PORTO @ Archivio Istituzionale della Ricerca

Operational Technology (OT) networks face growing cybersecurity risks, yet applying best practice guidelines remains difficult, particularly in settings with limited cybersecurity expertise. This paper proposes a modular framework combining a Large Language Model (Llama3 8B Instruct), semantic search (FAISS), and structured prompting to assist in the analysis of OT configurations. The system extracts best practices from authoritative sources, generates standardized JSON templates for data collection, and leverages a chatbot assistant for compliance validation and mitigation guidance. Experimental results show moderate accuracy (60–66.67%), highlighting both the promise and current limitations of LLM-based security tools. The framework offers a foundation for enhancing automation, interpretability, and resilience in OT environments.

Leveraging Large Language Models for OT Network Configuration Analysis / Colletto, Alberto Salvatore; Todaro, Mario; Viticchié, Alessio; Aliberti, Alessandro. - ELETTRONICO. - (2025), pp. 338-343. ( Research and Technologies for Society and Industry (RTSI) Gammarth, Tunis 24-26 August, 2025) [10.1109/RTSI64020.2025.11212403].

Leveraging Large Language Models for OT Network Configuration Analysis

Alberto Salvatore Colletto;Alessandro Aliberti
2025

Abstract

Operational Technology (OT) networks face growing cybersecurity risks, yet applying best practice guidelines remains difficult, particularly in settings with limited cybersecurity expertise. This paper proposes a modular framework combining a Large Language Model (Llama3 8B Instruct), semantic search (FAISS), and structured prompting to assist in the analysis of OT configurations. The system extracts best practices from authoritative sources, generates standardized JSON templates for data collection, and leverages a chatbot assistant for compliance validation and mitigation guidance. Experimental results show moderate accuracy (60–66.67%), highlighting both the promise and current limitations of LLM-based security tools. The framework offers a foundation for enhancing automation, interpretability, and resilience in OT environments.
2025
979-8-3315-9788-7
4.1 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
2025180285.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 192.75 kB
Formato Adobe PDF
Visualizza/Apri
192.75 kB Adobe PDF Visualizza/Apri
Leveraging_Large_Language_Models_for_OT_Network_Configuration_Analysis.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 900.61 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
900.61 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3002713