# Notions of Centralized and Decentralized Opacity in Linear Systems

**Authors:** Bhaskar Ramasubramanian, Rance Cleaveland, Steven I. Marcus

arXiv: 1903.06869 · 2019-07-23

## TL;DR

This paper develops a comprehensive framework for analyzing and verifying various notions of opacity in linear and nonlinear cyber-physical systems, including centralized, decentralized, and colluding adversaries, with practical computational methods.

## Contribution

It introduces new notions of opacity for linear systems, extends the theory to multiple adversaries, and proposes computational techniques for verifying opacity conditions.

## Key findings

- Established necessary and sufficient conditions for k-ISO in linear systems.
- Extended opacity concepts to multiple adversaries and collusion scenarios.
- Proposed methods for approximating reachable states and verifying opacity.

## Abstract

We formulate notions of opacity for cyberphysical systems modeled as discrete-time linear time-invariant systems. A set of secret states is $k$-ISO with respect to a set of nonsecret states if, starting from these sets at time $0$, the outputs at time $k$ are indistinguishable to an adversarial observer. Necessary and sufficient conditions to ensure that a secret specification is $k$-ISO are established in terms of sets of reachable states. We also show how to adapt techniques for computing under-approximations and over-approximations of the set of reachable states of dynamical systems in order to soundly approximate k-ISO. Further, we provide a condition for output controllability, if $k$-ISO holds, and show that the converse holds under an additional assumption.   We extend the theory of opacity for single-adversary systems to the case of multiple adversaries and develop several notions of decentralized opacity. We study the following scenarios: i) the presence or lack of a centralized coordinator, and ii) the presence or absence of collusion among adversaries. In the case of colluding adversaries, we derive a condition for nonopacity that depends on the structure of the directed graph representing the communication between adversaries.   Finally, we relax the condition that the outputs be indistinguishable and define a notion of $\epsilon$-opacity, and also provide an extension to the case of nonlinear systems.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1903.06869/full.md

## Figures

6 figures with captions in the complete paper: https://tomesphere.com/paper/1903.06869/full.md

## References

49 references — full list in the complete paper: https://tomesphere.com/paper/1903.06869/full.md

---
Source: https://tomesphere.com/paper/1903.06869