Skip to main content

TS

Dynamic observers for the synthesis of opaque systems

Authors

Franck Cassez, Jérémy Dubreil and Hervé Marchand

NICTA

Irisa

Abstract

In this paper, we address the problem of synthesizing \emph{opaque} systems. A secret predicate $S$ over the runs of a system $G$ is \emph{opaque} to an external user having partial observability over $G$, if s/he can never infer from the observation of a run of $G$ that the run belongs to $S$. We first investigate the case of \emph{static} partial observability where the set of events the user can observe is fixed a priori. In this context, we show that checking whether a system is opaque is PSPACE-complete, which implies that computing an optimal static observer ensuring opacity is also a PSPACE-complete problem.

Next, we introduce \emph{dynamic} partial observability where the set of events the user can observe changes over time.

We show how to check that a system is opaque \wrt to a dynamic observer and also address the corresponding synthesis problem: given a system $G$ and secret states $S$, compute the set of dynamic observers under which $S$ is opaque. Our main result is that the set of such observers can be finitely represented and can be computed in EXPTIME.

BibTeX Entry

  @techreport{Cassez_DM_09:tr,
    author           = {Cassez, Franck and Dubreil, J\'er\'emy and Marchand, Herv\'e},
    number           = {1930},
    month            = oct,
    year             = {2009},
    keywords         = {security, opacity, dynamic observation},
    title            = {Dynamic Observers for the Synthesis of Opaque Systems},
    institution      = {IRISA},
    address          = {Rennes, France}
  }

Download

Served by Apache on Linux on seL4.