External Links

    Journal: IEEE Security & Privacy

    Volume 21, Issue 6

    4 -- 7Mary Ellen Zurko. Unusable Security for Attackers [From the Editors]
    8 -- 10Fabio Massacci, Laurie A. Williams. Software Supply Chain Security [Guest Editors' Introduction]
    12 -- 23Musard Balliu, Benoit Baudry, Sofia Bobadilla, Mathias Ekstedt, Martin Monperrus, Javier Ron Arteaga, Aman Sharma, Gabriel Skoglund, César Soto-Valero, Martin Wittlinger. Challenges of Producing Software Bill of Materials for Java
    24 -- 33Ákos Milánkovich, Katja Tuma. Delta Security Certification for Software Supply Chains
    34 -- 49Piergiorgio Ladisa, Serena Elisa Ponta, Antonino Sabetta, Matias Martinez, Olivier Barais. Journey to the Center of Software Supply Chain Attacks
    50 -- 54Santiago Torres-Arias, Daniel E. Geer, John Speed Meyers. A Viewpoint on Knowing Software: Bill of Materials Quality When You See It
    55 -- 58Marcela S. Melara, Santiago Torres-Arias. A Viewpoint on Software Supply Chain Security: Are We Getting Lost in Translation?
    59 -- 63Marcel Fourné, Dominik Wermke, Sascha Fahl, Yasemin Acar. A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda
    64 -- 75Matthias Eckhart, Andreas Ekelhart, David Allison, Magnus Almgren, Katharina Ceesay-Seitz, Helge Janicke, Simin Nadjm-Tehrani, Awais Rashid, Mark Yampolskiy. Security-Enhancing Digital Twins: Characteristics, Indicators, and Future Perspectives
    76 -- 88Nusrat Zahan, Parth Kanakiya, Brian Hambleton, Shohanuzzaman Shohan, Laurie A. Williams. OpenSSF Scorecard: On the Path Toward Ecosystem-Wide Automated Security Metrics
    90 -- 94Florian Kerschbaum, Nils Lukas. Privacy-Preserving Machine Learning [Cryptography]
    95 -- 96Bruce Schneier. Trustworthy AI Means Public AI [Last Word]

    Volume 21, Issue 5

    4 -- 5Tadayoshi Kohno. In Your Eyes
    6 -- 17Jingwei Wu, Wanxi Mao, Yuxin Deng, Jinghong Xu. Child Safety and Data Privacy in Smart Homes With Speakers: Comparison of Privacy Policies in the United States and China
    18 -- 32Abdul Majeed, Seong Oun Hwang. Rectification of Syntactic and Semantic Privacy Mechanisms
    33 -- 42Priyanka Nanayakkara, Jessica Hullman. What's Driving Conflicts Around Differential Privacy for the U.S. Census
    43 -- 54Sebastian Obermeier 0001, Thomas Jösler, Stephan Renggli, Maurus Unternährer, Bernhard M. Hämmerli. Automating Recovery in Mixed Operation Technology/IT Critical Infrastructures
    55 -- 66Eric Ruzomberka, David J. Love, Christopher G. Brinton, Arpit Gupta, Chih-Chun Wang, H. Vincent Poor. Challenges and Opportunities for Beyond-5G Wireless Security
    68 -- 72Padmanabhan Krishnan, Cristina Cifuentes, Li Li 0029, Tegawendé F. Bissyandé, Jacques Klein. Why Is Static Application Security Testing Hard to Learn?
    72 -- 77Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, Konrad Rieck. Lessons Learned on Machine Learning for Computer Security
    79 -- 84Frank Piessens. Transient Execution Attacks
    85 -- 94Konstantinos Adamos, Fabio Di Franco, Athanasios Vasileios Grammatopoulos. An Analysis of European Union Cybersecurity Higher Education Programs Through the Crowd-Sourced Database CyberHEAD
    95 -- 96Daniel E. Geer. Convergence: Ongoing

    Volume 21, Issue 4

    4 -- 8Sean Peisert. On Software Infrastructure: Develop, Prove, Profit?
    9 -- 0Gabriela F. Ciocarlie, Jianying Zhou 0001. Securing Critical Infrastructure Across Cyber and Physical Dimensions
    10 -- 19Adeen Ayub, Wooyeon Jo, Syed Ali Qasim, Irfan Ahmed 0001. How Are Industrial Control Systems Insecure by Design? A Deeper Insight Into Real-World Programmable Logic Controllers
    20 -- 28Luis Burbano, Kunal Garg, Santiago J. Leudo, Alvaro A. Cárdenas, Ricardo G. Sanfelice. Online Attack Recovery in Cyberphysical Systems
    29 -- 38Rodrigo Roman, Cristina Alcaraz, Javier López 0001, Kouichi Sakurai. Current Perspectives on Securing Critical Infrastructures' Supply Chains
    39 -- 50Constantine Doumanidis, Yongyu Xie, Prashant Hari Narayan Rajput, Ryan Pickren, Burak Sahin, Saman Zonouz, Michail Maniatakos. Dissecting the Industrial Control Systems Software Supply Chain
    51 -- 60Aditya P. Mathur. Reconfigurable Digital Twin to Support Research, Education, and Training in the Defense of Critical Infrastructure
    61 -- 73Martin Strohmeier, Mauro Leonardi, Sergei Markochev, Fabio Ricciato, Matthias Schäfer 0002, Vincent Lenders. In Pursuit of Aviation Cybersecurity: Experiences and Lessons From a Competitive Approach
    74 -- 83Khaled Sarieddine, Mohammad Ali Sayed, Danial Jafarigiv, Ribal Atallah, Mourad Debbabi, Chadi Assi. A Real-Time Cosimulation Testbed for Electric Vehicle Charging and Smart Grid Security
    84 -- 93David M. Nicol, Gregory Shannon, Monika Akbar, Matt Bishop, Michael M. Chaney, Matthew E. Luallen. Toward Common Weakness Enumerations in Industrial Control Systems
    94 -- 98Nigel P. Smart. Computing on Encrypted Data
    99 -- 100Steven M. Bellovin. Is Cybersecurity Liability a Liability?

