Applications of Information Inequalities to Linear Systems : Adaptive Control and Security

Ziemann, Ingvar

January 2021

This thesis considers the application of information inequalities, Cramér-Rao type bounds, based on Fisher information, to linear systems. These tools are used to study the trade-offs between learning and performance in two application areas: adaptive control and control systems security. In the first part of the thesis, we study stochastic adaptive control of linear quadratic regulators (LQR). Here, information inequalities are used to derive instance-dependent  regret lower bounds. First, we consider a simplified version of LQR, a memoryless reference tracking model, and show how regret can be linked to a cumulative estimation error. This is then exploited to derive a regret lower bound in terms of the Fisher information generated by the experiment of the optimal policy. It is shown that if the optimal policy has ill-conditioned Fisher information, then so does any low-regret policy. This is combined with a Cramér-Rao bound to give a regret lower bound on the order of magnitude square-root T in the time-horizon  for a class of instances we call uninformative. The lower bound holds for all policies which depend smoothly on the underlying parametrization. Second, we extend these results to the general LQR model, and to arbitrary affine parametrizations of the instance parameters. The notion of uninformativeness is generalized to this situation to give a structure-dependent rank condition for when logarithmic regret is impossible. This is done by reduction of regret to a cumulative Bellman error. Due to the quadratic nature of LQR, this Bellman error turns out to be a quadratic form, which again can be interpreted as an estimation error. Using this, we prove a local minimax regret lower bound, of which the proof relies on relating the minimax regret to a Bayesian estimation problem, and then using Van Trees' inequality. Again, it is shown that an appropriate information quantity of any low regret policy is similar to that of the optimal policy and that any uninformative instance suffers local minimax regret at least on the order of magnitude square-root T. Moreover, it shown that the notion of uninformativeness when specialized to certain well-understood scenarios yields a tight characterization of square-root-regret. In the second part of this thesis, we study control systems security problems from a Fisher information point of view. First, we consider a secure state estimation problem and characterize the maximal impact an adversary can cause by means of least informative distributions -- those which maximize the Cramér-Rao bound. For a linear measurement equation, it is shown that the least informative distribution, subjected to variance and sparsity constraints, can be solved for by a semi-definite program, which becomes mixed-integer in the presence of sparsity constraints. Furthermore, by relying on well-known results on minimax and robust estimation, a game-theoretic interpretation for this characterization of the maximum impact is offered. Last, we consider a Fisher information regularized minimum variance control objective, to study the trade-offs between parameter privacy and control performance. It is noted that this can be motivated for instance by learning-based attacks, in which case one seeks to leak as little information as possible to a system-identification adversary. Supposing that the feedback law is linear, the noise distribution minimizing the trace of Fisher information subject to a state variance penalty is found to be conditionally Gaussian. / <p>QC 20210310</p><p>QC 20210310</p>

Stochastic Adaptive Control

Machine Learning

Fisher Information

Secure Control

Fundamental Limitations

Reinforcement Learning

Control Engineering

Reglerteknik

Using the SEI CERT Secure Coding Standard to Reduce Vulnerabilities

Fisch, Johan, Haglund, Carl

January 2021

Security is a critical part of every software developed today and it will be even more important going forward when more devices are getting connected to the internet. By striving to improve the quality of the code, in particular the security aspects, there might be a reduction in the number of vulnerabilities and improvements of the software developed. By looking at issues from past problems and studying the code in question to see whether it follows the SEI CERT secure coding standards, it is possible to tell if compliance to this standard would be helpful to reduce future problems. In this thesis an analysis of vulnerabilities, written in C and C++, reported in Common Vulnerabilities and Exposures (CVE), will be done to verify whether applying the SEI CERT secure coding standard will help reduce vulnerabilities. This study also evaluates the SEI CERT rule coverage of three different static analysis tools, Rosecheckers, PVS-Studio and CodeChecker by executing them on these vulnerabilities. By using three different metrics, true positive, false negative and the run time. The results of the study are promising since it shows that compliance to the SEI CERT standard does indeed reduce vulnerabilities. Of the analyzed vulnerabilities it was found that about 60% of these could have been avoided, if the standard had been followed. The results of the tools were of great interest as well, it showed that the tools did not perform as well as the manual analysis, however, all of them found some SEI CERT rule violations in different areas. Conclusively, a combination of manual analysis and these three static analysis tools would have resulted in the highest number of vulnerabilities avoided.

