Enabling the integrated and automated self-defense of Cyber-Physical Systems through an interdisciplinary approach

Cyber-physical systems underpin many of today’s critical in- frastructures, including industrial automation, energy produc- tion, healthcare environments, and smart-city ecosystems. These systems tightly couple software, networks, and physical pro- cesses, operate under real-time and safety constraints, and span heterogeneous technologies and organizational domains. Their growing interconnection has expanded the attack surface across enterprise, demilitarized, and operational networks, as well as across devices ranging from modern edge platforms to legacy industrial controllers. However, three major gaps limit the ezectiveness of current security approaches. First, although existing standards and frameworks support gover- nance and compliance, they provide few system-level security metrics that are meaningful in industrial environments, that can be measured continuously, and that satisfy formal con- ditions of soundness and reproducibility. Second, even when indicators exist, there is no clear architectural path to trans- form them into timely, auditable defensive actions without un- dermining availability or operational continuity. Distributed infrastructures must exchange trust, policy, and posture in- formation in ways that resist tampering, avoid single points of failure, and remain scalable. Third, security in these environ- ments depends not only on technical mechanisms but also on human behavior, organizational practice, and emerging forms of deception. Operators increasingly face social-engineering campaigns that exploit synthetic media and AI-generated con- tent, while organizations lack clear evidence on how to tailor training and awareness programs in a scalable and context- appropriate manner.