Extended Insertion Functions for Opacity Enforcement

Abstract: Opacity is a confidentiality property that holds when certain secret strings of a given system cannot be revealed to an outside observer under any system activity. Opacity violations stimulate the study of opacity enforcement strategies. Among other methodologies, opacity has been enforced using insertion mechanisms, i.e., output obfuscation mechanisms that are allowed to insert fictitious output symbols before actual system outputs, in order to preserve opacity. This paper studies and analyzes more powerful extended insertion mechanisms, which can insert symbols before and after an actual system output, thus, providing opacity to a wider class of systems. In order to address practical considerations, the paper also introduces event insertion constraints (i.e., the case when only specific symbols can be inserted before and/or after an actual system output). For each case, we construct an appropriate verifier that can be used to obtain necessary and sufficient conditions for checking opacity enforceability.