On Approximate Opacity of Cyber-Physical Systems

Abstract

Opacity is an important information-flow security property in the analysis of cyber-physical systems. It captures the plausible deniability of the system's secret behavior in the presence of an intruder that may access the information flow. Existing works on opacity only consider nonmetric systems by assuming that the intruder can always distinguish between two different outputs precisely. In this article, we extend the concept of opacity to systems whose output sets are equipped with metrics. Such systems are widely used in the modeling of many real-world systems whose measurements are physical signals. A new concept called approximate opacity is proposed in order to quantitatively evaluate the security guarantee level with respect to the measurement precision of the intruder. Then, we propose a new simulation-type relation, called approximate opacity-preserving simulation relation, which characterizes how close two systems are in terms of the satisfaction of approximate opacity. This allows us to verify approximate opacity for large-scale, or even infinite, systems using their abstractions. We also discuss how to construct approximate opacity-preserving symbolic models for a class of discrete-time control systems. Our results extend the definitions and analysis techniques for opacity from nonmetric systems to metric systems.