Search Results (52)

According to Fortune Business Insights, the market share of the Internet of Vehicless is expected to grow from USD 95.62 billion in 2021 to USD 369.61 billion in 2028, at a compound annual growth rate of 21.4%. However, the Internet of Vehicles system still faces several challenges, including regulation, scalability, data management, connectivity, interoperability, privacy, and security. To improve communication security within the Internet of Vehicle system, we have implemented a secure cryptographic algorithm called Optimized Certificateless Key-Encapsulated Encryption, resulting from a fusion of the key-insulated cryptosystem and the cryptographic key-encapsulated mechanism. The formal security analysis of our algorithm using the AVISPA version 1.1 software shows us that our protocol is safe. Informal analysis shows that our algorithm ensures authenticity, confidentiality, integrity, and non-repudiation and resists several other attacks. Our algorithm’s computational and communicational costs are slightly better than those at which it inherits the functionalities. Full article

Maritime transportation accounts for approximately 80 percent of global trade volume, with modern vessels increasingly reliant on Software-Defined Radio (SDR) technologies for communication and navigation. However, the very flexibility and reconfigurability that make SDRs advantageous also introduce complex radio frequency vulnerabilities exposing ships to threats that jeopardize vessel security, and this disrupts global supply chains. This survey paper systematically examines the security landscape of maritime SDR systems through a threat modeling lens. Following Preferred Reporting Items for Systematic Reviews and Meta-Analyses guidelines, we analyzed 84 peer-reviewed publications (from 2002 to 2025) and applied the STRIDE framework to identify and categorize maritime SDR threats. We identified 44 distinct threat types, with tampering attacks being most prevalent (36 instances), followed by Denial of Service (33 instances), Repudiation (30 instances), Spoofing (23 instances), Information Disclosure (24 instances), and Elevation of Privilege (28 instances). These threats exploit vulnerabilities across device, software, network, message, and user layers, targeting critical systems including Global Navigation Satellite Systems, Automatic Identification Systems, Very High Frequency or Digital Selective Calling systems, Electronic Chart Display and Information Systems, and National Marine Electronics Association 2000 networks. Our analysis reveals that maritime SDR threats are multidimensional and interdependent, with compromises at any layer potentially cascading through entire maritime operations. Significant gaps remain in authentication mechanisms for core protocols, supply chain assurance, regulatory frameworks, multi-layer security implementations, awareness training, and standardized forensic procedures. Further analysis highlights that securing maritime SDRs requires a proactive security engineering that integrates secured hardware architectural designs, cryptographic authentications, adaptive spectrum management, strengthened international regulations, awareness education, and standardized forensic procedures to ensure resilience and trustworthiness. Full article

As humanoid robots move from controlled industrial environments into everyday human life, their safe integration is essential for societal acceptance and effective human–robot interaction (HRI). This scoping review examines engineering safety frameworks for humanoid robots across four core domains: (1) physical safety in HRI, (2) cybersecurity and software robustness, (3) safety standards and regulatory frameworks, and (4) ethical and societal implications. In the area of physical safety, recent research trends emphasize proactive, multimodal perception-based collision avoidance, the use of compliance mechanisms, and fault-tolerant control to handle hardware failures and falls. In cybersecurity and software robustness, studies increasingly address the full threat landscape, secure real-time communication, and reliability of artificial intelligence (AI)-based control. The analysis of standards and regulations reveals a lag between technological advances and the adaptation of key safety standards in current research. Ethical and societal studies show that safety is also shaped by user trust, perceived safety, and data protection. Within the corpus of 121 peer-reviewed studies published between 2021 and 2025 and included in this review, most work concentrates on physical safety, while cybersecurity, standardization, and socio-ethical aspects are addressed less frequently. These gaps point to the need for more integrated, cross-domain approaches to safety engineering for humanoid robots. Full article

