Cyber-physical systems often contend with incomplete architectural documentation or outdated information resulting from legacy technologies, knowledge management gaps, and the complexity of integrating diverse subsystems over extended operational lifecycles. This architectural incompleteness impedes reliable security assessment, as inaccurate or missing architectural knowledge limits the identification of system dependencies, attack surfaces, and risk propagation pathways. To address this foundational challenge, this paper introduces ASTRAL (Architecture-Centric Security Threat Risk Assessment using LLMs), an architecture-centric security assessment technique implemented in a prototype tool powered by multimodal LLMs. The proposed approach assists practitioners in reconstructing and analysing CPS architectures when documentation is fragmented or absent. By leveraging prompt chaining, few-shot learning, and architectural reasoning, ASTRAL extracts and synthesises system representations from disparate data sources. By integrating LLM reasoning with architectural modelling, our approach supports adaptive threat identification and quantitative risk estimation for cyber-physical systems. We evaluated the approach through an ablation study across multiple CPS case studies and an expert evaluation involving 14 experienced cybersecurity practitioners. Practitioner feedback suggests that ASTRAL is useful and reliable for supporting architecture-centric security assessment. Overall, the results indicate that the approach can support more informed cyber risk management decisions.

翻译：信息物理系统常因传统技术、知识管理缺失以及不同子系统在长运行生命周期中集成复杂性，面临架构文档不完整或信息过时的问题。这种架构不完整性阻碍了可靠的安全评估，因为不准确或缺失的架构知识限制了系统依赖关系、攻击面及风险传播路径的识别。为应对这一基础性挑战，本文提出ASTRAL（基于大语言模型的架构中心安全威胁风险评估）方法，这是一种以架构为中心的安全评估技术，并通过多模态大语言模型驱动的原型工具实现。该方法可辅助实践人员在文档碎片化或缺失时重构并分析信息物理系统架构。通过链式提示、少样本学习和架构推理，ASTRAL能从异构数据源中提取并综合系统表征。通过将大语言模型推理与架构建模相结合，本方法支持信息物理系统的自适应威胁识别与定量风险估计。我们通过跨多个信息物理系统案例的消融实验及一项涉及14位资深网络安全实践人员的专家评估来验证该方法。实践人员反馈表明，ASTRAL在支持以架构为中心的安全评估中具有实用性和可靠性。总体而言，研究结果表明该方法可支撑更明智的网络风险管理决策。