{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2018:5VYDRTNGQNPWFJ5W4KGA32JLG4","short_pith_number":"pith:5VYDRTNG","canonical_record":{"source":{"id":"1811.03290","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2018-11-08T06:50:58Z","cross_cats_sorted":["cs.CY"],"title_canon_sha256":"9a08a7a00f9e8d420cb99450e7c7210deae3f170393e142f0494e80558f1c426","abstract_canon_sha256":"158e07712aa1c49a0b2fff1d93430d2ffd882282ac8cfca26e87afb381a09b2d"},"schema_version":"1.0"},"canonical_sha256":"ed7038cda6835f62a7b6e28c0de92b370eb0a27a6c4cefba4d6edbe2dd186793","source":{"kind":"arxiv","id":"1811.03290","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1811.03290","created_at":"2026-05-18T00:01:17Z"},{"alias_kind":"arxiv_version","alias_value":"1811.03290v1","created_at":"2026-05-18T00:01:17Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1811.03290","created_at":"2026-05-18T00:01:17Z"},{"alias_kind":"pith_short_12","alias_value":"5VYDRTNGQNPW","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_16","alias_value":"5VYDRTNGQNPWFJ5W","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_8","alias_value":"5VYDRTNG","created_at":"2026-05-18T12:32:08Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2018:5VYDRTNGQNPWFJ5W4KGA32JLG4","target":"record","payload":{"canonical_record":{"source":{"id":"1811.03290","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2018-11-08T06:50:58Z","cross_cats_sorted":["cs.CY"],"title_canon_sha256":"9a08a7a00f9e8d420cb99450e7c7210deae3f170393e142f0494e80558f1c426","abstract_canon_sha256":"158e07712aa1c49a0b2fff1d93430d2ffd882282ac8cfca26e87afb381a09b2d"},"schema_version":"1.0"},"canonical_sha256":"ed7038cda6835f62a7b6e28c0de92b370eb0a27a6c4cefba4d6edbe2dd186793","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:01:17.042417Z","signature_b64":"1pGPOAuhKxNlRg5thudHWEFCDWGTLN5TeK4e/jzc1aVsnK8akzORsv/M/syiUnKUs82lLXqPHoL6UCzBdmswCw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"ed7038cda6835f62a7b6e28c0de92b370eb0a27a6c4cefba4d6edbe2dd186793","last_reissued_at":"2026-05-18T00:01:17.042025Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:01:17.042025Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1811.03290","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:01:17Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"igB8el2JciyPgzVUmVxlz8/W0/RVNUS3QthME6UT1CTQRCG7luEcwrrec+WN7wSEp/Plo7WRiDfpZyVe0WCQAQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-07T16:44:24.135282Z"},"content_sha256":"23fab43f794a86fa785dd9616f9a59f08da7097c84c48ee83468a2f61391e505","schema_version":"1.0","event_id":"sha256:23fab43f794a86fa785dd9616f9a59f08da7097c84c48ee83468a2f61391e505"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2018:5VYDRTNGQNPWFJ5W4KGA32JLG4","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Security Risk Assessment in Internet of Things Systems","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CY"],"primary_cat":"cs.CR","authors_text":"David de Roure, Jason R. C. Nurse, Sadie Creese","submitted_at":"2018-11-08T06:50:58Z","abstract_excerpt":"Information security risk assessment methods have served us well over the past two decades. They have provided a tool for organizations and governments to use in protecting themselves against pertinent risks. As the complexity, pervasiveness, and automation of technology systems increases and cyberspace matures, particularly with the Internet of Things (IoT), there is a strong argument that we will need new approaches to assess risk and build trust. The challenge with simply extending existing assessment methodologies to IoT systems is that we could be blind to new risks arising in such