The convergence of Industrial Control Systems (ICS) and Operational Technologies (OT) with 5G networks introduces complex cyber-physical infrastructures with dynamic topologies, high interconnectivity, and missioncritical latency requirements. Traditional risk assessment methods are inadequate in this situation because they do not consider the possibility of cascading failures among closely related system components. This paper proposes a cyber risk assessment approach based on functional dependency graphs, which model interdependencies among assets, processes, and communication flows in ICS/OT environments enabled by 5G. The suggested framework supports impact scoring based on graph-theoretic metrics, vulnerability propagation modeling, dependency graph construction, and passive and active data collection.
The integration of fifth-generation (5G) technologies into industrial control systems (ICS) and operational technology (OT) environments is facilitating the transition to digitalization, automation, and the implementation of Industry 4.0 concepts. The main advantages of using 5G in industrial systems are support for high connection density (mMTC), ultra-reliable and low latency communication (URLLC), and extended bandwidth (eMBB).
However, the combination of ICS/OT and 5G brings new cybersecurity challenges. Unlike traditional isolated ICS/OT networks, modern hybrid architectures are characterized by a high degree of component interdependence, dynamically changing topology, and virtualization of network functions. This expands the attack surface and complicates the identification of vulnerabilities, especially those that can cause cascading failures.
Most modern vulnerability assessment solutions are focused on analyzing individual assets and do not take into account the functional dependency between ICS/OT components and 5G network elements. This approach does not allow for the full identification of ways of cybersecurity threats spreading and assessing the risks arising from the structural interdependence of systems.
This paper proposes the development of a functional dependency graph module for a vulnerability scanning system in ICS/OT 5G-enabled networks. The proposed approach allows for the dynamic modeling of the dependencies between assets, assessing cascading risks, and prioritizing identified vulnerabilities based on the topological characteristics and criticality of infrastructure elements.
ICS and OT have long been designed as isolated, closed environments focusing on reliability rather
than security. Traditionally, security was provided by physical access restrictions and a stable network
topology [
With the growing role of IP connections and remote management, ICS/OT environments are
increasingly exposed to typical IT cybersecurity threats to which these systems were not originally adapted.
Paper [
To mitigate risks, some studies focus on traditional protection methods, such as segmentation,
access restrictions, and software updates. For example, [
The network’s expansion by connecting many sensors and devices in the IIoT environment, combined
with 5G characteristics such as URLLC, MEC, and slicing, creates situations where classical risk
assessment approaches lose their efectiveness. In [
A more in-depth analysis of 5G security in an industrial context is provided in [
The topic of modeling OT network structures is also reflected in [
In [
Practical aspects of 5G integration into critical infrastructure are analyzed in [
A separate area concerns trafic analysis in heterogeneous networks. A neural model for recognizing
modulation types in 5G networks is presented in [
In [
Thus, although existing research covers certain aspects, such as slice security, trafic modeling, or access control, it does not address the key problem: the lack of a formalized model of functional dependencies between OT elements and virtualized 5G components that would allow modeling the propagation of risks in time and space. This creates the need to build a new apparatus for assessing threats in such hybrid networks.
An analysis of scientific research has shown that despite the rapid growth of 5G integration into ICS/OT environments, existing approaches to cybersecurity risk assessment remain largely fragmented. Most available tools focus on identifying vulnerabilities of individual assets or use static risk models that do not consider the specifics of 5G architecture. In particular, new risks arise from the complex interaction of virtualized network functions (VNFs), massive connectivity of IIoT devices, the use of MEC technologies, and slice-based access logic.
The lack of formalized approaches that allow modeling functional dependencies between ICS/OT processes, 5G network services, and virtual components is particularly critical. Such dependencies determine how risks propagate in the system - in time, through interaction logic, or shared resources. Without a model that considers these aspects, it is impossible to accurately assess the cascading impact, criticality of nodes, and response priority.
Thus, this research paper aims to develop a methodology for formalizing functional dependency graphs (FDGs) for use in quantifying cyber risks in hybrid 5G-enabled ICS/OT networks.
To achieve this goal, the following research objectives should be solved: 1. To conduct an analysis of existing approaches to modeling risks and dependencies in ICS/OT networks and 5G environments, identifying their limitations in terms of intercomponent interaction. 2. To define requirements for the functional dependency graph in the context of 5G-enabled ICS/OT, including types of links, node categories, temporal properties, and asset criticality. 3. To develop a formal mathematical model of FDG that describes the functional relationships between system elements and allows tracking risk transformation in dynamics. 4. To integrate the FDG into a risk assessment model that calculates system-level metrics, identifies critical nodes and threat propagation trajectories, and prioritizes response measures.
