Distributed Secret Securing in Discrete-Event Systems
Shoma Matsui, Kai Cai, Karen Rudie
TL;DR
This work addresses securing secrets distributed across multiple agents modeled by discrete-event systems. It defines global secrets as tuples of local secret states, and aims to enforce a minimum number of protections per secret while minimizing cost, using the $r$-secure reachability notion. The authors formulate the Distributed Secret Securing Problem and provide a necessary-and-sufficient solvability condition, along with a polynomial-time synthesis algorithm DRCMC that relies on supervisory control theory and relabelling. A running two-database example illustrates how protection policies are computed and shows the trade-off between protection cost and security requirements. The approach enables scalable, cost-aware security design for distributed cyber-physical and database systems, with future work on extending protections to transitions and practical implementations.
Abstract
In this paper, we study a security problem of protecting secrets in distributed systems. Specifically, we employ discrete-event systems to describe the structure and behaviour of distributed systems, in which global secret information is separated into pieces and stored in local component agents. The goal is to prevent such secrets from being exposed to intruders by imposing appropriate protection measures. This problem is formulated as to ensure that at least one piece of every distributed global secret is secured by a required number of protections, while the overall cost to apply protections is minimum. We first characterize the solvability of this security problem by providing a necessary and sufficient condition, and then develop an algorithm to compute a solution based on the supervisory control theory of discrete-event systems. Finally, we illustrate the effectiveness of our solution with an example system comprising distributed databases.