Operational Technology (OT) systems are essential for industrial processes but increasingly face cyber threats due to their integration with IT networks. This paper introduces an advanced framework for modeling, analyzing, and mitigating OT cyber risks using logical attack graphs with OT-specific modeling, including protocols, device hierarchies, and multi-layer dependencies. To enhance scalability, a novel graph pruning algorithm eliminates 81–98% of redundant nodes, reducing complexity while preserving critical attack paths. Additionally, an automated validation pipeline bridges theoretical modeling and real-world applicability by refining attack graphs and providing actionable mitigation insights. The framework’s modular and adaptable design ensures it remains effective in evolving OT environments, addressing emerging threats with high resilience. Validation in realistic OT scenarios confirms its scalability and effectiveness, making it a practical, extensible cybersecurity solution for protecting industrial infrastructures and critical processes from advanced cyber risks.

Advanced attack graph framework for operational technology: scalable modeling, validation, and risk mitigation / Viticchié, Alessio; Colletto, Alberto Salvatore; Sunder, Giulio; Basile, Cataldo; Aliberti, Alessandro. - In: CLUSTER COMPUTING. - ISSN 1386-7857. - 28:(2025), pp. 1-23. [10.1007/s10586-025-05288-y]

Advanced attack graph framework for operational technology: scalable modeling, validation, and risk mitigation

Alberto Salvatore Colletto;Cataldo Basile;Alessandro Aliberti
2025

Abstract

Operational Technology (OT) systems are essential for industrial processes but increasingly face cyber threats due to their integration with IT networks. This paper introduces an advanced framework for modeling, analyzing, and mitigating OT cyber risks using logical attack graphs with OT-specific modeling, including protocols, device hierarchies, and multi-layer dependencies. To enhance scalability, a novel graph pruning algorithm eliminates 81–98% of redundant nodes, reducing complexity while preserving critical attack paths. Additionally, an automated validation pipeline bridges theoretical modeling and real-world applicability by refining attack graphs and providing actionable mitigation insights. The framework’s modular and adaptable design ensures it remains effective in evolving OT environments, addressing emerging threats with high resilience. Validation in realistic OT scenarios confirms its scalability and effectiveness, making it a practical, extensible cybersecurity solution for protecting industrial infrastructures and critical processes from advanced cyber risks.
File in questo prodotto:
File Dimensione Formato  
s10586-025-05288-y.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 1.76 MB
Formato Adobe PDF
1.76 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
AcceptedManuscript.pdf

embargo fino al 19/08/2026

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 1.51 MB
Formato Adobe PDF
1.51 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3002467