonzalez-Granadillo, G., Menesidou, S., Papamartzivanos, D., Romeu, R., Navarro-Llobet, D., Okoh, C., Nifakos, S., Xenakis, C., and Panaousis, E. (2021). Automated cyber and privacy risk management toolkit. Sensors, 21.","DOI":"10.3390\/s21165493"},{"key":"ref_59","doi-asserted-by":"crossref","unstructured":"Liatifis, A., Alcazar, P.R., Grammatikis, P.R., Papamartzivanos, D., Menesidou, S., Krousarlis, T., Alberto, M.M., Angulo, I., Sarigiannidis, A., and Lagkas, T. (July, January 27). Dynamic Risk Assessment and Certification in the Power Grid: A Collaborative Approach. Proceedings of the 2022 IEEE 8th International Conference on Network Softwarization (NetSoft), Milan, Italy.","DOI":"10.1109\/NetSoft54395.2022.9844034"},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Rao, A., Carre\u00f3n, N.A., Lysecky, R., and Rozenblit, J. (2022). FIRE: A Finely Integrated Risk Evaluation Methodology for Life-Critical Embedded Systems. Information, 13.","DOI":"10.3390\/info13100487"},{"key":"ref_61","doi-asserted-by":"crossref","unstructured":"Semertzis, I., Rajkumar, V.S., Stefanov, A., Fransen, F., and Palensky, P. (2022, January 3). Quantitative Risk Assessment of Cyber Attacks on Cyber-Physical Systems using Attack Graphs. Proceedings of the 2022 10th Workshop on Modelling and Simulation of Cyber-Physical Energy Systems (MSCPES), Milan, Italy.","DOI":"10.1109\/MSCPES55116.2022.9770140"},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"2453","DOI":"10.1109\/TII.2022.3168774","article-title":"Attack Intention Oriented Dynamic Risk Propagation of Cyberattacks on Cyber-Physical Power Systems","volume":"19","author":"Hu","year":"2023","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_63","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1007\/s10664-021-10056-8","article-title":"CyberSAGE: The cyber security argument graph evaluation tool","volume":"28","author":"Temple","year":"2023","journal-title":"Empir. Softw. Eng."},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"715","DOI":"10.1007\/s10207-019-00433-2","article-title":"Leveraging cyber threat intelligence for a dynamic risk framework: Automation by using a semantic reasoner and a new combination of standards (STIX\u2122, SWRL and OWL)","volume":"18","author":"Riesco","year":"2019","journal-title":"Int. J. Inf. Secur."},{"key":"ref_65","doi-asserted-by":"crossref","unstructured":"Collen, A., and Nijdam, N.A. (2022). Can I Sleep Safely in My Smarthome? A Novel Framework on Automating Dynamic Risk Assessment in IoT Environments. Electronics, 11.","DOI":"10.3390\/electronics11071123"},{"key":"ref_66","doi-asserted-by":"crossref","unstructured":"Geiger, G. (2014, January 7\u201310). ICT Security Risk Management: Economic Perspectives. Proceedings of the Federated Conference on Computer Science and Information Systems, Warsaw, Poland.","DOI":"10.15439\/2014F439"},{"key":"ref_67","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1109\/MCS.2014.2364709","article-title":"Secure Control Systems: A Quantitative Risk Management Approach","volume":"35","author":"Teixeira","year":"2015","journal-title":"IEEE Control. Syst. Mag."},{"key":"ref_68","unstructured":"Henley, E.J., and Hiromitsu, K. (2000). Probablistic Risk Assessment and Management for Engineers and Scientists, Wiley\u2014IEEE Press. [2nd ed.]."},{"key":"ref_69","first-page":"329","article-title":"Analysis of features and prospects of application of dynamic iterative assessment of information security risks","volume":"2923","author":"Berestov","year":"2021","journal-title":"CEUR Workshop Proc."},{"key":"ref_70","doi-asserted-by":"crossref","first-page":"583","DOI":"10.1016\/j.isatra.2007.04.003","article-title":"Cyber security risk assessment for SCADA and DCS networks","volume":"46","author":"Ralston","year":"2007","journal-title":"ISA Trans."},{"key":"ref_71","unstructured":"Larriva-Novo, X., Vega-Barbas, M., Villagr\u00e1, V.A., Rivera, D., Sanz, M., and \u00c1lvarez Campana, M. (2020, January 25\u201328). Dynamic Risk Management Architecture Based on Heterogeneous Data Sources for Enhancing the Cyber Situational Awareness in Organizations. Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES \u201920), New York, NY, USA."},{"key":"ref_72","doi-asserted-by":"crossref","first-page":"101589","DOI":"10.1016\/j.cose.2019.101589","article-title":"Cyber threat intelligence sharing: Survey and research directions","volume":"87","author":"Wagner","year":"2019","journal-title":"Comput. Secur."},{"key":"ref_73","doi-asserted-by":"crossref","first-page":"144","DOI":"10.1016\/j.inffus.2021.03.003","article-title":"LPPTE: A lightweight privacy-preserving trust evaluation scheme for facilitating distributed data fusion in cooperative vehicular safety applications","volume":"73","author":"Liu","year":"2021","journal-title":"Inf. Fusion"},{"key":"ref_74","doi-asserted-by":"crossref","first-page":"103371","DOI":"10.1016\/j.cose.2023.103371","article-title":"A framework for threat intelligence extraction and fusion","volume":"132","author":"Guo","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Guo, J., Liu, Z., Tian, S., Huang, F., Li, J., Li, X., Igorevich, K.K., and Ma, J. (IEEE J. Sel. Areas Commun., 2023). TFL-DT: A Trust Evaluation Scheme for Federated Learning in Digital Twin for Mobile Networks, IEEE J. Sel. Areas Commun., early access.","DOI":"10.1109\/JSAC.2023.3310094"},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Schaberreiter, T., Kupfersberger, V., Rantos, K., Spyros, A., Papanikolaou, A., Ilioudis, C., and Quirchmayr, G. (2019, January 26\u201329). A Quantitative Evaluation of Trust in the Quality of Cyber Threat Intelligence Sources. Proceedings of the 14th International Conference on Availability, Reliability and Security, Canterbury, UK.","DOI":"10.1145\/3339252.3342112"}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/15\/10\/324\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T21:01:04Z","timestamp":1760130064000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/15\/10\/324"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9,28]]},"references-count":76,"journal-issue":{"issue":"10","published-online":{"date-parts":[[2023,10]]}},"alternative-id":["fi15100324"],"URL":"https:\/\/doi.org\/10.3390\/fi15100324","relation":{},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,9,28]]}}}