Scalable AI-driven Cybersecurity for Small and Medium Critical Manufacturing

• Small and medium-sized manufacturing enterprises (SMEs) play a central role in Virginia’s and the nation’s supply chains, yet they face growing cyber-physical threats while lacking the resources to deploy advanced cybersecurity defenses. Existing AI approaches in cybersecurity largely emphasize knowledge retrieval rather than informed decision-making in dynamic operational environments, leaving a critical gap for manufacturing systems that require proactive, context-aware protection. This project addresses that gap by developing a scalable, agentic AI framework that combines data-driven learning with structured symbolic knowledge to support risk assessment, scenario simulation, and adaptive mitigation in cyber-physical manufacturing systems. The methodology integrates fine-tuned open-source large language models, enhanced through parameter-efficient techniques, with SysML-based system representations to reduce hallucinations and increase trust and interpretability. These components are progressively combined using retrieval-augmented generation, model merging, and online learning methods, including graph and hypergraph-based models, to capture evolving system dynamics and multi-stage attack propagation. The resulting agentic AI enables manufacturing SMEs to anticipate threats, evaluate response strategies under uncertainty, and make informed cybersecurity decisions within practical resource constraints. By delivering an affordable, trustworthy, and adaptive cybersecurity solution tailored to SME environments, this research strengthens supply-chain resilience, supports critical infrastructure protection, and advances the broader adoption of responsible AI in manufacturing.

Funding Agency: The Commonwealth Cyber Initiative (CCI)

Role:  Co-Principal Investigator