The societal effects of cybersecurity are widely discussed, but it remains less clear how software security regulations specifically contribute to building a resilient society, particularly in relation to Sustainable Development Goals 5 (Gender Equality), 10 (Reduced Inequalities), and 16 (Peace, Justice and Strong Institutions). This study investigates this connection by examining key EU and U.S. strategies through comparative legal analysis, software development (SDLC) case studies, and a normative–sociological lens. Our findings reveal that major regulations—such as the EU’s Cyber Resilience Act and the U.S. SBOM rules—are not merely reactive, but proactively embed resilience as a fundamental mode of operation. This approach structurally reallocates digital risks from users to manufacturers, reframing software security from a matter of compliance to one of social fairness and institutional trust. We conclude that integrating ‘resilience by design’ into technology rules is more than a technical fix; it is a mechanism that makes digital access fairer and better protects vulnerable populations, enabling technology and society to advance cohesively. Full article

The Internet of Medical Things (IoMT) is a rapidly expanding network of medical devices, sensors, and software that exchange patient health data. While IoMT supports personalized care and operational efficiency, it also introduces significant privacy risks, especially when handling sensitive health information. Data Identification and Classification (DIC) are therefore critical for distinguishing which data attributes require stronger safeguards. Effective DIC contributes to privacy preservation, regulatory compliance, and more efficient data management. This study introduces SDAIPA (SDAIA-HIPAA), a standardized hybrid IoMT data classification framework that integrates principles from HIPAA and SDAIA with a dual risk perspective—uniqueness and harm potential—to systematically classify IoMT health data. The framework’s contribution lies in aligning regulatory guidance with a structured classification process, validated by domain experts, to provide a practical reference for sensitivity-aware IoMT data management. In practice, SDAIPA can assist healthcare providers in allocating encryption resources more effectively, ensuring stronger protection for high-risk attributes such as genomic or location data while minimizing overhead for lower-risk information. Policymakers may use the standardized IoMT data list as a reference point for refining privacy regulations and compliance requirements. Likewise, AI developers can leverage the framework to guide privacy-preserving training, selecting encryption parameters that balance security with performance. Collectively, these applications demonstrate how SDAIPA can support proportionate and regulation-aligned protection of health data in smart healthcare systems. Full article

Background/Objectives: Artificial Intelligence (AI) is improving dentistry through increased accuracy in diagnostics, planning, and workflow automation. AI tools, including machine learning (ML) and deep learning (DL), are being adopted in oral medicine to improve patient care, efficiency, and lessen clinicians’ workloads. AI in dentistry, despite its use, faces an issue of acceptance, with its obstacles including ethical, legal, and technological ones. In this article, a review of current AI use in oral medicine, new technology development, and integration barriers is discussed. Methods: A narrative review of peer-reviewed articles in databases such as PubMed, Scopus, Web of Science, and Google Scholar was conducted. Peer-reviewed articles over the last decade, such as AI application in diagnostic imaging, predictive analysis, real-time documentation, and workflows automation, were examined. Besides, improvements in AI models and critical impediments such as ethical concerns and integration barriers were addressed in the review. Results: AI has exhibited strong performance in radiographic diagnostics, with high accuracy in reading cone-beam computed tomography (CBCT) scan, intraoral photographs, and radiographs. AI-facilitated predictive analysis has enhanced personalized care planning and disease avoidance, and AI-facilitated automation of workflows has maximized administrative workflows and patient record management. U-Net-based segmentation models exhibit sensitivities and specificities of approximately 93.0% and 88.0%, respectively, in identifying periapical lesions on 2D CBCT slices. TensorFlow-based workflow modules, integrated into vendor platforms such as Planmeca Romexis, can reduce the processing time of patient records by a minimum of 30 percent in standard practice. The privacy-preserving federated learning architecture has attained cross-site model consistency exceeding 90% accuracy, enabling collaborative training among diverse dentistry clinics. Explainable AI (XAI) and federated learning have enhanced AI transparency and security with technological advancement, but barriers include concerns regarding data privacy, AI bias, gaps in AI regulating, and training clinicians. Conclusions: AI is revolutionizing dentistry with enhanced diagnostic accuracy, predictive planning, and efficient administration automation. With technology developing AI software even smarter, ethics and legislation have to follow in order to allow responsible AI integration. To make AI in dental care work at its best, future research will have to prioritize AI interpretability, developing uniform protocols, and collaboration between specialties in order to allow AI’s full potential in dentistry. Full article

