Automating threat modeling is especially critical in the Cyber-Physical Systems (CPS) domain, where security breaches can lead to significant real-world consequences, including safety risks and infrastructure disruption. This paper explores the application of Large Language Models (LLMs) to automate and enhance the process of cybersecurity threat modeling. Given the time-consuming and error-prone nature of traditional, manual threat modeling methods, the study investigates whether LLMs can increase efficiency and maintain or improve model quality. We leverage the STRIDE methodology for threat identification and the DREAD framework for risk assessment, employing modern LLMs to generate, evaluate, and prioritize security threats across a diverse dataset of systems from web, cloud, mobile, AI, and enterprise domains. Two interaction scenarios—single-agent and dual-agent LLM setups—are compared to assess performance, coherence, and reliability. Our findings suggest that LLMs offer promising capabilities in automating threat modeling tasks, with trade-offs between simplicity and precision depending on the interaction model. This work contributes to the ongoing efforts to reduce human workload and improve scalability in cybersecurity analysis.
Zelenskiy et al. (Mon,) studied this question.