Abstract
In this paper we tackle the opacity enforcement problem in discrete event systems using supervisory control theory. In particular, we consider the case where the intruder and the supervisor may observe different sets of events and neither of these sets needs to be contained in the other one. Moreover, there may be controllable events that cannot be observed by the supervisor. We propose a finite structure, called an augmented I-observer, to characterize the strings that will not leak the secret. Based on such a structure, a locally optimal supervisor enforcing current-state opacity is designed.
Similar content being viewed by others
Notes
Properly speaking, the SCOP concerns the language L(G).
If H is not a strict subautomaton of G, the algorithm in Cho and Marcus (1989) can be used to transform both of them to G ′ and H ′, respectively, such that H ′ is a strict subautomaton of G ′.
For the system in Fig. 2, there is no need to enumerate all control decisions when Y-state is {0} or {1}. Indeed, from state 0, observable event a would never occur before b and c, therefore all other control policies are equivalent to {a} or {}. From state 1, event a would never be executed. As a result, control policies containing a are redundant.
References
Badouel E, Bednarczyk M, Borzyszkowski A, Caillaud B, Darondeau P (2007) Concurrent secrets. Discret Event Dyn Syst 17(4):425–446
Ben-Kalefa M, Lin F (2011) Supervisory control for opacity of discrete event systems. In: Proceedings of the 49th Annual Allerton conference on communication, control, and computing, pp 1113–1119
Bryans JW, Koutny M, Ryan PY (2005) Modelling opacity using Petri nets. Electron Notes Theor Comput Sci 121:101–115
Bryans JW, Koutny M, Mazaré L, Ryan PY (2008) Opacity generalised to transition systems. Int J Inf Secur 7(6):421–435
Busi N, Gorrieri R (2004) A survey on non-interference with Petri nets. In: Lectures on concurrency and Petri nets. Springer, pp 328–344
Cai K, Zhang R, Wonham W (2015) Relative observability of discrete-event systems and its supremal sublanguages. IEEE Trans Autom Control 60(3):659–670
Cassandras CG, Lafortune S (2008) Introduction to discrete event systems. Springer
Cassez F, Dubreil J, Marchand H (2009) Dynamic observers for the synthesis of opaque systems. In: Automated technology for verification and analysis. Springer, pp 352–367
Cassez F, Dubreil J, Marchand H (2012) Synthesis of opaque systems with static and dynamic masks. Formal Methods Syst Des 40(1):88–115
Cho Hangju, Marcus Steven I (1989) On supremal languages of classes of sublanguages that arise in supervisor synthesis problems with partial observation. Mathem Control Signals Syst (MCSS) 2(1):47–69
Dubreil J, Darondeau P, Marchand H (2008) Opacity enforcing control synthesis. In: Proceedings of the 9th international workshop on discrete event systems. IEEE, pp 28–35
Dubreil J, Darondeau P, Marchand H (2010) Supervisory control for opacity. IEEE Trans Autom Control 55(5):1089–1100
Falcone Y, Marchand H (2015) Enforcement and validation (at runtime) of various notions of opacity. Discret Event Dyn Syst 25(4):531–570
Goguen JA, Meseguer J (1982) Security policies and security models. In: Proceedings of the 2012 IEEE symposium on security and privacy, pp 11–20
Hadj-Alouane N, Lafortune S, Lin F (1996) Centralized and distributed algorithms for on-line synthesis of maximal control policies under partial observation. Discret Event Dyn Syst 6(4):379–427
Hadj-Alouane NB, Lafrance S, Lin F, Mullins J, Yeddes MM (2005) On the verification of intransitive noninterference in mulitlevel security. IEEE Trans Syst Man Cybern Part B: Cybern 35(5):948–958
Heymann M, Lin F (1994) On-line control of partially observed discrete event systems. Discret Event Dyn Syst 4(3):221–236
Lin F (2011) Opacity of discrete event systems and its applications. Automatica 47(3):496–503
Ramadge PJG, Wonham WM (1989) The control of discrete event systems. Proc IEEE 77(1):81–98
Reiter MK, Rubin AD (1998) Crowds: anonymity for web transactions. ACM Trans Inf Syst Secur 1(1):66–92
Ru Y, Cabasino MP, Giua A, Hadjicostis CN (2014) Supervisor synthesis for discrete event systems under partial observation and arbitrary forbidden state specifications. Discret Event Dyn Syst 24(3):275–307
Saboori A, Hadjicostis CN (2007) Notions of security and opacity in discrete event systems. In: Proceedings of the 46th IEEE conference on decision and control.IEEE, pp 5056–5061
Saboori A, Hadjicostis CN (2008) Verification of initial-state opacity in security applications of DES. In: Proceedings of the 9th International workshop on discrete event systems, pp 328–333
Saboori A, Hadjicostis CN (2012) Opacity-enforcing supervisory strategies via state estimator constructions. IEEE Trans Autom Control 57(5):1155–1165
Shmatikov V (2004) Probabilistic analysis of an anonymity system. J Comput Secur 12(3):355–377
Takai S, Oka Y (2008) A formula for the supremal controllable and opaque sublanguage arising in supervisory control. SICE J Control Measur Syst Integr 1(4):307–311
Tong Y, Li ZW, Seatzu C, Giua A (2015a) Verification of current-state opacity using Petri nets. In: Proceedings of the 2015 American control conference. IEEE, Chicago, pp 1935–1940
Tong Y, Li ZW, Seatzu C, Giua A (2015b) Verification of initial-state opacity in Petri nets. In: Proceedings of the 2015 International conference on decision and control. IEEE, Osaka, pp 344–349
Tong Y, Ma ZY, Li ZW, Seatzu C, Giua A (2016a) Verification of language-based opacity in Petri nets using verifier. In: Proceedings of the American control conference. IEEE, Boston, pp 757–763
Tong Y, Ma Z, Li Z, Seatzu C, Giua A (2016b) Supervisory enforcement of current-state opacity with uncomparable observations. In: Proceedings of the 13th International workshop on discrete event systems, pp 313–318
Tong Y, Li ZW, Seatzu C, Giua A (2017a) Decidability of opacity verification problems in labeled Petri net systems. Automatica 80:48–53
Tong Y, Li ZW, Seatzu C, Giua A (2017b) Verification of state-based opacity using Petri nets. IEEE Trans Autom Control 62(6):2823–2837
Ushio T (1999) On-line control of discrete event systems with a maximally controllable and observable sublanguage. IEICE Trans Funda Electron Commun Comput Sci 82(9):1965–1970
Wu YC, Lafortune S (2013) Comparative analysis of related notions of opacity in centralized and coordinated architectures. Discret Event Dyn Syst 23(3):307–339
Wu YC, Lafortune S (2014) Synthesis of insertion functions for enforcement of opacity security properties. Automatica 50(5):1336–1348
Wu YC, Lafortune S (2015) Synthesis of opacity-enforcing insertion functions that can be publicly known. In: Proceedings of the 54th IEEE Conference on decision and control, pp 3506–3513
Yin X, Lafortune S (2015) A new approach for synthesizing opacity-enforcing supervisors for partially-observed discrete-event systems. In: Proceedings of the 2015 American control conference. IEEE, Chicago, pp 377–383
Yin X, Lafortune S (2016a) Synthesis of maximally permissive supervisors for partially-observed discrete-event systems. IEEE Trans Autom Control 61(5):1239–1254
Yin X, Lafortune S (2016b) A uniform approach for synthesizing property-enforcing supervisors for partially-observed discrete-event systems. IEEE Trans Autom Control 61(8):2140–2154
Zhang B, Shu SL, Lin F (2012) Polynomial algorithms to check opacity in discrete event systems. In: Proceedings of the 24th Chinese control and decision conference. IEEE, pp 763–769
Acknowledgements
The authors would like to acknowledge the valuable remarks of an anonymous reviewer who pointed out a way to simplify the approach proposed in an earlier version of the manuscript.
Author information
Authors and Affiliations
Corresponding author
Additional information
This article belongs to the Topical Collection: Special Issue on Diagnosis, Opacity and Supervisory Control of Discrete Event Systems
Guest Editors: Christos G. Cassandras and Alessandro Giua
This work was supported by the National Natural Science Foundation of China under Grants Nos. 61374068, 61472295, 61673309, the Science and Technology Development Fund, MSAR, under Grant No. 078/2015/A3, and the Fundamental Research Funds for the Central Universities with Grant No. 2682017ZDPY10.
Rights and permissions
About this article
Cite this article
Tong, Y., Li, Z., Seatzu, C. et al. Current-state opacity enforcement in discrete event systems under incomparable observations. Discrete Event Dyn Syst 28, 161–182 (2018). https://doi.org/10.1007/s10626-017-0264-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10626-017-0264-7