Henrik Sandberg

Julien M. Hendrickx, Karl Henrik Johansson, Raphael M. Jungers et al.

The resilience of Supervisory Control and Data Acquisition (SCADA) systems for electric power networks for certain cyber-attacks is considered. We analyze the vulnerability of the measurement system to false data attack on communicated measurements. The vulnerability analysis problem is shown to be NP-hard, meaning that unless $P = NP$ there is no polynomial time algorithm to analyze the vulnerability of the system. Nevertheless, we identify situations, such as the full measurement case, where it can be solved efficiently. In such cases, we show indeed that the problem can be cast as a generalization of the minimum cut problem involving costly nodes. We further show that it can be reformulated as a standard minimum cut problem (without costly nodes) on a modified graph of proportional size. An important consequence of this result is that our approach provides the first exact efficient algorithm for the vulnerability analysis problem under the full measurement assumption. Furthermore, our approach also provides an efficient heuristic algorithm for the general NP-hard problem. Our results are illustrated by numerical studies on benchmark systems including the IEEE 118-bus system.

Kin Cheong Sou, Henrik Sandberg, Karl Henrik Johansson

This paper considers a smart grid cyber-security problem analyzing the vulnerabilities of electric power networks to false data attacks. The analysis problem is related to a constrained cardinality minimization problem. The main result shows that an $l_1$ relaxation technique provides an exact optimal solution to this cardinality minimization problem. The proposed result is based on a polyhedral combinatorics argument. It is different from well-known results based on mutual coherence and restricted isometry property. The results are illustrated on benchmarks including the IEEE 118-bus and 300-bus systems.

Chithrupa Ramesh, Henrik Sandberg, Karl H. Johansson

For a closed-loop system, which has a contention-based multiple access network on its sensor link, the Medium Access Controller (MAC) may discard some packets when the traffic on the link is high. We use a local state-based scheduler to select a few critical data packets to send to the MAC. In this paper, we analyze the impact of such a scheduler on the closed-loop system in the presence of traffic, and show that there is a dual effect with state-based scheduling. In general, this makes the optimal scheduler and controller hard to find. However, by removing past controls from the scheduling criterion, we find that certainty equivalence holds. This condition is related to the classical result of Bar-Shalom and Tse, and it leads to the design of a scheduler with a certainty equivalent controller. This design, however, does not result in an equivalent system to the original problem, in the sense of Witsenhausen. Computing the estimate is difficult, but can be simplified by introducing a symmetry constraint on the scheduler. Based on these findings, we propose a dual predictor architecture for the closed-loop system, which ensures separation between scheduler, observer and controller. We present an example of this architecture, which illustrates a network-aware event-triggering mechanism.

Jezdimir Milosevic, Henrik Sandberg, Karl Henrik Johansson

Risk assessment is an inevitable step in implementation of a cyber-defense strategy. An important part of this assessment is to reason about the impact of possible attacks. In this paper, we propose a framework for estimating the impact of cyber-attacks in stochastic linear control systems. The framework can be used to estimate the impact of denial of service, rerouting, sign alternation, replay, false data injection, and bias injection attacks. For the stealthiness constraint, we adopt the Kullback-Leibler divergence between residual sequences during the attack. Two impact metrics are considered: (1) The probability that some of the critical states leave a safety region; and (2) The expected value of the infinity norm of the critical states. For the first metric, we prove that the impact estimation problem can be reduced to a set of convex optimization problems. Thus, the exact solution can be found efficiently. For the second metric, we derive an efficient to calculate lower bound. Finally, we demonstrate how the framework can be used for risk assessment on an example.

Jezdimir Milosevic, Andre Teixeira, Henrik Sandberg et al.

This paper proposes an actuator security index based on the definition of perfect undetectability. This index can help a control system operator to localize the most vulnerable actuators in the networked control system, which can then be secured. Particularly, the security index of an actuator equals the minimum number of sensors and actuators that needs to be compromised, such that a perfectly undetectable attack against that actuator can be conducted. A method for computing the index for small scale networked control systems is derived, and it is shown that the index can potentially be increased by placing additional sensors. The difficulties that appear once the system is of a large scale are then outlined: the problem of calculating the index is NP--hard, the index is vulnerable to system variations, and it is based on the assumption that the attacker knows the entire model of the system. To overcome these difficulties, a robust security index is introduced. The robust index can be calculated in polynomial time, it is unaffected by the system variations, and it can be related to both limited and full model knowledge attackers. Additionally, we analyze two sensor placement problems with the objective to increase the robust indices. We show that both of these problems have submodular structures, so their suboptimal solutions with performance guarantees can be obtained in polynomial time. Finally, the theoretical developments are illustrated through numerical examples.

