Risk assessment method for IoT software supply chain vulnerabilities-Reference-Cited by-同舟云学术

Risk assessment method for IoT software supply chain vulnerabilities

Published:2021-01-01 Issue:1 Volume:1732 Page:012051
ISSN:1742-6588
Container-title:Journal of Physics: Conference Series
language:
Short-container-title:J. Phys.: Conf. Ser.

Author:

Zhu Zhicheng,Lan Kun,Rao Zhihong,Zhang Yuguang

Abstract

Abstract With the development of IoT technology, the number of attacks against IoT software chain vulnerabilities is greater than ever, and a reasonable vulnerability assessment system needs to be established for research. The Common Vulnerability Scoring System (CVSS) is a free, public risk assessment system used by information security vendors to assess the severity of vulnerability threats. However, CVSS is insufficient because of the strong subjectivity in the selection of measurement standards and the allocation of evaluation index weights. Based on this reason, this paper designs and proposes a more objective risk assessment method for IoT software chain vulnerabilities, and verifies the feasibility and effectiveness of the method through experiments.

Publisher

IOP Publishing

Subject

General Physics and Astronomy

Link

https://iopscience.iop.org/article/10.1088/1742-6596/1732/1/012051/pdf

Reference7 articles.

1. An Automatic Software Vulnerability Classification Framework [C];Davari,2017

2. How maverick developers can create risk in the software and IoT supply chain [J];Luszcz;Network Security,2017

3. Protecting Endpoint Devices in IoT Supply Chain [J];Yang,2015

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Theoretical Perspectives on Sustainable Supply Chain Management and Digital Transformation: A Literature Review and a Conceptual Framework;Sustainability;2022-04-18