Skip to Main content Skip to Navigation

Monitoring and Supervisory Control for Opacity Properties

Abstract : In this thesis, we investigate the problems of verifying and enforcing confidentiality on critical systems. As a confidentiality property, we consider the notion of opacity which is a very general notion modeling the absence of information flow towards inquisitive attackers. Then, we study the application to opacity properties of formal methods developed in the context of discrete event systems. In the first part, we present how some classical abstract interpretation techniques can be applied to the computation of monitors to detect confidentiality vulnerabilities. We also present how the diagnosis theory can be adapted to detect opacity violations at runtime. In the second part, we develop some new techniques to enforce the opacity properties on a critical system. We study the supervisory control theory to restrict the behavior of a system in order to avoid information leakage. We show that this problem is in general out of the scope of the classical Ramadge & Wonham synthesis techniques. Therefore, we develop new algorithms to compute a most permissive controller enforcing the opacity property on a given system. Such techniques can be applied to the design of secure systems on a component based architecture. Finally, we consider an other approach to enforce opacity which is based on modifying at runtime the observability of the events. We show that this problem can be reduced to the computation of the set of winning strategies on a safety 2-player game. A possible application of such techniques is to generate dynamic firewalls to preserve confidential information.
Document type :
Complete list of metadata

Cited literature [78 references]  Display  Hide  Download
Contributor : Jérémy Dubreil <>
Submitted on : Thursday, March 4, 2010 - 12:24:38 PM
Last modification on : Friday, October 23, 2020 - 4:37:16 PM
Long-term archiving on: : Thursday, October 18, 2012 - 4:30:23 PM



  • HAL Id : tel-00461306, version 1



Jérémy Dubreil. Monitoring and Supervisory Control for Opacity Properties. Software Engineering [cs.SE]. Université Rennes 1, 2009. English. ⟨tel-00461306⟩



Record views


Files downloads