The work presented in this dissertation was carried out within an internal R&D project at Alphawaves Srl, which hosted the thesis activities. The project addresses the growing need for cybersecurity solutions in the field of Operational Technology (OT) by proposing a plug-and-play tool capable of automatically scanning, validating, and reporting the security status of an OT network in a continuous monitoring cycle. This thesis focuses on the development of a cyber risk evaluation model that takes as input a network description containing information on host and network configurations, topology, and known vulnerabilities and produces severity scores ranging from 0 to 10 to quantify potential threats.