{"id":"https://openalex.org/W7152045705","doi":"https://doi.org/10.48550/arxiv.2604.05674","title":"From Incomplete Architecture to Quantified Risk: Multimodal LLM-Driven Security Assessment for Cyber-Physical Systems","display_name":"From Incomplete Architecture to Quantified Risk: Multimodal LLM-Driven Security Assessment for Cyber-Physical Systems","publication_year":2026,"publication_date":"2026-04-07","ids":{"openalex":"https://openalex.org/W7152045705","doi":"https://doi.org/10.48550/arxiv.2604.05674"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.05674","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.05674","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.05674","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024226895","display_name":"Shaofei Huang","orcid":"https://orcid.org/0000-0001-8996-9907"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Huang, Shaofei","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053470148","display_name":"Christopher M. Poskitt","orcid":"https://orcid.org/0000-0002-9376-2471"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Poskitt, Christopher M.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5133149429","display_name":"Lwin Khin Shar","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shar, Lwin Khin","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5024226895"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.44040000438690186,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.44040000438690186,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.11330000311136246,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12000","display_name":"Systems Engineering Methodologies and Applications","score":0.11320000141859055,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/documentation","display_name":"Documentation","score":0.729200005531311},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.6261000037193298},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.47909998893737793},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.42250001430511475},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.4065999984741211},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.3580999970436096},{"id":"https://openalex.org/keywords/architecture-framework","display_name":"Architecture framework","score":0.35659998655319214},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.3538999855518341}],"concepts":[{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.729200005531311},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.6261000037193298},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6148999929428101},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.47909998893737793},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4316999912261963},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.42250001430511475},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.412200003862381},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.4065999984741211},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.3580999970436096},{"id":"https://openalex.org/C53619493","wikidata":"https://www.wikidata.org/wiki/Q4787093","display_name":"Architecture framework","level":3,"score":0.35659998655319214},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.3538999855518341},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.35249999165534973},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.334199994802475},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.33169999718666077},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.32280001044273376},{"id":"https://openalex.org/C58328972","wikidata":"https://www.wikidata.org/wiki/Q184609","display_name":"Expert system","level":2,"score":0.3212999999523163},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.3028999865055084},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.28600001335144043},{"id":"https://openalex.org/C98025372","wikidata":"https://www.wikidata.org/wiki/Q477538","display_name":"Systems architecture","level":3,"score":0.2736999988555908},{"id":"https://openalex.org/C145644426","wikidata":"https://www.wikidata.org/wiki/Q169411","display_name":"Unified Modeling Language","level":3,"score":0.2669000029563904},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.2615000009536743},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.251800000667572},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.25119999051094055},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.2500999867916107}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.05674","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.05674","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.05674","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.05674","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Cyber-physical":[0],"systems":[1],"often":[2],"contend":[3],"with":[4,124],"incomplete":[5],"architectural":[6,30,40,108,125],"documentation":[7,96],"or":[8,38,99],"outdated":[9],"information":[10],"resulting":[11],"from":[12,116],"legacy":[13],"technologies,":[14],"knowledge":[15,41],"management":[16,189],"gaps,":[17],"and":[18,50,91,107,112,133,153,169],"the":[19,43,142,177,181],"complexity":[20],"of":[21,45],"integrating":[22,121],"diverse":[23],"subsystems":[24],"over":[25],"extended":[26],"operational":[27],"lifecycles.":[28],"This":[29],"incompleteness":[31],"impedes":[32],"reliable":[33,170],"security":[34,72,174],"assessment,":[35],"as":[36],"inaccurate":[37],"missing":[39],"limits":[42],"identification":[44,132],"system":[46,114],"dependencies,":[47],"attack":[48],"surfaces,":[49],"risk":[51,135,188],"propagation":[52],"pathways.":[53],"To":[54],"address":[55],"this":[56,59],"foundational":[57],"challenge,":[58],"paper":[60],"introduces":[61],"ASTRAL":[62,110,166],"(Architecture-Centric":[63],"Security":[64],"Threat":[65],"Risk":[66],"Assessment":[67],"using":[68],"LLMs),":[69],"an":[70,145,154],"architecture-centric":[71,173],"assessment":[73],"technique":[74],"implemented":[75],"in":[76,89],"a":[77],"prototype":[78],"tool":[79],"powered":[80],"by":[81],"multimodal":[82],"LLMs.":[83],"The":[84],"proposed":[85],"approach":[86,128,143,182],"assists":[87],"practitioners":[88],"reconstructing":[90],"analysing":[92],"CPS":[93,150],"architectures":[94],"when":[95],"is":[97,167],"fragmented":[98],"absent.":[100],"By":[101,120],"leveraging":[102],"prompt":[103],"chaining,":[104],"few-shot":[105],"learning,":[106],"reasoning,":[109],"extracts":[111],"synthesises":[113],"representations":[115],"disparate":[117],"data":[118],"sources.":[119],"LLM":[122],"reasoning":[123],"modelling,":[126],"our":[127],"supports":[129],"adaptive":[130],"threat":[131],"quantitative":[134],"estimation":[136],"for":[137,171],"cyber-physical":[138],"systems.":[139],"We":[140],"evaluated":[141],"through":[144],"ablation":[146],"study":[147],"across":[148],"multiple":[149],"case":[151],"studies":[152],"expert":[155],"evaluation":[156],"involving":[157],"14":[158],"experienced":[159],"cybersecurity":[160],"practitioners.":[161],"Practitioner":[162],"feedback":[163],"suggests":[164],"that":[165,180],"useful":[168],"supporting":[172],"assessment.":[175],"Overall,":[176],"results":[178],"indicate":[179],"can":[183],"support":[184],"more":[185],"informed":[186],"cyber":[187],"decisions.":[190]},"counts_by_year":[],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2026-04-09T00:00:00"}