27 lines
1.7 KiB
Text
27 lines
1.7 KiB
Text
= Approaches for System Condition Evaluation
|
|
|
|
The physics-based activity detection system select a label for each measurement in the time series.
|
|
From this array of labels, there are multiple approaches to evaluate if the system is performing as expected or not.
|
|
Each approach result in a different intermediate data format (from the detection system to the trust model) and represent a different interpretation of the detection.
|
|
Selecting one approache is a core design choice for the complete system.
|
|
|
|
Both approaches are simmilar and each could be expressed with the other.
|
|
However they differ in the format of the output.
|
|
This outputformat may influence how the trust model ingest the new results and how the time series are submitted for state detection.
|
|
== Approach 1. Compliance to Security Policies
|
|
|
|
#figure(image("images/a1.svg", width:100%),caption: "Data pipeline of the first approache.")
|
|
|
|
With the security policy approach, each power measurement receives a label corresponding to the compliance of the system to pre-defined security policies.
|
|
The label is ternary with
|
|
- 1 = Policies Respected
|
|
- 0 = Not all Policies Respected
|
|
- -1 = Unsure
|
|
|
|
== Approach 2. Presence of Specific Patterns
|
|
|
|
#figure(image("images/a2.svg", width:100%),caption: "Data pipeline of the second approache.")
|
|
|
|
The second approach generates a single label for a complete time series based on the presence of a specific pattern.
|
|
The selected pattern could be representative of a known anomalous state.
|
|
This approache is similar to the first one as it also look for a state in the time serie (the presence of the pattern could be described as a security policy) but differs by the decision algorithm that could take into account large portions of unknown to decide on an unknown output (-1).
|