During heavy rainfalls, overflowing sewage water flows from the Combined Sewer Overflow (CSO) chambers and pollutes the Trnávka River in Trnava, Slovakia. This paper aims to propose water retention measures for the Trnávka River as a remediation technique for CSO-affected watercourses, which can contribute to the ‘flushing’ of the riverbed. During heavy rainfalls, the Trnávka River is polluted by solid, non-soluble materials, which produce unpleasant odors and are the subject of numerous complaints by citizens, particularly during low water levels. Three inflatable rubber weirs were designed, and their design was verified using a 1D numerical model of the Trnávka River. The simulations of the proposed measures performed in the HEC-RAS 5.0 software excluded the adverse effect of the backwater on the functioning of the CSO chambers in the city of Trnava during normal flow rates and confirmed that, even after installation of the weirs, the transition of the flood wave will pass in the riverbed, not causing the flooding of the adjacent area. The chemical–physical study of the Trnávka River confirmed our assumption that higher flow rates, which can be secured by the regulation of the proposed weirs, can contribute to the purity of the watercourse in the city of Trnava. Full article

The increasing integration of digital technologies in healthcare has expanded the attack surface for privacy violations in critical systems such as electronic health records (EHRs), telehealth platforms, and medical device software. However, current vulnerability detection datasets lack domain-specific privacy annotations essential for compliance with healthcare regulations like HIPAA and GDPR. This study presents C3-VULMAP, a novel and large-scale dataset explicitly designed for privacy-aware vulnerability detection in healthcare software. The dataset comprises over 30,000 vulnerable and 7.8 million non-vulnerable C/C++ functions, annotated with CWE categories and systematically mapped to LINDDUN privacy threat types. The objective is to support the development of automated, privacy-focused detection systems that can identify fine-grained software vulnerabilities in healthcare environments. To achieve this, we developed a hybrid construction methodology combining manual threat modeling, LLM-assisted synthetic generation, and multi-source aggregation. We then conducted comprehensive evaluations using traditional machine learning algorithms (Support Vector Machines, XGBoost), graph neural networks (Devign, Reveal), and transformer-based models (CodeBERT, RoBERTa, CodeT5). The results demonstrate that transformer models, such as RoBERTa, achieve high detection performance (F1 = 0.987), while Reveal leads GNN-based methods (F1 = 0.993), with different models excelling across specific privacy threat categories. These findings validate C3-VULMAP as a powerful benchmarking resource and show its potential to guide the development of privacy-preserving, secure-by-design software in embedded and electronic healthcare systems. The dataset fills a critical gap in privacy threat modeling and vulnerability detection and is positioned to support future research in cybersecurity and intelligent electronic systems for healthcare. Full article

The determination of the actual crop water requirement (CWR) today represents an important prerogative for combating climate change. A three-year trial was conducted to ad-dress the need to provide adequate support to processing tomato growers in defining the correct amounts of water to be supplied. In fact, the objective of this work was to calculate the water requirement of processing tomatoes, specifically analyzing their irrigation needs using the CROPWAT 8.0 software and through capacitive and tensiometric probes. Furthermore, for both methods, the tomato yield was evaluated both by supplying 100% of its water requirement and by supplying, through regulated deficit irrigation (RDI), 70% of its water requirement. Subsequently, for each irrigation strategy employed and for each CWR calculation method, the water footprint was calculated by analyzing the blue, green, and grey components. In the years 2022 and 2023, there was an overestimation of CWR of 13.5% for IR100 and 13.94% for IR70, and 14.53% for IR100 and 11.65% for IR70, respectively, while in 2024 there was an underestimation, with values of 9.17% and 5.22% for the IR100 and IR70 treatments compared to the values obtained with the probes. The total WF of tomatoes varied between 33.42 and 51.91 m³ t⁻¹ with the CROPWAT model and between 35.82 and 47.19 m³ t⁻¹ with the probes for IR100, while for RDI70, the values ranged between 38.72 and 59.44 m³ t⁻¹ with the CROPWAT method and between 35.81 and 53.95 m³ t⁻¹ with the probe method. In water-scarce regions, integrating the CROPWAT 8.0 model (enhanced with real-world data) and implementing smart systems can significantly improve water management, refine decision-making processes, and mitigate environmental impacts. This approach directly addresses the urgent need for water security within sustainable agriculture. Full article

