Skip to main content
Log in

Current-state opacity enforcement in discrete event systems under incomparable observations

  • Published:
Discrete Event Dynamic Systems Aims and scope Submit manuscript

Abstract

In this paper we tackle the opacity enforcement problem in discrete event systems using supervisory control theory. In particular, we consider the case where the intruder and the supervisor may observe different sets of events and neither of these sets needs to be contained in the other one. Moreover, there may be controllable events that cannot be observed by the supervisor. We propose a finite structure, called an augmented I-observer, to characterize the strings that will not leak the secret. Based on such a structure, a locally optimal supervisor enforcing current-state opacity is designed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

Notes

  1. Properly speaking, the SCOP concerns the language L(G).

  2. If H is not a strict subautomaton of G, the algorithm in Cho and Marcus (1989) can be used to transform both of them to G and H , respectively, such that H is a strict subautomaton of G .

  3. For the system in Fig. 2, there is no need to enumerate all control decisions when Y-state is {0} or {1}. Indeed, from state 0, observable event a would never occur before b and c, therefore all other control policies are equivalent to {a} or {}. From state 1, event a would never be executed. As a result, control policies containing a are redundant.

References

  • Badouel E, Bednarczyk M, Borzyszkowski A, Caillaud B, Darondeau P (2007) Concurrent secrets. Discret Event Dyn Syst 17(4):425–446

    Article  MathSciNet  MATH  Google Scholar 

  • Ben-Kalefa M, Lin F (2011) Supervisory control for opacity of discrete event systems. In: Proceedings of the 49th Annual Allerton conference on communication, control, and computing, pp 1113–1119

  • Bryans JW, Koutny M, Ryan PY (2005) Modelling opacity using Petri nets. Electron Notes Theor Comput Sci 121:101–115

    Article  MATH  Google Scholar 

  • Bryans JW, Koutny M, Mazaré L, Ryan PY (2008) Opacity generalised to transition systems. Int J Inf Secur 7(6):421–435

    Article  Google Scholar 

  • Busi N, Gorrieri R (2004) A survey on non-interference with Petri nets. In: Lectures on concurrency and Petri nets. Springer, pp 328–344

  • Cai K, Zhang R, Wonham W (2015) Relative observability of discrete-event systems and its supremal sublanguages. IEEE Trans Autom Control 60(3):659–670

    Article  MathSciNet  MATH  Google Scholar 

  • Cassandras CG, Lafortune S (2008) Introduction to discrete event systems. Springer

  • Cassez F, Dubreil J, Marchand H (2009) Dynamic observers for the synthesis of opaque systems. In: Automated technology for verification and analysis. Springer, pp 352–367

  • Cassez F, Dubreil J, Marchand H (2012) Synthesis of opaque systems with static and dynamic masks. Formal Methods Syst Des 40(1):88–115

    Article  MATH  Google Scholar 

  • Cho Hangju, Marcus Steven I (1989) On supremal languages of classes of sublanguages that arise in supervisor synthesis problems with partial observation. Mathem Control Signals Syst (MCSS) 2(1):47–69

    Article  MathSciNet  MATH  Google Scholar 

  • Dubreil J, Darondeau P, Marchand H (2008) Opacity enforcing control synthesis. In: Proceedings of the 9th international workshop on discrete event systems. IEEE, pp 28–35

  • Dubreil J, Darondeau P, Marchand H (2010) Supervisory control for opacity. IEEE Trans Autom Control 55(5):1089–1100

    Article  MathSciNet  MATH  Google Scholar 

  • Falcone Y, Marchand H (2015) Enforcement and validation (at runtime) of various notions of opacity. Discret Event Dyn Syst 25(4):531–570

    Article  MathSciNet  MATH  Google Scholar 

  • Goguen JA, Meseguer J (1982) Security policies and security models. In: Proceedings of the 2012 IEEE symposium on security and privacy, pp 11–20

  • Hadj-Alouane N, Lafortune S, Lin F (1996) Centralized and distributed algorithms for on-line synthesis of maximal control policies under partial observation. Discret Event Dyn Syst 6(4):379–427

    Article  MATH  Google Scholar 

  • Hadj-Alouane NB, Lafrance S, Lin F, Mullins J, Yeddes MM (2005) On the verification of intransitive noninterference in mulitlevel security. IEEE Trans Syst Man Cybern Part B: Cybern 35(5):948–958

    Article  MATH  Google Scholar 

  • Heymann M, Lin F (1994) On-line control of partially observed discrete event systems. Discret Event Dyn Syst 4(3):221–236

    Article  MATH  Google Scholar 

  • Lin F (2011) Opacity of discrete event systems and its applications. Automatica 47(3):496–503

    Article  MathSciNet  MATH  Google Scholar 

  • Ramadge PJG, Wonham WM (1989) The control of discrete event systems. Proc IEEE 77(1):81–98

    Article  MATH  Google Scholar 

  • Reiter MK, Rubin AD (1998) Crowds: anonymity for web transactions. ACM Trans Inf Syst Secur 1(1):66–92

    Article  Google Scholar 

  • Ru Y, Cabasino MP, Giua A, Hadjicostis CN (2014) Supervisor synthesis for discrete event systems under partial observation and arbitrary forbidden state specifications. Discret Event Dyn Syst 24(3):275–307

    Article  MathSciNet  MATH  Google Scholar 

  • Saboori A, Hadjicostis CN (2007) Notions of security and opacity in discrete event systems. In: Proceedings of the 46th IEEE conference on decision and control.IEEE, pp 5056–5061

  • Saboori A, Hadjicostis CN (2008) Verification of initial-state opacity in security applications of DES. In: Proceedings of the 9th International workshop on discrete event systems, pp 328–333

  • Saboori A, Hadjicostis CN (2012) Opacity-enforcing supervisory strategies via state estimator constructions. IEEE Trans Autom Control 57(5):1155–1165

    Article  MathSciNet  MATH  Google Scholar 

  • Shmatikov V (2004) Probabilistic analysis of an anonymity system. J Comput Secur 12(3):355–377

    Article  MATH  Google Scholar 

  • Takai S, Oka Y (2008) A formula for the supremal controllable and opaque sublanguage arising in supervisory control. SICE J Control Measur Syst Integr 1(4):307–311

    Article  Google Scholar 

  • Tong Y, Li ZW, Seatzu C, Giua A (2015a) Verification of current-state opacity using Petri nets. In: Proceedings of the 2015 American control conference. IEEE, Chicago, pp 1935–1940

  • Tong Y, Li ZW, Seatzu C, Giua A (2015b) Verification of initial-state opacity in Petri nets. In: Proceedings of the 2015 International conference on decision and control. IEEE, Osaka, pp 344–349

  • Tong Y, Ma ZY, Li ZW, Seatzu C, Giua A (2016a) Verification of language-based opacity in Petri nets using verifier. In: Proceedings of the American control conference. IEEE, Boston, pp 757–763

  • Tong Y, Ma Z, Li Z, Seatzu C, Giua A (2016b) Supervisory enforcement of current-state opacity with uncomparable observations. In: Proceedings of the 13th International workshop on discrete event systems, pp 313–318

  • Tong Y, Li ZW, Seatzu C, Giua A (2017a) Decidability of opacity verification problems in labeled Petri net systems. Automatica 80:48–53

    Article  MathSciNet  MATH  Google Scholar 

  • Tong Y, Li ZW, Seatzu C, Giua A (2017b) Verification of state-based opacity using Petri nets. IEEE Trans Autom Control 62(6):2823–2837

    Article  MathSciNet  MATH  Google Scholar 

  • Ushio T (1999) On-line control of discrete event systems with a maximally controllable and observable sublanguage. IEICE Trans Funda Electron Commun Comput Sci 82(9):1965–1970

    Google Scholar 

  • Wu YC, Lafortune S (2013) Comparative analysis of related notions of opacity in centralized and coordinated architectures. Discret Event Dyn Syst 23(3):307–339

    Article  MathSciNet  MATH  Google Scholar 

  • Wu YC, Lafortune S (2014) Synthesis of insertion functions for enforcement of opacity security properties. Automatica 50(5):1336–1348

    Article  MathSciNet  MATH  Google Scholar 

  • Wu YC, Lafortune S (2015) Synthesis of opacity-enforcing insertion functions that can be publicly known. In: Proceedings of the 54th IEEE Conference on decision and control, pp 3506–3513

  • Yin X, Lafortune S (2015) A new approach for synthesizing opacity-enforcing supervisors for partially-observed discrete-event systems. In: Proceedings of the 2015 American control conference. IEEE, Chicago, pp 377–383

  • Yin X, Lafortune S (2016a) Synthesis of maximally permissive supervisors for partially-observed discrete-event systems. IEEE Trans Autom Control 61(5):1239–1254

    Article  MathSciNet  MATH  Google Scholar 

  • Yin X, Lafortune S (2016b) A uniform approach for synthesizing property-enforcing supervisors for partially-observed discrete-event systems. IEEE Trans Autom Control 61(8):2140–2154

    Article  MathSciNet  MATH  Google Scholar 

  • Zhang B, Shu SL, Lin F (2012) Polynomial algorithms to check opacity in discrete event systems. In: Proceedings of the 24th Chinese control and decision conference. IEEE, pp 763–769

Download references

Acknowledgements

The authors would like to acknowledge the valuable remarks of an anonymous reviewer who pointed out a way to simplify the approach proposed in an earlier version of the manuscript.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Zhiwu Li.

Additional information

This article belongs to the Topical Collection: Special Issue on Diagnosis, Opacity and Supervisory Control of Discrete Event Systems

Guest Editors: Christos G. Cassandras and Alessandro Giua

This work was supported by the National Natural Science Foundation of China under Grants Nos. 61374068, 61472295, 61673309, the Science and Technology Development Fund, MSAR, under Grant No. 078/2015/A3, and the Fundamental Research Funds for the Central Universities with Grant No. 2682017ZDPY10.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tong, Y., Li, Z., Seatzu, C. et al. Current-state opacity enforcement in discrete event systems under incomparable observations. Discrete Event Dyn Syst 28, 161–182 (2018). https://doi.org/10.1007/s10626-017-0264-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10626-017-0264-7

Keywords

Navigation