Operational Technology (OT) systems are essential for industrial processes but increasingly face cyber threats due to their integration with IT networks. This paper introduces an advanced framework for modeling, analyzing, and mitigating OT cyber risks using logical attack graphs with OT-specific modeling, including protocols, device hierarchies, and multi-layer dependencies. To enhance scalability, a novel graph pruning algorithm eliminates 81–98% of redundant nodes, reducing complexity while preserving critical attack paths. Additionally, an automated validation pipeline bridges theoretical modeling and real-world applicability by refining attack graphs and providing actionable mitigation insights. The framework’s modular and adaptable design ensures it remains effective in evolving OT environments, addressing emerging threats with high resilience. Validation in realistic OT scenarios confirms its scalability and effectiveness, making it a practical, extensible cybersecurity solution for protecting industrial infrastructures and critical processes from advanced cyber risks.
Advanced attack graph framework for operational technology: scalable modeling, validation, and risk mitigation / Viticchié, Alessio; Colletto, Alberto Salvatore; Sunder, Giulio; Basile, Cataldo; Aliberti, Alessandro. - In: CLUSTER COMPUTING. - ISSN 1386-7857. - 28:(2025), pp. 1-23. [10.1007/s10586-025-05288-y]
Advanced attack graph framework for operational technology: scalable modeling, validation, and risk mitigation
Alberto Salvatore Colletto;Cataldo Basile;Alessandro Aliberti
2025
Abstract
Operational Technology (OT) systems are essential for industrial processes but increasingly face cyber threats due to their integration with IT networks. This paper introduces an advanced framework for modeling, analyzing, and mitigating OT cyber risks using logical attack graphs with OT-specific modeling, including protocols, device hierarchies, and multi-layer dependencies. To enhance scalability, a novel graph pruning algorithm eliminates 81–98% of redundant nodes, reducing complexity while preserving critical attack paths. Additionally, an automated validation pipeline bridges theoretical modeling and real-world applicability by refining attack graphs and providing actionable mitigation insights. The framework’s modular and adaptable design ensures it remains effective in evolving OT environments, addressing emerging threats with high resilience. Validation in realistic OT scenarios confirms its scalability and effectiveness, making it a practical, extensible cybersecurity solution for protecting industrial infrastructures and critical processes from advanced cyber risks.File | Dimensione | Formato | |
---|---|---|---|
s10586-025-05288-y.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
1.76 MB
Formato
Adobe PDF
|
1.76 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
AcceptedManuscript.pdf
embargo fino al 19/08/2026
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
1.51 MB
Formato
Adobe PDF
|
1.51 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3002467