LLM-Driven Approach for Safe and Secure Network Management by Design in IoT-Based Systems
Abstract
1. Introduction
- Predominance of runtime, black-box AI solutions, which provide limited formal guarantees, weak explainability, and reduced trust in safety- and security-critical environments.
- Lack of design-time verification mechanisms capable of proactively identifying security misconfigurations, policy violations, and functional safety issues before deployment.
- Limited integration between GenAI capabilities and formal engineering methods, resulting in AI-assisted decisions that are difficult to validate, justify, or audit.
- Growing complexity and heterogeneity of IoT and mobile network infrastructures, which increases the likelihood of human error during topology design and management configuration.
- Need for trustworthy and explainable AI-assisted workflows that can be safely adopted in regulated and mission-critical networked systems.
- An LLM-driven, design-time workflow for IoT and network management system development that shifts security and functional safety analysis from reactive runtime mechanisms to proactive by-design validation.
- A novel integration of LLMs with Model-Driven Engineering (MDE), grounding LLM-assisted topology design and management-code reasoning in formally verifiable models to enhance trust and explainability.
- An activity-diagram-based modeling approach with formal semantics to capture control flows, decision points, and interactions among IoT devices, edge nodes, and network management components.
- A design-time security analysis framework combining MDE with Object Constraint Language (OCL) rules to enable explainable detection of misconfigurations, policy violations, and potential vulnerabilities prior to deployment.
- Evaluation using representative IoT and mobile network management scenarios, including both locally deployable and proprietary solutions, demonstrating improved effectiveness and reduction in detection and corrective action time.
2. Materials and Methods
2.1. Related Works
2.2. Background
2.3. LLM-Based Network Management Code Analysis
2.4. Secure Topology by Design
2.5. Workflow Implementation
- -
- constructMetamodel operates on the freeform text about reference architecture and scales linearly with the number of architectural requirements, yielding a complexity of O(RefReq).
- -
- constructSystem processes freeform textual requirements and the metamodel to generate an instance model, with complexity O(Req), assuming that the metamodel is fixed at the point of observation.
- -
- construct(Safety/Security)Rules translates textual safety and security guidelines into rules, scaling linearly with the number of input textual rule definitions, O(R).
- -
- analyzeScript parses YANG scripts and constructs activity representations, with complexity proportional to the number of activities, O(A).
- -
- checkRules validates extracted behavior against predefined rules. Since each rule may require scanning the activity set, this step dominates the workflow with O(R × A) complexity.
- -
- analyzeValues evaluates configuration or operational parameters against constraints, scaling linearly with the number of parameters, O(P).
- -
- currentBehaviorModel and currentMetamodel generate visual representations from existing models and scale linearly with model size, O(A) and O(M), respectively.
3. Results
3.1. Functional Safety Analysis Case Study
- -
- Scenario 1: Gateway ignores device failure reports and continues normal data forwarding instead of issuing an alert.
- -
- Scenario 2: Gateway issues alerts based on messages from a non-existent or disabled network interface (e.g., LoRaWAN), while only Wi-Fi sensors are active.
- -
- Scenario 3: Gateway sends an alert even though no failure has yet been detected by either network.
- -
- Scenario 4: The service scales down available compute resources even though the number of users increases, degrading performance instead of stabilizing it.
- -
- Scenario 5: Premature configuration updates can cause unexpected downtime due to unnecessary restarts or reinitialization.
3.2. Secure Topology by Design Case Study
- -
- Field Device: Generates operational data and exposes a local control interface.
- -
- Edge Gateway: Aggregates traffic from multiple field devices and performs protocol translation.
- -
- Control Service: Provides centralized control and orchestration functions.
- -
- Management Server: Performs configuration management, monitoring, and software updates.
- -
- External Analytics Service: Receives telemetry data for analysis.
- -
- Network Domains
- ○
- Local Domain: trusted internal communication;
- ○
- Edge Domain: partially trusted aggregation layer;
- ○
- Core Domain: centralized control and management;
- ○
- External Domain: untrusted third-party services.
3.3. Experiments and Evaluation
4. Discussion
4.1. Quantitative Aspects
4.2. Qualitative Aspects
- -
- Focus on design-time vs. run-time: While contemporary research (such as [19,20,23]) focuses almost exclusively on runtime detection and mitigation, we target the early development phase of IoT and network management systems. This allows for the earlier detection of security flaws before a system is even deployed, ensured by its design itself.
- -
- Integration of formal methods (MDE and rule-based validation): The framework is novel in its synergy of LLMs with MDE rule validation mechanisms based on notations like OCL. By using LLMs to generate system model instances and then validating them against formal OCL rules, this research adds a verifiable intermediate layer that enhances transparency and human trust in AI-generated outputs.
- -
- Semantic gap in existing architectures: While papers like [19,22] bridge the semantic gap for human operators at runtime, this work aims to bridge the gap between informal textual requirements and formal technical artifacts (like YANG modules and NETCONF payloads) required for infrastructure deployment.
- -
- Safety-critical reliability: This paper addresses a gap in functional safety analysis, ensuring that IoT systems behave predictably and move to safe states during accidental failures, not just intentional cyberattacks.
4.3. Limitations
5. Conclusions
Author Contributions
Funding
Data Availability Statement
Acknowledgments
Conflicts of Interest
Abbreviations
| AI | Artificial Intelligence |
| API | Application Programming Interface |
| DRL | Deep Reinforcement Learning |
| EMF | Eclipse Modeling Framework |
| HTTPS | HyperText Transfer Protocol Secure |
| GenAI | Generative Artificial Intelligence |
| IoT | Internet of Things |
| ISAC | Integrated Sensing and Communication |
| JSON | JavaScript Object Notation |
| LLM | Large Language Model |
| LoRaWAN | Long-Range Wide-Area Network |
| MDE | Model-Driven Engineering |
| NOC | Network Operations Center |
| NETCONF | Network Configuration Protocol |
| NFV | Network Function Virtualization |
| NLP | Natural Language Processing |
| OCL | Object Constraint Language |
| QoS | Quality of Service |
| RAG | Retrieval-Augmented Generation |
| RPC | Remote Procedure Call |
| REST | Representational State Transfer |
| SDN | Software Defined Networking |
| SSH | Secure Shell |
| UML | Unified Modeling Language |
| VLM | Vision Language Model |
| YANG | Yet Another Next Generation |
| XAI | Explainable Artificial Intelligence |
| XML | Extensible Markup Language |
Appendix A
Appendix A.1
| Example of generated YANG module for security by design case study. |
| module secure-communication-model { |
| namespace "urn:secure-communication"; |
| prefix scm; |
| organization "Elfak"; |
| description |
| "YANG model enforcing secure communication and management |
| for distributed telecommunications systems."; |
| container communication { |
| list link { |
| key "link-id"; |
| leaf link-id { |
| type string; |
| description "Unique identifier of the communication link."; |
| } |
| leaf protocol { |
| type enumeration { |
| enum HTTPS; |
| enum NETCONF; |
| } |
| description "Approved communication protocol."; |
| } |
| leaf encrypted { |
| type boolean; |
| must ". = 'true'" { |
| description |
| "All non-local communication must be encrypted."; |
| } |
| description "Indicates whether encryption is enabled."; |
| } |
| leaf domain { |
| type enumeration { |
| enum Local; |
| enum Edge; |
| enum Core; |
| enum External; |
| } |
| description "Trust domain of the communication link."; |
| } |
| leaf role { |
| type enumeration { |
| enum Data; |
| enum Control; |
| enum Management; |
| enum Telemetry; |
| } |
| description "Functional role of the communication link."; |
| } |
| must "not(protocol = 'HTTPS' and role = 'Management')" { |
| description |
| "Management communication must not use HTTPS."; |
| } |
| must "(role != 'Management') or (protocol = 'NETCONF')" { |
| description |
| "Management communication must use NETCONF."; |
| } |
| } |
| } |
| } |
Appendix A.2
| Generated NETCONF payload for security by design case study. |
| <rpc message-id="101" |
| xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> |
| <edit-config> |
| <target> |
| <running/> |
| </target> |
| <config> |
| <communication xmlns="urn:example:secure-communication"> |
| <link> |
| <link-id>control-link</link-id> |
| <protocol>HTTPS</protocol> |
| <encrypted>true</encrypted> |
| <domain>Edge</domain> |
| <role>Control</role> |
| </link> |
| <link> |
| <link-id>management-link</link-id> |
| <protocol>NETCONF</protocol> |
| <encrypted>true</encrypted> |
| <domain>Core</domain> |
| <role>Management</role> |
| </link> |
| <link> |
| <link-id>telemetry-link</link-id> |
| <protocol>HTTPS</protocol> |
| <encrypted>true</encrypted> |
| <domain>External</domain> |
| <role>Telemetry</role> |
| </link> |
| </communication> |
| </config> |
| </edit-config> |
| </rpc> |
References
- Bariah, L.; Zhao, Q.; Zou, H.; Tian, Y.; Bader, F.; Debbah, M. Large generative AI models for telecom: The next big thing? IEEE Commun. Mag. 2024, 62, 84–90. [Google Scholar] [CrossRef]
- Ranjani, H.G.; Prabhudesai, R. Measuring visual understanding in telecom domain: Performance metrics for image-to-UML conversion using VLMs. arXiv 2025, arXiv:2509.11667. [Google Scholar]
- Zhang, R.; Du, H.; Liu, Y.; Niyato, D.; Kang, J.; Sun, S.; Shen, X.; Poor, H.V. Interactive AI with retrieval-augmented generation for next generation networking. IEEE Netw. 2024, 38, 414–424. [Google Scholar] [CrossRef]
- Petrović, N.; Al-Azzoni, I. Model-driven smart contract generation leveraging ChatGPT. In Advances in Systems Engineering, Proceedings of the ICSEng 2023, Las Vegas, NV, USA, 22–24 August 2023; Lecture Notes in Networks and Systems; Springer: Cham, Switzerland, 2023; Volume 761, pp. 387–396. [Google Scholar]
- Hosseini, S.; Seilani, H. The role of agentic AI in shaping a smart future: A systematic review. Array 2025, 26, 100399. [Google Scholar] [CrossRef]
- Suljović, S.; Petrović, N.; Vujović, V.; Milašinović, M.; Đorđević, G.; Stefanović, R. AI agent-driven maintenance: Case study of outage probability for 5G wireless system with L-branch SC receiver influenced by Rician fading and Rician co-channel interference. In Proceedings of the 2025 12th International Conference on Electrical, Electronic and Computing Engineering (IcETRAN), Cacak, Serbia, 9–12 June 2025; pp. 1–5. [Google Scholar]
- Sebestyen, H.; Popescu, D.E.; Zmaranda, R.D. A Literature Review on Security in the Internet of Things: Identifying and Analysing Critical Categories. Computers 2025, 14, 61. [Google Scholar] [CrossRef]
- Tomur, E.; Gül, A.; Aydın, M.A.; Erdin, E. SoK: Investigation of Security and Functional Safety in Industrial IoT. In Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience (CSR), Rhodes, Greece, 26–28 July 2021; pp. 226–233. [Google Scholar] [CrossRef]
- Bovenzi, G.; Cerasuolo, F.; Ciuonzo, D.; Di Monda, D.; Guarino, I.; Montieri, A.; Persico, V.; Pescapé, A. Mapping the landscape of generative AI in network monitoring and management. IEEE Trans. Netw. Serv. Manag. 2025, 22, 2441–2472. [Google Scholar] [CrossRef]
- Hao, L.; Zhang, S.; Schulzrinne, H. Advancing IoT system dependability: A deep dive into management and operation plane separation. In Proceedings of the 2025 IEEE 11th World Forum on Internet of Things (WF-IoT), Chengdu, China, 27–30 October 2025; pp. 1–6. [Google Scholar] [CrossRef]
- Suljović, S.; Petrović, N.; Krstić, D. GenAI-enabled network design for the case of the outage probability of a Beaulieu-Xie wireless fading environment with maximal ratio combining. In Proceedings of the 67th International Symposium ELMAR-2025, Zadar, Croatia, 15–17 September 2025; pp. 205–208. [Google Scholar]
- Petrović, N.; Suljović, S.; Đorđević, S.; Vujović, V.; Stokić, I. RAG-enriched approach to network standardization: MGF-based calculation of average bit error probability in Nakagami-m fading environment with selection diversity receiver case study. In Proceedings of the 2024 59th International Scientific Conference on Information, Communication and Energy Systems and Technologies (ICEST), Sozopol, Bulgaria, 1–3 July 2024; pp. 1–4. [Google Scholar]
- Petrović, N.; Vujović, V.; Zdravković, N.; Suljović, S.; Đorđević, G.; Đorđević, S. Metamodeling for network experimentation: ABEP of SC diversity with L branches under the combined effects of Rayleigh fading and BX co-channel interference in WCN case study. In Proceedings of the 24th International Symposium INFOTEH-JAHORINA (INFOTEH), Jahorina, Sarajevo, Bosnia and Herzegovina, 19–21 March 2025; pp. 1–6. [Google Scholar]
- Milić, D.; Petrović, N.; Jović, M.; Stefanović, R.; Saliji, M.; Suljović, E. VLM-enabled network experimentation: Case study of channel capacity in system limited by η-μ fading. In Proceedings of the 2025 24th International Symposium INFOTEH-JAHORINA (INFOTEH), Jahorina, Sarajevo, Bosnia and Herzegovina, 19–21 March 2025; pp. 1–5. [Google Scholar]
- Petrović, N.; Krstić, D.; Suljović, S.; Javor, D. LLM-driven approach to automated sustainability of IoT systems. In Proceedings of the 2025 IEEE 34th International Conference on Microelectronics (MIEL 2025), Nis, Serbia, 13–16 October 2025; pp. 1–4. [Google Scholar]
- Petrović, N.; Krstić, D.; Suljović, S.; Hanczewski, S.; Glabowski, M. Agent-based AI approach to security in IoT systems leveraging GenAI. In Proceedings of the 33rd International Conference on Software, Telecommunications, and Computer Networks (SoftCOM 2025), Split, Croatia, 18–20 September 2025; pp. 1–5. [Google Scholar]
- Krstić, D.; Suljović, S.; Djordjevic, G.; Petrović, N.; Milić, D. MDE and LLM synergy for network experimentation: Case analysis of wireless system performance in Beaulieu–Xie fading and κ–µ cochannel interference environment with diversity combining. Sensors 2024, 24, 3037. [Google Scholar] [CrossRef] [PubMed]
- Rigaki, M.; Catania, C.; Garcia, S. Hackphyr: A Local Fine-Tuned LLM Agent for Network Security Environments. arXiv 2024, arXiv:2409.11276v1. [Google Scholar] [CrossRef]
- Baral, S.; Saha, S.; Haque, A. An Adaptive End-to-End IoT Security Framework Using Explainable AI and LLMs. In Proceedings of the 2024 IEEE 10th World Forum on Internet of Things (WF-IoT), Ottawa, ON, Canada, 10–13 November 2024. [Google Scholar]
- Gutiérrez-Galeano, L.; Domínguez-Jiménez, J.-J.; Schäfer, J.; Medina-Bulo, I. LLM-Based Cyberattack Detection Using Network Flow Statistics. Appl. Sci. 2025, 15, 6529. [Google Scholar] [CrossRef]
- Diaf, A.; Korba, A.A.; Karabadji, N.E.; Ghamri-Doudane, Y. BARTPredict: Empowering IoT Security with LLM-Driven Cyber Threat Prediction. In Proceedings of the GLOBECOM 2024—2024 IEEE Global Communications Conference, Cape Town, South Africa, 8–12 December 2024; pp. 1239–1244. [Google Scholar] [CrossRef]
- Mahmood, M.A.I.; Ashab, F.; Sohan, M.S.; Chy, M.H.I.; Kader, M.F. LLM-Enhanced Security Framework for IoT Network: Anomaly Detection and Malicious Devices Identification. IEEE Access 2025, 13, 168405–168419. [Google Scholar] [CrossRef]
- Otoum, Y.; Asad, A.; Nayak, A. LLM-Based Threat Detection and Prevention Framework for IoT Ecosystems. arXiv 2025, arXiv:2505.00240. [Google Scholar]
- IETF RFC 7950; Bjorklund, M. YANG—A Data Modeling Language for the Network Configuration Protocol (NETCONF). RFC Editor: Marina del Rey, CA, USA, 2016.
- IETF RFC 6241; Enns, R.; Bjorklund, M.; Schoenwaelder, J.; Bierman, A. Network Configuration Protocol (NETCONF). RFC Editor: Marina del Rey, CA, USA, 2011.
- OpenJS Foundation. Node-RED: Low-Code Programming for Event-Driven Applications: The Easiest Way to Collect, Transform and Visualize Real-Time Data. Available online: https://nodered.org/ (accessed on 9 February 2026).
- Petrovic, N.; Tosic, M. SMADA-Fog: Semantic Model Driven Approach to Deployment and Adaptivity in Fog Computing. Simul. Model. Pract. Theory 2020, 101, 102033. [Google Scholar] [CrossRef]
- Node-RED Flow Library. @technithusiast/node-red-contrib-ai-intent. Available online: https://flows.nodered.org/node/@technithusiast/node-red-contrib-ai-intent (accessed on 28 December 2025).
- OpenAI. Introducing GPT-5; OpenAI: San Francisco, CA, USA, 2025; Available online: https://openai.com/index/introducing-gpt-5/ (accessed on 26 December 2025).
- Meta. Meta-Llama/LLaMA-3.3-70B-Instruct; Meta Platforms, Inc.: Menlo Park, CA, USA, 2024; Available online: https://huggingface.co/meta-llama/Llama-3.3-70B-Instruct (accessed on 26 December 2025).
- Petrović, N.; Vasić, S.; Milić, D.; Suljović, S.; Koničanin, S. GPU-supported simulation for ABEP and QoS analysis of a combined macro diversity system in a gamma-shadowed κ–µ fading channel. Facta Univ. Ser. Electron. Energetics 2021, 34, 89–104. [Google Scholar] [CrossRef]
- Reimers, N.; Gurevych, I. Sentence-BERT: Sentence Embeddings Using Siamese BERT-Networks. Available online: https://huggingface.co/sentence-transformers/all-MiniLM-L6-v2 (accessed on 28 December 2025).
- Wang, W.; Wei, F.; Dong, L.; Bao, H.; Yang, N.; Zhou, M. MiniLM: Deep Self-Attention Distillation for Task-Agnostic Compression of Pre-Trained Transformers. In Proceedings of the 34th Conference on Neural Information Processing Systems (NeurIPS 2020), Online, 6–12 December 2020; Curran Associates Inc.: Red Hook, NY, USA, 2020. Article No. 485. Volume 1, pp. 5776–5788. [Google Scholar]
- Cross-Encoder for MS Marco. Available online: https://huggingface.co/cross-encoder/ms-marco-MiniLM-L-6-v2 (accessed on 9 February 2026).
- Ma, Z.; Liang, Y.; Zhu, Q.; Zheng, J.; Lian, Z.; Zeng, L.; Fu, C.; Peng, Y.; Ai, B. Hybrid-RIS-assisted cellular ISAC networks for UAV-enabled low-altitude economy via deep reinforcement learning with mixture-of-experts. IEEE Trans. Cogn. Commun. Netw. 2026, 12, 3875–3888. [Google Scholar] [CrossRef]
- Ma, Z.; Zhang, R.; Ai, B.; Lian, Z.; Zeng, L.; Niyato, D. Deep reinforcement learning for energy efficiency maximization in RSMA-IRS-assisted ISAC systems. IEEE Trans. Veh. Technol. 2025, 74, 18273–18278. [Google Scholar] [CrossRef]





| Ref. | Approach | Goal | Case/Application |
|---|---|---|---|
| S. Suljović et al., 2025 [6], IcETRAN | AI agent-driven | Reduce negative Pout impact in 5G wireless systems | L-branch SC receiver under Rician fading and co-channel interference |
| S. Suljović et al., 2025, [11]. ELMAR | GenAI-enabled network design | Optimize outage probability | Beaulieu–Xie wireless fading environment with maximal ratio combining |
| N. Petrović et al., (2024) [12], ICEST | RAG-enriched LLM workflow | Impose network standardization | ABEP in Nakagami-m fading with selection diversity receiver |
| N. Petrović et al., (2025) [13], INFOTEH | Metamodeling | Support network experimentation and performance evaluation | ABEP of SC diversity with L branches under Rayleigh fading and BX co-channel interference |
| D. Milić et al., (2025) [14], INFOTEH | VLM-enabled | Improve network performance based on performance and topology diagrams | Channel capacity estimation in η-μ fading environment |
| N. Petrović et al., (2025) [15], MIEL | LLM-driven | Automate sustainability operations | IoT systems automation and sustainability management |
| N. Petrovic et al., (2025) [16], SoftCOM | Agent-based AI + GenAI | Enhance IoT security and resilience | Security management in IoT systems leveraging generative AI |
