-
Encrypted Distributed Lasso for Sparse Data Predictive Control
Authors:
Andreea B. Alexandru,
Anastasios Tsiamis,
George J. Pappas
Abstract:
The least squares problem with L1-regularized regressors, called Lasso, is a widely used approach in optimization problems where sparsity of the regressors is desired. This formulation is fundamental for many applications in signal processing, machine learning and control. As a motivating problem, we investigate a sparse data predictive control problem, run at a cloud service to control a system w…
▽ More
The least squares problem with L1-regularized regressors, called Lasso, is a widely used approach in optimization problems where sparsity of the regressors is desired. This formulation is fundamental for many applications in signal processing, machine learning and control. As a motivating problem, we investigate a sparse data predictive control problem, run at a cloud service to control a system with unknown model, using L1-regularization to limit the behavior complexity. The input-output data collected for the system is privacy-sensitive, hence, we design a privacy-preserving solution using homomorphically encrypted data. The main challenges are the non-smoothness of the L1-norm, which is difficult to evaluate on encrypted data, as well as the iterative nature of the Lasso problem. We use a distributed ADMM formulation that enables us to exchange substantial local computation for little communication between multiple servers. We first give an encrypted multi-party protocol for solving the distributed Lasso problem, by approximating the non-smooth part with a Chebyshev polynomial, evaluating it on encrypted data, and using a more cost effective distributed bootstrap** operation. For the example of data predictive control, we prefer a non-homogeneous splitting of the data for better convergence. We give an encrypted multi-party protocol for this non-homogeneous splitting of the Lasso problem to a non-homogeneous set of servers: one powerful server and a few less powerful devices, added for security reasons. Finally, we provide numerical results for our proposed solutions.
△ Less
Submitted 23 April, 2021;
originally announced April 2021.
-
Private Weighted Sum Aggregation
Authors:
Andreea B. Alexandru,
George J. Pappas
Abstract:
As large amounts of data are circulated both from users to a cloud server and between users, there is a critical need for privately aggregating the shared data. This paper considers the problem of private weighted sum aggregation with secret weights, where an aggregator wants to compute the weighted sum of the local data of some agents. Depending on the privacy requirements posed on the weights, t…
▽ More
As large amounts of data are circulated both from users to a cloud server and between users, there is a critical need for privately aggregating the shared data. This paper considers the problem of private weighted sum aggregation with secret weights, where an aggregator wants to compute the weighted sum of the local data of some agents. Depending on the privacy requirements posed on the weights, there are different secure multi-party computation schemes exploiting the information structure. First, when each agent has a local private value and a local private weight, we review private sum aggregation schemes. Second, we discuss how to extend the previous schemes for when the agents have a local private value, but the aggregator holds the corresponding weights. Third, we treat a more general case where the agents have their local private values, but the weights are known neither by the agents nor by the aggregator; they are generated by a system operator, who wants to keep them private. We give a solution where aggregator obliviousness is achieved, even under collusion between the participants, and we show how to obtain a more efficient communication and computation strategy for multi-dimensional data, by batching the data into fewer ciphertexts. Finally, we implement our schemes and discuss the numerical results and efficiency improvements.
△ Less
Submitted 20 October, 2020;
originally announced October 2020.
-
Encrypted control for networked systems -- An illustrative introduction and current challenges
Authors:
M. Schulze Darup,
A. B. Alexandru,
D. E. Quevedo,
G. J. Pappas
Abstract:
Cloud computing and distributed computing are becoming ubiquitous in many modern control systems such as smart grids, building automation, robot swarms or intelligent transportation systems. Compared to "isolated" control systems, the advantages of cloud-based and distributed control systems are, in particular, resource pooling and outsourcing, rapid scalability, and high performance. However, the…
▽ More
Cloud computing and distributed computing are becoming ubiquitous in many modern control systems such as smart grids, building automation, robot swarms or intelligent transportation systems. Compared to "isolated" control systems, the advantages of cloud-based and distributed control systems are, in particular, resource pooling and outsourcing, rapid scalability, and high performance. However, these capabilities do not come without risks. In fact, the involved communication and processing of sensitive data via public networks and on third-party platforms promote, among other cyberthreats, eavesdrop** and manipulation of data. Encrypted control addresses this security gap and provides confidentiality of the processed data in the entire control loop. This paper presents a tutorial-style introduction to this young but emerging field in the framework of secure control for networked dynamical systems.
△ Less
Submitted 1 October, 2020;
originally announced October 2020.
