{"id":"https://openalex.org/W7141415361","doi":"https://doi.org/10.48550/arxiv.2603.24888","title":"An Approach to Generate Attack Graphs with a Case Study on Siemens PCS7 Blueprint for Water Treatment Plants","display_name":"An Approach to Generate Attack Graphs with a Case Study on Siemens PCS7 Blueprint for Water Treatment Plants","publication_year":2026,"publication_date":"2026-03-26","ids":{"openalex":"https://openalex.org/W7141415361","doi":"https://doi.org/10.48550/arxiv.2603.24888"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.24888","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.24888","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.24888","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5130818001","display_name":"Lucas Miranda","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Miranda, Lucas","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5125163219","display_name":"Carlos Eduardo de Schuller Banjar","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Banjar, Carlos","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130734879","display_name":"Daniel Menasche","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Menasche, Daniel","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130761625","display_name":"Anton Kocheturov","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kocheturov, Anton","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130774335","display_name":"Gaurav Srivastava","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Srivastava, Gaurav","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5130759797","display_name":"Tobias Limmer","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Limmer, Tobias","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5130818001"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9373000264167786,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9373000264167786,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.014600000344216824,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11807","display_name":"Infrastructure Resilience and Vulnerability Analysis","score":0.010999999940395355,"subfield":{"id":"https://openalex.org/subfields/2205","display_name":"Civil and Structural Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7314000129699707},{"id":"https://openalex.org/keywords/blueprint","display_name":"Blueprint","score":0.6450999975204468},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6208000183105469},{"id":"https://openalex.org/keywords/tree-traversal","display_name":"Tree traversal","score":0.5275999903678894},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.4909000098705292},{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.4742000102996826},{"id":"https://openalex.org/keywords/siemens","display_name":"Siemens","score":0.4512999951839447},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.4092999994754791},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.4036000072956085},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.38530001044273376}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7314000129699707},{"id":"https://openalex.org/C155911762","wikidata":"https://www.wikidata.org/wiki/Q422321","display_name":"Blueprint","level":2,"score":0.6450999975204468},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6449000239372253},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6208000183105469},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5386000275611877},{"id":"https://openalex.org/C140745168","wikidata":"https://www.wikidata.org/wiki/Q1210082","display_name":"Tree traversal","level":2,"score":0.5275999903678894},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.4909000098705292},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.4742000102996826},{"id":"https://openalex.org/C100053769","wikidata":"https://www.wikidata.org/wiki/Q169893","display_name":"Siemens","level":2,"score":0.4512999951839447},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.4092999994754791},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.4036000072956085},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.38530001044273376},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.38280001282691956},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.36899998784065247},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.36820000410079956},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.36550000309944153},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.35989999771118164},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.359499990940094},{"id":"https://openalex.org/C199845137","wikidata":"https://www.wikidata.org/wiki/Q145490","display_name":"Network topology","level":2,"score":0.34299999475479126},{"id":"https://openalex.org/C165136773","wikidata":"https://www.wikidata.org/wiki/Q1363179","display_name":"Single point of failure","level":2,"score":0.3361999988555908},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.305400013923645},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.2973000109195709},{"id":"https://openalex.org/C173801870","wikidata":"https://www.wikidata.org/wiki/Q201413","display_name":"Heuristic","level":2,"score":0.296099990606308},{"id":"https://openalex.org/C113174947","wikidata":"https://www.wikidata.org/wiki/Q2859736","display_name":"Tree (set theory)","level":2,"score":0.289900004863739},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.2816999852657318},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.27720001339912415},{"id":"https://openalex.org/C22467394","wikidata":"https://www.wikidata.org/wiki/Q849359","display_name":"Multidisciplinary approach","level":2,"score":0.275299996137619},{"id":"https://openalex.org/C96333769","wikidata":"https://www.wikidata.org/wiki/Q907955","display_name":"Graph traversal","level":3,"score":0.2728999853134155},{"id":"https://openalex.org/C114809511","wikidata":"https://www.wikidata.org/wiki/Q1412924","display_name":"Flow network","level":2,"score":0.2685999870300293},{"id":"https://openalex.org/C164155591","wikidata":"https://www.wikidata.org/wiki/Q2067766","display_name":"Satisfiability modulo theories","level":2,"score":0.2678000032901764},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.25690001249313354}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.24888","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.24888","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.24888","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.24888","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Clean water and sanitation","id":"https://metadata.un.org/sdg/6","score":0.4326895773410797},{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.4105812907218933}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Assessing":[0],"the":[1,16,67,95,99,111],"security":[2,151],"posture":[3],"of":[4,20,66,135],"Industrial":[5],"Control":[6],"Systems":[7],"(ICS)":[8],"is":[9,71],"critical":[10,145],"for":[11,39,104,156],"protecting":[12],"essential":[13],"infrastructure.":[14],"However,":[15],"complexity":[17],"and":[18,28,48,87,125,141],"scale":[19],"these":[21],"environments":[22,45],"make":[23],"it":[24],"challenging":[25],"to":[26,46,62,79,98,114],"identify":[27,80],"prioritize":[29],"potential":[30,81,126],"attack":[31,41,51,117],"paths.":[32],"This":[33,69],"paper":[34],"introduces":[35],"a":[36,64,75,91,132,144],"semi-automated":[37],"approach":[38],"generating":[40],"graphs":[42],"in":[43],"ICS":[44],"visualize":[47],"analyze":[49],"multi-step":[50],"scenarios.":[52],"Our":[53],"methodology":[54],"integrates":[55],"network":[56,139],"topology":[57],"information":[58],"with":[59],"vulnerability":[60,146],"data":[61],"construct":[63],"model":[65,70],"system.":[68],"then":[72],"processed":[73],"by":[74],"stateful":[76],"traversal":[77],"algorithm":[78],"exploit":[82],"chains":[83],"based":[84],"on":[85],"preconditions":[86],"consequences.":[88],"We":[89,129],"present":[90],"case":[92],"study":[93],"applying":[94],"proposed":[96],"framework":[97],"Siemens":[100],"PCS7":[101],"Cybersecurity":[102],"Blueprint":[103],"Water":[105],"Treatment":[106],"Plants.":[107],"The":[108],"results":[109],"demonstrate":[110],"framework's":[112],"ability":[113],"simulate":[115],"different":[116],"scenarios,":[118],"including":[119],"those":[120],"originating":[121],"from":[122],"known":[123],"CVEs":[124],"device":[127],"misconfigurations.":[128],"show":[130],"how":[131,142],"single":[133],"point":[134],"failure":[136],"can":[137,147],"compromise":[138],"segmentation":[140],"patching":[143],"protect":[148],"an":[149],"entire":[150],"zone,":[152],"providing":[153],"actionable":[154],"insights":[155],"risk":[157],"mitigation.":[158]},"counts_by_year":[],"updated_date":"2026-03-28T06:16:51.555046","created_date":"2026-03-28T00:00:00"}