Dynamic Observers for the Synthesis of Opaque Systems
نویسندگان
چکیده
In this paper, we address the problem of synthesizing opaque systems. A secret predicate S over the runs of a system G is opaque to an external user having partial observability over G, if s/he can never infer from the observation of a run of G that the run belongs to S. We first investigate the case of static partial observability where the set of events the user can observe is fixed a priori. In this context, we show that checking whether a system is opaque is PSPACE-complete, which implies that computing an optimal static observer ensuring opacity is also a PSPACE-complete problem. Next, we introduce dynamic partial observability where the set of events the user can observe changes over time. We show how to check that a system is opaque w.r.t. to a dynamic observer and also address the corresponding synthesis problem: given a system G and secret states S, compute the set of dynamic observers under which S is opaque. Our main result is that the set of such observers can be finitely represented and can be computed in EXPTIME. Key-words: security, confidentiality property, synthesis, dynamic observation Observateurs dynamiques pour la synthèse de systèmes opaques Résumé : Dans cette article, nous nous intéressons à la synthèse de systèmes opaques. Un prédicat S sur les exécutions d’un système G est opaque vis à vis d’un utilisateur, observant partiellement le système, si celui-ci ne peut jamais déduire des traces observées que l’exécution courante appartient à S. Dans un premier temps, nous nous intéressons au cas où le sous-ensemble des événements que l’attaquant peut observer est fixe. Dans ce cadre, nous montrons que la vérification de l’opacité est PSPACE complète. Dans un deuxième temps, nous introduisons la notion d’observation partielle dynamique qui traduit le fait que l’ensemble des événements que l’attaquant peut observer varie avec le temps. Nous montrons comment vérifier l’opacité sur un système vis à vis d’un observateur dynamique et considérons également le problème de synthèse associé: étant donné un système G et un secret S, calculer l’ensemble des observateurs dynamiques pour lesquels S est opaque. Nous montrons ainsi que cet ensemble peut être représenté de manière fini avec une complexité de calcul EXPTIME. Mots clés : securité, propriété de confidentialité, synthèse, observation dynamique This work was partially supported by the Politess RNRT project. * Author supported by a Marie Curie International Outgoing Fellowship within the 7th European Community Framework Programme. National ICT Australia & CNRS, Sydney, Australia ** VerTeCs, INRIA, centre Rennes Bretagne Atlantique *** VerTeCs, INRIA, centre Rennes Bretagne Atlantique c ©IRISA – Campus de Beaulieu – 35042 Rennes Cedex – France – +33 2 99 84 71 00 – www.irisa.fr
منابع مشابه
Using Tracking Differentiators in Designing Nonlinear Disturbance Observers for Uncertain Systems
Using Tracking Differentiators in Designing Nonlinear Disturbance Observers for Uncertain SystemsNaser Kazemzadeh, Saeed BarghandanAbstractIn the present paper, a practical designing method has been proposed for a novel class of NDOs based on TD. Such NDOs can nearly estimate all uncertain disturbances (specifically disturbances without prediction information). Regarding the outstanding perform...
متن کاملRobust H_∞ Controller design based on Generalized Dynamic Observer for Uncertain Singular system with Disturbance
This paper presents a robust ∞_H controller design, based on a generalized dynamic observer for uncertain singular systems in the presence of disturbance. The controller guarantees that the closed loop system be admissible. The main advantage of this method is that the uncertainty can be found in the system, the input and the output matrices. Also the generalized dynamic observer is used to est...
متن کاملDesign of Nonlinear Robust Controller and Observer for Control of a Flexible Spacecraft
Two robust nonlinear controllers along with a nonlinear observer have been developed in this study to control a 1D nonlinear flexible spacecraft. The first controller is based on dynamic inversion, while the second one is composed of dynamic inversion and µ-synthesis controllers. The extension of dynamic inversion approach to flexible spacecraft is impeded by the non-minimum phase characteristi...
متن کاملSynthesis of opaque systems with static and dynamic masks
Opacity is a security property formalizing the absence of secret information leakage and we address in this paper the problem of synthesizing opaque systems. A secret predicate S over the runs of a system G is opaque to an external user having partial observability over G, if s/he can never infer from the observation of a run of G that the run belongs to S. We choose to control the observabilit...
متن کاملSynthesis Of Optimal Dynamic Observers for Fault Diagnosis of Discrete-Event Systems
Fault diagnosis consists in synthesizing a diagnoser that observes a given plant through a set of observable events, and identifies faults which are not observable as soon as possible after their occurrence. Existing literature on this problem has considered the case of static observers, where the set of observable events does not change during execution of the system. In this paper, we conside...
متن کامل