An Information Matrix Approach for State Secrecy
This work provides a provable secrecy guarantee for cyber-physical systems against passive eavesdropping, addressing a critical security problem for control systems.
The paper designs a coding scheme (State-Secrecy Codes) for remote state estimation that prevents a passive eavesdropper from inferring the plant's current state while maintaining optimal user estimation. The eavesdropper's minimum mean square error grows unbounded for unstable states and converges to open-loop prediction for stable states.
This paper studies the problem of remote state estimation in the presence of a passive eavesdropper. A sensor measures a linear plant's state and transmits it to an authorized user over a packet-dropping channel, which is susceptible to eavesdropping. Our goal is to design a coding scheme such that the eavesdropper cannot infer the plant's current state, while the user successfully decodes the sent messages. We employ a novel class of codes, termed State-Secrecy Codes, which are fast and efficient for dynamical systems. They apply linear time-varying transformations to the current and past states received by the user. In this way, they force the eavesdropper's information matrix to decrease with asymptotically the same rate as in the open-loop prediction case, i.e. when the eavesdropper misses all messages. As a result, the eavesdropper's minimum mean square error (mmse) for the unstable states grows unbounded, while the respective error for the stable states converges to the open-loop prediction one. These secrecy guarantees are achieved under minimal conditions, which require that, at least once, the user receives the corresponding packet while the eavesdropper fails to intercept it. Meanwhile, the user's estimation performance remains optimal. The theoretical results are illustrated in simulations.