Privacy-Preserving Resilience of Cyber-Physical Systems to Adversaries

A cyber-physical system (CPS) is expected to be resilient to more than one type of adversary. In this paper, we consider a CPS that has to satisfy a linear temporal logic (LTL) objective in the presence of two kinds of adversaries. The first adversary has the ability to tamper with inputs to the CPS to influence satisfaction of the LTL objective. The interaction of the CPS with this adversary is modeled as a stochastic game. We synthesize a controller for the CPS to maximize the probability of satisfying the LTL objective under any policy of this adversary. The second adversary is an eavesdropper who can observe labeled trajectories of the CPS generated from the previous step. It could then use this information to launch other kinds of attacks. A labeled trajectory is a sequence of labels, where a label is associated to a state and is linked to the satisfaction of the LTL objective at that state. We use differential privacy to quantify the indistinguishability between states that are related to each other when the eavesdropper sees a labeled trajectory. Two trajectories of equal length will be differentially private if they are differentially private at each state along the respective trajectories. We use a skewed Kantorovich metric to compute distances between probability distributions over states resulting from actions chosen according to policies from related states in order to quantify differential privacy. Moreover, we do this in a manner that does not affect the satisfaction probability of the LTL objective. We validate our approach on a simulation of a UAV that has to satisfy an LTL objective in an adversarial environment.



There are no comments yet.


page 1


Cyber-Resilience Evaluation of Cyber-Physical Systems

Cyber-Physical Systems (CPS) use computational resources to control phys...

"I need a better description”: An Investigation Into User Expectations For Differential Privacy

Despite recent widespread deployment of differential privacy, relatively...

Linear Temporal Logic Satisfaction in Adversarial Environments using Secure Control Barrier Certificates

This paper studies the satisfaction of a class of temporal properties fo...

Secure Control in Partially Observable Environments to Satisfy LTL Specifications

This paper studies the synthesis of control policies for an agent that h...

Data Poisoning against Differentially-Private Learners: Attacks and Defenses

Data poisoning attacks aim to manipulate the model produced by a learnin...

A Differentially Private Game Theoretic Approach for Deceiving Cyber Adversaries

Cyber deception is one of the key approaches used to mislead attackers b...

Deception-As-Defense Framework for Cyber-Physical Systems

We introduce deceptive signaling framework as a new defense measure agai...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.