SEI CERT

Secure Coding

Static Analysis Tools

Security

Computer Sciences

Datavetenskap (datalogi)

Kommunikation i operationsteamet - grunden till en säker vård : En systematisk litteraturstudie

Larsson, Charlott, Lindquist, Therese

January 2022

Bakgrund: Anestesisjuksköterskan arbetar i team med flera olika professioner, med varierande bakgrund, kunskap och erfarenheter. Forskning tyder på att risken ökar för en osäker vård om inte kommunikationen i teamet fungerar. Brister i kommunikationen och sättet att kommunicera i teamet genererar i stora risker som kan leda till en icke säker vård för patienten. Detta genererar i att antalet felbehandlingar ökar, vilket kan leda till lidande och död hos de drabbade patienterna.   Syfte: Syftet med litteraturstudien var att belysa anestesisjuksköterskans erfarenhet av kommunikation i operationsteamet.   Metod: En systematisk litteraturstudie genomfördes och åtta stycken kvalitativa artiklar inkluderades i resultatet. En sökning genomfördes med hjälp av PEO-modellen. Artiklarna i resultatet är kvalitetsgranskade och innefattar ett etiskt resonemang.   Resultat: Analysen genererade i tre stycken huvudkategorier, Teamet har betydelse, Dialogen i teamet och Verksamhetsmässiga faktorer. Sammansättningen av teamet och de olika professionernas erfarenhet och utbildning spelade en roll för kommunikationen. Tiden för reflektion är knapp, detta på grund av ett pressat tidsschema. Kommunikationsverktyg ansågs förbättra kvaliteten på kommunikationen samt genererade i en ökad patientsäkerhet.     Slutsats: Genom ett välfungerande team med ömsesidig respekt för varje professions kompetens och erfarenhet, kan en effektiv kommunikation av hög kvalitet generera i en säker vård för de patienterna som vårdats inom operationskontexten.

Communication

Anestesisjuksköterska

kommunikation

operationsteamet

säker vård

Nursing

Omvårdnad

Bounds on Weak Roman and 2-Rainbow Domination Numbers

Chellali, Mustapha, Haynes, Teresa W., Hedetniemi, Stephen T.

01 January 2014

We mainly study two related dominating functions, namely, the weak Roman and 2-rainbow dominating functions. We show that for all graphs, the weak Roman domination number is bounded above by the 2-rainbow domination number. We present bounds on the weak Roman domination number and the secure domination number in terms of the total domination number for specific families of graphs, and we show that the 2-rainbow domination number is bounded below by the total domination number for trees and for a subfamily of cactus graphs.

2-domination

2-rainbow domination

Roman domination

secure domination

total domination

weak Roman domination

Mathematics and Statistics

Locating SQL Injection Vulnerabilities in Java Byte Code Using Natural Language Techniques

Jackson, Kevin A., Bennett, Brian T.

01 October 2018

With so much our daily lives relying on digital devices like personal computers and cell phones, there is a growing demand for code that not only functions properly, but is secure and keeps user data safe. However, ensuring this is not such an easy task, and many developers do not have the required skills or resources to ensure their code is secure. Many code analysis tools have been written to find vulnerabilities in newly developed code, but this technology tends to produce many false positives, and is still not able to identify all of the problems. Other methods of finding software vulnerabilities automatically are required. This proof-of-concept study applied natural language processing on Java byte code to locate SQL injection vulnerabilities in a Java program. Preliminary findings show that, due to the high number of terms in the dataset, using singular decision trees will not produce a suitable model for locating SQL injection vulnerabilities, while random forest structures proved more promising. Still, further work is needed to determine the best classification tool.

code analysis

Java

natural language processing

python

secure coding

security

Computing

Investigation and Implementation of Federation Mechanisms of SVP

Khan, Babar

January 2020

The development of AI application on the edge devices require integrated data, algorithms, and tools. Big companies like Google and Apple have integrated data, algorithms, and tools for building end to end systems with optimized and dedicated hardware for deep learning applications. The Bonseyes [2] EU H2020 collaborative project is an open and expandable AI platform. Bonsey's provides access to advanced tools and services that can be obtained from the data market place and eco-system of collaborative leading academic and industrial partners for adding AI to embedded products. Bonseyes AI Marketplace proposed an end to end AI pipeline to overcome these requirements for the development and deployment of AI solutions on edge devices. In Bonseyes, a Secure virtual premise (SVP) is a secure and protected area for the collaborative and systematic development of AI using Machine Learning AI Pipelines. The centralized SVP has limitations like scalability, reliability, and load balancing. This thesis work focuses on the enhancement of SVP and its mechanisms to adopt a distributed and federated architecture for better performance and fast development of AI applications. It investigates various federation mechanisms and implements a distributed and federated SVP. A Marketplace rendezvous host is designed and implemented from where multiple distributed compute resources can be started, controlled, and stopped by a user. Users and distributed locations related data are stored in an SQLite relational database. Communication between entities of distributed and federated SVP is enabled using HTTPs protocol and PKI Infrastructure is used for authentication and authorization of users. We evaluate the performance of our implementation by calculating the start-up time of multiple resources until a user can perform AI Engineering. The results show that time is directly proportional to the number of nodes started.

