| Title | Software Vulnerability Fix Prioritization for x/rApps |
| Publication Type | Conference Paper |
| Year of Publication | 2026 |
| Authors | Kopanias L, Vlachos S, Kolokotronis N, Vassilakis C |
| Conference Name | Proceedings of the 2026 IEEE International Conference on Cyber Security and Resilience (CSR) |
| Keywords | 6G network security, integer programming, rApps, residual impact, security issue prioritization, xApps |
| Abstract | xApps and rApps are essential elements of the 6G framework, allowing for integration of AI-based functionality within the Open RAN (O-RAN) architecture, enhancing intelligence, automation and programmability. Their positioning in the O-RAN architecture enables them to access important resources of the 6G framework, therefore the security of xApps and rApps is critical. However, software programs may entail security issues, and security budget or roll-out time constraints may preclude the elimination of all identified issues, leading thus to residual impact, owing to security issues that are not fixed. In this paper, we present a method for prioritizing the fixing of security issues, in order to minimize the residual impact. The proposed method takes into account the attributes of the identified security issues, the relative importance of the confidence, integrity, and availability security dimensions, as well as the available security budget. |
