Optimal Secret Protections in Discrete-Event Systems

In this article, we study a security problem of protecting secrets in discrete-event systems modeled by deterministic finite automata. In the system, some states are defined as secrets, each of which is associated with a security level. The problem is to design an event-protecting policy such that any event sequence from the initial state that reaches a secret state contains a number of protected events no less than the required level of security. To solve this secret securing problem, we first develop a layered structure called the security automaton. Then, we show that the problem is transformed to a supervisory control problem in the security automaton. We consider two criteria of optimality on protecting policies: 1) disruptiveness, i.e., protecting policies with a minimum degree of disturbance to legal users' normal operations; and 2) cost, i.e., protecting policies with a minimal cost. For the optimality on disruptiveness, we prove that a minimally disruptive protecting policy is obtained by using the classical supervisory control theory in the security automaton. For the optimality on cost, we develop a method to obtain a protecting policy with minimal cost by finding a min-cut in the security automaton.