1 research outputs found
Opacity Enforcing Supervisory Control using Non-deterministic Supervisors
In this paper, we investigate the enforcement of opacity via supervisory
control in the context of discrete-event systems. A system is said to be opaque
if the intruder, which is modeled as a passive observer, can never infer
confidently that the system is at a secret state. The design objective is to
synthesize a supervisor such that the closed-loop system is opaque even when
the control policy is publicly known. In this paper, we propose a new approach
for enforcing opacity using non-deterministic supervisors. A non-deterministic
supervisor is a decision mechanism that provides a set of control decisions at
each instant, and randomly picks a specific control decision from the decision
set to actually control the plant. Compared with the standard deterministic
control mechanism, such a non-deterministic control mechanism can enhance the
plausible deniability of the controlled system as the online control decision
is a random realization and cannot be implicitly inferred from the control
policy. We provide a sound and complete algorithm for synthesizing a
non-deterministic opacity-enforcing supervisor. Furthermore, we show that
non-deterministic supervisors are strictly more powerful than deterministic
supervisors in the sense that there may exist a non-deterministic
opacity-enforcing supervisor even when deterministic supervisors cannot enforce
opacity.Comment: 16 Pages. This paper has been accepted by IEEE transactions on
automatic contro