Takayuki Ishizaki, Tomonori Sadamoto, Jun-ichi Imura et al.

In this paper, we propose a retrofit control method for stable network systems. The proposed approach is a control method that, rather than an entire system model, requires a model of the subsystem of interest for controller design. To design the retrofit controller, we use a novel approach based on hierarchical state-space expansion that generates a higher-dimensional cascade realization of a given network system. The upstream dynamics of the cascade realization corresponds to an isolated model of the subsystem of interest, which is stabilized by a local controller. The downstream dynamics can be seen as a dynamical model representing the propagation of interference signals among subsystems, the stability of which is equivalent to that of the original system. This cascade structure enables a systematic analysis of both the stability and control performance of the resultant closed-loop system. The resultant retrofit controller is formed as a cascade interconnection of the local controller and an output rectifier that rectifies an output signal of the subsystem of interest so as to conform to an output signal of the isolated subsystem model while acquiring complementary signals neglected in the local controller design, such as interconnection signals from neighboring subsystems. Finally, the efficiency of the retrofit control method is demonstrated through numerical examples of power systems control and vehicle platoon control.

Xingkang He, Xiaoqiang Ren, Henrik Sandberg et al.

In this paper, we consider a secure distributed filtering problem for linear time-invariant systems with bounded noises and unstable dynamics under compromised observations. A malicious attacker is able to compromise a subset of the agents and manipulate the observations arbitrarily. We first propose a recursive distributed filter consisting of two parts at each time. The first part employs a saturation-like scheme, which gives a small gain if the innovation is too large. The second part is a consensus operation of state estimates among neighboring agents. A sufficient condition is then established for the boundedness of estimation error, which is with respect to network topology, system structure, and the maximal compromised agent subset. We further provide an equivalent statement, which connects to 2s-sparse observability in the centralized framework in certain scenarios, such that the sufficient condition is feasible. Numerical simulations are finally provided to illustrate the developed results.

Moritz Wiese, Karl Henrik Johansson, Tobias J. Oechtering et al.

Uncertain wiretap channels are introduced. Their zero-error secrecy capacity is defined. If the sensor-estimator channel is perfect, it is also calculated. Further properties are discussed. The problem of estimating a dynamical system with nonstochastic disturbances is studied where the sensor is connected to the estimator and an eavesdropper via an uncertain wiretap channel. The estimator should obtain a uniformly bounded estimation error whereas the eavesdropper's error should tend to infinity. It is proved that the system can be estimated securely if the zero-error capacity of the sensor-estimator channel is strictly larger than the logarithm of the system's unstable pole and the zero-error secrecy capacity of the uncertain wiretap channel is positive.

Matin Jafarian, Xinlei Yi, Mohammad Pirani et al.

This paper studies the synchronization of a finite number of Kuramoto oscillators in a frequency-dependent bidirectional tree network. We assume that the coupling strength of each link in each direction is equal to the product of a common coefficient and the exogenous frequency of its corresponding head oscillator. We derive a sufficient condition for the common coupling strength in order to guarantee frequency synchronization in tree networks. Moreover, we discuss the dependency of the obtained bound on both the graph structure and the way that exogenous frequencies are distributed. Further, we present an application of the obtained result by means of an event-triggered algorithm for achieving frequency synchronization in a star network assuming that the common coupling coefficient is given.

Farhad Farokhi, Henrik Sandberg

The problem of preserving the privacy of individual entries of a database when responding to linear or nonlinear queries with constrained additive noise is considered. For privacy protection, the response to the query is systematically corrupted with an additive random noise whose support is a subset or equal to a pre-defined constraint set. A measure of privacy using the inverse of the trace of the Fisher information matrix is developed. The Cramer-Rao bound relates the variance of any estimator of the database entries to the introduced privacy measure. The probability density that minimizes the trace of the Fisher information (as a proxy for maximizing the measure of privacy) is computed. An extension to dynamic problems is also presented. Finally, the results are compared to the differential privacy methodology.

