Leveraging Large Language Models for AI-Assisted Cybersecurity Requirement Assessment for Air Traffic Control Systems

dc.contributor.authorPinto, Miguel
dc.contributor.departmentfi=Tietotekniikan laitos|en=Department of Computing|
dc.contributor.facultyfi=Teknillinen tiedekunta|en=Faculty of Technology|
dc.contributor.studysubjectfi=Tietotekniikka|en=Information and Communication Technology|
dc.date.accessioned2026-06-15T19:32:19Z
dc.date.issued2026-06-02
dc.description.abstractAir Traffic Control (ATC) systems operate within a strict cybersecurity compliance landscape, where Air Navigation Service Providers and product vendors must rec oncile overlapping obligations from international standards such as ICAO Annex 17 and the NIST SP800series, regional instruments such as the EU NIS2 Directive, and project-specific customer requirements expressed in heterogeneous formats. Align ing these sources with internal product documentation is a manual, time-consuming, and error-prone activity that no prior AI-assisted approach has addressed for the multi-layer evidence structure of safety-critical aviation. This thesis presents the first application of Retrieval-Augmented Generation (RAG) to ATC cybersecurity compliance assessment. The system organises evidence into three coupled layers covering regulatory obligations, customer requirements, and product configuration documentation, and processes each query through a staged pipeline of routing, hybrid retrieval, relevance filtering, and structured generation. Each assessment returns a verdict with inline citations to the supporting passages, runtime diagnostics, and an append only audit trail, shifting the engineer’s task from search to verification. The system runs entirely on-premises and is positioned as an advisory tool that preserves cybersecurity experts as final decision-makers. Following a design science approach, the system was evaluated against a manually validated Gold Standard of 40 queries developed with industrial experts, exceed ing all five pre-registered targets covering retrieval completeness, evidence ground ing, citation correctness, hallucination rate, and justification quality. A controlled comparison between MiniMax-M2.5 and Qwen2.5-VL-72B-Instruct showed that lo cally deployable model choice materially affects hallucination rate and verdict pre cision, with MiniMax-M2.5 having a 0.05 hallucination rate compared to 0.15 from Qwen2.5-VL-72B-Instruct, supporting MiniMax-M2.5 as the default model to be used. A code-level vulnerability assessment identified some weaknesses of the system that were promptly patched. The thesis contributes a domain-specific architecture, a curated evaluation framework, and empirical evidence that evidence-grounded compliance assessment is feasible in safety-critical, confidentiality-constrained envi ronments without removing expert oversight.
dc.format.extent104
dc.identifier.urihttps://www.utupub.fi/handle/11111/61986
dc.identifier.urnURN:NBN:fi-fe2026061570112
dc.language.isoeng
dc.rightsfi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.|
dc.rights.accessrightssuljettu
dc.subjectRetrieval-Augmented Generation
dc.subjectLarge Language Models
dc.subjectCybersecurity Compliance
dc.subjectAir Traffic Control
dc.subjectHybrid Retrieval
dc.subjectRequirements Engineering
dc.subjectEvidence Grounding
dc.subjectExplainable AI
dc.subjectLocal LLM Deployment
dc.subjectDesign Science Research
dc.titleLeveraging Large Language Models for AI-Assisted Cybersecurity Requirement Assessment for Air Traffic Control Systems
dc.type.ontasotfi=Diplomityö|en=Master's thesis|

Tiedostot

Näytetään 1 - 1 / 1
Ladataan...
Name:
Miguel_Pinto_Thesis.pdf
Size:
817.29 KB
Format:
Adobe Portable Document Format