English
Related papers

Related papers: Vulnerability Coordination Under the Cyber Resilie…

200 papers

A new Cyber Resilience Act (CRA) was recently agreed upon in the European Union (EU). The paper examines and elaborates what new requirements the CRA entails by contrasting it with the older General Data Protection Regulation (GDPR).…

Software Engineering · Computer Science 2025-10-16 Jukka Ruohonen , Kalle Hjerppe , Eun-Young Kang

The Cyber Resilience Act (CRA) is a new European Union (EU) regulation aimed at enhancing the security of digital products and services by ensuring they meet stringent cybersecurity requirements. This paper investigates the challenges that…

Cryptography and Security · Computer Science 2025-10-14 Roosa Risto , Mohit Sethi , Mika Katara

The paper presents an alignment evaluation between the mitigations present in the MITRE's ATT&CK framework and the essential cyber security requirements of the recently introduced Cyber Resilience Act (CRA) in the European Union. In…

Cryptography and Security · Computer Science 2025-10-16 Jukka Ruohonen , Eun-Young Kang , Qusai Ramadan

Safety is becoming cybersecurity under most circumstances. This should be reflected in the Cybersecurity Resilience Act when it is proposed and agreed upon in the European Union. In this paper, we define a range of principles which this…

Computers and Society · Computer Science 2022-05-27 Kaspar Rosager Ludvigsen , Shishir Nagaraja

The European Union (EU) has long favored a risk-based approach to regulation. Such an approach is also used in recent cyber security legislation enacted in the EU. Risks are also inherently related to compliance with the new legislation.…

Cryptography and Security · Computer Science 2025-09-01 Jukka Ruohonen , Jesper Løffler Nielsen , Jakub Skórczynski

Incident management is a classical topic in cyber security. Recently, the European Union (EU) has started to consider also the relation between cyber security incidents and cyber security crises. These considerations and preparations,…

Cryptography and Security · Computer Science 2025-10-07 Jukka Ruohonen , Kalle Rindell , Simone Busetti

The European Union (EU) has been pursuing new cyber security policies in recent years. This paper presents a short reflection of four such policies. The focus is on potential incoherency, meaning a lack of integration, divergence between…

Cryptography and Security · Computer Science 2024-09-30 Jukka Ruohonen

The EU Artificial Intelligence Act (AIA) establishes different legal principles for different types of AI systems. While prior work has sought to clarify some of these principles, little attention has been paid to robustness and…

Artificial Intelligence · Computer Science 2025-05-29 Henrik Nolte , Miriam Rateike , Michèle Finck

The Cyber Security and Resilience (Network and Information Systems) Bill, introduced to Parliament in November 2025, represents the most significant reform of UK cyber security legislation in nearly a decade. This paper provides a…

Cryptography and Security · Computer Science 2026-03-10 Jonathan Shelby

Cyber assurance, which is the ability to operate under the onslaught of cyber attacks and other unexpected events, is essential for organizations facing inundating security threats on a daily basis. Organizations usually employ multiple…

Cryptography and Security · Computer Science 2022-07-26 Nan Sun , Chang-Tsun Li , Hin Chan , Md Zahidul Islam , Md Rafiqul Islam , Warren Armstrong

The UK Cyber Security and Resilience (CS&R) Bill represents the most significant reform of UK cyber legislation since the Network and Information Systems (NIS) Regulations 2018. While existing analysis has addressed the Bill's regulatory…

Cryptography and Security · Computer Science 2026-04-03 Jonathan Shelby

The medical device products at the European Union market must be safe and effective. To ensure this, medical device manufacturers must comply to the new regulatory requirements brought by the Medical Device Regulation (MDR) and the In Vitro…

Cryptography and Security · Computer Science 2021-03-12 Tuomas Granlund , Juha Vedenpää , Vlad Stirbu , Tommi Mikkonen

In this chapter, we review how the EU cybersecurity regulatory framework impacts providers of cloud computing services. We examine the evolving regulatory treatment of cloud services as an enabler of the EU's digital economy and question…

Computers and Society · Computer Science 2022-03-10 Ian Walden , Johan David Michels

Collective remote attestation (CRA) is a security service that aims to efficiently identify compromised (often low-powered) devices in a (heterogeneous) network. The last few years have seen an extensive growth in CRA protocol proposals,…

Cryptography and Security · Computer Science 2024-07-15 Sharar Ahmadi , Jay Le-Papin , Liqun Chen , Brijesh Dongol , Sasa Radomirovic , Helen Treharne

The paper refers to CRUTIAL, CRitical UTility InfrastructurAL Resilience, a European project within the research area of Critical Information Infrastructure Protection, with a specific focus on the infrastructures operated by power…

The reliability of the electric grid has in recent years become a larger concern for regulators, planners, and consumers due to several high-impact outage events, as well as the potential for even more impactful events in the future. These…

Systems and Control · Electrical Eng. & Systems 2024-12-03 Gabriel Mantegna , Ziting Huang , Guillaume Van Caelenberg , Bethany Frew , Muireann Lynch , Mark O'Malley

Access to online data has long been important for law enforcement agencies in their collection of electronic evidence and investigation of crimes. These activities have also long involved cross-border investigations and international…

Computers and Society · Computer Science 2023-09-22 Jukka Ruohonen

The EU AI Act (EUAIA) introduces requirements for AI systems which intersect with the processes required to establish adversarial robustness. However, given the ambiguous language of regulation and the dynamicity of adversarial attacks,…

Computation and Language · Computer Science 2024-10-15 Tomas Bueno Momcilovic , Dian Balta , Beat Buesser , Giulio Zizzo , Mark Purcell

Because digital devices and systems are widely used in all aspects of society, the risk of adversaries creating cyberattacks on a similar level remains high. As such, regulation of these aspects must follow, which is the domain of…

Computers and Society · Computer Science 2025-03-11 Kaspar Rosager Ludvigsen
‹ Prev 1 2 3 10 Next ›