Modern approaches to analyzing cybersecurity risks and interconnection dependencies in ICS/OT networks and 5G environments have been developed in isolation, leading to the lack of comprehensive solutions for hybrid architectures. This section systematizes the main research directions and identifies their limitations in the context of structural interaction, timing characteristics, and cascading efects.
In traditional ICS/OT systems, risk analysis is based on the following approaches:
• signature-based threat detection methods (e.g., Snort, Bro) adapted to industrial protocols (Modbus,
DNP3). They are efective for known attacks but do not consider functional dependencies between
process components [
In 5G networks, threats are associated with virtualized functions, APIs, dynamic slices, and MEC applications. Existing approaches mainly focus on these aspects:
• vulnerability analysis of APIs, orchestrators, and configurations in VNFs [ 22] allows for identifying individual threats. Still, it does not allow assessing their impact on other components, particularly in the OT layer; • graph-based policy compliance frameworks that provide access control based on dependencies between services [23], but do not cover physical infrastructure or industrial processes; • assessment of slice isolation and cross-slice attack vectors [24], which demonstrates threats in a virtual environment but does not analyze how changes in the 5G network afect critical OT assets; • ML/AI-based tools, such as GNN-based anomaly detection [25], can detect anomalies in trafic but do not provide an interpretable model of functional dependencies between system nodes.
The analysis allows us to identify several key limitations of existing approaches: • lack of an integrated representation of the hybrid ICS/OT+5G environment; • restrictions on the display of inter-node dependencies in the physical, logical, and service space; • ignoring the time dynamics of impact propagation (activation time, delay, duration); • inability to support cascading risk assessment that takes into account contextual interactions between ICS/OT and VNFs; • insuficient flexibility in graph structures adapted to slice, MEC, and IIoT dynamics [25, 26].
Current approaches provide a local risk assessment or a limited representation of the interaction logic between components. None of them allows for a formalized structure that can take into account: multi-level topology, temporal attributes, and criticality of assets in connection with technological management processes.
This creates a justified need to develop a functional dependency graph (FDG) that would combine the logic of interconnections, support impact propagation modeling, and form the basis of a systemic risk assessment.
The integration of 5G with ICS/OT creates a multi-level environment where components with diferent natures (physical, virtual, mobile) interact through functional dependencies. In such an environment, identifying and assessing cybersecurity risks requires an abstract but suficiently accurate representation of the relationships between components. For this purpose, we propose a functional dependency graph model that serves as a structural basis for further quantitative risk analysis. This section formalizes the basic requirements for such a model at the architectural and semantic levels. The general approach for this is shown in Figure 1.
In the context of 5G-integrated ICS/OT networks, the FDG nodes are classified by their functional role and origin, as shown in Figure 2.
ICS/OT components cover the classic elements of process control systems, such as programmable logic controllers (PLCs), human-machine interfaces (HMIs), sensors, SCADA servers, remote terminal units (RTUs), etc. These nodes are directly connected to the physical process and often have limited computing resources.
5G infrastructure includes hardware and software components of the fifth-generation mobile network, including base stations (gNB, CPE), network core functions (AMF, UPF, SMF), MEC servers with local applications, as well as orchestrators and API gateways. They implement network virtualization, trafic routing, and provide mobile connectivity for critical services.
IIoT/Edge devices and services encompass endpoint intelligent devices (e.g., autonomous sensors, industrial robots), as well as cloud-based analytics and visualization services. It also includes programs and systems that interact with the network through slides and process data in real time.
This classification serves as the basis for formalizing the FDG structure, allowing you to display all relevant elements of the hybrid environment and set rules for building inter-node functional dependencies in the subsequent mathematical model.
In the structure of a functional dependency graph, edges serve to formalize internode interactions that have functional, logical, or operational significance. The typology of edges determines the nature of the dependency between the system components and allows you to display its dynamic properties. Depending on the nature of the interaction, the following main types of functional links are distinguished, as shown in Figure 3.
Data Dependency occurs when one node (A) generates or transmits information that is critical to the functioning of another node (B). Such a dependency is typical for sensor monitoring scenarios, when data from the sensor is sent to the controller (Sensor → PLC), or process visualization (PLC → HMI).