Matin Jafarian, Henrik Sandberg, Karl H. Johansson

This paper studies the stability of voltage dynamics for a power network in which nodal voltages are controlled by means of quadratic droop controllers with nonlinear AC reactive power as inputs. We show that the voltage dynamics is a Lotka-Volterra system, which is a class of nonlinear positive systems. We study the stability of the closed-loop system by proving a uniform ultimate boundedness result and investigating conditions under which the network is cooperative. We then restrict to study the stability of voltage dynamics under a decoupling assumption (i.e., zero relative angles). We analyze the existence and uniqueness of the equilibrium in the interior of the positive orthant for the system and prove an asymptotic stability result.

Henrik Sandberg, André M. H. Teixeira

In this paper, we investigate detectability and identifiability of attacks on linear dynamical systems that are subjected to external disturbances. We generalize a concept for a security index, which was previously introduced for static systems. The generalized index exactly quantifies the resources necessary for targeted attacks to be undetectable and unidentifiable in the presence of disturbances. This information is useful for both risk assessment and for the design of anomaly detectors. Finally, we show how techniques from the fault detection literature can be used to decouple disturbances and to identify attacks, under certain sparsity constraints.

Ingvar Ziemann, Anastasios Tsiamis, Henrik Sandberg et al.

We study stochastic policy gradient methods from the perspective of control-theoretic limitations. Our main result is that ill-conditioned linear systems in the sense of Doyle inevitably lead to noisy gradient estimates. We also give an example of a class of stable systems in which policy gradient methods suffer from the curse of dimensionality. Our results apply to both state feedback and partially observed systems.

Farhad Farokhi, Henrik Sandberg, Karl H. Johansson

We present a complexity reduction algorithm for a family of parameter-dependent linear systems when the system parameters belong to a compact semi-algebraic set. This algorithm potentially describes the underlying dynamical system with fewer parameters or state variables. To do so, it minimizes the distance (i.e., H-infinity-norm of the difference) between the original system and its reduced version. We present a sub-optimal solution to this problem using sum-of-squares optimization methods. We present the results for both continuous-time and discrete-time systems. Lastly, we illustrate the applicability of our proposed algorithm on numerical examples.

Henrik Sandberg, Kamil Hassan, Heng Wu

In this paper, we investigate a class of port-Hamiltonian systems with singular vector fields. We show that, under suitable conditions, their interconnection with passive systems ensures convergence to a prescribed non-equilibrium steady state. At first glance, this behavior appears to contradict the seemingly passive structure of port-Hamiltonian systems, since sustaining a non-equilibrium steady state requires continuous power injection. We resolve this apparent paradox by showing that the singularity in the vector field induces a sliding mode that contributes effective energy, enabling maintenance of the steady state and demonstrating that the system is not passive. Furthermore, we consider regularizations of the singular dynamics and show that the resulting systems are cyclo-passive, while still capable of supplying the required steady-state power. These results clarify the role of singularities in port-Hamiltonian systems and provide new insight into their energetic properties.

Behrad Samari, Henrik Sandberg, Karl H. Johansson et al.

Model order reduction techniques simplify high-dimensional dynamical systems by deriving lower-dimensional models that retain essential system characteristics. These techniques are crucial for the controller design of complex systems while significantly reducing computational costs. Nevertheless, constructing effective reduced-order models (ROMs) poses considerable challenges, particularly for nonlinear dynamical systems. These challenges are further exacerbated when the actual system model is unavailable, a scenario frequently encountered in real-world applications. In this work, we propose a data-driven framework for constructing ROMs of nonlinear dynamical systems with unknown mathematical models, enabling controller synthesis directly from the resulting ROMs. We establish similarity relations between the output trajectories of the original systems and those of their ROMs by employing the notion of simulation functions (SFs), thereby enabling a formal characterization of their closeness. To achieve this, we collect one set of noise-corrupted input-state data from the system during a finite-time experiment, upon which we propose conditions to construct both ROMs and SFs simultaneously. These conditions are formulated as data-dependent semidefinite programs. We demonstrate that the data-driven ROMs obtained can be employed to synthesize controllers for the original unknown systems, ensuring that they satisfy high-level logic specifications. This is accomplished by first designing controllers for the data-driven ROMs and then translating the results back to the original systems via interface functions, designed directly from the proposed data-dependent conditions. We evaluate the efficacy of our data-driven framework through two case studies, including a challenging benchmark from the model reduction literature: a circuit of chained inverter gates with 20 state variables.

Behrad Samari, Henrik Sandberg, Karl H. Johansson et al.

