pith. sign in

arxiv: 2604.22307 · v1 · submitted 2026-04-24 · 💻 cs.CR

Introducing the Cyber-Physical Data Flow Diagram to Improve Threat Modelling of Internet of Things Devices

Simon Liebl , Ian Ferguson , Andreas A{\ss}muth , Natalie Coull , George R. S. Weir This is my paper

Pith reviewed 2026-05-08 11:27 UTC · model grok-4.3

classification 💻 cs.CR
keywords IoT securitythreat modelingdata flow diagramscyber-physical systemsInternet of Thingshardware modelingsecurity analysis
0
0 comments X

The pith

The Cyber-Physical Data Flow Diagram improves IoT threat modeling by incorporating hardware elements into data flow analysis.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces the Cyber-Physical Data Flow Diagram as a specialized technique for modeling threats in Internet of Things devices. It extends traditional diagrams to represent hardware components and their interactions with software and networks. An experimental study combined with interviews indicates that this method uncovers additional attack scenarios compared to existing approaches. A sympathetic reader would care because IoT devices control physical actions and handle sensitive data, where incomplete threat models leave real safety and privacy risks unaddressed.

Core claim

The authors propose the Cyber-Physical Data Flow Diagram (CPDFD) to improve threat modelling for IoT devices. Unlike standard IT-focused methods, CPDFD incorporates modeling of hardware elements such as sensors and actuators. This enables the identification of threats that arise from the interplay between digital data flows and physical components. The technique was tested in an experimental study and a survey involving interviews, with results suggesting it reveals numerous other attack scenarios.

What carries the argument

Cyber-Physical Data Flow Diagram (CPDFD) - an extension of data flow diagrams that includes hardware modeling to support threat identification in IoT devices.

If this is right

  • Manufacturers gain the ability to spot threats involving physical actions triggered by actuators.
  • Threat modeling becomes more comprehensive for devices that interact directly with the physical environment.
  • The approach supports secure development across consumer, medical, and industrial IoT applications.
  • It addresses gaps in IT-focused methods when applied to systems that combine digital and physical elements.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The method could extend to other cyber-physical systems such as smart infrastructure or robotics.
  • Integration into development tools might automate parts of hardware-inclusive threat analysis.
  • Standards bodies could adopt similar extensions to require physical-layer modeling in security reviews.
  • Further validation in collaborative industry settings would test scalability for complex supply chains.

Load-bearing premise

That findings from the experimental study and survey with interviews generalize to improve threat identification in real manufacturing and development settings beyond the tested cases.

What would settle it

A controlled trial in an IoT product development team where one group uses CPDFD and the other uses conventional methods shows no significant difference in the number or relevance of identified threats.

Figures

Figures reproduced from arXiv: 2604.22307 by Andreas A{\ss}muth, George R. S. Weir, Ian Ferguson, Natalie Coull, Simon Liebl.

Figure 1
Figure 1. Figure 1: Relevant attack scenarios for groups GCPDFD and GDFD as box plot. and Interface available, identified substantially more attack scenarios. Attack scenarios were categorised whether these threaten the security or privacy of the device under consideration. Group GCPDFD identified 5.00 scenarios on average (SD “ 2.11), while GDFD identified less than 1 scenario on average (M “ 0.25, SD “ 0.45). Therefore, the… view at source ↗
Figure 2
Figure 2. Figure 2: Average attack scenarios per group. In group G view at source ↗
read the original abstract

A growing number of Internet of Things (IoT) devices are used across consumer, medical, and industrial domains. They interact with their environment through sensors and actuators and connect to networks such as the Internet. Because sensors may collect sensitive data and actuators can trigger physical actions, security, privacy, and safety are major challenges. Threat modelling can help identify risks, but established IT-focused methods transfer to the IoT only to a limited extent. In this paper, a new modelling technique specifically for IoT devices called Cyber-Physical Data Flow Diagram (CPDFD) is proposed that also allows modelling of hardware with the aim to support manufacturers in identifying threats and developing countermeasures. The technique was examined through an experimental study and a survey with interviews. The results suggest that numerous other attack scenarios can be found through the modelling technique, improving the identification of threats to IoT devices.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper proposes the Cyber-Physical Data Flow Diagram (CPDFD) as a modeling technique for threat modeling IoT devices that extends traditional data flow diagrams to explicitly include hardware components, sensors, and actuators. It describes an experimental study and a survey with interviews whose results indicate that CPDFD surfaces additional attack scenarios beyond those identified by standard IT-oriented methods such as DFD and STRIDE.

Significance. If the empirical results hold under scrutiny, CPDFD could offer a practical, IoT-specific addition to the threat-modeling toolkit that better captures cyber-physical interactions; the combination of a new diagram notation with direct evaluation via study and interviews is a constructive step for the field.

major comments (2)
  1. Evaluation section: the manuscript supplies participant details, device cases, and raw findings, yet the comparison to baseline methods (standard DFD or STRIDE) is presented only qualitatively; without tabulated counts of threats found per method or inter-rater agreement metrics, the claim that 'numerous other attack scenarios can be found' remains difficult to calibrate for practical impact.
  2. Experimental study description: while the protocol is supplied, the paper does not report how the order of modeling techniques was counterbalanced or whether participants received equivalent training time on CPDFD versus the baseline, raising the possibility that observed differences partly reflect learning effects rather than the modeling technique itself.
minor comments (2)
  1. Abstract: the phrase 'numerous other attack scenarios' should be replaced by a concrete summary statistic (e.g., 'X additional threats per device on average') to give readers an immediate sense of effect size.
  2. Notation: the CPDFD symbol set is introduced without a compact legend or comparison table against classic DFD symbols; adding such a table would improve readability.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive feedback on our manuscript. The comments highlight opportunities to strengthen the quantitative aspects of the evaluation and the clarity of the experimental protocol. We address each major comment below and commit to revisions that improve the paper without altering its core contributions.

read point-by-point responses

  1. Referee: Evaluation section: the manuscript supplies participant details, device cases, and raw findings, yet the comparison to baseline methods (standard DFD or STRIDE) is presented only qualitatively; without tabulated counts of threats found per method or inter-rater agreement metrics, the claim that 'numerous other attack scenarios can be found' remains difficult to calibrate for practical impact.

    Authors: We agree that a quantitative presentation would allow readers to better calibrate the practical impact. In the revised manuscript we will add a summary table reporting the mean and range of unique threats identified per device case using CPDFD versus the baseline methods, derived from the existing participant data. We will also report inter-rater agreement (Fleiss' kappa) on the threat identifications to quantify consistency across participants. These additions directly address the concern while preserving the qualitative insights already presented. revision: yes

  2. Referee: Experimental study description: while the protocol is supplied, the paper does not report how the order of modeling techniques was counterbalanced or whether participants received equivalent training time on CPDFD versus the baseline, raising the possibility that observed differences partly reflect learning effects rather than the modeling technique itself.

    Authors: The study protocol included randomized counterbalancing of technique order across participants and equal-duration training sessions (approximately 30 minutes each) on CPDFD and the baseline methods. These design elements were omitted from the manuscript text. We will revise the experimental study description to explicitly state the counterbalancing procedure and training equivalence, thereby ruling out learning effects as a plausible alternative explanation for the observed differences. revision: yes

Circularity Check

0 steps flagged

No significant circularity

full rationale

The paper proposes the CPDFD modeling technique for IoT threat modeling and supports its utility via an experimental study plus interview survey. No equations, derivations, fitted parameters, or self-referential definitions appear in the supplied text. The central claim rests on externally inspectable empirical evidence (study protocol, participant details, device cases, and raw findings) rather than any reduction of a 'prediction' or 'result' to its own inputs by construction. Self-citations, if present, are not load-bearing for the validity argument. This is a standard method-proposal paper whose validity is intended to be assessed against the reported external validation.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 1 invented entities

The claim rests on the assumption that extending data flow diagrams with hardware elements yields practically useful threat models, plus the validity of the un-detailed experimental validation.

