Misconfigurations within Operational Technology (OT) environments represent a significant source of cyber risk, often resulting in critical disruptions to industrial processes. However, the absence of standardized methodologies for quantifying their impact hinders effective risk assessment and prioritization. This study proposes a novel and fully automated framework that maps misconfigurations to the Common Weakness Enumeration (CWE) taxonomy through semantic similarity techniques, employing state-of-the-art sentence embedding models and cosine similarity metrics. The framework enables the computation of quantitative risk indicators by linking the identified CWEs to associated Common Vulnerabilities and Exposures (CVEs) and aggregating their Common Vulnerability Scoring System (CVSS) scores. A voting ensemble of pre-trained language models is introduced to enhance robustness and semantic accuracy. Experimental validation demonstrates improved precision over single-model baselines, confirming the efficacy of the proposed approach. The resulting system offers a scalable, data-driven tool for OT stakeholders to evaluate and prioritize misconfigurationrelated cybersecurity threats systematically.
NLP-based automated scoring of OT misconfigurations via CWE and CVSS mapping / Todaro, Mario; Colletto, Alberto Salvatore; Viticchié, Alessio; Aliberti, Alessandro. - ELETTRONICO. - (In corso di stampa). (Intervento presentato al convegno Research and Technologies for Society and Industry (RTSI) tenutosi a Gammarth, Tunis nel 24-26 August, 2025).
NLP-based automated scoring of OT misconfigurations via CWE and CVSS mapping
Alberto Salvatore Colletto;Alessandro Aliberti
In corso di stampa
Abstract
Misconfigurations within Operational Technology (OT) environments represent a significant source of cyber risk, often resulting in critical disruptions to industrial processes. However, the absence of standardized methodologies for quantifying their impact hinders effective risk assessment and prioritization. This study proposes a novel and fully automated framework that maps misconfigurations to the Common Weakness Enumeration (CWE) taxonomy through semantic similarity techniques, employing state-of-the-art sentence embedding models and cosine similarity metrics. The framework enables the computation of quantitative risk indicators by linking the identified CWEs to associated Common Vulnerabilities and Exposures (CVEs) and aggregating their Common Vulnerability Scoring System (CVSS) scores. A voting ensemble of pre-trained language models is introduced to enhance robustness and semantic accuracy. Experimental validation demonstrates improved precision over single-model baselines, confirming the efficacy of the proposed approach. The resulting system offers a scalable, data-driven tool for OT stakeholders to evaluate and prioritize misconfigurationrelated cybersecurity threats systematically.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3002714
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo