Secure-by-Containment Architectures for Agentic AI in OT/ICS Environments
Akinde Michael Ogunmolu
*
Concordia University Texas, 11400 Concordia University Drive, Austin, TX 78726, United States of America.
Oluwadayo Mafolasere Olaniyi
University of the Cumberlands, 6178 College Station Drive, Williamsburg, KY 40769, United States of America.
Cornelia Ifeoma Ejoh
University of the District of Columbia, 4200 Connecticut Ave NW, Washington, DC 20008, United States of America.
Adebayo Yusuf Balogun
University of Tampa, 401 W Kennedy Blvd, Tampa, FL 33606, United States of America.
Seun Michael Oyekunle
Ekiti State University, Ado-Iworoko Road, P.M.B. 5363, Ado-Ekiti, Ekiti State, Nigeria.
*Author to whom correspondence should be addressed.
Abstract
This study proposes and quantitatively evaluates a secure-by-containment architectural framework for deploying agentic artificial intelligence (AI) within operational technology and industrial control system (OT/ICS) environments. Agentic AI systems introduce autonomous planning and decision-making capabilities into cyber-physical infrastructures, creating new risks when deployed in safety-critical control environments that require deterministic and predictable behavior. To address this challenge, the study introduces containment as a first-class architectural security property that structurally limits an AI agent’s decision authority, operational scope, and propagation influence within industrial control architectures. The framework is evaluated using publicly available industrial control system datasets, including the ICS Gas Pipeline dataset, the Oak Ridge PowerCyber testbed dataset, the NIST Special Publication 800-82 control catalog, and the Tennessee Eastman Process dataset. A four-phase analytical methodology is implemented consisting of: cyber-physical risk quantification using the Process Impact Deviation Index (PIDI), Risk Severity Score (RSS), and Multi-Variable Escalation Index (MVEI); graph-theoretic containment modeling using betweenness centrality and the Containment Strength Score (CSS); standards alignment analysis through the Standards Coverage Quantification Index (SCQI); and scenario-based resilience evaluation using Mean Time to Hazard (MTH), Process Deviation Area (PDA), and Safety Threshold Violations (STV). The results demonstrate that secure-by-containment architectures substantially reduce systemic exposure in OT/ICS environments. Full containment reduced structural influence by 75.1% (CSS = 0.751), achieved 84.1% coverage of applicable NIST SP 800-82 security controls, increased mean time to hazard by 212%, and reduced cumulative process deviation by 73% during simulated attack scenarios. These findings demonstrate that architectural containment can materially improve cyber-physical resilience while maintaining compatibility with established industrial security standards. The study contributes to the emerging field of AI governance for cyber-physical systems by translating high-level governance principles into enforceable architectural constraints. The results support embedding decision-authority containment mechanisms into OT/ICS security architectures and recommend integrating containment requirements into industrial cybersecurity standards, regulatory validation frameworks, and responsible AI governance models for critical infrastructure environments.
Keywords: Secure-by-containment architecture, agentic artificial intelligence, industrial control systems security, architectural containment modeling, cyber-physical resilience metrics