-
Data-driven control on encrypted data
Authors:
Andreea B. Alexandru,
Anastasios Tsiamis,
George J. Pappas
Abstract:
We provide an efficient and private solution to the problem of encryption-aware data-driven control. We investigate a Control as a Service scenario, where a client employs a specialized outsourced control solution from a service provider. The privacy-sensitive model parameters of the client's system are either not available or variable. Hence, we require the service provider to perform data-driven…
▽ More
We provide an efficient and private solution to the problem of encryption-aware data-driven control. We investigate a Control as a Service scenario, where a client employs a specialized outsourced control solution from a service provider. The privacy-sensitive model parameters of the client's system are either not available or variable. Hence, we require the service provider to perform data-driven control in a privacy-preserving manner on the input-output data samples from the client. To this end, we co-design the control scheme with respect to both control performance and privacy specifications. First, we formulate our control algorithm based on recent results from the behavioral framework, and we prove closeness between the classical formulation and our formulation that accounts for noise and precision errors arising from encryption. Second, we use a state-of-the-art leveled homomorphic encryption scheme to enable the service provider to perform high complexity computations on the client's encrypted data, ensuring privacy. Finally, we streamline our solution by exploiting the rich structure of data, and meticulously employing ciphertext batching and rearranging operations to enable parallelization. This solution achieves more than twofold runtime and memory improvements compared to our prior work.
△ Less
Submitted 21 June, 2021; v1 submitted 28 August, 2020;
originally announced August 2020.
-
Secure Multi-party Computation for Cloud-based Control
Authors:
Andreea B. Alexandru,
George J. Pappas
Abstract:
In this chapter, we will explore the cloud-outsourced privacy-preserving computation of a controller on encrypted measurements from a (possibly distributed) system, taking into account the challenges introduced by the dynamical nature of the data. The privacy notion used in this work is that of cryptographic multi-party privacy, i.e., the computation of a functionality should not reveal anything m…
▽ More
In this chapter, we will explore the cloud-outsourced privacy-preserving computation of a controller on encrypted measurements from a (possibly distributed) system, taking into account the challenges introduced by the dynamical nature of the data. The privacy notion used in this work is that of cryptographic multi-party privacy, i.e., the computation of a functionality should not reveal anything more than what can be inferred only from the inputs and outputs of the functionality. The main theoretical concept used towards this goal is Homomorphic Encryption, which allows the evaluation of sums and products on encrypted data, and, when combined with other cryptographic techniques, such as Secret Sharing, results in a powerful tool for solving a wide range of secure multi-party problems. We will rigorously define these concepts and discuss how multi-party privacy can be enforced in the implementation of a Model Predictive Controller, which encompasses computing stabilizing control actions by solving an optimization problem on encrypted data.
△ Less
Submitted 23 June, 2019;
originally announced June 2019.
-
Cloud-based Quadratic Optimization with Partially Homomorphic Encryption
Authors:
Andreea B. Alexandru,
Konstantinos Gatsis,
Yasser Shoukry,
Sanjit A. Seshia,
Paulo Tabuada,
George J. Pappas
Abstract:
The development of large-scale distributed control systems has led to the outsourcing of costly computations to cloud-computing platforms, as well as to concerns about privacy of the collected sensitive data. This paper develops a cloud-based protocol for a quadratic optimization problem involving multiple parties, each holding information it seeks to maintain private. The protocol is based on the…
▽ More
The development of large-scale distributed control systems has led to the outsourcing of costly computations to cloud-computing platforms, as well as to concerns about privacy of the collected sensitive data. This paper develops a cloud-based protocol for a quadratic optimization problem involving multiple parties, each holding information it seeks to maintain private. The protocol is based on the projected gradient ascent on the Lagrange dual problem and exploits partially homomorphic encryption and secure multi-party computation techniques. Using formal cryptographic definitions of indistinguishability, the protocol is shown to achieve computational privacy, i.e., there is no computationally efficient algorithm that any involved party can employ to obtain private information beyond what can be inferred from the party's inputs and outputs only. In order to reduce the communication complexity of the proposed protocol, we introduced a variant that achieves this objective at the expense of weaker privacy guarantees. We discuss in detail the computational and communication complexity properties of both algorithms theoretically and also through implementations. We conclude the paper with a discussion on computational privacy and other notions of privacy such as the non-unique retrieval of the private information from the protocol outputs.
△ Less
Submitted 14 September, 2019; v1 submitted 6 September, 2018;
originally announced September 2018.
