ONTOLOGICAL EXPERT SYSTEM FOR IDENTIFYING VULNERABLE COMPONENTS IN SECURITY SYSTEMS OF CRITICAL INFRASTRUCTURE FACILITIES

Abstract

This paper presents an ontological expert system designed for the automated identification of vulnerable components in the security frameworks of critical infrastructure facilities. The solution is based on the use of ontologies as a formal means of knowledge representation, enabling semantic modeling of system structures, threat types, attack vectors, compromise consequences, and corresponding mitigation strategies. Unlike traditional risk analysis methods, which typically rely on fixed rules or manual interpretation, the ontological model supports logical inference of new knowledge based on the interrelationships between entities, taking into account both structural and contextual dependencies.

The relevance of this research is driven by the complexity of modern infrastructure systems and the limitations of existing evaluation methods, which often lack scalability, fail to consider the specificity of individual objects, or do not provide interpretable results. The system’s architecture includes five core modules: an OWL-based ontological knowledge base, a reasoning module using SWRL rules, a user interface for data input and visualization of results, a vulnerability and threat database (e.g., CVE, STRIDE), and a knowledge update module.

A case study was conducted using a simulated energy infrastructure object to assess the system’s ability to identify complex vulnerability chains with high accuracy. System components were analyzed, outdated software and known vulnerabilities were detected, and related risks were identified with mitigation recommendations generated. Testing showed that the ontological approach outperforms traditional analysis methods in terms of accuracy, processing speed, and explainability. The results confirm the practical value of the proposed system in enhancing the cybersecurity resilience of critical infrastructure and justify the need for further research focused on integration with monitoring systems and expansion of the ontological model.

Keywords: ontology, expert system, vulnerabilities, critical infrastructure, logical reasoning, cybersecurity.

References

1. Barabash, O., Sobchuk, V., Musienko, A. et al. System analysis and method of ensuring functional sustainability of the information system of a critical infrastructure object. System Analysis and Artificial Intelligence. 2023. P. 177-192. URL: https://doi.org/10.1007/978-3-031-37450-0_11 
2. Batyuk, O., Danylivskyi, L. Ensuring the security of critical infrastructure facilities as a component of national security: National and international experience. Society and Security. 2024. Vol. 6 (6). P. 83-89. URL: https://doi.org/10.26642/sas-2024-6(6)-83-89
3. Lehto, M. Cyber-attacks against critical infrastructure. Cyber security: Critical infrastructure protection. 2022. P. 3-42. URL: https://doi.org/10.1007/978-3-030-91293-2_1
4. Vesić, S., Bjelajac, M. Cyber security of a critical infrastructure. Pravo-teorija i praksa. 2023. Vol. 40(2) P. 77-88. URL: https://www.ceeol.com/search/article-detail?id=1166617
5. Zahedi, F. M., Chen, Y., Zhao, H. Ontology-based intelligent interface personalization for protection against phishing attacks. Information Systems Research. 2024. Vol. 35(3). P. 1463-1478. URL: https://doi.org/10.1287/isre.2021.0065
6. Martins, B. F., Serrano Gil, L. J., Reyes Roman, J. F. et al. A framework for conceptual characterization of ontologies and its application in the cybersecurity domain. Software and Systems Modeling. 2022. Vol. 21(4). P. 1437-1464. URL: https://doi.org/10.1007/s10270-022-01013-0
7. Gorda, M., Levshun, D. Formalizing Knowledge on Vulnerabilities and Threats: An Ontological Approach Based on the FSTEC VDB. International Conference on Intelligent Information Technologies for Industry, November, 2025. P. 53-64. URL: https://doi.org/10.1007/978-3-032-13615-2_6
8. Kordi, M., Maunero, N. Ontology-driven Threat Modeling Analysis of CPSs. CSR: 2025 IEEE International Conference on Cyber Security and Resilience, August, 2025. P. 600-605. URL: https://doi.org/10.1109/CSR64739.2025.11129998 
9. Gavric, N., Shalaginov, A., Andrushevich, A., Rumsch, A., Paice, A. Enhancing Security in International Data Spaces: A STRIDE Framework Approach. Technologies. 2024. Vol. 13(1). P. 8. URL: https://doi.org/10.3390/technologies13010008 
10. Adach, M., Bucaioni, A., Ciccozzi, F. A Hybrid Ontology for Identifying Safety Hazards and Security Threats. ICSRS: 2024 8th International Conference on System Reliability and Safety, November, 2024. P. 667-676. URL: https://doi.org/10.1109/ICSRS63046.2024.10927510
11. Lupovici, A. Ontological security, cyber technology, and states’ responses. European Journal of International Relations. 2023. Vol. 29(1). P. 153-178. URL: https://doi.org/10.1177/1354066122113095
12. Babayeva, G., Maennel, K., Maennel, O. M. Building an ontology for cyber defence exercises. EUROS&PW: 2022 IEEE European Symposium on Security and Privacy Workshops, June, 2022. P. 423-432. URL: https://doi.org/10.1109/EuroSPW55150.2022.00050
13. Ayo, F. E., Awotunde, J. B., Ogundele, L. A., et al. Ontology-based layered rule-based network intrusion detection system for cybercrimes detection. Knowledge and Information Systems. 2024. Vol. 66(6). P. 3355-3392. URL: https://doi.org/10.1007/s10115-024-02068-9
14. Sinha, P. K., Gajbe, S. B., Debnath, S., et al. A review of data mining ontologies. Data Technologies and Applications. 2022. Vol. 56(2). P. 172-204. URL: https://doi.org/10.1108/DTA-04-2021-0106
15. Yang, S., Farag, M. M. G. Ontologies. Digital Library Technologies: Complex Objects, Annotation, Ontologies, Classification, Extraction, and Security, 2022. P. 63-88. URL: https://doi.org/10.1007/978-3-031-02285-2_3