8 research outputs found
Compressive Privacy for a Linear Dynamical System
We consider a linear dynamical system in which the state vector consists of
both public and private states. One or more sensors make measurements of the
state vector and sends information to a fusion center, which performs the final
state estimation. To achieve an optimal tradeoff between the utility of
estimating the public states and protection of the private states, the
measurements at each time step are linearly compressed into a lower dimensional
space. Under the centralized setting where all measurements are collected by a
single sensor, we propose an optimization problem and an algorithm to find the
best compression matrix. Under the decentralized setting where measurements are
made separately at multiple sensors, each sensor optimizes its own local
compression matrix. We propose methods to separate the overall optimization
problem into multiple sub-problems that can be solved locally at each sensor.
We consider the cases where there is no message exchange between the sensors;
and where each sensor takes turns to transmit messages to the other sensors.
Simulations and empirical experiments demonstrate the efficiency of our
proposed approach in allowing the fusion center to estimate the public states
with good accuracy while preventing it from estimating the private states
accurately
Interval Observer Approach to Output Stabilization of Linear Impulsive Systems
International audienceThe problem of output stabilization is studied for a class of linear hybrid systems subject to signal uncertainties: linear impulsive systems under dwell-time constraints. Two problems are considered. First, an interval observer estimating the set of admissible values for the state is designed. Next, an output stabilizing feedback design problem is studied where the stability is checked using linear matrix inequalities (LMIs). To the best of our knowledge, interval observer approach has never been proposed for the stabilization of this class of hybrid systems. Efficiency of the proposed approach is demonstrated by computer experiments for Fault Detection and Isolation (FDI) and Fault-Tolerant Control (FTC) of a power split device with clutch for heavy-duty military vehicles
Secure and Privacy-Preserving Cyber-Physical Systems
RÉSUMÉ
Dans cette thèse de doctorat, nous étudions le problème de conception d’estimateur et de
commande préservant la confidentialité de données dans un système multi-algent composé
de systèmes individuels linéaires incertains ainsi que le problème de conception d’attaques
furtives et d’estimateurs résilients aux attaques dans les système cyber-physiques. Les systèmes
de surveillance et de commande Ă grande Ă©chelle permettant une infrastructure de
plus en plus intelligente s’appuient de plus en plus sur des données sensibles obtenues auprès
d’agents privés. Par exemple, ces systèmes collectent des données de localisation d’utilisateurs
d’un système de transport intelligent ou des données médicales de patients pour une détection
intelligente d’épidémie. Cependant, les considérations de confidentialité peuvent rendre
les agents réticents à partager les informations nécessaires pour améliorer les performances
d’une infrastructure intelligente. Dans le but d’encourager la participation de ces agents, il
s’avère important de concevoir des algorithmes qui traitent les données d’une manière qui
preserve leur confidentialité.
Durant la première partie de cette thèse, nous considérons des scénarios dans lesquels les
systèmes individuels sont indépendants et sont des systèmes linéaires gaussiens. Nous revisitons
les problèmes de filtrage de Kalman et de commande linéaire quadratique gaussienne
(LQG), sous contraintes de preservation de la confidentialité. Nous aimerions garantir la
confidentialité differentielle, une définition formelle et à la pointe de la technologie concernant
la confidentialité, et qui garantit que la sortie d’un algorithme ne soit pas trop sensible
aux données collectées auprès d’un seul agent. Nous proposons une architecture en deux
étapes, qui agrège et combine d’abord les signaux des agents individuels avant d’ajouter du
bruit préservant la confidentialité et post-filtrer le résultat à publier. Nous montrons qu’une
amélioration significative des performances est offerte par cette architecture par rapport aux
architectures standards de perturbations d’entrée à mesure que le nombre de signaux d’entrée
augmente. Nous prouvons qu’un pré-filtre optimal d’agrégation statique peut être conçu en
résolvant un programme semi-défini. L’architecture en deux étapes, que nous développons
d’abord pour le filtrage de Kalman, est ensuite adaptée au problème de commande LQG
en exploitant le principe de séparation. A travers des simulations numériques, nous illustrons
les améliorations de performance de notre architecture par rapport aux algorithmes de
confidentialité différentielle qui n’utilisent pas d’agrégation de signal.----------ABSTRACT
This thesis studies the problem of privacy-preserving estimator and control design in a multiagent
system composed of uncertain individual linear systems and the problem of design
of undetectable attacks and attack-resilient estimators for cyber-physical systems. Largescale
monitoring and control systems enabling a more intelligent infrastructure increasingly
rely on sensitive data obtained from private agents, e.g., location traces collected from the
users of an intelligent transportation system or medical records collected from patients for
intelligent health monitoring. Nevertheless, privacy considerations can make agents reluctant
to share the information necessary to improve the performance of an intelligent infrastructure.
In order to encourage the participation of these agents, it becomes then critical to design
algorithms that process information in a privacy-preserving way. The first part of this thesis
consider scenarios in which the individual agent systems are linear Gaussian systems and
are independent. We revisit the Kalman filtering and Linear Quadratic Gaussian (LQG)
control problems, subject to privacy constraints. We aim to enforce differential privacy, a
formal, state-of-the-art definition of privacy ensuring that the output of an algorithm is not
too sensitive to the data collected from any single participating agent. We propose a twostage
architecture, which first aggregates and combines the individual agent signals before
adding privacy-preserving noise and post-filtering the result to be published. We show a
significant performance improvement offered by this architecture over input perturbation
schemes as the number of input signals increases and that an optimal static aggregation stage
can be computed by solving a semidefinite program. The two-stage architecture, which we
develop first for Kalman filtering, is then adapted to the LQG control problem by leveraging
the separation principle. We provide numerical simulations that illustrate the performance
improvements over differentially private algorithms without first-stage signal aggregation.
The second part of this thesis considers the problem of privacy-preserving estimator design
for a multi-agent system composed of individual linear time-invariant systems affected by
uncertainties whose statistical properties are not available. Only bounds are given a priori
for these uncertainties. We propose a privacy-preserving interval estimator architecture,
which releases publicly estimates of lower and upper bounds for an aggregate of the states
of the individual systems. Particularly, we add a bounded privacy-preserving noise to each
participant’s data before sending it to the estimator. The estimates published by the observer
guarantee differential privacy for the agents’ data. We provide a numerical simulation that
illustrates the behavior of the proposed architecture