Control Dependency occurs when one component determines the logic, state, or activation of another. For example, an MEC application can initiate an action by a device (MEC App → Actuator), or an SMF network element can control flows through UPF (SMF → UPF). Such dependencies are critical for the correct functioning of a distributed architecture.
Resource Coupling is a resource or physical dependency that is related to the use of a shared computing, network, or slice resource. In cases where several nodes use the same MEC server or UPF, an indirect functional dependency (IIoT1 → MEC ← IIoT2) occurs, which can become a source of cascading failures when a common resource is overloaded or attacked.
Temporal Constraint displays the constraints imposed by temporal characteristics, such as delay, refresh rate, and timeout duration. For example, the interaction between a sensor and a controller may require a delivery guarantee within 10 ms. Violation of the time parameters can lead to degradation of the control process or an emergency condition.
Logical or service connectivity (Functional Linkage) defines situations where multiple nodes implement the same logical or process flow. An example is components that are part of the same SCADA lfow or process route, even if there is no direct data or command transfer between them.
Each edge in the FDG is described by a set of semantic attributes, including: • direction of interaction (unidirectional → or reciprocal ↔); • type of dependency (data, control, resource, etc.); • reaction time or permissible delay (in milliseconds); • degree of functional impact (low, medium, high); • the possibility of degradation (with the loss of part of the functionality)..
To enable quantitative analysis of cybersecurity risks in hybrid 5G-enabled ICS/OT environments, it is necessary to supplement the functional dependency graph with a system of semantic attributes. This metadata allows not only to identify the functional role of nodes and links, but also to assess the potential impact of a breach, the level of criticality, and the sensitivity of the system to attacks.
The main semantic attributes include: • Criticality: defines the degree of importance of a node to ensure the continuity of a technological or management process. The value can be assigned manually by an expert (e.g., based on HAZOP or PHA procedures) or determined automatically by analyzing the role of the node in the SCADA logic. Components with high criticality (e.g., a PLC or actuator in a safety chain) are prioritized in the risk assessment. • Trust Level: displays the level of trust in a component or source of interaction, which is key for modeling threats in mixed security environments. A low trust level can be assigned to external IIoT devices, third-party APIs, slice-tenants, or nodes with unknown security status. The attribute is used when modeling penetration or lateral movement scenarios. • Latency / Frequency: includes the communication parameters: maximum allowable latency and refresh rate. For real-time nodes (e.g., HMI - actuator) or critical URLLC networks, these attributes define the allowable window of influence within which an attack can lead to a technological failure. • Node Role: defines the primary purpose of a node in the information system, such as sensing, processing, storage, communication, control, and actuation. This classification allows you to analyze potential chains of influence, for example: sensor - processing - reaction. • Redundancy / Failover: indicates the presence of an alternate route or redundant component. If a node has redundancy (for example, a dual MEC server or multiple parallel sensors), its failure has a lower risk priority. This attribute is taken into account when modeling system resilience. • Impact Range: determines the scope or number of components that can be impacted if a node is compromised. For example, a compromise of a slice manager can afect dozens of IIoT applications.
This allows to assess the scale of cascading risk in a dynamic environment.
Designing a functional dependency graph for environments that integrate ICS/OT components with 5G infrastructure requires taking into account the multidimensional complexity of such integration. Given the increasing interdependence of physical, virtualized, and mobile elements, the FDG model must provide a formalized representation of relationships between components without losing semantic accuracy. Thus, it is possible to identify the following basic requirements: heterogeneity, dynamism, scalability, compatibility with data sources, and suitability for risk analysis.
One of the basic requirements is to support heterogeneity. The graph should unifiedly cover both physical objects (sensors, actuators, RTUs) and software-defined functions (VNFs, MEC services, cloud controllers). It is important that the model allows for a scalable representation of diferences in communication protocols, timing characteristics, and functional roles of nodes without reducing them to simplified types.
The next critical property is adaptability to network dynamics. The features of 5G infrastructures, including device mobility, dynamic slice creation, and real-time routing changes, require FDG to be able to incrementally update. For this purpose, the model must be integrated with telemetry sources, CMDBs, and orchestrator event streams, allowing the dependency structure to be updated without manual intervention.
Since real-world industrial deployments involve tens or hundreds of thousands of interconnected nodes, scalability is a must. The graph must support processing large amounts of data without performance degradation, using optimized data structures and the ability to compute on subgraphs with parallel processing.
