Industrial Automation branch INA
of Fraunhofer IOSB
Industrial Automation branch INA
of Fraunhofer IOSB

SRAG – Security Retrieval Augmented Generation-based AI assistance for automation technology

The EU directives Cyber Resilience Act and NIS-2 define areas with a high or critical level of cybersecurity, e.g., energy and water supply, mechanical and plant engineering, or automotive production. These areas use automation technology, and protecting them from cyberattacks is an essential prerequisite for quality of life and value creation in Germany.

Challenge: Vulnerability management in automation technology

Automation technology is based on components such as controllers and I/O devices, as well as value-added services such as optimization and condition monitoring. These consist of hardware and software components and use software libraries from third-party providers and open-source projects. This increases the risk of software vulnerabilities that make components vulnerable to cyberattacks.

 

Vulnerability management: A plant operator regularly checks whether (1) risks exist as a result of a risk assessment in accordance with IEC 62443, (2) which components and software are in operation, and (3) whether there are vulnerabilities in the components. If vulnerabilities are found, the plant operator must make decisions based on a risk assessment and the recommendations for action provided by the security advisory. A security advisory is provided by the component manufacturer and is a written guide to fixing the vulnerability in question. In practice, however, problems often arise:

  1. Non-standardized vulnerability descriptions or ambiguous information make it difficult to assign vulnerabilities to a component.
  2. Individual or industry-based instructions are difficult or impossible to derive, which is why security advisories are ultimately ignored by many operators.
  3. Vulnerability management has traditionally involved a high level of manual effort and is rarely possible to automate. This inevitably leads to delays in fixing vulnerabilities or failure to fix them at all.

 

Project goal: Development of a domain-specific AI assistant

The project goal is to research and develop domain-specific AI assistance for vulnerability management and handling security advisories in the field of automation technology. This is based on a combination of large language models and the retrieval-augmented generation (RAG) method to collect, analyze, and contextually process security-related information from various data sources such as vulnerability databases, technical documentation, and operating logs. The AI assistant should be able to automatically provide target group-specific recommendations for action to manufacturers, integrators, or operators.

 

Added value: Reduce manual effort and enhance security levels

SRAG creates the basis for automated, reliable, and adaptive processing of safety-critical information in automation technology. The targeted use of modern AI technologies significantly reduces the manual effort required by component manufacturers and plant operators and increases reliability in the allocation of vulnerabilities. As a result of the reduction in effort, companies benefit from direct economic cost savings in vulnerability management. SRAG thus makes an important contribution to the competitiveness and resilience of industrial systems in Germany.

Network coordinator: Fraunhofer IOSB-INA
Partners:
  • Universität Bielefeld
  • Technische Hochschule Ostwestfalen-Lippe, Lemgo
  • Hilscher Gesellschaft für Systemautomation mbH, Hattersheim
  • TÜV SÜD Product Service GmbH, München
  • ONEKEY GmbH, Düsseldorf
  • VDE Verband der Elektrotechnik Elektronik Informationstechnik e.V., Offenbach
Volume:

Project volume: €3.02 million

BMFTR funding: €2.24 million
Duration: 06/2025 - 05/2028