ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing

• URL: http://arxiv.org/abs/2602.20663v1
• Date: Tue, 24 Feb 2026 08:10:40 GMT
• Title: ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing
• Authors: Michail Takaronis, Athanasia Kollarou, Vyron Kampourakis, Vasileios Gkioulos, Sokratis Katsikas,
• Abstract summary: We present ICSSPulse, an open-source, modular, and penetration testing platform designed for the security assessment of ICS communication protocols.<n>ICSSPulse is the first web-based platform that unifies network scanning, protocol-aware and OPCUA interaction, and Large Language Model (LLM)-assisted reporting.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: It is well established that industrial control systems comprise the operational backbone of modern critical infrastructures, yet their increasing connectivity exposes them to cyber threats that are difficult to study and remedy safely under real-time operational conditions. In this paper, we present ICSSPulse, an open-source, modular, and extensible penetration testing platform designed for the security assessment of ICS communication protocols. To the best of our knowledge, ICSSPulse is the first web-based platform that unifies network scanning, protocol-aware Modbus and OPC~UA interaction, and Large Language Model (LLM)-assisted reporting within a single, lightweight ecosystem. Our platform provides a user-friendly graphical interface that orchestrates enumeration, exploitation, and reporting activities over simulated industrial services, enabling safe and reproducible experimentation. It supports protocol-level discovery, asset enumeration, and controlled read/write interactions, while preserving protocol fidelity and operational transparency. Experimental evaluation using synthetic Modbus test servers, a Factory I/O water treatment scenario, and a custom OPC~UA production-line model demonstrated ICSSPulse's potential to discover active industrial services, enumerate process-relevant assets, and manipulate process variables. A key contribution of this work lies in the integration of an LLM-assisted reporting module that automatically translates technical findings into structured executive and technical reports, with mitigation guidance informed by the ICS MITRE ATT&CK ICS matrix.

Related papers

• Operationalization of Machine Learning with Serverless Architecture: An Industrial Operationalization of Machine Learning with Serverless Architecture: An Industrial Implementation for Harmonized System Code Prediction [0.0]
  This paper presents a serverless MLOps framework orchestrating the complete ML lifecycle from data ingestion, training, deployment, monitoring, and retraining to using event-driven pipelines and managed services.<n>We demonstrate practical applicability through an industrial implementation for Harmonized System (HS) code prediction, a compliance-critical task where short, unstructured product descriptions are mapped to standardized codes used by customs authorities in global trade.<n>Our solution uses a custom text embedding multiple deep learning architectures, with Text-CNN achieving 98 percent accuracy on ground truth data.
  arXiv  Detail & Related papers  (2026-02-19T05:59:55Z)
• Let It Flow: Agentic Crafting on Rock and Roll, Building the ROME Model within an Open Agentic Learning Ecosystem [90.17610617854247]
  We introduce the Agentic Learning Ecosystem (ALE), a foundational infrastructure that optimize the production pipeline for agentic model.<n>ALE consists of three components: ROLL, a post-training framework for weight optimization; ROCK, a sandbox environment manager for trajectory generation; and iFlow CLI, an agent framework for efficient context engineering.<n>We release ROME, an open-source agent grounded by ALE and trained on over one million trajectories.
  arXiv  Detail & Related papers  (2025-12-31T14:03:39Z)
• ICS-SimLab: A Containerized Approach for Simulating Industrial Control Systems for Cyber Security Research [1.4298811216582037]
  ICS-SimLab is an end-to-end software suite that utilizes Docker containerization technology to create an ICS simulation environment.<n>We present three virtual ICS simulations: a solar panel smart grid, a water bottle filling facility, and a system of intelligent electronic devices.<n>We run cyber-attacks on these simulations and construct a dataset of recorded malicious and benign network traffic to be used for IDS development.
  arXiv  Detail & Related papers  (2025-09-27T13:39:54Z)
• ICSLure: A Very High Interaction Honeynet for PLC-based Industrial Control Systems [0.0]
  Honeypots provide a means to detect and analyze such threats by emulating target systems and capturing attacker behavior.<n>Traditional ICS honeypots, often limited to software-based simulations of a single PLC, lack the realism required to engage adversaries.<n>In this work, we introduce a modular honeynet framework named ICSLure which integrates physical PLCs with sophisticated industrial protocols.
  arXiv  Detail & Related papers  (2025-09-04T10:18:30Z)
• Rethinking Testing for LLM Applications: Characteristics, Challenges, and a Lightweight Interaction Protocol [83.83217247686402]
  Large Language Models (LLMs) have evolved from simple text generators into complex software systems that integrate retrieval augmentation, tool invocation, and multi-turn interactions.<n>Their inherent non-determinism, dynamism, and context dependence pose fundamental challenges for quality assurance.<n>This paper decomposes LLM applications into a three-layer architecture: textbftextitSystem Shell Layer, textbftextitPrompt Orchestration Layer, and textbftextitLLM Inference Core.
  arXiv  Detail & Related papers  (2025-08-28T13:00:28Z)
• CELA: Cost-Efficient Language Model Alignment for CTR Prediction [70.65910069412944]
  Click-Through Rate (CTR) prediction holds a paramount position in recommender systems.<n>Recent efforts have sought to mitigate these challenges by integrating Pre-trained Language Models (PLMs)<n>We propose textbfCost-textbfEfficient textbfLanguage Model textbfAlignment (textbfCELA) for CTR prediction.
  arXiv  Detail & Related papers  (2024-05-17T07:43:25Z)
• LLMPot: Dynamically Configured LLM-based Honeypot for Industrial Protocol and Physical Process Emulation [5.515499079485665]
  Honeypots play a vital role by acting as decoy targets within ICS networks or on the Internet.<n> Deploying ICS honeypots is challenging due to the necessity of accurately replicating industrial protocols and device characteristics.<n>We propose LLMPot, a novel approach for designing honeypots in ICS networks harnessing the potency of Large Language Models.
  arXiv  Detail & Related papers  (2024-05-09T09:37:22Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• A Holistic Approach for Trustworthy Distributed Systems with WebAssembly and TEEs [2.0198678236144474]
  This paper introduces a novel approach using WebAssembly to address these issues. We present the design of a portable and fully attested publish/subscribe system as a holistic approach. Our experimental results showcase most overheads, revealing a 1.55x decrease in message throughput when using a trusted broker.
  arXiv  Detail & Related papers  (2023-12-01T16:37:48Z)
• ICSML: Industrial Control Systems ML Framework for native inference using IEC 61131-3 code [0.0]
  Industrial Control Systems (ICS) have played a catalytic role in enabling the 4th Industrial Revolution. The convergence of traditional Operational Technology (OT) with Information Technology (IT) has opened a new and unique threat landscape. This has inspired defense research that focuses heavily on Machine Learning (ML) based anomaly detection methods that run on external IT hardware. We introduce the ICS machine learning inference framework (ICSML) which enables executing ML model inference on the PLC.
  arXiv  Detail & Related papers  (2022-02-21T09:37:28Z)
• SOLIS -- The MLOps journey from data acquisition to actionable insights [62.997667081978825]
  In this paper we present a unified deployment pipeline and freedom-to-operate approach that supports all requirements while using basic cross-platform tensor framework and script language engines. This approach however does not supply the needed procedures and pipelines for the actual deployment of machine learning capabilities in real production grade systems.
  arXiv  Detail & Related papers  (2021-12-22T14:45:37Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.