axioms (1)
  • domain assumption Standard data flow diagram concepts can be meaningfully extended to model physical hardware components in IoT devices
    Invoked when defining CPDFD as an improvement over IT-focused methods
invented entities (1)
  • Cyber-Physical Data Flow Diagram (CPDFD) no independent evidence
    purpose: To model both cyber data flows and physical hardware elements for IoT threat modeling
    Newly proposed technique whose utility is asserted via the study

pith-pipeline@v0.9.0 · 5462 in / 1127 out tokens · 43687 ms · 2026-05-08T11:27:39.862050+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

49 extracted references · 49 canonical work pages

  1. [1]

    Accessed: 2026-03-14

    SonicWall,Annual number of Internet of Things (IoT) malware attacks worldwide from 2018 to 2022, Statista, 2023. Accessed: 2026-03-14. [Online]. Available: https://www.statista.com/ statistics / 1377569 / worldwide - annual - internet - of - things - attacks/

    work page 2018

  2. [2]

    D. E. Whitehead, K. Owens, D. Gammel, and J. Smith, ‘Ukraine cyber-induced power outage: Analysis and practical mitigation strategies’, in2017 70th Annual Conference for Protective Relay Engineers (CPRE), 2017, pp. 1–8.DOI: 10. 1109/CPRE.2017.8090056

    work page arXiv 2017

  3. [3]

    Truxius et al., ‘Cyber Security Review of Network- Connected Medical Devices’, German Federal Office for Information Security (BSI), Tech

    D. Truxius et al., ‘Cyber Security Review of Network- Connected Medical Devices’, German Federal Office for Information Security (BSI), Tech. Rep., Dec. 2020. Ac- cessed: 2026-03-14. [Online]. Available: https : / / www . bsi . bund . de / SharedDocs / Downloads / DE / BSI / DigitaleGesellschaft / ManiMed _ Abschlussbericht _ EN . pdf ? __blob=publicationFile&v=1

    work page 2020

  4. [4]

    Comobo,How I got access to 25+ Tesla’s around the world

    D. Comobo,How I got access to 25+ Tesla’s around the world. By accident. And curiosity.Jan. 2022. Accessed: 2026-03-14. [Online]. Available: https://medium.com/@david_colombo/ how-i-got-access-to-25-teslas-around-the-world-by-accident- and-curiosity-8b9ef040a028

    work page 2022

  5. [5]

    C. R. Lab,2025: Unpacking the Tesla Wall Connector exploit chain and its broader cybersecurity implication, Aug. 2025. Accessed: 2026-03-14. [Online]. Available: https://vicone.com/ blog/from-pwn2own-automotive-2025-unpacking-the-tesla- wall-connector-exploit-chain-and-its-broader-cybersecurity- implication

    work page 2025

  6. [6]

    Ghena, W

    B. Ghena, W. Beyer, A. Hillaker, J. Pevarnek, and J. A. Halderman, ‘Green Lights Forever: Analyzing the Security of Traffic Infrastructure’, in8th USENIX Workshop on Offensive Technologies (WOOT 14), San Diego, CA: USENIX Associ- ation, Aug. 2014. Accessed: 2026-03-14. [Online]. Available: https : / / www . usenix . org / conference / woot14 / workshop - ...

    work page 2014

  7. [7]

    Giese, ‘Reverse engineering and hacking Ecovacs robots’, DEFCON 32, 11th Aug

    D. Giese, ‘Reverse engineering and hacking Ecovacs robots’, DEFCON 32, 11th Aug. 2024. Accessed: 2026-03-14. [Online]. Available: https : / / dontvacuum . me / talks / DEFCON32 / DEFCON32_reveng_hacking_ecovacs_robots.pdf

    work page 2024

  8. [8]

    Dorsemaine, J

    B. Dorsemaine, J. -P. Gaulier, J. -P. Wary, N. Kheir, and P. Urien, ‘Internet of Things: A Definition & Taxonomy’, in 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies, Cambridge, United Kingdom: IEEE, Sep. 2015, pp. 72–77,ISBN: 978-1-4799-8660- 6.DOI: 10.1109/NGMAST.2015.71 Accessed: 2026-03-14. [Onli...

