Abstract
A secure and private nonlinear networked control systems (NCSs) design using semi-homomorphic encryption is studied. Static feedback controllers are used and network architectures are provided to enable control signal computation using encrypted signals directly. As a result, the security of the NCSs is further enhanced by preserving the privacy of information flowing through the whole network. Whereas in traditional encryption techniques, encrypted signals are decrypted before control computation and are encrypted again after computation for transmission. While this is highly desirable from privacy point of view, additional technical difficulties in the design and analysis of NCSs are induced compared to standard NCSs. In this chapter, we provide sufficient conditions on the encryption parameters that guarantee robust stability of the NCS in the presence of disturbances in a semi-global practical sense and discuss the trade-offs between the required computational resources, security guarantees, and the closed-loop performance. The proof technique is based on Lyapunov methods.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
El Gamal encryption is also multiplicative homomorphic, however, RSA encryption also works on \(\mathbb {Z}_{N}\) while El Gamal encryption works only on a subset of \(\mathbb {Z}_{N}\) [20], for simplicity we consider RSA encryption here only, but the analysis can be extended to cover the case where El Gamal encryption is used.
- 2.
See [23] for an explanation of zoom-out .
References
Abdelrahim, M., Dolk, V.S., W.P. Heemels, M.H.: Input-to-state stabilizing event-triggered control for linear systems with output quantization. In: In Proceedings of the 55th IEEE Conference on Decision and Control, pp. 483–488 (2016)
Alanwar, A., Shoukry, Y., Chakraborty, S., Martin, P., Tabuada, P., Srivastava, M.: Proloc: resilient localization with private observers using partial homomorphic encryption: demo abstract. In: Proceedings of the 16th ACM/IEEE International Conference on Information Processing in Sensor Networks, pp. 41–52 (2017)
Alexandru, A.B., Gatsis, K., Shoukry, Y., Seshia, S.A., Tabuada, P., Pappas, G.J.: Cloud-based quadratic optimization with partially homomorphic encryption (2018). arXiv:1809.02267
Anderson, J., Papachristodoulou, A.: Advances in computational lyapunov analysis using sum-of-squares programming. Discret. Contin. Dyn. Syst. Ser. B 20(8), 2361–2381 (2015)
Antsaklis, P., Baillieul, J.: Special issue on technology of networked control systems. Proc. IEEE 95(1), 5–8 (2007)
Chen, Z., Huang, J.: Global robust stabilization of cascaded polynomial systems. Syst. Control Lett. 47(5), 445–453 (2002)
Cheon, J.H., Han, K., Kim, H., Kim, J., Shim, H.: Need for controllers having integer coefficients in homomorphically encrypted dynamic system. In: Proceedings of the 57th IEEE Conference on Decision and Control, pp. 5020–5025 (2018)
Farokhi, F., Shames, I., Batterham, N.: Secure and private control using semi-homomorphic encryption. Control Eng. Pract. 67, 13–20 (2017)
Gamal, T.E.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Proceedings of CRYPTO ’84, vol. 196, pp.10–18 (1984)
Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009)
Goebel, R., Sanfelice, R.G., Teel, A.R.: Hybrid Dynamical Systems: Modelling. Princeton University Press, Stability and Robustness (2012)
Hadjicostis, C.N.: Privary preserving distributed average consensus via homomorphic encryption. In: Proceedings of the 57th IEEE Conference on Decision and Control, pp. 1258–1263 (2018)
Heemels, W.P.M.H., Teel, A.R., van de Wouw, N., Nešić, D.: Networked control systems with communication constraints: tradeoffs between transmission intervals, delays and performance. IEEE Trans. Autom. Control 55(8), 1781–1796 (2010)
Hespanha, J.P., Naghshtabrizi, P., Xu, Y.: A survey of recent results in networked control systems. Proc. IEEE 95(1), 138–162 (2007)
Jiang, Y., Jiang, Z.P.: Robust adaptive dynamic programming and feedback stabilization of nonlinear systems. IEEE Trans. Neural Netw. Learn. Syst. 25(5), 882–893 (2014)
Jiang, Y., Jiang, Z.P.: Global adaptive dynamic programming for continuous-time nonlinear systems. IEEE Trans. Autom. Control 60(11), 2917–2929 (2015)
Jiang, Z.P., Wang, Y.: Input-to-state stability for discrete-time nonlinear systems. Automatica 37(6), 857–869 (2001)
Kellett, C.M., Teel, A.R.: On the robustness of \(\cal{KL}\)-stability for difference inclusions: smooth discrete-time lyapunov functions. SIAM J. Control Optim. 44(3), 777–800 (2005)
Kishida, M.: Encrypted control system with quantiser. IET Control Theory Appl. 13(1), 146–151 (2019)
Kosigo, K., Fujita, T.: Cyber-security enhancement of networked control systems using homomorphic encryption. In: Proceedings of the 54th IEEE Conference on Decision and Control, pp. 6836–6843 (2015)
Lazar, M., Muñoz de la Peña, D., Heemels, W.P.M.H., Alamo, T.: On input-to-state stability of min-max nonlinear model predictive control. Systems & Control Letters 57(1), 39–48 (2008)
Lewis, F.L., Vrabie, D., Vamvoudakis, K.G.: Reinforcement learning and feedback control: using natural decision methods to design optimal adaptive controllers. IEEE Control Syst. Mag. 32(6), 76–105 (2012)
Liberzon, D.: Hybrid feedback stabilization of systems with quantized signals. Automatica 39(9), 1543–1554 (2003)
Liberzon, D., Nešić, D.: Input-to-state stabilization of linear systems with quantized state measurements. IEEE Trans. Autom. Control 52(5), 767–781 (2007)
Lin, Y., Farokhi, F., Shames, I., Nešić, D.: Secure control of nonlinear systems using semi-homomorphic encryption. In: Proceedings of the 57th IEEE Conference on Decision and Control, pp. 5002–5007 (2018)
Lu, Y., Zhu, M.: Privacy preserving distributed optimization using homomorphic encryption. Automatica 96, 314–325 (2018)
Mo, Y., Sinopoli, B.: Secure control against replay attacks. In: Proceedings of the 47th annual Allerton conference on communication, control, and computing, pp. 911–918 (2009)
Murguia, C., Farokhi, F., Shames, I.: Secure and private implementation of dynamic controllers using semi-homomorphic encryption (2018). arXiv:1812.04168
Nešić, D., Teel, A.R.: A framework for stabilisation of nonlinear sampled-data systems based on their approximate discrete-time models. IEEE Trans. Autom. Control 49(7), 1103–1122 (2004)
Nešić, D., Teel, A.R., Kokotović, P.V.: Sufficient conditions for stabilization of sampled-data nonlinear systems via discrete-time approximations. Syst. Control Lett. 38(4–5), 259–270 (1999)
Nešić, D., Teel, A.R., Valmorbida, G., Zaccarian, L.: Finite-gain \(\cal{L}_p\) stability for hybrid dynamical systems. Automatica 49(8), 2384–2396 (2013)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of the 17th International Conference on Theory and Application of Cryptographic Techniques (EUROCRYPT’99), pp. 223–238 (1999)
Papachristodoulou, A., Anderson, J., Valmorbida, G., Prajna, S., Seiler, P., Parrilo, P.A.: SOSTOOLS: sum of squares optimization toolbox for MATLAB (2013). http://www.eng.ox.ac.uk/control/sostools, http://www.cds.caltech.edu/sostools and http://www.mit.edu/~parrilo/sostools
Parrilo, P.A.: Structured Semidefinite Programs and Semialgebraic Geometry Methods in Robustness and Optimization. Ph.D. thesis, California Institute of Technology (2000)
Powell, M.J.D.: Approximation Theory and Methods. Cambridge University Press, Cambridge (1981)
Prajna, S., Parrilo, P.A., Rantzer, A.: Nonlinear control synthesis by convex optimization. IEEE Trans. Autom. Control 49(2), 310–314 (2004)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystem. Commun. ACM 21(2), 120–126 (1978)
Ruan, M., Gao, H., Wang, Y.: Secure and privacy-preserving consensus. IEEE Trans. Autom. Control (To appear)
Teel, A.R.: Lyapunov methods in nonsmooth optimization, part I: Quasi-Newton algorithms for Lipschitz, regular functions. In: Proceedings of the 39th IEEE Conference on Decision and Control, pp. 112–117 (2000)
Teixeira, A., Shames, I., Sandberg, H., Johansson, K.H.: A secure control framework for resource-limited adversaries. Automatica 51, 135–148 (2015)
Tran, J., Farokhi, F., Cantoni, M., Shames, I.: Implementing homomorphic encryption based secure feedback control. Control Eng. Pract. 97, 104350 (2020)
Tuna, S.E., Teel, A.R.: Discrete-time homogeneous Lyapunov functions for homogeneous difference inclusions. In: Proceedings of the 43rd IEEE Conference on Decision and Control, pp. 1606–1610 (2004)
van de Wouw, N., Nešić, D., Heemels, W.P.M.H.: A discrete-time framework for stability analysis of nonlinear networked control systems. Automatica 48(6), 1144–1153 (2012)
Xu, J., Xie, L., Wang, Y.: Simultaneous stabilization and robust control of polynomial nonlinear systems using sos techniques. IEEE Trans. Autom. Control 54(8), 1892–1897 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
12.9 Proof of Theorem 12.1
Proof
First, note that Step 9 of Algorithm 12.2 represents the standard multiplication between matrices on encrypted numbers. Since each addition may lead to at most one more integer bit, for an \(n_y\) dimensional vector \(\bar{g}(x)\), \(n_y-1\) additions are required. Thus the condition \(N>2^{n_y+n_1+n_2-1}\) ensures that all encrypted data can be decrypted to get the desired control inputs without overflow and underflow. For simplicity, we will use the following equivalent dynamics \(f(x, \bar{K}\bar{g}(x), w)\) to represent the closed-loop system.
We represent \(f(x,\bar{K}g(x),w)\) and f(x, Kg(x), w) by \(f_1\) and f, respectively, for simplicity. Similarly we write \(f(x,\bar{K}\bar{g}(x),w)\) as \(f_2\). We prove the theorem by 2 steps. First, we show that under certain conditions the closed-loop system with gain matrix quantization (\(f_1\)) is ISS in a proper sense, then based on this result, we derive sufficient conditions to allow extra quantization of the measurement signal (\(f_2\)) without losing ISS.
Then for the same Lyapunov function given in Assumption 12.3, we have for all \(x\in \mathbb {R}^{n_x}\):
For any \(\varDelta _x=\bar{\varDelta }>0\), on the ball of radius \(\varDelta _x\), \(\mathbb {B}_{\varDelta _x}=\{x\in \mathbb {R}^{n_x}:|x|\le \varDelta _x\}\), there exists a positive constant \(L_V\) such that \(|V(x)-V(y)|\le L_V|x-y|\), for all \(x,y\in \mathbb {B}_{\varDelta _x}\). Thus (12.26) implies that for all \(x\in \mathbb {B}_{\varDelta _x}\):
where the second step follows from the fact that a continuous mapping maps a compact set to another compact set, thus the existence of the Lipschitz constant \(L_V\) can be guaranteed. Since g(x) is continuous on \(\mathbb {R}^{n_x}\), for any \(\delta _x\le |x|\le \varDelta _x\), |g(x)| attains its maximum \(M_1>0\). Thus we have if \(e_1\le \epsilon _1=\frac{(1-\mu _1)\alpha _3(\delta _x)}{M_1L_VL_f}\) with \(0<\mu _1<1\), then \(V(f_1)-V(x)\le -\mu _1\alpha _3(|x|)+\gamma (|w|)\).
For all \(\delta _x\le |x|\le \varDelta _x\) the following holds:
Thus, if \(e_2\le \epsilon _2=\frac{\mu _1(1-\mu _2)\alpha _3(\delta _x)}{L_VL_f|\bar{K}|}\) with \(0<\mu _2<1\), we have \(V(f(x,\bar{K}\bar{g}(x),w))-V(x)\le -\mu _1\mu _2\alpha _3(|x|)+\gamma (|w|)\). In contrast to the continuous-time case, this condition is insufficient for concluding that the discrete-time closed-loop system is semi-globally practically ISS as discussed in Sect. III of [29]. For the region \(\mathbb {B}_{\delta _x}=\{x\in \mathbb {R}^{n_x}:|x|\le \delta _x\}\), (12.28) does not hold in general, instead, from (12.27), we have for all \(x\in \mathbb {B}_{\delta _x}\):
where \(\eta =\frac{M_2(1-\mu _1)\alpha _3(\delta _x)}{M_1}+\mu _1(1-\mu _2)\alpha _3(\delta _x)\), \(M_2=\text {max}_{x\in \mathbb {B}_{\delta _x}}|g(x)|\). By Lemma 3.5 in [17], the set \(\{x\in \mathbb {R}^{n_x}:V(x)\le b_1\}\) where \(b_1=\alpha _2\circ \alpha _3^{-1}\circ \rho ^{-1}(\eta +\gamma (||w||))\) and \(\rho \) is any \(\mathcal {K}_{\infty }\) function such that \(Id-\rho \in \mathcal {K}_{\infty }\), is forward invariant. Define \(b_{1max}=\alpha _2\circ \alpha _3^{-1}\circ \rho ^{-1}(\eta +\gamma (\varDelta _w))\). Since the upper bound of the disturbance satisfies \(\alpha _1^{-1}(b_{1max})<\varDelta _x\), the state cannot escape away from the set \(\mathbb {B}_{\varDelta _x}\) from the set \(\mathbb {B}_{\delta _x}\) even in the presence of disturbances. As a result, following similar arguments, the set \(\{x\in \mathbb {R}^{n_x}:V(x)\le b_2\}\) is also forward invariant, where \(b_2=\alpha _2\circ \alpha _3^{-1}\circ \mu _1^{-1}\mu _2^{-1}\rho ^{-1}(\gamma (||w||))\). Define \(b_{2max}=\alpha _2\circ \alpha _3^{-1}\circ \mu _1^{-1}\mu _2^{-1}\rho ^{-1}(\gamma (\varDelta _w))\). Since we have \(\alpha _1^{-1}(b_{2max})<\varDelta _x\), the set \(\mathbb {B}_{\varDelta _x}\) is forward invariant. Then follow similar arguments in Sect. 3.5 in [17], we deduce that there exists \(\beta \in \mathcal {KL}\) such that \(\phi (k,x_0,w)\), the solution of (12.11) starting at \(x_0\) with \(|x_0|\le \varDelta _x\) at time k satisfies
where \(\delta =\alpha _1^{-1}((\frac{M_2(1-\mu _1)}{M_1}+\mu _1(1-\mu _2))\alpha _3(\delta _x)+\alpha _2(\delta _x))\) and \(\sigma (s)=\text {max}\{\sigma _1,\sigma _2\}\) where \(\sigma _1(s)=\alpha _1^{-1}\circ \alpha _2\circ \alpha _3^{-1}\circ \mu _1^{-1}\mu _2^{-1}(Id+\rho )\circ \gamma (s)\), \(\sigma _2(s)=\alpha _1^{-1}\circ \alpha _2\circ \alpha _3^{-1}\circ (Id+\rho )\circ \gamma (2s)\).
12.10 Proof of Theorem 12.2
Proof
We only present a sketch of the proof since it overlaps a lot with the proof of Theorem 12.1. Based on stated assumptions and Lemma 12.3, (12.21), (12.22) and (12.23) are guaranteed to hold.
Thus, by Lemma 12.3, for all \(x\in \mathbb {R}^{n_x}\) we have
Then we have if \(e_1\le \epsilon _1=\frac{c_3(1-\mu _1)}{LL_f\kappa }\), where \(0<\mu _1<1\), it holds true that \(V(f_1)-V(x)\le -\mu _1c_3|x|+LL_w|w|\) for all \(x\in \mathbb {R}^{n_x}\).
Since the following holds:
Thus, for any \(0<\delta _x<\varDelta _x<\infty \), if \(e_2\le \epsilon _2=\frac{\mu _1(1-\mu _2)c_3\delta _x}{LL_f|\bar{K}|}\), with \(0<\mu _2<1\) we have \(V(f(x,\bar{K}\bar{g}(x),w))-V(x)\le -\mu _1\mu _2c_3|x|+LL_w|w|\le -\frac{\mu _1\mu _2c_3}{c_2}V(x)+LL_w|w|\). For the region \(\mathbb {B}_{\delta _x}=\{x\in \mathbb {R}^{n_x}:|x|\le \delta _x\}\), we have
where \(\eta =\mu _1(1-\mu _2)c_3\delta _x\). By Lemma 3.5 in [17], the set \(\{x\in \mathbb {R}^{n_x}:V(x)\le b_1\}\) where \(b_1=\frac{c_2(\eta +LL_w||w||)}{c_3\rho }\) and \(\rho \) is any constant such that \(0<\rho <1\) is forward invariant. Define \(b_{1max}=\frac{c_2(\eta +LL_w\varDelta _w)}{c_3\rho }\). Since the upper bound of the disturbance satisfies \(\frac{b_{1max}}{c_1}<\varDelta _x\), the state cannot escape away from the set \(\mathbb {B}_{\varDelta _x}\) from the set \(\mathbb {B}_{\delta _x}\) even in the presence of disturbances. Following similar arguments, the set \(\{x\in \mathbb {R}^{n_x}:V(x)\le b_2\}\) is also forward invariant, where \(b_2=\frac{c_2LL_w||w||}{c_3\mu _1\mu _2\rho }\). Define \(b_{2max}=\frac{c_2LL_w\varDelta _w}{c_3\mu _1\mu _2\rho }\). Since we have \(\frac{b_{2max}}{c_1}<\varDelta _x\), the set \(\mathbb {B}_{\varDelta _x}\) is forward invariant. Then \(\phi (k,x_0)\) with \(|x_0|\le \varDelta _x\) satisfies
where \(\delta =\frac{c_2\eta }{c_1c_3\rho }\), \(\sigma =\text {max}\{\sigma _1, \sigma _2\}\), \(\sigma _1=\frac{c_2LL_w}{c_1c_3\mu _1\mu _2}\) and \(\sigma _2=\frac{c_2LL_w}{c_1c_3\mu _1}\). Since we have \(0<\mu _2<1\), \(\sigma =\sigma _1=\frac{c_2LL_w}{c_1c_3\mu _1\mu _2}\).
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Lin, Y., Farokhi, F., Shames, I., Nešić, D. (2021). Secure Networked Control Systems Design Using Semi-homomorphic Encryption. In: Ferrari, R.M., Teixeira, A.M.H. (eds) Safety, Security and Privacy for Cyber-Physical Systems. Lecture Notes in Control and Information Sciences, vol 486. Springer, Cham. https://doi.org/10.1007/978-3-030-65048-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-65048-3_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65047-6
Online ISBN: 978-3-030-65048-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)