It is also important to ensure interoperability with security and management systems. The FDG should have built-in mechanisms for interacting with SCADA, SIEM, CMDB, vulnerability scanners, and other tools that can automatically provide both structural and semantic information about system components. This will avoid manual filling of the graph and ensure its compliance with the actual state of the environment.
Moreover, the graph structure should be analytically suitable for risk assessment. This includes support for simulating the spread of threats, identifying critical nodes, analyzing chains of influence, and prioritizing response scenarios. The graph should serve not only as a visualization tool, but also as a basis for formalized scenario analysis that takes into account time constraints, the level of criticality of assets, and trust in sources of influence.
The formed model of the FDG functional dependency graph allows us to represent the structure of a hybrid ICS/OT-5G system as a set of links enriched with semantics and criticality. This creates the basis for further mathematical formalization and construction of the risk assessment model in the following sections. The approach allows to take into account the specifics of inter-network interaction, time dependence and dynamics of modern industrial environments.
In order to formalize the representation of interconnections in hybrid ICS/OT environments with integrated 5G infrastructure, it is proposed to use an oriented annotated dependency graph. Such a structure allows not only to display the functional topology of the system but also to set semantic attributes at each level necessary for further risk calculation and modeling of integrity violation scenarios.
Graph structure. A functional dependency graph is defined as a tuple:
= (, , Φ , Φ ), • = {1, 2, ..., }, a finite set of nodes, each of which corresponds to a component of the system; • ⊆ × , a set of oriented edges that define the direction of functional or resource influence; • Φ : → , nodes attribution function; • Φ : → , edges attribution function.
Nodes attribution. For each node ∈ , attribute vector is defined:
Φ () = (, , , , ) ,
• ∈ [
Edges attributes. For each edge, = (, ) ∈ a set of parameters is set:
Φ ( ) = ( , , , , ) ,
• ∈ , dependency type (Data, Control, Resource, Temporal, Functional);
• ∈ R+, time characteristic of communication;
• ∈ [
Formalization of risk spread. The risk transfer along the graph is described by the transformation operator: ( ) ← ( ) + · (
) · ( ) · (1 − ) · , • ( ), impact modifier depending on the type; • , level of trust in the node ; • , whether the risk is transferred in case of partial degradation.
Aggregated graph metrics • Total risk of the system: total = ∑︁ · ( ).
∈ • Depth of risk spread, the maximum length of the chain of influence; • Identification of critical nodes through the product of criticality, number of outgoing links, and edge weights:
( ) = · deg out()·¯ .
This approach provides the basis for further development of a risk assessment model that takes into account both the structural topology and semantic characteristics of nodes and links in a hybrid 5G-enabled environment.
This section introduces a formalized model for cyber risk quantification in hybrid 5G-enabled ICS/OT networks based on the previously defined Functional Dependency Graph (FDG). The model captures the semantics of intercomponent dependencies, component criticality, trust levels, timing constraints, and cascading efects. The proposed approach supports both static and dynamic risk assessment, enabling scenario-based propagation modeling.
Let the initial risk level for each node ∈ be defined as:
0() = () · · (1 − ),
• ∈ [
• () ∈ [
The propagation of risk across the graph is defined recursively. For a node at time , its updated risk ( ) = ( ) + −1 () · · (
) · (1 − ) · · ()
∑︁
∈pred()
(1)
(2)
(3)
(4)
with the following parameters:
• : normalized edge weight between and ,
• ( ): dependency type coeficient (e.g., Control, Data),
• () ∈ [
0() = 1. The propagation is iteratively evaluated over discrete time steps using: Let = {1 , . . . , } ⊂ denote a set of initially compromised nodes. For each , we initialize ︁(
︁) ()( ) = (−1) ( ), ∑︁ (−1) (pred( )) .
The cumulative risk evolution over time is captured by the matrix:
R ∈ R| |× , where each row corresponds to a node and each column corresponds to a discrete time step. This matrix captures the dynamics of threat evolution across the graph and allows for temporal analysis, such as identifying peak risk intervals, delay-sensitive propagation chains, and time-critical influence paths.
To support prioritization and mitigation, the following metrics are defined: • Accumulated Risk Score (ARS):
() = ∑︁ ()().
=1 This metric represents the total amount of risk that has been experienced or accumulated by node over the entire observation period . It integrates both direct exposure and indirectly propagated threats. ARS is useful for identifying persistently afected nodes, even if their instantaneous risk is low at any specific time. • Propagation Score (PS): () =
∑︁ ∈succ() · ( ) · (1 − ).
