The present disclosure relates in general to systems and methods for generating filtering rules, particularly traffic filtering rules.
Human experts and network designers of cyber-physical systems (CPSs), such as for airplanes, may wish to update an existing set of the filtering rules and increase the number of rules such that the overall security of a CPS is enhanced (e.g., tighter rules to filter out unwanted traffic compared to original rule set) without sacrificing the computational overhead. Conventional approaches to regenerating the set of the filtering rules require humans to manually go through all the existing rules and modify the rules to meet the new requirement in terms of the number of rules and the security. Thus, modifying network filtering rules using conventional approaches is time consuming because each time a network administrator wants to change the number of network rules for filtering network traffic, the administrator must modify every existing rule according to the desired changes.