Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Privacy-Preserving State Estimation in the Presence of Eavesdroppers: A Survey

Xinhao Yan, Guanzhong Zhou, Daniel E. Quevedo, Carlos Murguia, Bo Chen, Hailong Huang

TL;DR

The paper addresses privacy-preserving state estimation under passive eavesdropping in networked systems. It surveys three main approaches—cryptography (notably homomorphic encryption), data perturbation (including differential privacy), and transmission scheduling (random packet drops and state-secrecy coding)—applied to Kalman-like estimators in centralized and distributed settings. It discusses the trade-offs between privacy, estimation accuracy, computation, and energy, and identifies limitations and open research gaps such as scalable cryptography, perturbation-utility balance, and robust scheduling under uncertain eavesdropper models. The findings guide design choices for secure cyber-physical systems and ITS, highlighting the need for computationally efficient, low-impact privacy methods and potential cross-layer solutions.

Abstract

Networked systems are increasingly the target of cyberattacks that exploit vulnerabilities within digital communications, embedded hardware, and software. Arguably, the simplest class of attacks -- and often the first type before launching destructive integrity attacks -- are eavesdropping attacks, which aim to infer information by collecting system data and exploiting it for malicious purposes. A key technology of networked systems is state estimation, which leverages sensing and actuation data and first-principles models to enable trajectory planning, real-time monitoring, and control. However, state estimation can also be exploited by eavesdroppers to identify models and reconstruct states with the aim of, e.g., launching integrity (stealthy) attacks and inferring sensitive information. It is therefore crucial to protect disclosed system data to avoid an accurate state estimation by eavesdroppers. This survey presents a comprehensive review of existing literature on privacy-preserving state estimation methods, while also identifying potential limitations and research gaps. Our primary focus revolves around three types of methods: cryptography, data perturbation, and transmission scheduling, with particular emphasis on Kalman-like filters. Within these categories, we delve into the concepts of homomorphic encryption and differential privacy, which have been extensively investigated in recent years in the context of privacy-preserving state estimation. Finally, we shed light on several technical and fundamental challenges surrounding current methods and propose potential directions for future research.

Privacy-Preserving State Estimation in the Presence of Eavesdroppers: A Survey

TL;DR

The paper addresses privacy-preserving state estimation under passive eavesdropping in networked systems. It surveys three main approaches—cryptography (notably homomorphic encryption), data perturbation (including differential privacy), and transmission scheduling (random packet drops and state-secrecy coding)—applied to Kalman-like estimators in centralized and distributed settings. It discusses the trade-offs between privacy, estimation accuracy, computation, and energy, and identifies limitations and open research gaps such as scalable cryptography, perturbation-utility balance, and robust scheduling under uncertain eavesdropper models. The findings guide design choices for secure cyber-physical systems and ITS, highlighting the need for computationally efficient, low-impact privacy methods and potential cross-layer solutions.

Abstract

Networked systems are increasingly the target of cyberattacks that exploit vulnerabilities within digital communications, embedded hardware, and software. Arguably, the simplest class of attacks -- and often the first type before launching destructive integrity attacks -- are eavesdropping attacks, which aim to infer information by collecting system data and exploiting it for malicious purposes. A key technology of networked systems is state estimation, which leverages sensing and actuation data and first-principles models to enable trajectory planning, real-time monitoring, and control. However, state estimation can also be exploited by eavesdroppers to identify models and reconstruct states with the aim of, e.g., launching integrity (stealthy) attacks and inferring sensitive information. It is therefore crucial to protect disclosed system data to avoid an accurate state estimation by eavesdroppers. This survey presents a comprehensive review of existing literature on privacy-preserving state estimation methods, while also identifying potential limitations and research gaps. Our primary focus revolves around three types of methods: cryptography, data perturbation, and transmission scheduling, with particular emphasis on Kalman-like filters. Within these categories, we delve into the concepts of homomorphic encryption and differential privacy, which have been extensively investigated in recent years in the context of privacy-preserving state estimation. Finally, we shed light on several technical and fundamental challenges surrounding current methods and propose potential directions for future research.
Paper Structure (15 sections, 13 equations, 5 figures, 4 tables)

This paper contains 15 sections, 13 equations, 5 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Privacy-Preserving State Estimation
  3. Cryptography
  4. Homomorphic Encryption
  5. Other Cryptographic Methods
  6. Discussion
  7. Data Perturbation
  8. Differential Privacy
  9. Other Perturbation Methods
  10. Discussion
  11. Transmission Scheduling
  12. Random Packet Drop
  13. Other Scheduling Methods
  14. Discussion
  15. Conclusion

Figures (5)

  • Figure 1: The organization of this paper. Section 2 gives the general state-space models and corresponding estimator. Sections 3, 4, and 5 respectively discuss cryptography, data perturbation, and transmission scheduling. Finally, Section 6 summarizes the benefits and limitations, and provides some possible future work.
  • Figure 2: An example of state estimation. The UGV cluster on the ground and the UAV cluster in the sky establish their own communication networks. At the same time, the UAVs and UGVs also establish communication mechanisms among them for some collaborative missions. Individuals in the communication network exchange information such as positions, speeds, accelerations, remaining powers, and task processes among each other, so as to estimate the state of themselves and the targets. Meanwhile, the UAVs can also estimate the states of AVCs or UGVs for landing, and then they can complete tasks such as charging and parcel delivery.
  • Figure 3: The privacy-preserving state estimation structure in the presence of eavesdroppers. The sensors firstly perceive the process or the system to generate the raw measurements. After encryption at smart sensors, the ciphertexts will be transmitted through communication networks, in which the legitimate user and eavesdropper can capture the data packets. Generally, the legitimate user obtains more information and can decrypt it into plaintexts, while the eavesdropper can only get ciphertexts.
  • Figure 4: Two perturbation structures of DP in system theory.
  • Figure 5: The packet drop structure for estimation systems in the presence of eavesdroppers.