Critical-infrastructure operators are increasingly expected to assess and remediate vulnerabilities in deployed industrial software. However, much of this software exists as opaque industrial software (OIS), including stripped firmware, proprietary protocol handlers, and compiled control logic without source code, symbols, build environments, or hardware interfaces. While binary analysis can identify vulnerability candidates, existing automated repair systems largely rely on source code, compilable artifacts, sanitizer feedback, or instrumentable builds, leaving a gap between binary-level discovery and validated remediation. This paper presents SCARA, a Semantics-Constrained Autonomous Remediation Agent for OIS. SCARA operates under a source-unavailable defender model and connects upstream binary vulnerability candidates to conditionally validated remedies through a four-stage pipeline. Operational-state-aware verification (OSVA) filters infeasible candidates using a nine-component industrial state model; remediation synthesis (RSA) selects the strongest available remedy across protocol mitigation, binary hardening, and SSCKG-constrained source patches; and correctness validation (CVA) provides conditional correctness evidence via behavioral-coverage preservation, independent replay, and typed rejection feedback. On OIS-RemedBench, a 15-case benchmark spanning firmware, protocol handlers, and ICS/PLC artifacts, SCARA achieves observed 100% precision with no false positives, refutes 20.0% of cases as operationally infeasible, and reaches 88.9% remediation success after targeted reruns. To our knowledge, SCARA is the first end-to-end framework that connects binary vulnerability candidates to conditionally validated remediation for opaque industrial software.

翻译：关键基础设施运营商越来越需要评估和修复已部署工业软件中的漏洞。然而，这类软件大多以不透明工业软件（OIS）的形式存在，包括剥离符号的固件、专有协议处理器以及缺乏源代码、符号表、构建环境或硬件接口的编译控制逻辑。虽然二进制分析能够识别潜在漏洞候选，但现有的自动化修复系统主要依赖源代码、可编译构件、消毒器反馈或可插桩构建，导致二进制层面的漏洞发现与经验证的修复之间存在鸿沟。本文提出SCARA——一种面向不透明工业软件的语义约束自主修复代理。SCARA在源代码不可获取的防御者模型下运行，通过四阶段流水线将上游二进制漏洞候选与条件验证的修复方案相连接：运行状态感知验证（OSVA）利用九维工业状态模型过滤不可行的候选漏洞；修复综合算法（RSA）在协议缓解、二进制加固和SSCKG约束的源码补丁中选择最佳可用修复方案；正确性验证（CVA）通过行为覆盖保持、独立重放和类型化拒绝反馈提供条件正确性证据。在包含固件、协议处理器和ICS/PLC构件共15个案例的OIS-RemedBench基准测试中，SCARA实现了100%的观察精度且无假阳性，拒绝20.0%的运行不可行案例，并在定向重试后达到88.9%的修复成功率。据我们所知，SCARA是首个将二进制漏洞候选与不透明工业软件条件验证修复相连接的端到端框架。