This paper introduces a novel multi-agent pipeline designed to enhance compliance management in critical infrastructure by converting natural-language system descriptions into verifiable knowledge graphs and NIST OSCAL-formatted artifacts. The system aims to reduce fabricated vulnerabilities and hallucinated attack paths by decoupling LLM reasoning from deterministic threat intelligence retrieval. In a synthetic water utility scenario, the pipeline demonstrated high recall for CVEs and D3FEND, successfully generating an OSCAL System Security Plan and Security Assessment Report, though it noted that errors can shift to the initial asset extraction phase. AI
IMPACT This research could streamline compliance and risk assessment for critical infrastructure by automating the conversion of unstructured documentation into structured, auditable formats.
RANK_REASON The cluster contains a research paper detailing a novel AI pipeline.
AI-generated summary · Google Gemini · from 2 sources. How we write summaries →