Propagation Score estimates the ability of a node to spread risk to its successors succ(). It takes into account the strength of outgoing functional dependencies ( ), the influence factor of the dependency type (( )), and the vulnerability of the target node (via 1 − ). High PS values indicate that the node is a potential amplifier of threats and may be critical in cascading scenarios. • Critical Impact Index (CII):
() = · ( ) · deg out().
The Critical Impact Index quantifies the strategic importance of node in terms of its intrinsic criticality (), cumulative risk over time (ARS), and structural outreach (number of outgoing edges). It identifies nodes whose compromise could have a high systemic efect, making them primary candidates for protection and redundancy planning.
These indices are used to identify high-impact nodes, centrality of propagation, and systemic exposure levels.
Risk can also be aggregated at the subsystem or full-system level: subgraph = ∑︁ (),
∈ system = ∑︁ (), ∈ where denotes the set of nodes in a specific subgraph (e.g., slice, physical zone, MEC region). (5) (6) (7) (8) (9)
The Functional Dependency Graph (FDG) will be implemented as a separate service module within the risk assessment system for 5G-integrated ICS/OT environments. The main function of the module will be to build an oriented graph = (, ), where the set of nodes represents assets and services (PLC, SCADA, MEC, UPF, etc.), and the edges are typed dependencies (data, control, resource, temporal, functional).
The initial formation of the graph will be done by aggregating data from several sources: • SCADA/IIoT telemetry, to identify technological connections; • CMDB/SIEM, for obtaining inventory, trust levels, and topology; • 5G Orchestrator APIs (e.g., OSM/ONAP), for extracting slice configurations, VNF connections, and mobile routes; • network monitoring, to dynamically update current interactions.
The graph will support real-time updates through an event-driven pipeline that responds to new devices, slice changes, MEC service activation, or flow switching. Nodes have semantic attributes: • () — criticality; • () — trust; • () — role in the process (e.g., sensing, control, actuation); • () — potential impact radius.
The edges ∈ are formed with attributes of the type () ∈ {data, control, resource, temporal, functional}, as well as metadata: delay, frequency, direction, possibility of degradation. To interact with the Risk Assessment Engine, the graph is exported as an adjacency matrix with dependency weights, which allows you to model risk propagation in the form of discrete dynamics on the graph.
The module will be implemented as a microservice orchestrated via Docker/Kubernetes with a REST API for integration with other scanner subsystems. This will allow for flexible deployment in MEC environments, industrial gateways, or cloud-based SCADA. Optimization of graph operations (e.g., centrality, shortest path with attributes) is implemented on the basis of the NetworkX or Neo4j Graph Data Science API frameworks.
Thus, FDG will act as the core of semantic connectivity in the scanner architecture, allowing move from point vulnerabilities to complex scenario risk analysis in a heterogeneous environment.
The concept of building a functional dependency graph (FDG) and the corresponding risk assessment model proposed in this paper lays the foundation for the formation of a new approach to vulnerability scanning in 5G-integrated ICS/OT environments. In further research, it is planned to implement a full-fledged vulnerability scanner architecture that will integrate the FDG module as the core of scenario and contextual risk analysis. This area is part of a separate research project dedicated to the creation of a specialized scanner for hybrid cyber-physical systems, the results of which are currently being prepared for publication.
To verify and validate the proposed model, it is planned to build a testbed using 5G network deployment tools based on open-source components. An isolated laboratory infrastructure has already been created, which includes open-source implementations of the 5G core and RAN, providing a full-fledged slice-oriented architecture with the ability to control through an orchestration interface. The experience of deploying such systems is analyzed in detail in [27, 28], where key platforms are compared and their performance is evaluated in the context of practical implementation.
The next step is to connect industrial sensors, PLC emulators, and MEC applications, which will create a controlled environment for testing FDG construction mechanisms, generating functional dependencies, and modeling cascading efects in the event of a vulnerability or attack. Such an approach will not only confirm the operability of the developed model, but will also allow for a quantitative assessment of the efectiveness of the proposed method in the context of dynamic changes in the topology and 5G services.
In the future, it is planned to integrate FDG with machine learning (ML) mechanisms to automatically interpret event streams, build behavioral dependencies, and detect anomalies. A separate direction will be to extend the model to multi-segment and inter-network scenarios, taking into account cloud edge platforms and transitive dependencies between slices or MEC services.