    work page doi:10.1109/ngmast.2015.71 2015

  9. [9]

    K. Rose, S. Eldridge, and L. Chapin, ‘The internet of things: An overview’,The internet society (ISOC), vol. 80, pp. 1–50, 2015, Publisher: Reston, V A

    work page 2015

  10. [10]

    M. A. Iqbal, S. Hussain, X. Huanlai, and M. A. Imran, Enabling the internet of things: fundamentals, design, and applications(Wiley - IEE), First edition. Hoboken, NJ: Wiley, 2020,ISBN: 978-1-119-70125-5

    work page 2020

  11. [11]

    Boyes, B

    H. Boyes, B. Hallaq, J. Cunningham, and T. Watson, ‘The industrial internet of things (IIoT): An analysis framework’, Computers in Industry, vol. 101, pp. 1–12, Oct. 2018,ISSN: 01663615.DOI: 10.1016/j.compind.2018.04.015 Accessed: 2026-03-14. [Online]. Available: https://linkinghub.elsevier. com/retrieve/pii/S0166361517307285

    work page doi:10.1016/j.compind.2018.04.015 2018

  12. [12]

    Liebl et al., ‘Analyzing the Attack Surface and Threats of Industrial Internet of Things Devices’,International Journal on Advances in Security, 1 & 2, vol

    S. Liebl et al., ‘Analyzing the Attack Surface and Threats of Industrial Internet of Things Devices’,International Journal on Advances in Security, 1 & 2, vol. 14, pp. 59–70, Dec. 2021, ISSN: 1942-2636. Accessed: 2026-03-14. [Online]. Available: https://www.thinkmind.org/index.php?view=article&articleid= sec_v14_n12_2021_6

    work page 2021

  13. [13]

    T. DeMarco, ‘Structure Analysis and System Specification’, inPioneers and Their Contributions to Software Engineering: sd&m Conference on Software Pioneers, Bonn, June 28/29, 2001, Original Historic Contributions, M. Broy and E. Denert, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2001, pp. 255–288,ISBN: 978-3-642-48354-7.DOI: 10.1007/978-3- 642-...

    work page doi:10.1007/978-3- 2001

  14. [14]

    Shostack,Threat modeling: designing for security

    A. Shostack,Threat modeling: designing for security. Indiana- polis, IN: Wiley, 2014,ISBN: 978-1-118-80999-0

    work page 2014

  15. [15]

    Kohnfelder and P

    L. Kohnfelder and P. Garg, ‘The threats to our products’, Microsoft, Tech. Rep., Apr. 1999

    work page 1999

  16. [16]

    M. Deng, K. Wuyts, R. Scandariato, B. Preneel, and W. Joosen, ‘A privacy threat analysis framework: Supporting the elicitation and fulfillment of privacy requirements’,Requirements Engin- eering, vol. 16, no. 1, pp. 3–32, Mar. 2011,ISSN: 0947-3602, 1432-010X.DOI: 10.1007/s00766-010-0115-7 Accessed: 2026- 03-14. [Online]. Available: http://link.springer.co...

    work page doi:10.1007/s00766-010-0115-7 2011

  17. [17]

    Harbi, Z

    Y . Harbi, Z. Aliouat, S. Harous, A. Bentaleb, and A. Refoufi, ‘A Review of Security in Internet of Things’,Wireless Personal Communications, vol. 108, no. 1, pp. 325–344, Sep. 2019,ISSN: 0929-6212, 1572-834X.DOI: 10.1007/s11277-019-06405-y Accessed: 2026-03-14. [Online]. Available: http://link.springer. com/10.1007/s11277-019-06405-y

    work page doi:10.1007/s11277-019-06405-y 2019

  18. [18]

