A Feasibility Study on Chain-of-Thought Prompting for LLM-Based OT Cybersecurity Risk Assessment

This study investigates the use of Large Language Models (LLMs) with Chain-of-Thought (CoT) prompting to automate cybersecurity risk assessments for embedded systems, using the MITRE EMB3D framework. A case study on an embedded drive system compares LLM-generated risk evaluations with expert assessments based on IEC 62443. Results show high accuracy (81 %) and substantial agreement with human experts, demonstrating the potential of LLMs to streamline and enhance risk assessments. This is particularly pertinent in the emerging context of the EU's Cyber Resilience Act (CRA), where exploring alternative, context-rich automated approaches becomes relevant for scalable and efficient cybersecurity risk assessments.