Synthesis of Insertion Functions to Enforce Decentralized and Joint Opacity Properties of Discrete-event Systems
This work addresses confidentiality issues in decentralized systems for security applications, but it appears incremental as it extends existing opacity enforcement methods to multi-intruder scenarios.
The paper tackles the problem of enforcing opacity, a confidentiality property, in discrete-event systems with multiple intruders, proposing insertion functions to manipulate system outputs by adding fictitious events, and validates the approaches through examples.
Opacity is a confidentiality property that characterizes the non-disclosure of specified secret information of a system to an outside observer. In this paper, we consider the enforcement of opacity within the discrete-event system formalism in the presence of multiple intruders. We study two cases, one without coordination among the intruders and the other with coordination. We propose appropriate notions of opacity corresponding to the two cases, respectively, and propose enforcement mechanisms for these opacity properties based on the implementation of insertion functions, which manipulates the output of the system by inserting fictitious observable events whenever necessary. The insertion mechanism is adapted to the decentralized framework to enforce opacity when no coordination exists. Furthermore, we present a coordination and refinement procedure to synthesize appropriate insertion functions to enforce opacity when intruders may coordinate with each other by following an intersection-based coordination protocol. The effectiveness of the proposed opacity-enforcement approaches is validated through illustrative examples.