    F. A. Alaba, M. Othman, I. A. T. Hashem, and F. Alotaibi, ‘Internet of Things security: A survey’,Journal of Network and Computer Applications, vol. 88, pp. 10–28, Jun. 2017, ISSN: 10848045.DOI: 10.1016/j.jnca.2017.04.002 Accessed: 2026-03-14. [Online]. Available: https://linkinghub.elsevier. com/retrieve/pii/S1084804517301455

    work page doi:10.1016/j.jnca.2017.04.002 2017

  19. [19]

    Leloglu, ‘A Review of Security Concerns in Internet of Things’,Journal of Computer and Communications, vol

    E. Leloglu, ‘A Review of Security Concerns in Internet of Things’,Journal of Computer and Communications, vol. 05, no. 01, pp. 121–136, 2017,ISSN: 2327-5219, 2327-5227.DOI: 10 . 4236 / jcc . 2017 . 51010 Accessed: 2026-03-14. [Online]. Available: http://www.scirp.org/journal/doi.aspx?DOI=10.4236/ jcc.2017.51010

    work page arXiv 2017

  20. [20]

    O. I. Abiodun, E. O. Abiodun, M. Alawida, R. S. Alkhawaldeh, and H. Arshad, ‘A Review on the Security of the Internet of Things: Challenges and Solutions’,Wireless Personal Communications, vol. 119, no. 3, pp. 2603–2637, Aug. 2021, ISSN: 0929-6212, 1572-834X.DOI: 10 . 1007 / s11277 - 021 - 08348- 9 Accessed: 2026-03-14. [Online]. Available: https: //link....

    work page doi:10.1007/s11277-021-08348-9 2021

  21. [21]

    Scott, ‘A Survey Study of Common Security Failures and Mitigations for the Internet of Things (IoT)’,Journal of Telecommunication, Electronic and Computer Engineering (JTEC), vol

    M. Scott, ‘A Survey Study of Common Security Failures and Mitigations for the Internet of Things (IoT)’,Journal of Telecommunication, Electronic and Computer Engineering (JTEC), vol. 15, no. 2, pp. 9–15, Jun. 2023. Accessed: 2026- 03-14. [Online]. Available: https://jtec.utem.edu.my/jtec/article/ view/6259

    work page 2023

  22. [22]

    Arias, J

    O. Arias, J. Wurm, K. Hoang, and Y . Jin, ‘Privacy and Security in Internet of Things and Wearable Devices’,IEEE Transactions on Multi-Scale Computing Systems, vol. 1, no. 2, pp. 99–109, 2015.DOI: 10.1109/TMSCS.2015.2498605

    work page doi:10.1109/tmscs.2015.2498605 2015

  23. [23]

    Hands-On

    C. Kolias, A. Stavrou, J. V oas, I. Bojanova, and R. Kuhn, ‘Learning Internet-of-Things Security "Hands-On"’,IEEE Se- curity & Privacy, vol. 14, no. 1, pp. 37–46, 2016.DOI: 10. 1109/MSP.2016.4

    work page 2016

  24. [24]

    J. Wurm, K. Hoang, O. Arias, A. -R. Sadeghi, and Y . Jin, ‘Security analysis on consumer and industrial IoT devices’, in2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC), 2016, pp. 519–524.DOI: 10.1109/ ASPDAC.2016.7428064

    work page arXiv 2016

  25. [25]

    A. W. Atamli and A. Martin, ‘Threat-Based Security Analysis for the Internet of Things’, in2014 International Workshop on Secure Internet of Things, 2014, pp. 35–43.DOI: 10.1109/ SIoT.2014.10

    work page 2014

  26. [26]

    Iskhakov, A

    S. Iskhakov, A. Shelupanov, and A. Mitsel, ‘Internet of Things: Security of Embedded Devices’, in2018 3rd Russian-Pacific Conference on Computer Technology and Applications (RPC), 2018, pp. 1–4.DOI: 10.1109/RPC.2018.8482148

    work page doi:10.1109/rpc.2018.8482148 2018

  27. [27]

    Casola, A

    V . Casola, A. De Benedictis, M. Rak, and U. Villano, ‘Toward the automation of threat modeling and risk assessment in IoT systems’,Internet of Things, vol. 7, p. 100 056, Sep. 2019.DOI: 10.1016/j.iot.2019.100056 Accessed: 2026-03-14

    work page doi:10.1016/j.iot.2019.100056 2019

  28. [28]