The pandemic forced educators to shift abruptly to distance learning, also referred to as e-learning education. Educational institutions integrated new educational tools and online platforms. Several schools, colleges, and universities began incorporating online laboratories in different fields of education, such as engineering, information technology, physics, and chemistry. Online laboratories may take the form of virtual laboratories, software-based simulations available via the Internet, or remote labs, which involve accessing physical equipment online. Adopting remote laboratories as a substitute for conventional hands-on labs has raised concerns regarding the safety and security of both the remote lab stations and the Online Laboratory Management Systems (OLMSs). Design patterns and architectures need to be developed to attain security by design in remote laboratories. Before these can be developed, software architects and developers must understand the domain and existing and proposed solutions. This paper presents an extensive literature review of safety and security concerns related to remote laboratories and an overview of the industry, national and multinational standards, and legal requirements and regulations that need to be considered in building secure and safe Online Laboratory Management Systems. This analysis provides a taxonomy and classification of published standards as well as security and safety problems and possible solutions that can facilitate the documentation of best practices, and implemented solutions to produce security by design for remote laboratories and OLMSs. Full article

With the requirements of government data protection regulations and industrial concerns regarding data protection and privacy, the security level required for data privacy and protection has increased. This has led researchers to investigate techniques that can train cybersecurity machine learning (ML) models without sharing personal data. Federated Learning (FL) is a newly developed decentralized and distributed ML mechanism that emphasize privacy. In this technique, a learning algorithm is trained without collecting or exchanging sensitive data from distributed client models running at different locations. With the rapid increase in the number of cybersecurity attacks reported in the aviation industry in the last two decades, strong, dynamic, and effective countermeasures are required to protect the aviation industry and air passengers against such attacks, which can most of the time lead to catastrophic situations. This paper proposes and implements an FL model for identifying cyberattacks on a Software Defined Network (SDN)-based aeronautical communication networks. The machine learning model used in the FL architecture is a Deep Neural Network (DNN) model. The publicly available National Security Laboratory–Knowledge Discovery and Datamining (NSL-KDD) dataset was employed to train and validate the proposed FL model. The simulation results illustrated that the FL-based system can accurately and effectively identify potential cybersecurity attacks and minimize the risk of data and service exposure without degrading model performance. A comparison was also made between the FL and non-FL machine learning models. Preliminary results demonstrated that the FL model outperformed the non-FL machine learning approaches. FL reached an accuracy of 96%, compared to 76% and 83% for NFL. Full article

The proliferation of Internet of Things (IoT) devices and big data has catalyzed the emergence of data markets. Regulatory and technological frameworks such as International Data Spaces (IDS) have been developed to facilitate secure data exchange while integrating security and data sovereignty aspects required by laws and regulations, such as the GDPR and NIS2. Recently, novel attack vectors have taken a toll on many enterprises, causing significant damage despite the deployed security mechanisms. Hence, it is reasonable to assume that the IDS may be just as susceptible. In this paper, we conduct a STRIDE threat analysis on IDS to assess its susceptibility to traditional and emerging cybersecurity threats. Specifically, we evaluate novel threats such as Man-in-the-Middle (MitM) attacks, compromised end-user devices, SIM swapping, and potential backdoors in commonly used open-source software. Our analysis identifies multiple vulnerabilities, particularly at the trust boundary (TB) between users and the IDS system. These include the traditionally troublesome Denial of Service (DoS) attacks, key management weaknesses, and the mentioned novel threats. We discuss the hacking techniques, tools, and associated risks to the IDS framework, followed by targeted mitigation strategies and recommendations. This paper provides a framework for performing a STRIDE-based threat analysis of the IDS. Using the proposed methodology, we identified the most potent threats and suggested solutions, thus contributing to the development of a safer and more resilient data space architecture. Full article

