The increasing digitization of critical infrastructure and the increasing use of Industrial Internet of Things (IIoT) systems are leading to a significant increase in the exposure of operating systems to cyber threats. The integration of information (IT) and operational (OT) layers, characteristic of today’s industrial environments, results in an increase in the complexity of system architecture and the number of security events that require ongoing analysis. Under such conditions, classic approaches to monitoring and responding to incidents prove insufficient, especially in the context of systems with high reliability and business continuity requirements. The aim of this article is to analyze the possibilities of using Large Language Models (LLMs) in the protection of industrial IoT systems operating in critical infrastructure. The paper analyzes the architecture of industrial automation systems and identifies classes of cyber threat scenarios characteristic of IIoT environments, including availability disruptions, degradation of system operation, manipulation of process data, and supply-chain-based attacks. On this basis, the potential roles of large language models in security monitoring processes are examined, particularly with respect to incident interpretation, correlation of heterogeneous data sources, and contextual analysis under operational constraints. The experimental evaluation demonstrates that, when compared to a rule-based baseline, the LLM-based approach provides consistently improved classification of incident impact and attack vectors across IT, DMZ, and OT segments, while maintaining a low rate of unsupported responses. These results indicate that large language models can complement existing industrial IoT security mechanisms by enhancing context-aware analysis and decision support rather than replacing established detection and monitoring systems.
Manowska et al. (Sat,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: