We address the problem of synthesizing distorting mechanisms that maximize infinite horizon privacy for Networked Control Systems (NCSs). We consider stochastic LTI systems where information about the system state is obtained through noisy sensor measurements and transmitted to a (possibly adversarial) remote station via unsecured/public communication networks to compute control actions (a remote LQR controller). Because the network/station is untrustworthy, adversaries might access sensor and control data and estimate the system state. To mitigate this risk, we pass sensor and control data through distorting (privacy-preserving) mechanisms before transmission and send the distorted data through the communication network. These mechanisms consist of a linear coordinate transformation and additive-dependent Gaussian vectors. We formulate the synthesis of the distorting mechanisms as a convex program. In this convex program, we minimize the infinite horizon mutual information (our privacy metric) between the system state and its optimal estimate at the remote station for a desired upper bound on the control performance degradation (LQR cost) induced by the distortion mechanism.

翻译：本文研究了针对网络化控制系统（NCSs）中最大化无限时域隐私的失真机制综合问题。我们考虑随机线性时不变（LTI）系统，其系统状态信息通过带噪声的传感器测量获得，并通过非安全/公共通信网络传输至（可能具有对抗性的）远程站点以计算控制动作（远程LQR控制器）。由于网络/站点不可信，攻击者可能获取传感器与控制数据并对系统状态进行估计。为缓解此风险，我们在传输前将传感器与控制数据通过失真（隐私保护）机制处理，并将失真后的数据经由通信网络发送。这些机制由线性坐标变换与加性高斯相关向量构成。我们将失真机制的综合问题表述为凸规划问题。在该凸规划中，我们以控制性能退化（由失真机制导致的LQR代价）的期望上界为约束，最小化系统状态与其在远程站点最优估计之间的无限时域互信息（作为隐私度量）。