We address the problem of synthesizing distorting mechanisms that maximize infinite horizon privacy for Networked Control Systems (NCSs). We consider stochastic LTI systems where information about the system state is obtained through noisy sensor measurements and transmitted to a (possibly adversarial) remote station via unsecured/public communication networks to compute control actions (a remote LQR controller). Because the network/station is untrustworthy, adversaries might access sensor and control data and estimate the system state. To mitigate this risk, we pass sensor and control data through distorting (privacy-preserving) mechanisms before transmission and send the distorted data through the communication network. These mechanisms consist of a linear coordinate transformation and additive-dependent Gaussian vectors. We formulate the synthesis of the distorting mechanisms as a convex program. In this convex program, we minimize the infinite horizon mutual information (our privacy metric) between the system state and its optimal estimate at the remote station for a desired upper bound on the control performance degradation (LQR cost) induced by the distortion mechanism.
翻译:翻译摘要:本文解决了在网络控制系统中合成最大化无限时隐私的畸变机制的问题。我们考虑通过噪声传感器测量获取系统状态信息,并通过不安全的/公共通信网络将信息传输到(可能是对抗性的)远程站点以计算控制行为(远程LQR控制器)的随机LTI系统。因为网络/站点不可信,攻击者可能会访问传感器和控制数据并估计系统状态。为了减轻这个风险,我们在传输之前通过畸变(保护隐私)机制传递传感器和控制数据,然后将畸变数据通过通信网络发送。这些机制包括线性坐标变换和添加依赖性高斯向量。我们将畸变机制的综合制定为凸状程序。在这个凸状程序中,我们最小化了系统状态和其在远程站点的最优估计之间的无限时间互信息(我们的隐私度量),以达到畸变机制引起的控制性能下降(LQR成本)的期望上限。