{"data":{"id":"c5988725-6c1f-4635-a8a3-854be789f6d7","title":"Obstacles to Practical Supply Chain Risk Management for Digital Components","summary":"Organizations struggle to manage cyber supply chain risk management (C-SCRM, the practice of protecting digital products and services from threats as they move through their supply chain from creation to use). The paper identifies specific obstacles by combining research, past security incidents, and industry standards to understand what makes it hard for companies to protect hardware, firmware (low-level software that controls hardware), software, and services throughout their lifecycles.","solution":"N/A -- no mitigation discussed in source.","labels":["security","research"],"sourceUrl":"http://ieeexplore.ieee.org/document/11121660","publishedAt":"2025-08-11T13:16:46.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["supply_chain"],"issueType":"research","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2025-08-11T13:16:46.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.72,"researchCategory":"peer_reviewed","atlasIds":null}}