Full Program
Summary:
Industrial Control Systems (ICS) are vulnerable to cybersecurity threats due to their distributed architecture and critical role in infrastructure sectors. Ensuring their secure operation requires deploying runtime monitoring mechanisms to detect behavioral deviations, with inline security monitoring arising as a practical solution. However, writing these specifications manually is time-consuming, error-prone, and requires deep domain expertise. In this paper, we explore the feasibility of using large language models (LLMs) to assist in generating JML-based inline security monitors for ICS applications. Using a water distribution system as a testbed, we prompt the model with structured templates and evaluate its output against expert-written specifications. Our results highlight that LLMs can correctly infer key security properties and produce context-aware assertions with minimal guidance, marking an early but promising step toward automated monitor synthesis.Author(s):
George Raptis
Industrial Systems Institute, ATHENA RC
Greece
Muhammad Taimoor Khan
University of Greenwich
United Kingdom
Christos Koulamas
Industrial Systems Institute, ATHENA RC
Greece
Dimitrios Serpanos
University of Patras, Computer Technology Institute and Press “Diophantus”, and Industrial Systems Institute
Greece