This paper develops a direct data-driven framework for constructing reduced-order models (ROMs) of discrete-time linear dynamical systems with unknown dynamics and process disturbances. The proposed scheme enables controller synthesis on the ROM and its refinement to the original system by an interface function designed using noisy data. To achieve this, the notion of simulation functions (SFs) is employed to establish a formal relation between the original system and its ROM, yielding a quantitative bound on the mismatch between their output trajectories. To construct such relations and interface functions, we rely on data collected from the unknown system. In particular, using noise-corrupted input-state data gathered along a single trajectory of the system, and without identifying the original dynamics, we propose data-dependent conditions, cast as a semidefinite program, for the simultaneous construction of ROMs, SFs, and interface functions. Through a case study, we demonstrate that data-driven controller synthesis on the ROM, combined with controller refinement via the interface function, enables the enforcement of complex specifications beyond stability.

Mauricio Byrd Victorica, György Dán, Henrik Sandberg

State-of-the-art convolutional neural network models for object detection and image classification are vulnerable to physically realizable adversarial perturbations, such as patch attacks. Existing defenses have focused, implicitly or explicitly, on single-patch attacks, leaving their sensitivity to the number of patches as an open question or rendering them computationally infeasible or inefficient against attacks consisting of multiple patches in the worst cases. In this work, we propose SpaNN, an attack detector whose computational complexity is independent of the expected number of adversarial patches. The key novelty of the proposed detector is that it builds an ensemble of binarized feature maps by applying a set of saliency thresholds to the neural activations of the first convolutional layer of the victim model. It then performs clustering on the ensemble and uses the cluster features as the input to a classifier for attack detection. Contrary to existing detectors, SpaNN does not rely on a fixed saliency threshold for identifying adversarial regions, which makes it robust against white box adversarial attacks. We evaluate SpaNN on four widely used data sets for object detection and classification, and our results show that SpaNN outperforms state-of-the-art defenses by up to 11 and 27 percentage points in the case of object detection and the case of image classification, respectively. Our code is available at https://github.com/gerkbyrd/SpaNN.

Takumi Shinohara, Karl Henrik Johansson, Henrik Sandberg

We develop a data-driven framework for assessing the resilience of linear time-invariant systems against malicious false-data-injection sensor attacks. Leveraging sparse observability, we propose data-driven resilience metrics and derive necessary and sufficient conditions for two data-availability scenarios. For attack-free data, we show that when a rank condition holds, the resilience level can be computed exactly from the data alone, without prior knowledge of the system parameters. We then extend the analysis to the case where only poisoned data are available and show that the resulting assessment is necessarily conservative. For both scenarios, we provide algorithms for computing the proposed metrics and show that they can be computed in polynomial time under an additional spectral condition. A numerical example illustrates the efficacy and limitations of the proposed framework.

Enno Breukelman, Takumi Shinohara, Joowon Lee et al.

In this paper, we consider data-driven reconstruction of unknown inputs to linear time-invariant (LTI) multiple-input multiple-output (MIMO) systems. We propose a novel autoregressive estimator based on a constrained least-squares formulation over Hankel matrices, splitting the problem into an output-consistency constraint and an input-history-matching objective. Our method relies on previously recorded input-output data to represent the system, but does not require knowledge of the true input to initialize the algorithm. We show that the proposed estimator is strictly stable if and only if all the invariant zeros of the trajectory-generating system lie strictly inside the unit circle, which can be verified purely from input and output data. This mirrors existing results from model-based input reconstruction and closes the gap between model-based and data-driven settings. Lastly, we provide numerical examples to demonstrate the theoretical results.

Diego Ortiz Barbosa, Mohit Agrawal, Yash Malegaonkar et al.

Autonomous drones must often respond to sudden events, such as alarms, faults, or unexpected changes in their environment, that require immediate and adaptive decision-making. Traditional approaches rely on safety engineers hand-coding large sets of recovery rules, but this strategy cannot anticipate the vast range of real-world contingencies and quickly becomes incomplete. Recent advances in embodied AI, powered by large visual language models, provide commonsense reasoning to assess context and generate appropriate actions in real time. We demonstrate this capability in a simulated urban benchmark in the Unreal Engine, where drones dynamically interpret their surroundings and decide on sudden maneuvers for safe landings. Our results show that embodied AI makes possible a new class of adaptive recovery and decision-making pipelines that were previously infeasible to design by hand, advancing resilience and safety in autonomous aerial systems.

Ingvar Ziemann, Henrik Sandberg, Nikolai Matni

Given a single trajectory of a dynamical system, we analyze the performance of the nonparametric least squares estimator (LSE). More precisely, we give nonasymptotic expected $l^2$-distance bounds between the LSE and the true regression function, where expectation is evaluated on a fresh, counterfactual, trajectory. We leverage recently developed information-theoretic methods to establish the optimality of the LSE for nonparametric hypotheses classes in terms of supremum norm metric entropy and a subgaussian parameter. Next, we relate this subgaussian parameter to the stability of the underlying process using notions from dynamical systems theory. When combined, these developments lead to rate-optimal error bounds that scale as $T^{-1/(2+q)}$ for suitably stable processes and hypothesis classes with metric entropy growth of order $δ^{-q}$. Here, $T$ is the length of the observed trajectory, $δ\in \mathbb{R}_+$ is the packing granularity and $q\in (0,2)$ is a complexity term. Finally, we specialize our results to a number of scenarios of practical interest, such as Lipschitz dynamics, generalized linear models, and dynamics described by functions in certain classes of Reproducing Kernel Hilbert Spaces (RKHS).

Hampei Sasahara, Henrik Sandberg

This paper addresses the question whether model knowledge can guide a defender to appropriate decisions, or not, when an attacker intrudes into control systems. The model-based defense scheme considered in this study, namely Bayesian defense mechanism, chooses reasonable reactions through observation of the system's behavior using models of the system's stochastic dynamics, the vulnerability to be exploited, and the attacker's objective. On the other hand, rational attackers take deceptive strategies for misleading the defender into making inappropriate decisions. In this paper, their dynamic decision making is formulated as a stochastic signaling game. It is shown that the belief of the true scenario has a limit in a stochastic sense at an equilibrium based on martingale analysis. This fact implies that there are only two possible cases: the defender asymptotically detects the attack with a firm belief, or the attacker takes actions such that the system's behavior becomes nominal after a finite time step. Consequently, if different scenarios result in different stochastic behaviors, the Bayesian defense mechanism guarantees the system to be secure in an asymptotic manner provided that effective countermeasures are implemented. As an application of the finding, a defensive deception utilizing asymmetric recognition of vulnerabilities exploited by the attacker is analyzed. It is shown that the attacker possibly stops the attack even if the defender is unaware of the exploited vulnerabilities as long as the defender's unawareness is concealed by the defensive deception.

Ingvar Ziemann, Henrik Sandberg

TWe establish regret lower bounds for adaptively controlling an unknown linear Gaussian system with quadratic costs. We combine ideas from experiment design, estimation theory and a perturbation bound of certain information matrices to derive regret lower bounds exhibiting scaling on the order of magnitude $\sqrt{T}$ in the time horizon $T$. Our bounds accurately capture the role of control-theoretic parameters and we are able to show that systems that are hard to control are also hard to learn to control; when instantiated to state feedback systems we recover the dimensional dependency of earlier work but with improved scaling with system-theoretic constants such as system costs and Gramians. Furthermore, we extend our results to a class of partially observed systems and demonstrate that systems with poor observability structure also are hard to learn to control.

Sawsan Emad, Amr Alanwar, Yousra Alkabani et al.

The privacy aspect of state estimation algorithms has been drawing high research attention due to the necessity for a trustworthy private environment in cyber-physical systems. These systems usually engage cloud-computing platforms to aggregate essential information from spatially distributed nodes and produce desired estimates. The exchange of sensitive data among semi-honest parties raises privacy concerns, especially when there are coalitions between parties. We propose two privacy-preserving protocols using Kalman filter and partially homomorphic encryption of the measurements and estimates while exposing the covariances and other model parameters. We prove that the proposed protocols achieve satisfying computational privacy guarantees against various coalitions based on formal cryptographic definitions of indistinguishability. We evaluate the proposed protocols to demonstrate their efficiency using data from a real testbed.

Hampei Sasahara, Henrik Sandberg

This study investigates general model-based incident handler's asymptotic behaviors in time against cyber attacks to control systems. The attacker's and the defender's dynamic decision making is modeled as an equilibrium of a dynamic signaling game. It is shown that the defender's belief on existence of an attacker converges over time for any attacker's strategy provided that the stochastic dynamics of the control system is known to the defender. This fact implies that the rational behavior of the attacker converges to a harmless action as long as the defender possesses an effective counteraction. The obtained result supports the powerful protection capability achieved by model-based defense mechanisms.

Hampei Sasahara, Henrik Sandberg

This study provides a model of cyber deception with asymmetric recognition represented by private beliefs. Signaling games, which are often used in existing works, are built on the implicit premise that the receiver's belief is public information. However, this assumption, which leads to symmetric recognition, is unrealistic in adversarial decision making. For a precise evaluation of risks arising from cognitive gaps, this paper proposes epistemic signaling games based on the Mertens-Zamir model, which explicitly quantifies players' asymmetric recognition. Equilibria of the games are analytically characterized with an interpretation.