| D. Krstić et al., (2024) [17], Sensors | MDE + LLM | Network experimentation and design automation | Beaulieu–Xie fading and κ–µ cochannel interference |
| Ref | Approach | Goal | Case/Application | Used Models |
|---|---|---|---|---|
| M. Rigaki et al. (2024) [18] | Locally fine-tuned LLM agent designed for specialized cybersecurity tasks | Autonomous red-team agents to test network defenses and uncover vulnerabilities in dynamic environments | The NetSecGame network security simulation environment | Hackphyr (fine-tuned Zephyr-7b-β), GPT-4, GPT-3.5-turbo, and Claude |
| S. Baral et al. (2024) [19] | Integration of machine learning, Explainable Artificial Intelligence (XAI) and LLMs to clarify decision-making characteristics | Improving the transparency and interpretability of IoT attack detection through human-understandable narratives | Network Intrusion Detection and Response Framework (NIDRF) for real-time IoT security | Random Forest, SHAP, LIME, Gemini, OpenAI LLMs, and Llama 2 |
| L. Gutiérrez-Galeano et al. (2025) [20] | Fine tuning an encoder–decoder LLM by transforming numerical flow features into a unique abstract artificial language | Anomaly-based cyberattack detection using statistics from finished network flows | A general Network Intrusion Detection System (NIDS) validated on standard datasets like CIC-IDS-2017 and CSE-CIC-IDS-2018 | T5 (Text-to-Text Transfer Transformer) |
| A. Diaf et al. (2024) [21] | LLM-driven proactive framework using autoregressive and bidirectional contextual understanding | Anticipating and preemptively mitigating malicious activities before damage occurs | BARTPredict: An intrusion prediction framework for IoT packet-level analysis | BART (for prediction/classification) and BERT (for evaluation) |
| M. A. I. Mahmood et al. (2025) [22] | Hybrid framework combining unsupervised/supervised ML and LLM-generated decision scores | Bridging the semantic gap between system outputs and operators while identifying malicious devices | Anomaly detection and device identification for resource-constrained IoT networks | Isolation Forest, Random Forest, and GPT-4o mini |
| Y. Otoum et al. (2025) [23] | Lightweight fine-tuned LLMs integrated with a rule-based prevention component | Enabling autonomous threat response and real-time mitigation without human intervention | Modular Docker-based deployment for scalable and reproducible IoT ecosystem security | BERT Small, BERT Mini, TinyBERT, and Decision Tree |
| API Call | HTTP Method | Input Data | Output Data |
|---|---|---|---|
| constructMetamodel | POST | Reference architecture | Metamodel |
| constructSystem | POST | Requirements and metamodel | Instance model |
| constructSecurityRules | POST | Security guidelines | OCL rules |
| constructSafetyRules | POST | Safety guidelines freeform text | Simple before/after rules ai before/after a2 |
| analyzeScript | POST | YANG script | PlantUML activity diagram code |
| checkRules | POST | Rule definitions | Compliance checklist |
| analyzeValues | POST | NETCONF or YANG script | Extracted parameters and pass/fail evaluation report |
| currentBehaviorModel | GET | — | PNG of PlantUML activity diagram |
| currentMetamodel | GET | — | PNG of PlantUML class diagram |
| Scenario | Rules | Goal |
|---|---|---|
| 1 | alert after device-failure-reported AND forwarding before device-failure-reported | A failure alert must be issued after a device-failure report is received, and forwarding may continue only before such a failure report. |
| 2 | (alert after interface-failure-detected) AND (interface-sense before interface-failure-detected) AND (interface is active) | Alerts may be produced only after a failure event is detected on an enabled interface, and sensing must occur on active interfaces only. |
| 3 | alert after wifi-failure-detected OR alert after lorawan-failure-detected | An alert may occur only after at least one network (Wi-Fi or LoRaWAN) reports a failure. |
| 4 | (scale-up after user-increase OR scale-up after performance-drop) AND (scale-down before user-increase AND scale-down before performance-drop) | Scaling actions must match load conditions:
|
| 5 | (config-update after update-scheduled) AND (system-idle before config-update) | Configuration updates should occur only when a valid update event is scheduled and dependent components are in a safe state (idle or maintenance). |
| ID | Security Risk Description | Affected Communication | OCL Constraint (Conceptual Form) | Security Objective |
|---|---|---|---|---|
| R1 | Control communication uses HTTP without encryption | Gateway–Control Service | protocol = ‘HTTP’ ⇒ encrypted = true | Protect confidentiality and integrity of control traffic |
| R2 | Management communication uses SNMP without security extensions | Gateway–Management Server | protocol = ‘SNMP’ ⇒ false | Disallow insecure management protocols |
| R3 | Cross-domain communication is not consistently encrypted | Cross-domain links | domain ≠ ‘Local’ ⇒ encrypted = true | Enforce encryption across trust boundaries |
| R4 | Protocol usage is not aligned with component roles | All components | role = ‘Manager’ ⇒ protocol = ‘NETCONF’ | Ensure protocol–role consistency |
| Aspect | Success Criteria | GPT-5 | LLaMA 3.3 70B Instruct | Speed-Up | Performance |
|---|---|---|---|---|---|
| NETCONF/YANG mapping | Correctly identifies the NETCONF RPC, YANG module, container/list, and leaf values explicitly used in the code | Correctly identifies NETCONF RPCs and maps YANG data nodes to configuration and operational parameters with minimal ambiguity. | Identifies most NETCONF RPCs and YANG nodes correctly, but occasionally produces redundant or loosely scoped node–value mappings. | 6–8× times | GPT (20): 95% LLaMA (20): 85% GPT (40): 90% LLaMA (40): 75% |
| YANG state mapping | Correctly maps configuration and operational state accesses to canonical YANG data tree paths | Accurately maps configuration and operational state changes to standardized YANG data tree paths. | Provides partial YANG state mappings; some model-specific nodes require manual correction or normalization. | 8–10× times | GPT (20): 100% LLaMA (20): 100% GPT (40): 95% LLaMA (40): 90% |
| Functional safety analysis | Correctly detects all violations or confirms correctness for all safety and consistency rules | Consistently reconstructs correct causal chains (such as configure → validate → apply → monitor → rollback → audit) aligned with predefined consistency and safety rules. | Captures primary event orderings but may miss dependency or ordering constraints in complex validation rules. | 9–12× times | GPT: S1–90%, S2–95%, S3–100%, S4–95%, S5–95%, S6–90% LLaMA: S1–80%, S2–85%, S3–80%, S4–75%, S5–80%, S6–75% |
| Corrective action generation | Generates a correct and executable fix for the detected issue | Generates precise, executable remediation actions mapped to specific YANG modules and data nodes (e.g., NETCONF edit-config operations and constraint-aware rollbacks). | Produces high-level or partially specified corrective actions; YANG module references may be incomplete and require manual refinement. | 10–15× times | GPT: 90% LLaMA: 75% |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2026 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license.
Share and Cite
Petrovic, N.; Krstic, D.; Głąbowski, M. LLM-Driven Approach for Safe and Secure Network Management by Design in IoT-Based Systems. Symmetry 2026, 18, 337. https://doi.org/10.3390/sym18020337
Petrovic N, Krstic D, Głąbowski M. LLM-Driven Approach for Safe and Secure Network Management by Design in IoT-Based Systems. Symmetry. 2026; 18(2):337. https://doi.org/10.3390/sym18020337
Chicago/Turabian StylePetrovic, Nenad, Dragana Krstic, and Mariusz Głąbowski. 2026. "LLM-Driven Approach for Safe and Secure Network Management by Design in IoT-Based Systems" Symmetry 18, no. 2: 337. https://doi.org/10.3390/sym18020337
APA StylePetrovic, N., Krstic, D., & Głąbowski, M. (2026). LLM-Driven Approach for Safe and Secure Network Management by Design in IoT-Based Systems. Symmetry, 18(2), 337. https://doi.org/10.3390/sym18020337