This paper presents a formalized methodology for modeling functional dependencies in hybrid ICS/OT environments with 5G integration, and proposes a risk assessment model based on the constructed functional dependency graph (FDG). The research was motivated by the identified limitations of existing approaches to cyber risk analysis that do not take into account the dynamic, heterogeneous, and interdependent nature of modern cyber-physical systems, in particular in the context of 5G architectures.
The proposed approach provides a unified representation of system components, both physical (e.g., PLCs, RTUs, sensors) and virtualized (e.g., UPFs, SMFs, MEC applications), in the form of an oriented graph with node annotation by semantic attributes. The edges of the graph describe typicalized dependencies: data transfer, control, resource sharing, time constraints, and logical connectivity. This allows you to model cascading efects and interactions between components.
A mathematical formalization of the FDG is developed, taking into account the criticality of nodes, the level of trust, time characteristics, fault tolerance, and radius of influence. This framework serves as the basis for a risk propagation model that supports both static and scenario analysis. The model allows you to calculate risk in dynamics, identify critical nodes, and prioritize incident response.
On the practical side, FDG is planned to implement as a service module that integrates telemetry, orchestrator data, SCADA topologies, and network configurations. The implementation will be focused on a microservice architecture with the ability to deploy in MEC environments, industrial gateways, or cloud-based SCADA systems, using modern graph computing libraries.
The obtained results confirm the feasibility of using FDG for contextual and dynamic analysis of cybersecurity risks in next-generation industrial networks. The proposed approach forms the basis for the further development of a specialized vulnerability scanner focused on ICS/OT+5G environments.
Future research will focus on integrating FDG with machine learning methods to build behavioral dependencies, as well as validating the model in a testbed with real devices and MEC applications. A separate area of focus will be extending the model to multi-segment scenarios, taking into account inter-network dependencies, slice architecture, and edge cloud platforms.
This work was supported by the Shota Rustaveli National Foundation of Georgia (SRNSFG) (NFR2214060) and “Methods of building protected multilayer cellular networks 5G/6G based on the use of artificial intelligence algorithms for monitoring the country’s critical infrastructure objects” (# 0124U000197).
The authors have not employed any Generative AI tools. Applications Security, 2008, pp. 283–296. [19] I. Ostroumov, et al., A probability estimation of aircraft departures and arrivals delays, in: Lecture Notes in Computer Science, volume 12950, 2021, pp. 363–377. doi:10.1007/ 978-3-030-86960-1_26. [20] M. Mantere, M. Sailio, J. Nikkarila, Challenges of cvss scoring in industrial control systems, in: Proceedings of the IEEE International Conference on Industrial Technology (ICIT), IEEE, 2010, pp. 1035–1040. [21] O. Ivashchuk, et al., A configuration analysis of Ukrainian flight routes network, in: Experience of Designing and Application of CAD Systems in Microelectronics (CADSM), 2021, pp. 6–10. doi:10.1109/CADSM52681.2021.9385263. [22] S. Michaelides, G. Suciu, C. Serbanescu, D. Popescu, Secure integration of 5g in industrial networks,
Future Generation Computer Systems (2025). Accepted/In press. [23] H. K. Kalutarage, L. Yang, Policy compliance verification in 5g networks using graph-based models,
Computer Communications 175 (2021) 1–14. doi:10.1016/j.comcom.2021.04.012. [24] X. Zhang, R. He, Z. Liu, Slice isolation risks in 5g core networks: A threat model and empirical study, IEEE Transactions on Network and Service Management 19 (2022) 3726–3739. doi:10. 1109/TNSM.2022.3225260. [25] Y. Li, Y. Sun, B. Wang, Z. Li, Gnn-based detection of cyber threats in 5g slices, IEEE Access 10 (2022) 78855–78867. doi:10.1109/ACCESS.2022.3191185. [26] O. Solomentsev, M. Zaliskyi, T. Herasymenko, O. Kozhokhina, Y. Petrova, Eficiency of operational data processing for radio electronic equipment, Aviation 23 (2020) 71–77. doi:10.3846/aviation. 2019.11849. [27] A. Pinchuk, R. Odarchenko, V. Samoilenko, A. Imanbayev, 5g network deployment based on opensource projects: A comparative analysis, in: 2023 IEEE 12th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Dortmund, Germany, 2023, pp. 596–601. doi:10.1109/IDAACS58523.2023.10348675. [28] A. Pinchuk, R. Odarchenko, Experimental studies of 5g open-source network performance, in: Proceedings of the International Scientific and Practical Conference Problems of Computer Science, Software Modeling and Security of Digital Systems, 2024, pp. 45–45.