SATCOM; SDN; Security Testing; Field Based Testing; Configuration Updates
Abstract :
[en] Satellite communication (SATCOM) plays a critical role in everyday life, enabling vital services ranging from fast internet and disaster recovery to IoT connectivity. Rapid and cost-effective reconfiguration of existing infrastructure, particularly in satellite systems where new deployments are expensive and long, is essential to meet dynamic operational demands. A solution to achieve such an objective is the use of edge technologies with Software Defined Networks (SDNs), since the former enhance responsiveness and efficiency by processing data closer to end users, while the latter
decouple network control from data forwarding, thus enabling swift adaptation to evolving scenarios. These solutions make SATCOM systems highly reconfigurable, but make their field configuration hardly foreseeable before deployment, with the risk of having vulnerable field configurations that may compromise dependability and system security, which is our focus in this work. To address these challenges, this dissertation presents three main contributions. The first contribution is an empirical study of 147 vulnerabilities in four widely used edge computing frameworks to understand why security issues persist. The study reveals that the complexity of edge environments makes exhaustive in-house testing impractical, and that many vulnerabilities affect confidentiality and are observed with configurations partially tested before deployment. These findings motivate the development of in-the-field testing approaches. The second contribution is the definition of FISTS, a field-based security testing approach for software-defined network (SDN) configuration updates. FISTS probes the network before and after updates and integrates a data analysis pipeline with unsupervised machine learning to detect anomalies. Evaluated with real and simulated SATCOM data, FISTS achieves high precision and recall, demonstrating its effectiveness and scalability. The third contribution is the extension of FISTS by incorporating human-in-the-loop feedback and weakly supervised learning. We evaluated 814 pipelines integrating 37 anomaly detection algorithms using 300 datasets. Our results show that combining expert feedback with algorithms like HBOS and OCSVM yields the best performance in
terms of both recall and efficiency. These findings are an empirically well-founded practical solution to address a key problem for SATCOM systems.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > SVV - Software Verification and Validation
Disciplines :
Computer science
Author, co-author :
MALIK, Jahanzaib ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust > SVV > Team Fabrizio PASTORE
Language :
English
Title :
ML-DRIVEN FIELD-BASED SECURITY TESTING OF SOFTWARE CONFIGURATION UPDATES IN MODERN SATCOM SYSTEMS
Defense date :
25 September 2025
Institution :
Unilu - University of Luxembourg [FSTM], Luxebmourg, Luxembourg
Degree :
Docteur en Informatique (DIP_DOC_0006_B)
Promotor :
PASTORE, Fabrizio ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV
President :
CHATZINOTAS, Symeon ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SigCom
Jury member :
BIANCULLI, Domenico ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV
Mathias, Payer
Joel, Grotz
Stefano, Russo
Focus Area :
Security, Reliability and Trust
Development Goals :
9. Industry, innovation and infrastructure
FnR Project :
FNR14016225 - INSTRUCT - Integrated Satellite-terrestrial Systems For Ubiquitous Beyond 5g Communications, 2020 (01/10/2020-30/09/2026) - Symeon Chatzinotas
