The Internet of Things (IoT) is integral to modern cyber-physical systems. Quantitative cybersecurity assessment in IoT environments remains challenging due to heterogeneous system architectures, evolving threat landscapes, and the limited availability of reliable probabilistic exploitability data. Although Attack Tree Analysis (ATA) provides a structured framework for modelling potential attack paths leading to system compromise, conventional ATA quantification often relies on subjective expert judgement or heuristic scoring schemes, which can introduce uncertainty and reduce analytical reproducibility. This study introduces a data-driven probabilistic security framework for IoT-based safety-critical systems by integrating Model-Based Systems Engineering (MBSE), ATA, and empirical vulnerability data. In the proposed framework, SysML models capture system architecture, from which attack trees are derived. Vulnerabilities are mapped as Basic Attack Steps and assigned exploitation probabilities using the Exploit Prediction Scoring System (EPSS). The attack tree is then represented as a Bayesian Network, enabling probabilistic reasoning, diagnostic inference, and vulnerability criticality analysis. The framework quantifies system compromise probabilities, identifies likely causes of attacks, and prioritises mitigation strategies. By combining architecture-driven modelling with real-world vulnerability intelligence, it provides a rigorous, reproducible approach for cybersecurity risk assessment in complex IoT environments.

翻译：物联网是现代网络物理系统的核心组成部分。由于异构系统架构、不断演变的威胁态势以及可靠概率可利用性数据的有限可用性，物联网环境中的定量网络安全评估仍面临挑战。尽管攻击树分析提供了一种结构化框架以建模导致系统受损的潜在攻击路径，但传统ATA量化通常依赖主观专家判断或启发式评分方案，这可能会引入不确定性并降低分析的可重复性。本研究通过集成基于模型的系统工程、ATA和实证漏洞数据，提出了一种面向物联网安全关键系统的数据驱动概率性安全框架。在所提出的框架中，SysML模型捕获系统架构，并从中推导出攻击树。漏洞被映射为基本攻击步骤，并利用漏洞预测评分系统分配可利用概率。随后，攻击树被表示为贝叶斯网络，从而实现概率推理、诊断推断和漏洞关键性分析。该框架可量化系统受损概率、识别可能的攻击原因，并优先制定缓解策略。通过将架构驱动建模与实际漏洞情报相结合，它为复杂物联网环境中的网络安全风险评估提供了一种严谨且可重复的方法。