Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Guaranteed Privacy-Preserving $\mathcal{H}_{\infty}$-Optimal Interval Observer Design for Bounded-Error LTI Systems

Mohammad Khajenejad, Sonia Martinez

TL;DR

This paper furthers current research into the notion of guaranteed privacy, which provides a deterministic characterization of the privacy of output signals of a dynamical system or mechanism by synthesizing an interval observer for linear time-invariant bounded-error systems.

Abstract

This paper furthers current research into the notion of guaranteed privacy, which provides a deterministic characterization of the privacy of output signals of a dynamical system or mechanism. Unlike stochastic differential privacy, guaranteed privacy offers strict bounds on the proximity between the ranges of two sets of estimated data. Our approach relies on synthesizing an interval observer for a perturbed linear time-invariant (LTI) bounded-error system. The design procedure incorporates a bounded noise perturbation factor computation and observer gains synthesis. Consequently, the observer simultaneously provides guaranteed private and stable interval-valued estimates for a desired variable. We demonstrate the optimality of our design by minimizing the $\mathcal{H}_{\infty}$ norm of the observer error system. Furthermore, we assess the accuracy of our proposed mechanism by quantifying the loss incurred when considering guaranteed privacy specifications. Finally, we illustrate the outperformance of the proposed approach to differential privacy through simulations.

Guaranteed Privacy-Preserving $\mathcal{H}_{\infty}$-Optimal Interval Observer Design for Bounded-Error LTI Systems

TL;DR

This paper furthers current research into the notion of guaranteed privacy, which provides a deterministic characterization of the privacy of output signals of a dynamical system or mechanism by synthesizing an interval observer for linear time-invariant bounded-error systems.

Abstract

This paper furthers current research into the notion of guaranteed privacy, which provides a deterministic characterization of the privacy of output signals of a dynamical system or mechanism. Unlike stochastic differential privacy, guaranteed privacy offers strict bounds on the proximity between the ranges of two sets of estimated data. Our approach relies on synthesizing an interval observer for a perturbed linear time-invariant (LTI) bounded-error system. The design procedure incorporates a bounded noise perturbation factor computation and observer gains synthesis. Consequently, the observer simultaneously provides guaranteed private and stable interval-valued estimates for a desired variable. We demonstrate the optimality of our design by minimizing the norm of the observer error system. Furthermore, we assess the accuracy of our proposed mechanism by quantifying the loss incurred when considering guaranteed privacy specifications. Finally, we illustrate the outperformance of the proposed approach to differential privacy through simulations.
Paper Structure (13 sections, 8 theorems, 49 equations, 2 figures)

This paper contains 13 sections, 8 theorems, 49 equations, 2 figures.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Problem Formulation
  4. System Assumptions
  5. Guaranteed Privacy
  6. Guaranteed Privacy-Preserving Interval Observer Design
  7. Framer Structure
  8. Observer Input-to-State Stability
  9. Guaranteed Privacy-Preserving Mechanism
  10. $\mathcal{H}_{\infty}$-Optimal Guaranteed Private Observer Synthesis
  11. Accuracy Analysis
  12. Illustrative Example
  13. Conclusion and Future Work

Key Result

Proposition 1

efimov2013interval Let $A \in \mathbb{R}^{p \times n}$ and $\underline{x} \leq x \leq \overline{x} \in \mathbb{R}^n$. Then, $A^+\underline{x}-A^{-}\overline{x} \leq Ax \leq A^+\overline{x}-A^{-}\underline{x}$. As a corollary, if $A$ is non-negative, $A\underline{x} \leq Ax \leq A\overline{x}$.

Figures (2)

  • Figure 1: Top: actual value of $z_k$ (green), as well as its upper and lower framers obtained by applying a non-private (NP) interval observer (black), a guaranteed private (GP) interval observer (red), and a differentially private (DP) interval observer (blue). Bottom: comparison of the no-private (NP), the guaranteed private (GP) and differentially private (DP)degue2020differentially interval estimate widths (errors).
  • Figure 2: Strong guaranteed privacy-preserving interval-valued estimates of $z_k$ using two adjacent outputs $y^1_k$ (red) and $y^2_k$ (blue).

Theorems & Definitions (22)

  • Definition 1: Intervals
  • Proposition 1
  • Definition 2: Interval Framer
  • Definition 3: Input-to-State Stability & Interval Observer
  • Definition 4: $\mathcal{H}_{\infty}$-Optimal Interval Observer
  • Definition 5: $\rho$ Adjacency Relation
  • Definition 6: Guaranteed Privacy
  • Proposition 2: Framer Property
  • proof
  • Lemma 1
  • ...and 12 more