    R. Khan, K. McLaughlin, D. Laverty, and S. Sezer, ‘STRIDE- based threat modeling for cyber-physical systems’, in2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), 2017, pp. 1–6.DOI: 10 . 1109 / ISGTEurope.2017.8260283

    work page arXiv 2017

  29. [29]

    Hamad, M

    M. Hamad, M. Nolte, and V . Prevelakis, ‘Towards Compre- hensive Threat Modeling for Vehicles’,Publications Institute of Computer and Network Engineering, 2016.DOI: 10.24355/ dbbs.084-201806251532-0

    work page 2016

  30. [30]

    Meyer, J

    D. Meyer, J. Haase, M. Eckert, and B. Klauer, ‘A threat- model for building and home automation’, in2016 IEEE 14th International Conference on Industrial Informatics (INDIN), 2016, pp. 860–866.DOI: 10.1109/INDIN.2016.7819280

    work page doi:10.1109/indin.2016.7819280 2016

  31. [31]

    M. R. A. Asif, K. F. Hasan, M. Z. Islam, and R. Khondoker, ‘STRIDE-based Cyber Security Threat Modeling for IoT- enabled Precision Agriculture Systems’, in2021 3rd Inter- national Conference on Sustainable Technologies for Industry 4.0 (STI), 2021, pp. 1–6.DOI: 10.1109/STI53101.2021.9732597

    work page doi:10.1109/sti53101.2021.9732597 2021

  32. [32]

    Omotosho, B

    A. Omotosho, B. A. Haruna, and O. M. Olaniyi, ‘Threat Modeling of Internet of Things Health Devices’,Journal of Applied Security Research, vol. 14, no. 1, pp. 106–121, Jan. 2019.DOI: 10.1080/19361610.2019.1545278 Accessed: 2026- 03-14. [Online]. Available: https://www.tandfonline.com/doi/ full/10.1080/19361610.2019.1545278

    work page doi:10.1080/19361610.2019.1545278 2019

  33. [33]

    B. J. Berger, K. Sohr, and R. Koschke, ‘Automatically Extracting Threats from Extended Data Flow Diagrams’, in Engineering Secure Software and Systems, J. Caballero, E. Bodden, and E. Athanasopoulos, Eds., vol. 9639, Cham: Springer International Publishing, 2016, pp. 56–71,ISBN: 978- 3-319-30805-0.DOI: 10.1007/978-3-319-30806-7_4 Accessed: 2026-03-14. [On...

    work page doi:10.1007/978-3-319-30806-7_4 2016

  34. [34]

    L. Sion, K. Yskout, D. Van Landuyt, and W. Joosen, ‘Solution- aware data flow diagrams for security threat modeling’, in Proceedings of the 33rd Annual ACM Symposium on Applied Computing, Pau France: ACM, Apr. 2018, pp. 1425–1432, ISBN: 978-1-4503-5191-1.DOI: 10.1145/3167132.3167285 Accessed: 2026-03-14. [Online]. Available: https://dl.acm.org/ doi/10.114...

    work page doi:10.1145/3167132.3167285 2018

  35. [35]

    Rep., Mar

    Fraunhofer Institute for Applied and Integrated Security (AISEC), ‘A Study on Hardware Attacks against Microcontrol- lers’, German Federal Office for Information Security (BSI), Tech. Rep., Mar. 2023

    work page 2023

  36. [36]

    D. D. Gajski, S. Abdi, A. Gerstlauer, and G. Schirner, Embedded System Design: Modeling, Synthesis and Verification. Boston, MA: Springer US, 2009.DOI: 10.1007/978-1-4419- 0504-8 Accessed: 2026-03-14. [Online]. Available: https://link. springer.com/10.1007/978-1-4419-0504-8

    work page doi:10.1007/978-1-4419- 2009

  37. [37]

