This survey comprehensively analyzes the IoT threat landscape by detailing 28 common attacks and mapping them to foundational vulnerability classes, providing a structured roadmap for building secure…

This paper provides the first comprehensive threat model for IoT-enabled Controlled Environment Agriculture (CEA) systems, identifying 123 unique threats and proposing a defense-in-depth framework to…

This paper proposes a comprehensive, risk-based auditing framework designed to help internal and external auditors assess the cybersecurity risks posed by diverse IoT devices within corporate and indu…

This paper proposes an explainable threat attribution system for IoT networks that uses SHAP and flow behavior modeling to accurately classify and explain over 30 distinct attack variants into 8 meani…

HySecTwin introduces a knowledge-driven digital twin framework that uses semantic modeling and hybrid reasoning to provide explainable, context-aware, and high-speed threat detection for complex Cyber…

The paper introduces BYOT-CPS, a hybrid cyber-physical testbed that bridges the gap between purely simulated and purely physical IoT testing environments, enabling realistic and scalable security asse…

This paper investigates the vulnerability of machine learning-based fault detection and localization systems in Cyber-Physical Systems (CPS) to backdoor attacks, demonstrating that such attacks are su…

The paper proposes a semi-automated framework that integrates network topology and vulnerability data to generate and analyze multi-step attack graphs in Industrial Control Systems, demonstrated using…

The paper proposes a novel semi-automated method to perform continuous threat modeling by inferring the actual system architecture from combined static configuration and dynamic network flow data, sig…

This paper systematically identifies long-term operational risks associated with smart household appliances, using the smart fridge as a case study, and finds that even basic functions are vulnerable…

The paper introduces ASTRAL, a multimodal LLM-driven framework that reconstructs and analyzes fragmented cyber-physical system architectures to enable comprehensive and quantitative security risk asse…

The paper provides a holistic threat model for LLM-enabled robotic systems by analyzing how conventional, adversarial, and conversational threats propagate across the entire perception-planning-actuat…

This paper conducts a literature review of non-academic publications to consolidate current knowledge, trends, and future challenges regarding the industrial integration of IoT devices within a Zero T…

This survey reviews hardware-rooted trust mechanisms, such as PUFs and TPMs, demonstrating that hardware-based solutions are superior to software-only methods for ensuring secure authentication and AI…

This paper evaluates and compares HAZOP and Bow-Tie analysis, demonstrating that while both are useful for cyber risk assessment in hydropower, a coordinated adversary can bypass conventional safeguar…

This survey provides a comprehensive, systematic roadmap for achieving cyber-physical system (CPS) resilience by integrating five interconnected themes: system-wide properties, handling data scarcity…

SMSI is a novel neuro-symbolic pipeline that automates threat modeling for cyber-physical systems by generating a prioritized list of NIST 800-53 security controls directly from a SysML architecture m…

This paper analyzes MQTT security in IoT, demonstrating critical vulnerabilities like eavesdropping and DoS due to weak encryption and authentication, and proposes mitigation strategies.

This paper discusses the significant challenges in developing a holistic intrusion detection system for Industrial Control Systems (ICS) that must cover all operational dimensions.

This paper systematically evaluates Provenance-based Intrusion Detection Systems (PIDSes) in real industrial scenarios, revealing that existing systems struggle with data heterogeneity, advanced attac…