Skip to main content
SpringerLink
Log in

At Design-Time Approach for Supervisory Control of Opacity

  • Conference paper
  • First Online:
Cooperative Information Systems (CoopIS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13591))

Included in the following conference series:

  • 487 Accesses

Abstract

Opacity is a property of information flow that characterizes the ability of a system to keep a secret information hidden from a malicious external entity, called an attacker. Given a critical system that may leak confidential information, an attacker with partial observation of the system and a subset of controllable actions, we propose an approach to synthesize a controller that enforces the system’s opacity. This controller is designed as a function that applies, at run time, to the current execution to disable any controllable action that eventually leads to the violation of the opacity of the system. The supervision function is built at design time based on a new version of the symbolic observation graph that represents a reduced abstraction of the state space graph of the system preserving the observation of both the attacker and the controller. The language induced by this function is proven to be controllable, observable and supremal no matter the relation that exists between the observations of the attacker and the controller.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bryans, J.W., Koutny, M., Mazaré, L., Ryan, P.Y.A.: Opacity generalised to transition systems. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 81–95. Springer, Heidelberg (2006). https://doi.org/10.1007/11679219_7

    Chapter  Google Scholar 

  2. O’Halloran, C.: A calculus of information flow. In: ESORICS 90 - First European Symposium on Research in Computer Security, 24–26 October 1990, Toulouse, pp. 147–159. AFCET (1990)

    Google Scholar 

  3. Falcone, Y., Marchand, H.: Enforcement and validation (at runtime) of various notions of opacity. Discr. Event Dyn. Syst. 25(4), 531–570 (2014). https://doi.org/10.1007/s10626-014-0196-4

    Article  MathSciNet  MATH  Google Scholar 

  4. Falcone, Y., Marchand, H.: Enforcement and validation (at runtime) of various notions of opacity. Discr. Event Dyn. Syst. 25(4), 531–570 (2015)

    Article  MathSciNet  Google Scholar 

  5. Haddad, S., Ilié, J.-M., Klai, K.: Design and evaluation of a symbolic and abstraction-based model checker. In: Wang, F. (ed.) ATVA 2004. LNCS, vol. 3299, pp. 196–210. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30476-0_19

  6. Bryant, R.E.: Symbolic Boolean manipulation with ordered binary-decision diagrams. ACM Comput. Surv. 24(3), 293–318 (1992)

    Article  Google Scholar 

  7. Matsui, S., Cai, K.: Application of supervisory control to secret protection in discrete-event systems. J. Soc. Instrum. Control Eng. Spec. Issue Event Based Control IoT 60(1), 14–20 (2021)

    Google Scholar 

  8. Klai, K, Poitrenaud, D.: MC-SOG: an LTL model checker based on symbolic observation graphs. In: van Hee, K.M., Valk, R. (eds.) PETRI NETS 2008. LNCS, vol. 5062, pp. 288–306. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68746-7_20

  9. Klai, K., Petrucci, L.: Modular construction of the symbolic observation graph. In: 8th International Conference on Application of Concurrency to System Design (ACSD 2008), Xi’an, China, 23–27 June 2008, pp. 88–97. IEEE (2008)

    Google Scholar 

  10. Bourouis, A., Klai, K., Hadj-Alouane, N.B., Touati, Y.E.: On the verification of opacity in web services and their composition. IEEE Trans. Serv. Comput. 10(1), 66–79 (2017)

    Article  Google Scholar 

  11. Ramadge, P.J., Wonham, W.M.: The control of discrete event systems. In: Proceedings of the IEEE; Special issue on Dynamics of Discrete Event Systems, vol. 77, no. 1, pp. 81–98 (1989)

    Google Scholar 

  12. Cassandras, C.G., Lafortune, S.: Controlled Markov chains. In: Introduction to Discrete Event Systems, pp. 535–591. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-72274-6_9

  13. Dubreil, J., Darondeau, P., Marchand, H.: Opacity enforcing control synthesis. In: 9th International Workshop on Discrete Event Systems, pp. 28–35 (2008)

    Google Scholar 

  14. Jacob, R., Lesage, J., Faure, J.: Overview of discrete event systems opacity: models, validation, and quantification. Annu. Rev. Control. 41, 135–146 (2016)

    Article  Google Scholar 

  15. Bryans, J.W., Koutny, M., Ryan, P.Y.A.: Modelling dynamic opacity using petri nets with silent actions. In: Dimitrakos, T., Martinelli, F. (eds.) Formal Aspects in Security and Trust. IIFIP, vol. 173, pp. 159–172. Springer, Boston (2005). https://doi.org/10.1007/0-387-24098-5_12

  16. Bryans, J.W., Koutny, M., Ryan, P.Y.A.: Modelling opacity using petri nets. Electron. Notes Theor. Comput. Sci. 121, 101–115 (2005)

    Article  Google Scholar 

  17. Saboori, A., Hadjicostis, C.: Verification of k-step opacity and analysis of its complexity. In: IEEE Transactions on Automation Science and Engineering, vol. 8, pp. 549–559 (2011)