    Bochniewicz et al.,Playbook for Threat Modeling Medical Devices

    E. Bochniewicz et al.,Playbook for Threat Modeling Medical Devices. MITRE Corporation and Medical Device Innovation Consortium (MDIC)

    work page

  38. [38]

    Wolf, ‘Combining safety and security threat modeling to improve automotive penetration testing’, 2019, Publisher: Universität Ulm.DOI: 10.18725/OPARU- 13062 Accessed: 2026-03-14

    M. Wolf, ‘Combining safety and security threat modeling to improve automotive penetration testing’, 2019, Publisher: Universität Ulm.DOI: 10.18725/OPARU- 13062 Accessed: 2026-03-14. [Online]. Available: https://oparu.uni- ulm.de/ xmlui/handle/123456789/13119

    work page doi:10.18725/oparu- 2019

  39. [39]

    Accessed: 2026-03-14

    electrouser865,Jaimico: The New I-health Care Companion Robot. Accessed: 2026-03-14. [Online]. Available: https://www. electromaker.io/project/view/jaimico-the-new-i-health-care- companion-robot

    work page 2026

  40. [40]

    [Online]

    emgarde, ‘emgarde | TTModeler Pro’, Accessed: 2026-03-14. [Online]. Available: https://emgarde.de

    work page 2026

  41. [41]

    Liebl,TTModeler

    S. Liebl,TTModeler. Accessed: 2026-03-14. [Online]. Avail- able: https://github.com/SecSimon/TTM

    work page 2026

  42. [42]

    ISO, 2016

    International Organization for Standardization and International Electrotechnical Commission,ISO/IEC 25022:2016: Systems and Software Engineering - Systems and Software Quality Requirements and Evaluation (SQuaRE) - Measure of Quality in Use(International standard). ISO, 2016. Accessed: 2026- 03-14. [Online]. Available: https://books.google.de/books?id= W...

    work page 2016

  43. [43]

    Ziegeldorf, O

    J. Ziegeldorf, O. Morchon, and K. Wehrle, ‘Privacy in the internet of things: Threats and challenges’,Security and Communication Networks, vol. 7, Dec. 2014.DOI: 10.1002/ sec.795

    work page 2014

  44. [44]

    S. H. Simpson, ‘Creating a Data Analysis Plan: What to Consider When Choosing Statistics for a Study.’,The Canadian journal of hospital pharmacy, vol. 68 4, pp. 311–7, 2015

    work page 2015

  45. [45]

    McGill, J

    R. McGill, J. W. Tukey, and W. A. Larsen, ‘Variations of box plots’,The American Statistician, vol. 32, no. 1, pp. 12–16, 1978, Publisher: Taylor & Francis Group

    work page 1978

  46. [46]

    Cohen,Statistical power analysis for the behavioral sciences, 2nd ed

    J. Cohen,Statistical power analysis for the behavioral sciences, 2nd ed. Hillsdale, N.J: L. Erlbaum Associates, 1988,ISBN: 978-0-8058-0283-2

    work page 1988

  47. [47]

    Hartung, G

    J. Hartung, G. Knapp, and B. K. Sinha,Statistical Meta- Analysis with Applications(Wiley Series in Probability and Statistics). Hoboken, NJ, USA: John Wiley & Sons, Inc., Jul. 2008,ISBN: 978-0-470-29089-7.DOI: 10.1002/9780470386347

    work page doi:10.1002/9780470386347 2008

  48. [48]

    Ac- cessed: 2026-03-14

    Foreign, Commonwealth & Development Office,Small to medium sized enterprise (SME) action plan, May 2023. Ac- cessed: 2026-03-14. [Online]. Available: https://www.gov. uk/government/publications/fcdo- small- to- medium- sized- enterprise-sme-action-plan/small-to-medium-sized-enterprise- sme-action-plan

    work page 2023

  49. [49]

    Likert, ‘A technique for the measurement of attitudes.’, Archives of Psychology, vol

    R. Likert, ‘A technique for the measurement of attitudes.’, Archives of Psychology, vol. 22 140, pp. 55–55, 1932

    work page 1932