Neuro-Agentic Control: A Deep Learning-based LLM-Powered Agentic AI Framework for Controlling Security Controls
Quick Answer
This paper shows that The Neuro-Agentic Control framework integrates an LLM-based planner with a Time-Series Foundation Model to enhance cybersecurity in industrial IoT, achieving a 33.3% breach prevention rate compared to 26.7% for LSTM and 13.3% for TCN, while ensuring zero unsafe actions.
Quick Take
The Neuro-Agentic Control framework integrates an LLM-based planner with a Time-Series Foundation Model to enhance cybersecurity in industrial IoT, achieving a 33.3% breach prevention rate compared to 26.7% for LSTM and 13.3% for TCN, while ensuring zero unsafe actions.
Key Points
- Introduces a novel neuro-agentic control framework for autonomous defense in industrial IoT.
- Utilizes a Counterfactual Physics Injection mechanism to simulate LLM interventions safely.
- Demonstrated superior performance on the Secure Water Treatment dataset against stochastic attacks.
- Achieved zero physically invalid actions during testing, ensuring safety in critical infrastructure.
- Framework outperformed LSTM and TCN baselines in breach prevention rates.
Paper Resources
📖 Reader Mode
~2 min readAbstract:Cyberattacks on operational technology are increasingly causing costly downtime and physical damage, exposing the limitations of traditional rule-based monitoring in industrial IoT environments. While Large Language Models (LLMs) have strong semantic reasoning abilities to assist in decision support, their hallucinatory nature presents unacceptable safety liabilities for closed-loop control. This paper introduces a neuro-agentic control framework, a novel architecture that couples an LLM-based planner (i.e., such as Gemini 2.5 Flash-Lite) with a pre-trained Time-Series Foundation Model (TimesFM), to achieve physics-grounded autonomous defense. The paper introduces a ``Counterfactual Physics Injection'' mechanism that simulates the impact of LLM-proposed interventions within the numerical latent space of the foundation model before actuation, while allowing the system to reject hallucinatory or unsafe actions. Evaluated on an industrial dataset (e.g., the Secure Water Treatment (SWaT)) in the context of stochastic attack scenarios, the framework exhibited better performance compared to LSTM and TCN baselines. The Neuro-Agentic Loop prevented five breaches (33.3%) below the threshold versus LSTM (26.7%) and TCN (13.3%), with zero physically invalid (hallucinated) actions executed. These results demonstrate the efficacy of using foundation models as deterministic ``Sentinels'' to safeguard agentic AI in critical infrastructure.
| Subjects: | Artificial Intelligence (cs.AI) |
| Cite as: | arXiv:2607.09076 [cs.AI] |
| (or arXiv:2607.09076v1 [cs.AI] for this version) | |
| https://doi.org/10.48550/arXiv.2607.09076 arXiv-issued DOI via DataCite (pending registration) |
Submission history
From: Saroj Gopali [view email]
[v1]
Fri, 10 Jul 2026 03:43:48 UTC (173 KB)
— Originally published at arxiv.org
Want this in your inbox every morning?
Daily brief at your local 8am — bilingual EN/中文, free.
More from arXiv cs.AI
See more →Adversarial Social Epistemology for Assemblies of Humans and Large Language Models
The paper introduces Adversarial Social Epistemology (ASE) to analyze how agents manipulate trust in public communications, highlighting mechanisms that undermine the reliability of testimony and inference. It critiques existing frameworks like epistemic bubbles and misinformation diffusion, proposing a new language for understanding trust breaches and auditing inferential chains in densely interactive environments involving humans and large language models.