    Google Scholar 

  18. Saboori, A., Hadjicostis, C.N.: Verification of initial-state opacity in security applications of des. In: 2008 9th International Workshop on Discrete Event Systems, pp. 328–333 (2008)

    Google Scholar 

  19. Saboori, A.: Verification and enforcement of state-based notions of opacity in discrete event systems. PhD thesis, University of Illinois at Urbana-Champaign (2011)

    Google Scholar 

  20. Saboori, A., Hadjicostis, C.N.: Verification of infinite-step opacity and complexity considerations. IEEE Trans. Autom. Control. 57(5), 1265–1269 (2012)

    Article  MathSciNet  Google Scholar 

  21. Bourouis, A., Klai, K., Hadj-Alouane, N.B.: Measuring opacity in web services. In: Proceedings of the 19th International Conference on Information Integration and Web-Based Applications Services, iiWAS 2017, New York, pp. 530–534. Association for Computing Machinery (2017)

    Google Scholar 

  22. Bourouis, A., Klai, K., Hadj-Alouane, N.B.: Measuring opacity for non-probabilistic DES: a sog-based approach. In: 24th International Conference on Engineering of Complex Computer Systems, ICECCS 2019, Guangzhou, 10–13 November 2019, pp. 242–247. IEEE (2019)

    Google Scholar 

  23. Bérard, B., Mullins, J., Sassolas, M.: Quantifying opacity. In: QEST 2010, Seventh International Conference on the Quantitative Evaluation of Systems, Williamsburg, Virginia, 15–18 September 2010, pp. 263–272. IEEE Computer Society (2010)

    Google Scholar 

  24. Bryans, J.W., Koutny, M., Mazaré, L., Ryan, P.Y.A.: Opacity generalised to transition systems. Int. J. Inf. Sec. 7(6), 421–435 (2008)

    Article  Google Scholar 

  25. http://toolboxopacity.gforge.inria.fr/. Takos: a java toolbox for analyzing the k-opacity of systems (2010)

  26. S. Library. www.eecs.umich.edu/umdes/toolboxes.html (2009)

  27. Klai, K., Hamdi, N., BenHadj-Alouane, N.: An on-the-fly approach for the verification of opacity in critical systems. In: 2014 IEEE 23rd International WETICE Conference, WETICE 2014, Parma, 23–25 June 2014, pp. 345–350. IEEE Computer Society (2014)

    Google Scholar 

  28. Souid, N.E., Klai, K.: A novel approach for supervisor synthesis to enforce opacity of discrete event systems. In: Gao, D., Li, Q., Guan, X., Liao, X. (eds.) ICICS 2021. LNCS, vol. 12919, pp. 210–227. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88052-1_13

    Chapter  Google Scholar 

  29. Dubreil, J.: Monitoring and supervisory control for opacity properties. (Vérification et Synthèse de Contrôleur pour des Propriétés de Confidentialité). PhD thesis, University of Rennes 1, France (2009)

    Google Scholar 

  30. Zinck, G., Ricker, L., Marchand, H., Hlout, L.: Enforcing opacity in modular systems. In: IFAC 2020, IFAC World Congress, pp. 1–8 (2020)

    Google Scholar 

  31. Badouel, E., Bednarczyk, M.A., Borzyszkowski, A.M., Caillaud, B., Darondeau, P.: Concurrent secrets. Discr. Event Dyn. Syst. 17(4), 425–446 (2007)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIPN UMR CNRS 7030, University Sorbonne Paris Nord, Villetaneuse, France

    Nour Elhouda Souid

  2. LIPSIC Lab, Faculty of Sciences of Tunis, Université de Tunis El Manar, Tunis, Tunisia

    Nour Elhouda Souid, Kais Klai & Samir Ben Ahmed

  3. Mediatron Lab, Université de Tunis El Manar, Sup’Com, Tunis, Tunisia

    Chiheb Ameur Abid

Authors
  1. Nour Elhouda Souid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kais Klai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chiheb Ameur Abid
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Samir Ben Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nour Elhouda Souid .

Editor information

Editors and Affiliations

  1. Telecom SudParis - Institut Polytechnique de Paris, Evry, France

    Mohamed Sellami

  2. University of Milan, Milan, Italy

    Paolo Ceravolo

  3. Utrecht University, Utrecht, The Netherlands

    Hajo A. Reijers

  4. Telecom SudParis - Institut Polytechnique de Paris, Evry, France

    Walid Gaaloul

  5. University of Lorraine, Vandoeuvre-les-Nancy, France

    Hervé Panetto

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Souid, N.E., Klai, K., Abid, C.A., Ahmed, S.B. (2022). At Design-Time Approach for Supervisory Control of Opacity. In: Sellami, M., Ceravolo, P., Reijers, H.A., Gaaloul, W., Panetto, H. (eds) Cooperative Information Systems. CoopIS 2022. Lecture Notes in Computer Science, vol 13591. Springer, Cham. https://doi.org/10.1007/978-3-031-17834-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-17834-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-17833-7

  • Online ISBN: 978-3-031-17834-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation