Enforcing Opacity by Publicly Known Edit Functions
This paper extends prior work about the enforcement of opacity by insertion functions and applies a more general method called edit functions. Based on its observations, the edit function can insert or erase events to modify the outputs of the system and obfuscate the outside intruder. In this paper, a key assumption is that the intruder knows the implementation of the edit function, which requires the edit function to be "public-private enforcing". In order to capture the limitations of edit functions, state based edit constraints are introduced and may preclude some originally feasible edit choices, complicating the enforcement problem. The edit function in this work is deterministic and the enforcement problem is formulated as a two-player game between the edit function and the system. Our goal is to synthesize public-private enforcing edit functions without violating edit constraints. A new synthesis algorithm is proposed based on the game structure.