Preserving Privacy in Cloud-based Data-Driven Stabilization

TL;DR

This paper tackles privacy in cloud-based, data-driven stabilization of unknown LTI systems by introducing a transformation-based preprocessing and robust controller design that preserves privacy of both open-loop and closed-loop matrices while ensuring stability. The core approach leverages an LMI/SDP framework to define and navigate a privacy budget, including ellipsoidal consistency sets and post-processing steps to prevent private information leakage. The authors extend the scheme to account for disturbances, demonstrate its effectiveness through a case study on a batch reactor, and analyze resilience against bias-injection attacks under varying attacker knowledge. The work offers a lightweight, privacy-preserving solution with practical implications for secure cloud-assisted control and points to future work on tracking, optimal control, and alternative cloud models.

Abstract

In the recent years, we have observed three significant trends in control systems: a renewed interest in data-driven control design, the abundance of cloud computational services and the importance of preserving privacy for the system under control. Motivated by these factors, this work investigates privacy-preserving outsourcing for the design of a stabilizing controller for unknown linear time-invariant systems.The main objective of this research is to preserve the privacy for the system dynamics by designing an outsourcing mechanism. To achieve this goal, we propose a scheme that combines transformation-based techniques and robust data-driven control design methods. The scheme preserves the privacy of both the open-loop and closed-loop system matrices while stabilizing the system under control.The scheme is applicable to both data with and without disturbance and is lightweight in terms of computational overhead. Numerical investigations for a case study demonstrate the impacts of our mechanism and its role in hindering malicious adversaries from achieving their goals.

Figures (4)

• Figure 1: A framework for preserving privacy in Cloud-based direct data-driven control. The pre-processing mechanism $f_0(\cdot)$ is applied to the data collected from system then the results are transmitted to Cloud where it executes a predefined algorithm $f_1(\cdot)$ for obtaining the controller $\bar{K}$. The post-processing mechanism $f_2(\cdot)$ modifies the obtained controller to the final controller $K_{\star}$ which is applied to the system.
• Figure 2: The pair $Z_\star = (A_\star + B_\star F_1, B_\star + B_\star G_1)$ (bullet point), its $\gamma$-neighborhood systems (green), the consistency set ${\mathcal{C}}$ (blue) and the set ${C}(\gamma)$ (red) for a system with $n=m=1$. Note the red surface covers the blue surface.
• Figure 3: Bias injection results by the active adversary $\mathcal{A}$ using different system's model knowledge and policies.
• Figure 4: Results for the optimization \ref{['eq:dd-max-nosiy-data']} with different values of $d_{\text{max}}$ (the upper-bound for the disturbance) and their corresponding ${\bar{\gamma}}$ (the privacy budget for the closed-loop system). The results should be read as, e.g., we have obtained the ${\bar{\gamma}}$ as $0.02 < \bar{\gamma}\leq 0.03$ by solving \ref{['eq:dd-max-nosiy-data']} for $18\%$ of the collected data sets when a uniform disturbance with $d_{\text{max}}=0.04$ was present in the system's dynamic.

Theorems & Definitions (15)

• Lemma 1
• proof
• Remark 1
• Remark 2
• Proposition 1
• Remark 3
• Proposition 2
• Remark 4
• Remark 5
• Theorem 1