Showing papers by "Tomáš Masopust published in 2022"

On Verification of Weak and Strong k-step Opacity for Discrete-Event Systems*

Abstract: Opacity is an important property asking whether a passive observer (an intruder), who knows the structure of the system but has only a limited observation of its behavior, may reveal the secret of the system. Several notions of opacity have been studied in the literature, including current-state opacity, k-step opacity, and infinite-step opacity. We investigate weak and strong k-step opacity, the notions that generalize both current-state opacity and infinite-step opacity, and ask whether the intruder is not able to decide, at any instant, when respectively whether the system was in a secret state during the last k observable steps. We design a new algorithm to verify weak k-step opacity, the complexity of which is lower than that of existing algorithms and that does not depend on the parameter k. Then, we show how to use this algorithm to verify strong k-step opacity by reducing the verification of strong k-step opacity to the verification of weak k-step opacity. The complexity of the resulting approach is again better than that of existing algorithms, and does not depend on the parameter k.

On Transformations among Opacity Notions

Abstract: Opacity is a property asking whether a system may reveal its secret to a passive observer who knows the structure of the system but has only limited observations of its behavior. Several notions of opacity have been studied. Similarities among the opacity notions have been investigated via transformations, which have many potential applications. We investigate K-step opacity (K-SO), a notion that generalizes both current-state opacity and infinite-step opacity, and asks whether the intruder cannot decide, at any instant, whether or when the system was in a secret state during the last K observable steps. We provide new polynomial-time transformations among K-SO and other opacity notions. Our results lead, among others, to the general solution of an open problem concerning the computational complexity of the verification of K-SO.

Hierarchical and Modular Supervisory Control under Partial Observation: Normality

Abstract: Conditions preserving observability of specifications between the plant and its abstraction are fundamental for hierarchical supervisory control of discrete-event systems under partial observation. Observation consistency and local observation consistency were identified as such conditions. To preserve normality, only observation consistency is required. Although observation consistency preserves normality between the levels for normal specifications, we show that for specifications that are not normal, observation consistency does not guarantee that the supremal normal sublanguage computed on the low level and on the high level coincide. Therefore, we define modified observation consistency, under which the supremal normal sublanguages of different levels coincide. Since we show that the verification of (modified) observation consistency is PSPACE-hard for finite automata models and undecidable for systems slightly more expressive than finite automata, we further discuss two stronger conditions that are easy to verify, and hence of practical interest. We apply modified observation consistency in modular systems to guarantee that the global supervisor can be computed locally. In particular, we use the coordination control framework, where the global and local computations of supervisors coincide under the assumption that the coordinated events are all observable.

Hierarchical Supervisory Control Under Partial Observation: Normality

Abstract: Conditions preserving observability of specifications between the plant and its abstraction are essential for hierarchical supervisory control of discrete-event systems under partial observation. Observation consistency and local observation consistency were identified as such conditions. To preserve normality, only observation consistency is required. Although observation consistency preserves normality between the levels for normal specifications, for specifications that are not normal, observation consistency is insufficient to guarantee that the supremal normal sublanguage computed on the low level and on the high level coincide. We define modified observation consistency, under which the supremal normal sublanguages of different levels coincide. We show that the verification of (modified) observation consistency is PSPACE-hard for finite automata and undecidable for slightly more expressive models than finite automata. Decidability of (modified) observation consistency is an open problem. Hence we further discuss two stronger conditions that are easy to verify. Finally, we illustrate the conditions on an example of a railroad controller and on a case study of a part of an MRI scanner.