Privacy Against Adversarial Classification in Cyber-Physical Systems

TL;DR

This paper develops methods to protect the privacy of cyber-physical system modes by distorting output trajectories before cloud processing, ensuring utility is maintained while preventing mode identification.

Contribution

It introduces a mathematical framework using output-regulation techniques to design trajectory distortions that preserve utility and hide system modes from cloud-based classification.

Findings

Distorted trajectories maintain the same utility as original data.

The method effectively misleads cloud classification of system modes.

Provides a systematic approach for privacy-preserving data transmission in CPSs.

Abstract

For a class of Cyber-Physical Systems (CPSs), we address the problem of performing computations over the cloud without revealing private information about the structure and operation of the system. We model CPSs as a collection of input-output dynamical systems (the system operation modes). Depending on the mode the system is operating on, the output trajectory is generated by one of these systems in response to driving inputs. Output measurements and driving inputs are sent to the cloud for processing purposes. We capture this "processing" through some function (of the input-output trajectory) that we require the cloud to compute accurately - referred here as the trajectory utility. However, for privacy reasons, we would like to keep the mode private, i.e., we do not want the cloud to correctly identify what mode of the CPS produced a given trajectory. To this end, we distort trajectories before transmission and send the corrupted data to the cloud. We provide mathematical tools (based on output-regulation techniques) to properly design distorting mechanisms so that: 1) the original and distorted trajectories lead to the same utility; and the distorted data leads the cloud to misclassify the mode.