PulseAugur
EN
LIVE 12:58:47

AI pipeline converts infrastructure docs to compliance artifacts

This paper introduces a novel multi-agent pipeline designed to enhance compliance management in critical infrastructure by converting natural-language system descriptions into verifiable knowledge graphs and NIST OSCAL-formatted artifacts. The system aims to reduce fabricated vulnerabilities and hallucinated attack paths by decoupling LLM reasoning from deterministic threat intelligence retrieval. In a synthetic water utility scenario, the pipeline demonstrated high recall for CVEs and D3FEND, successfully generating an OSCAL System Security Plan and Security Assessment Report, though it noted that errors can shift to the initial asset extraction phase. AI

IMPACT This research could streamline compliance and risk assessment for critical infrastructure by automating the conversion of unstructured documentation into structured, auditable formats.

RANK_REASON The cluster contains a research paper detailing a novel AI pipeline.

Read on arXiv cs.AI →

AI-generated summary · Google Gemini · from 2 sources. How we write summaries →

AI pipeline converts infrastructure docs to compliance artifacts

COVERAGE [2]

  1. arXiv cs.AI TIER_1 English(EN) · Lea Roxanne Muth, Marian Margraf ·

    From Legacy Documentation to OSCAL: An MCP-Based Agent Pipeline for Threat-Informed Continuous Compliance in Critical Infrastructure

    arXiv:2607.08288v1 Announce Type: cross Abstract: In critical infrastructure, operational technology environments often cannot be actively scanned, and yet active system feedback is needed for risk assessment and compliance. This paper presents a non-invasive, MCP-grounded multi-…

  2. arXiv cs.AI TIER_1 English(EN) · Marian Margraf ·

    From Legacy Documentation to OSCAL: An MCP-Based Agent Pipeline for Threat-Informed Continuous Compliance in Critical Infrastructure

    In critical infrastructure, operational technology environments often cannot be actively scanned, and yet active system feedback is needed for risk assessment and compliance. This paper presents a non-invasive, MCP-grounded multi-agent pipeline that converts natural-language syst…