Following the increasingly widespread adoption of IoT technologies, both in the industrial and personal sectors, the need to adequately protect the OT (Operational Technology) component on par with IT (Information Technology) has become crucial. This is due to the rise of lethal cyber threatsspecifically targeting sectors that heavily rely on such technologies—such as energy, transportation, manufacturing, and so on.

While there are well-established solutions to meet cybersecurity needs for IT systems, the situation is markedly different for OT systems. In fact, vulnerability assessment tools are essentially the only ones currently available, whereas penetration testing methodologies still largely rely on manual activities. These not only demand significant financial and time resources but also require specialized personnel—resources that are currently lacking in the job market.

The IoT Vigilance project aims to fill this gap by developing an automated penetration testing platform for IT/OT infrastructure. This platform is designed to proactively identify and assess vulnerabilities—also through the use of Machine Learning techniques—and to recommend the necessary remediation actions. Additionally, the platform will integrate cyber risk assessment with an Asset Management system, enabling comprehensive monitoring of both the IoT infrastructure and its associated vulnerabilities.