From Systematic Threat Search to pentesting: Industrial Control Systems threat models

This research paper from November 2026 examines threat models for industrial control systems (ICS, the computers that manage factories, power plants, and other critical infrastructure) by developing systematic methods to search for and identify security threats. The authors appear to connect threat identification approaches with pentesting (penetration testing, where security experts deliberately try to break into systems to find weaknesses). The paper contributes to understanding how to better protect critical infrastructure from cyberattacks.