Opacity is a security and privacy property that evaluates whether an external observer (intruder) can infer a secret of a system by observing its behavior. This paper proposes an on-line approach to address the problem of current-state opacity in discrete event systems (DESs) modeled in a labeled Petri Net (PN) framework and by observing its evolution. An observation of the system is said to be current-state opaque if the intruder is unable to determine whether the current state of the system is within a set of secret states, otherwise it is said to be not current-state opaque. The proposed approach to verify the current-state opacity works on-line: the verification algorithm waits for the occurrence of an observable event and uses Integer Linear Programming problem solutions to verify if the behavior of the system is current-state opaque to the intruder under the given observation. Moreover, the proposed method is applied in two different settings: (i) a centralized approach where the intruder has full knowledge of the system model but can partially observe the system behavior; (ii) a decentralized approach where a set of intruders can observe different event sets and collaborate with a coordinator to disclose the same secret. Finally, experimental results are presented to demonstrate the efficiency of the proposed method.
On-line verification of current-state opacity by Petri nets and integer linear programming / Cong, X.; Fanti, M. P.; Mangini, A. M.; Li, Z.. - In: AUTOMATICA. - ISSN 0005-1098. - STAMPA. - 94:(2018), pp. 205-213. [10.1016/j.automatica.2018.04.021]
On-line verification of current-state opacity by Petri nets and integer linear programming
Fanti, M. P.;Mangini, A. M.;
2018-01-01
Abstract
Opacity is a security and privacy property that evaluates whether an external observer (intruder) can infer a secret of a system by observing its behavior. This paper proposes an on-line approach to address the problem of current-state opacity in discrete event systems (DESs) modeled in a labeled Petri Net (PN) framework and by observing its evolution. An observation of the system is said to be current-state opaque if the intruder is unable to determine whether the current state of the system is within a set of secret states, otherwise it is said to be not current-state opaque. The proposed approach to verify the current-state opacity works on-line: the verification algorithm waits for the occurrence of an observable event and uses Integer Linear Programming problem solutions to verify if the behavior of the system is current-state opaque to the intruder under the given observation. Moreover, the proposed method is applied in two different settings: (i) a centralized approach where the intruder has full knowledge of the system model but can partially observe the system behavior; (ii) a decentralized approach where a set of intruders can observe different event sets and collaborate with a coordinator to disclose the same secret. Finally, experimental results are presented to demonstrate the efficiency of the proposed method.| File | Dimensione | Formato | |
|---|---|---|---|
|
Automatica_2018post_print.pdf
Open Access dal 01/02/2020
Tipologia:
Documento in Post-print
Licenza:
Creative commons
Dimensione
317.19 kB
Formato
Adobe PDF
|
317.19 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