ecosys"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1811.03290","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:01:17Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"VjcVN6bI1Pv2q5HZqDWd8GiHGvggfSZxxSWVX8GikID8Dr0k5L1zxj3kCCjDbBJD/lDWqDeRmNkso6G/8sriBg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-07T16:44:24.136022Z"},"content_sha256":"eea74a8072d475202c35708876d72ef87e26eeb955bd6d307f5b77cc77f8df9b","schema_version":"1.0","event_id":"sha256:eea74a8072d475202c35708876d72ef87e26eeb955bd6d307f5b77cc77f8df9b"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4/bundle.json","state_url":"https://pith.science/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-07T16:44:24Z","links":{"resolver":"https://pith.science/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4","bundle":"https://pith.science/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4/bundle.json","state":"https://pith.science/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4/state.json","well_known_bundle":"https://pith.science/.well-known/pith/5VYDRTNGQNPWFJ5W4KGA32JLG4/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2018:5VYDRTNGQNPWFJ5W4KGA32JLG4","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"158e07712aa1c49a0b2fff1d93430d2ffd882282ac8cfca26e87afb381a09b2d","cross_cats_sorted":["cs.CY"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2018-11-08T06:50:58Z","title_canon_sha256":"9a08a7a00f9e8d420cb99450e7c7210deae3f170393e142f0494e80558f1c426"},"schema_version":"1.0","source":{"id":"1811.03290","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1811.03290","created_at":"2026-05-18T00:01:17Z"},{"alias_kind":"arxiv_version","alias_value":"1811.03290v1","created_at":"2026-05-18T00:01:17Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1811.03290","created_at":"2026-05-18T00:01:17Z"},{"alias_kind":"pith_short_12","alias_value":"5VYDRTNGQNPW","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_16","alias_value":"5VYDRTNGQNPWFJ5W","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_8","alias_value":"5VYDRTNG","created_at":"2026-05-18T12:32:08Z"}],"graph_snapshots":[{"event_id":"sha256:eea74a8072d475202c35708876d72ef87e26eeb955bd6d307f5b77cc77f8df9b","target":"graph","created_at":"2026-05-18T00:01:17Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Information security risk assessment methods have served us well over the past two decades. They have provided a tool for organizations and governments to use in protecting themselves against pertinent risks. As the complexity, pervasiveness, and automation of technology systems increases and cyberspace matures, particularly with the Internet of Things (IoT), there is a strong argument that we will need new approaches to assess risk and build trust. The challenge with simply extending existing assessment methodologies to IoT systems is that we could be blind to new risks arising in such ecosys","authors_text":"David de Roure, Jason R. C. Nurse, Sadie Creese","cross_cats":["cs.CY"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2018-11-08T06:50:58Z","title":"Security Risk Assessment in Internet of Things Systems"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1811.03290","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:23fab43f794a86fa785dd9616f9a59f08da7097c84c48ee83468a2f61391e505","target":"record","created_at":"2026-05-18T00:01:17Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"158e07712aa1c49a0b2fff1d93430d2ffd882282ac8cfca26e87afb381a09b2d","cross_cats_sorted":["cs.CY"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2018-11-08T06:50:58Z","title_canon_sha256":"9a08a7a00f9e8d420cb99450e7c7210deae3f170393e142f0494e80558f1c426"},"schema_version":"1.0","source":{"id":"1811.03290","kind":"arxiv","version":1}},"canonical_sha256":"ed7038cda6835f62a7b6e28c0de92b370eb0a27a6c4cefba4d6edbe2dd186793","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"ed7038cda6835f62a7b6e28c0de92b370eb0a27a6c4cefba4d6edbe2dd186793","first_computed_at":"2026-05-18T00:01:17.042025Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:01:17.042025Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"1pGPOAuhKxNlRg5thudHWEFCDWGTLN5TeK4e/jzc1aVsnK8akzORsv/M/syiUnKUs82lLXqPHoL6UCzBdmswCw==","signature_status":"signed_v1","signed_at":"2026-05-18T00:01:17.042417Z","signed_message":"canonical_sha256_bytes"},"source_id":"1811.03290","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:23fab43f794a86fa785dd9616f9a59f08da7097c84c48ee83468a2f61391e505","sha256:eea74a8072d475202c35708876d72ef87e26eeb955bd6d307f5b77cc77f8df9b"],"state_sha256":"bf2a4f4cff04ddaa61ed695aa6a0ffe6a508405bb24ad2d1ee5c59540061ca14"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ZLH9ullzbuLvaXxVd+EjXpQS5OQNplJus4KbZ6K+eezeBJiyjHlSIssh1T3mVmrFYMyBlAhVdfEIPGWOr1NZAQ==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-07T16:44:24.139670Z","bundle_sha256":"884ae7c19b72597375edb437dce9a58cea9332b3d5b3e68e668679dac928822a"}}