Privacy-preserving co-synthesis against sensor-actuator eavesdropping intruder?

In this work, we investigate the problem of privacy-preserving supervisory control against an external passive intruder via co-synthesis of a dynamic mask, an edit function, and a supervisor. We attempt to achieve the following goals: (1) the system secret cannot be inferred by the intruder, i.e., opacity of secrets against the intruder, and the existence of the dynamic mask and the edit function should not be discovered by the intruder, i.e., covertness of dynamic mask and edit function against the intruder; (2) some safety and nonblockingness requirement should be satisfied. We assume the intruder can eavesdrop both the sensing information generated by the sensors and the control commands issued to the actuators. Our approach is to model the co-synthesis problem as a distributed supervisor synthesis problem in the Ramadge-Wonham supervisory control framework, and we propose an incremental synthesis heuristic to incrementally synthesize a dynamic mask, an edit function and a supervisor. The effectiveness of our approach is illustrated on an example about location privacy. (c) 2023 Elsevier Ltd. All rights reserved.

Automated summary

In this work, the problem of privacy-preserving supervisory control against an external passive intruder is investigated by co-synthesis of a dynamic mask, an edit function, and a supervisor. The goals include ensuring opacity of system secrets, covertness of dynamic mask and edit function, and satisfying safety and nonblockingness requirements. The approach models the co-synthesis problem as a distributed supervisor synthesis problem in the Ramadge-Wonham supervisory control framework, and proposes an incremental synthesis heuristic to synthesize a dynamic mask, an edit function, and a supervisor. The effectiveness of the approach is illustrated on an example about location privacy.