Ingvar Ziemann, Henrik Sandberg

This paper presents local asymptotic minimax regret lower bounds for adaptive Linear Quadratic Regulators (LQR). We consider affinely parametrized $B$-matrices and known $A$-matrices and aim to understand when logarithmic regret is impossible even in the presence of structural side information. After defining the intrinsic notion of an uninformative optimal policy in terms of a singularity condition for Fisher information we obtain local minimax regret lower bounds for such uninformative instances of LQR by appealing to van Trees' inequality (Bayesian Cramér-Rao) and a representation of regret in terms of a quadratic form (Bellman error). It is shown that if the parametrization induces an uninformative optimal policy, logarithmic regret is impossible and the rate is at least order square root in the time horizon. We explicitly characterize the notion of an uninformative optimal policy in terms of the nullspaces of system-theoretic quantities and the particular instance parametrization.

Amr Alanwar, Victor Gassmann, Xingkang He et al.

The set-based estimation has gained a lot of attention due to its ability to guarantee state enclosures for safety-critical systems. However, collecting measurements from distributed sensors often requires outsourcing the set-based operations to an aggregator node, raising many privacy concerns. To address this problem, we present set-based estimation protocols using partially homomorphic encryption that preserve the privacy of the measurements and sets bounding the estimates. We consider a linear discrete-time dynamical system with bounded modeling and measurement uncertainties. Sets are represented by zonotopes and constrained zonotopes as they can compactly represent high-dimensional sets and are closed under linear maps and Minkowski addition. By selectively encrypting parameters of the set representations, we establish the notion of encrypted sets and intersect sets in the encrypted domain, which enables guaranteed state estimation while ensuring privacy. In particular, we show that our protocols achieve computational privacy using the cryptographic notion of computational indistinguishability. We demonstrate the efficiency of our approach by localizing a real mobile quadcopter using ultra-wideband wireless devices.

Song Fang, Karl Henrik Johansson, Mikael Skoglund et al.

In this paper, we introduce the concept of two-way coding, which originates in communication theory characterizing coding schemes for two-way channels, into control theory, particularly to facilitate the analysis and design of feedback control systems under injection attacks. Moreover, we propose the notion of attack decoupling, and show how the controller and the two-way coding can be co-designed to nullify the transfer function from attack to plant, rendering the attack effect zero both in transient phase and in steady state.

Moritz Wiese, Tobias J. Oechtering, Karl Henrik Johansson et al.

We study the problem of securely estimating the states of an unstable dynamical system subject to nonstochastic disturbances. The estimator obtains all its information through an uncertain channel which is subject to nonstochastic disturbances as well, and an eavesdropper obtains a disturbed version of the channel inputs through a second uncertain channel. An encoder observes and block-encodes the states in such a way that, upon sending the generated codeword, the estimator's error is bounded and such that a security criterion is satisfied ensuring that the eavesdropper obtains as little state information as possible. Two security criteria are considered and discussed with the help of a numerical example. A sufficient condition on the uncertain wiretap channel, i.e., the pair formed by the uncertain channel from encoder to estimator and the uncertain channel from encoder to eavesdropper, is derived which ensures that a bounded estimation error and security are achieved. This condition is also shown to be necessary for a subclass of uncertain wiretap channels. To formulate the condition, the zero-error secrecy capacity of uncertain wiretap channels is introduced, i.e., the maximal rate at which data can be transmitted from the encoder to the estimator in such a way that the eavesdropper is unable to reconstruct the transmitted data. Lastly, the zero-error secrecy capacity of uncertain wiretap channels is studied.

Farhad Farokhi, Jezdimir Milosevic, Henrik Sandberg

Optimal state estimation for linear discrete-time systems is considered. Motivated by the literature on differential privacy, the measurements are assumed to be corrupted by Laplace noise. The optimal least mean square error estimate of the state is approximated using a randomized method. The method relies on that the Laplace noise can be rewritten as Gaussian noise scaled by Rayleigh random variable. The probability of the event that the distance between the approximation and the best estimate is smaller than a constant is determined as function of the number of parallel Kalman filters that is used in the randomized method. This estimator is then compared with the optimal linear estimator, the maximum a posteriori (MAP) estimate of the state, and the particle filter.