Pedro Merino Laso, doctoral student of the Chair of Cyber Defence of Naval Systems and DECIDE team, defended his thesis entitled "Detection of anomalies and cyberattacks based on multi-sensor data quality models", on Thursday December 7th 2017.
Naval systems represent a strategic infrastructure for international trade and military activities. These systems are increasingly computerized to achieve optimal and secure navigation. To achieve this goal, a wide variety of on-board systems generate comprehensive navigation and component status information, enabling remote monitoring and control. Because of their importance and computerization, naval systems have become a prime target for hackers. Moreover, the sea is a rough and uncertain environment that can produce malfunctions. As a result, making decisions based on false information because of anomalies can have potentially catastrophic repercussions. Due to the particular characteristics of these systems, conventional anomaly detection methodologies cannot be applied as originally designed. In this thesis we propose quality measures as a potential alternative. A methodology adapted to cyber-physical systems has been devised to evaluate the quality of the data generated by the components of these systems. Based on these measurements, a new approach for the analysis of functional scenarios has been developed. Acceptance levels limit the states of normality and detect outliers. The anomalies examined by component, make it possible to categorize detections and associate them with the categories defined by the proposed model. The application of this approach to 13 scenarios created for a platform composed of two tanks and 11 scenarios for two aerial drones served to demonstrate the relevance and interest of this work.
Keywords: Data and information quality; Monitoring; Multi-source network; Cyber-physical system; Naval system; DIKW Pyramid; Anomaly detection; Anomaly categorization.