    Volume 21, Issue 3

    4 -- 5Trent Jaeger. On Bridges and Software
    6 -- 7Trent Jaeger, Brent ByungHoon Kang, Nele Mentens, Cynthia Sturton. Impact of Emerging Hardware on Security and Privacy
    8 -- 15Soyeon Park, Sangho Lee 0001, Taesoo Kim. Memory Protection Keys: Facts, Key Extension Perspectives, and Discussions
    16 -- 26Vikram Narayanan, Anton Burtsev. The Opportunities and Limitations of Extended Page Table Switching for Fine-Grained Isolation
    27 -- 36Andres Meza, Francesco Restuccia, Jason Oberg, Dominic Rizzo, Ryan Kastner. Security Verification of the OpenTitan Hardware Root of Trust
    37 -- 46Marc Lacoste, Vincent Lefebvre. Trusted Execution Environments for Telecoms: Strengths, Weaknesses, Opportunities, and Threats
    47 -- 57Adam Brian Turner, Stephen McCombie, Allon J. Uhlmann. Ransomware-Bitcoin Threat Intelligence Sharing Using Structured Threat Information Expression
    58 -- 61Kacper T. Gradon. Electric Sheep on the Pastures of Disinformation and Targeted Phishing Campaigns: The Security Implications of ChatGPT
    62 -- 68Paul C. van Oorschot. Memory Errors and Memory Safety: A Look at Java and Rust

    Volume 21, Issue 2

    4 -- 6Sean Peisert. The First 20 Years of IEEE Security & Privacy
    7 -- 8Tadayoshi Kohno. {In Earth} Until (Ready)
    9 -- 16Bob Blakley 0001, Lorrie Cranor. A 20th Anniversary Episode Chat With S&P Editors George Cybenko, Carl Landwehr, Shari Lawrence Pfleeger, and Sean Peisert
    18 -- 23Crispin Cowan. Open and Closed Software Security Redux
    24 -- 31Steve Lipner 0001, Michael Howard. Inside the Windows Security Push: A Twenty-Year Retrospective
    32 -- 42Carl E. Landwehr, Michael K. Reiter, Laurie A. Williams, Gene Tsudik, Trent Jaeger, Tadayoshi Kohno, Apu Kapadia. Looking Backwards (and Forwards): NSF Secure and Trustworthy Computing 20-Year Retrospective Panel Transcription
    43 -- 47Terry Benzel, Hilarie Orman. IEEE Security and Privacy Symposium in the Year 2003
    48 -- 52Elissa M. Redmiles, Mia M. Bennett, Tadayoshi Kohno. Power in Computer Security and Privacy: A Critical Lens
    53 -- 56Lorenzo Cavallaro, Johannes Kinder, Feargus Pendlebury, Fabio Pierazzi. Are Machine Learning Models for Malware Detection Ready for Prime Time?
    57 -- 62Christopher A. Wood. Hot Topics in Security and Privacy Standardization at the IETF and Beyond
    63 -- 69John True, Navid Asadizanjani. Physical Inspection and Attacks on Electronics: An Academic Course for the Hardware Cybersecurity Workforce
    70 -- 76Paul C. van Oorschot. Memory Errors and Memory Safety: C as a Case Study
    77 -- 81Arvind Narayanan, Kevin Lee. Security Policy Audits: Why and How
    82 -- 88Nusrat Zahan, Elizabeth Lin, Mahzabin Tamanna, William Enck, Laurie A. Williams. Software Bills of Materials Are Required. Are We There Yet?
    89 -- 90Daniel E. Geer. Whither Software?

    Volume 21, Issue 1

    4 -- 6Terry Benzel. Security and Privacy Research Artifacts: Are We Making Progress?
    8 -- 10Mary Ellen Zurko, Julie M. Haney. Usable Security and Privacy for Security and Privacy Workers
    11 -- 18Bob Blakley 0001, Lorrie Cranor. Katie Moussouris: Vulnerability Disclosure and Security Workforce Development
    20 -- 26Peter Leo Gorski, Luigi Lo Iacono, Matthew Smith 0001. Eight Lightweight Usable Security Principles for Developers
    27 -- 36Charles Weir, Anna Dyson, Daniel Prince. Do You Speak Cyber? Talking Security With Developers of Health Systems and Devices
    37 -- 48Mohamad Fazelnia, Ahmet Okutan, Mehdi Mirakhorli. Supporting Artificial Intelligence/Machine Learning Security Workers Through an Adversarial Techniques, Tools, and Common Knowledge Framework
    49 -- 57Mohammad Tahaei, Kami Vaniea, Awais Rashid. Embedding Privacy Into Design Through Software Developers: Challenges and Solutions
    58 -- 65Nathan Malkin. Contextual Integrity, Explained: A More Usable Privacy Definition
    66 -- 77Francesco Ciclosi, Fabio Massacci. The Data Protection Officer: A Ubiquitous Role That No One Really Knows
    78 -- 83Adam Shostack. Nothing Is Good Enough: Fast and Cheap Are Undervalued as Influencers of Security Tool Adoption
    84 -- 90Sungmi Park, Douglas Stebila. The Future of Digital Investigation: Automated Legal Inference
    91 -- 92Elisa Bertino. Privacy in the Era of 5G, IoT, Big Data, and Machine Learning
    runs on