-
Cloud-based MPC with Encrypted Data
Authors:
Andreea B. Alexandru,
Manfred Morari,
George J. Pappas
Abstract:
This paper explores the privacy of cloud outsourced Model Predictive Control (MPC) for a linear system with input constraints. In our cloud-based architecture, a client sends her private states to the cloud who performs the MPC computation and returns the control inputs. In order to guarantee that the cloud can perform this computation without obtaining anything about the client's private data, we…
▽ More
This paper explores the privacy of cloud outsourced Model Predictive Control (MPC) for a linear system with input constraints. In our cloud-based architecture, a client sends her private states to the cloud who performs the MPC computation and returns the control inputs. In order to guarantee that the cloud can perform this computation without obtaining anything about the client's private data, we employ a partially homomorphic cryptosystem. We propose protocols for two cloud-MPC architectures motivated by the current developments in the Internet of Things: a client-server architecture and a two-server architecture. In the first case, a control input for the system is privately computed by the cloud server, with the assistance of the client. In the second case, the control input is privately computed by two independent, non-colluding servers, with no additional requirements from the client. We prove that the proposed protocols preserve the privacy of the client's data and of the resulting control input. Furthermore, we compute bounds on the errors introduced by encryption. We present numerical simulations for the two architectures and discuss the trade-off between communication, MPC performance and privacy.
△ Less
Submitted 19 September, 2018; v1 submitted 27 March, 2018;
originally announced March 2018.
-
On the Limited Communication Analysis and Design for Decentralized Estimation
Authors:
Andreea B. Alexandru,
Sergio Pequito,
Ali Jadbabaie,
George J. Pappas
Abstract:
This paper pertains to the analysis and design of decentralized estimation schemes that make use of limited communication. Briefly, these schemes equip the sensors with scalar states that iteratively merge the measurements and the state of other sensors to be used for state estimation. Contrarily to commonly used distributed estimation schemes, the only information being exchanged are scalars, the…
▽ More
This paper pertains to the analysis and design of decentralized estimation schemes that make use of limited communication. Briefly, these schemes equip the sensors with scalar states that iteratively merge the measurements and the state of other sensors to be used for state estimation. Contrarily to commonly used distributed estimation schemes, the only information being exchanged are scalars, there is only one common time-scale for communication and estimation, and the retrieval of the state of the system and sensors is achieved in finite-time. We extend previous work to a more general setup and provide necessary and sufficient conditions required for the communication between the sensors that enable the use of limited communication decentralized estimation~schemes. Additionally, we discuss the cases where the sensors are memoryless, and where the sensors might not have the capacity to discern the contributions of other sensors. Based on these conditions and the fact that communication channels incur a cost, we cast the problem of finding the minimum cost communication graph that enables limited communication decentralized estimation schemes as an integer programming problem.
△ Less
Submitted 17 January, 2018;
originally announced January 2018.
-
Decentralized Observability with Limited Communication between Sensors
Authors:
Andreea B. Alexandru,
Sergio Pequito,
Ali Jadbabaie,
George J. Pappas
Abstract:
In this paper, we study the problem of jointly retrieving the state of a dynamical system, as well as the state of the sensors deployed to estimate it. We assume that the sensors possess a simple computational unit that is capable of performing simple operations, such as retaining the current state and model of the system in its memory.
We assume the system to be observable (given all the measur…
▽ More
In this paper, we study the problem of jointly retrieving the state of a dynamical system, as well as the state of the sensors deployed to estimate it. We assume that the sensors possess a simple computational unit that is capable of performing simple operations, such as retaining the current state and model of the system in its memory.
We assume the system to be observable (given all the measurements of the sensors), and we ask whether each sub-collection of sensors can retrieve the state of the underlying physical system, as well as the state of the remaining sensors. To this end, we consider communication between neighboring sensors, whose adjacency is captured by a communication graph. We then propose a linear update strategy that encodes the sensor measurements as states in an augmented state space, with which we provide the solution to the problem of retrieving the system and sensor states.
The present paper contains three main contributions. First, we provide necessary and sufficient conditions to ensure observability of the system and sensor states from any sensor. Second, we address the problem of adding communication between sensors when the necessary and sufficient conditions are not satisfied, and devise a strategy to this end. Third, we extend the former case to include different costs of communication between sensors. Finally, the concepts defined and the method proposed are used to assess the state of an example of approximate structural brain dynamics through linearized measurements.
△ Less
Submitted 17 March, 2017; v1 submitted 8 September, 2016;
originally announced September 2016.