Beyond Compliance: A Techno-Geopolitical Framework for Scalable AI Resilience in Critical Infrastructure Along the NATO-EU Eastern Flank

This study examines cyber vulnerabilities affecting critical infrastructure along NATO’s 2 eastern flank, with a focus on industrial control systems and operational technology. It 3 addresses how hybrid threats exploit legacy protocols and interoperability gaps across 4 mixed-generation IIoT environments, increasing the likelihood of disruptive events. We 5 propose an AI-enabled framework that links cyber resilience engineering to European 6 regulatory and operational requirements through two components: a Unified Compli- 7 ance Framework that maps legal obligations to implementable technical controls, and 8 an AI-enabled Cyber Resilience Index that consolidates detection, operational continuity, 9 governance, and supply-chain risk into a single scoring model. The methodology combines 10 regulatory-control mapping, OT-specific gap analysis, and engineering validation of real- 11 time constraints, supported by a digital-twin testing environment used to evaluate resilience 12 under representative adversarial scenarios. Results from the simulation-based evaluation 13 show consistent improvements in detection and response stability across tested scenar- 14 ios and provide an auditable evidence model for continuous assurance. The framework 15 supports risk-informed governance and investment decisions by translating compliance 16 objectives into measurable service-level targets and operational resilience indicators, while 17 promoting time-deterministic architectures, federated learning, and explainable AI for 18 accountable deployment in industrial settings