Numerous attempts have been made to create a secure system that meets the criteria and requirements of the automotive vehicle development life cycle. However, a critical gap exists in the secure development lifecycle, particularly concerning the development and maintenance of software after the vehicle has been sold by the manufacturer. This step is often overlooked by original equipment manufacturers (OEMs), especially after the expiration of the vehicle warranty period, given the cost that it will require to update and test the software in their vehicles. This paper addresses the issues that affect current and future vehicle cybersecurity, during the maintenance of cybersecurity, and how the neglect of it could end up creating hazards for the vehicle owner or other road users. To accomplish this, we will employ the technology adoption model (TAM) as a theoretical framework, which is used to understand and predict how organizations adopt technology. Thus, through qualitative and quantitative research, including text mining, we identify the challenges in the adoption and diffusion of cybersecurity maintenance in the automotive sector and its supply chain. In addition, we propose possible solutions on how to maintain a level of security that will benefit road users, OEMs and regulators, covering the cybersecurity needs for the vehicle’s usable life, taking into account the vehicle’s heterogeneity of components and technology, connectivity, environmental impact and cost of production and maintenance of a vehicle. Full article

The secure and efficient collection of patients’ vital information is a challenge faced by the healthcare industry. Through the adoption and application of Internet of Things (IoT), the healthcare industry has seen an improvement in the quality of delivered services and patient safety. However, IoT utilization in healthcare is challenging due to the sensitive nature of patients’ clinical information and communicating this across heterogeneous networks and among IoT devices. We conducted a semi-systematic literature review to provide an overview of IoT security and privacy challenges in the healthcare sector over time. We collected 279 studies from 5 scientific databases, of which 69 articles met the requirements for inclusion. We performed thematic and qualitative content analysis to extract trends and information. According to our analysis, the vulnerabilities in IoT in healthcare are classified into three main layers: perception, network, and application. We comprehensively reviewed IoT privacy and security threats on each layer. Different technological advancements were suggested to address the identified vulnerabilities in healthcare. This review has practical implications, emphasizing that healthcare organizations, software developers, and device manufacturers must prioritize healthcare IoT security and privacy. A comprehensive, multilayered security approach, security-by-design principles, and training for staff and end-users must be adopted. Regulators and policy makers must also establish and enforce standards and regulations that promote the security and privacy of healthcare IoT. Overall, this study underscores the importance of ensuring the security and privacy of healthcare IoT, with stakeholders’ coordinated efforts to address the complex and evolving security and privacy threats in this field. This can enhance healthcare IoT trust and reliability, reduce the risks of security and privacy issues and attacks, and ultimately improve healthcare delivery quality and safety. Full article

Modern vehicles are increasingly interconnected through various communication channels, which requires secure access for authorized users, the protection of driver assistance and autonomous driving system data, and the assurance of data integrity against misuse or manipulation. While these advancements offer numerous benefits, recent years have exposed many intrusion incidents, revealing vulnerabilities and weaknesses in current systems. To sustain and enhance the performance, quality, and reliability of vehicle systems, software engineers face significant challenges, including in diverse communication channels, software integration, complex testing, compatibility, core reusability, safety and reliability assurance, data privacy, and software security. Addressing cybersecurity risks presents a substantial challenge in finding practical solutions to these issues. This study aims to analyze the current state of research regarding automotive cybersecurity, with a particular focus on four main themes: frameworks and technologies, standards and regulations, monitoring and vulnerability management, and testing and validation. This paper highlights key findings, identifies existing research gaps, and proposes directions for future research that will be useful for both researchers and practitioners. Full article