Bonseyes Marketplace

AI Engineering

Resource Federation

Federation mechanisms

Distributed Secure Virtual Premise

Engineering and Technology

Teknik och teknologier

Quantum Weak Coin Flipping: where weakness is a virtue

Arora, Atul Singh

25 August 2020

We investigate weak coin flipping, a fundamental cryptographic primitive where two distrustful parties need to remotely establish a shared random bit. A cheating party can try to bias the output bit towards a preferred value. For weak coin flipping the parties have known opposite preferred values. By a weak coin flipping protocol with bias ϵ we mean that neither player can force the outcome towards their preferred value with probability more than 1/2+ϵ. While it is known that classically, ϵ=1/2 (the worst possible), Mochon showed in 2007 that quantumly, weak coin flipping can be performed with arbitrarily small bias (near perfect). His non-constructive proof used the so-called point game formalism—a series of equivalent reductions which were introduced by Kitaev to study coin-flipping. He constructed point games with bias ϵ(k)=1/(4k+2) to prove the existence. The best known explicit protocol, however, had bias approaching ϵ(1)=1/6 (also due to Mochon, 2005). In the present work, we try to make the non-constructive part of the proof constructive, to wit, we make three main contributions towards the conversion of point-games into explicit protocols. First, we propose a framework—TIPG-to-Explicit-protocol Framework (TEF)—which simplifies the task of constructing explicit protocols. We use this framework to construct a protocol with bias ϵ(2)=1/10. We then give the exact formulae for the unitaries corresponding to the point-games due to Mochon, allowing us to describe (almost) perfect coin flipping protocols analytically, i.e. with bias ϵ(k) for arbitrarily large k. Finally, we introduce an algorithm we call the Elliptic Monotone Align (EMA) algorithm. This algorithm, together with TEF, lets us convert any point-game into an explicit protocol numerically. We conclude by giving another analytic construction of unitaries for Mochon's games using the ellipsoid picture introduced for the EMA algorithm. / Nous étudions le weak coin flipping, une primitive cryptographique fondamentale où deux parties méfiantes doivent établir à distance un bit aléatoire partagé. Un tricheur peut essayer de biaiser le bit de sortie vers une valeur préférée. Pour le weak coin flipping, les parties ont des valeurs préférées opposées. Par un protocole de weak coin flipping avec biais ϵ, nous entendons qu'aucun des deux joueurs ne peut forcer le résultat vers sa valeur préférée avec une probabilité supérieure à 1/2+ϵ. Alors que l'on sait que classiquement, ϵ=1/2 (le pire possible), Mochon a montré en 2007 qu'un weak coin flipping quantique peut être effectué avec un biais arbitrairement faible (presque parfait). Sa preuve non constructive a utilisé le formalisme dit du jeu de points (point games)—une série de réductions équivalentes qui ont été introduites par Kitaev pour étudier le coin flipping. Il a construit des jeux de points avec un biais ϵ(k)=1/(4k+2) pour en prouver l'existence. Le protocole explicite le plus connu, cependant, avait un biais approchant ϵ(1)=1/6 (également dû à Mochon, 2005). Dans le présent travail, nous essayons de rendre la partie non constructive de la preuve constructive, c'est-à-dire que nous apportons trois contributions principales à la conversion des jeux de points en protocoles explicites. Premièrement, nous proposons un cadre—TIPG-to-Explicit-protocol Framework (TEF)—qui simplifie la tâche de construction de protocoles explicites. Nous utilisons ce cadre pour construire un protocole avec un biais ϵ(2)=1/10. Nous donnons ensuite les formules exactes des unitaires correspondant aux jeux de points dus à Mochon, ce qui nous permet de décrire analytiquement des protocoles de coin flipping (presque) parfaits, c'est-à-dire avec un biais ϵ(k) pour un k arbitrairement grand. Enfin, nous introduisons un algorithme que nous appelons le Elliptic Monotone Align (EMA) Algorithm. Cet algorithme, associé à TEF, nous permet de convertir numériquement tout jeu de points en un protocole explicite. Nous concluons en donnant une autre construction analytique des unitaires pour les jeux de Mochon en utilisant l'image ellipsoïdale introduite pour l'algorithme EMA. / Doctorat en Sciences de l'ingénieur et technologie / info:eu-repo/semantics/nonPublished

Sciences de l'ingénieur

Sciences exactes et naturelles

Secure Two-party Computation

Quantum Information

Quantum Cryptography

Coin Flipping

Juvenile Correctional Officers' Job Satisfaction, Retention, and Quality of Supervision

Appling-Plummer, Lalita Nicole

01 January 2019

Juvenile Correctional officers are important to the function of secure facilities because they maintain constant contact with offenders. This quantitative study sought to determine why turnover rates continue to rise and offered insight into retaining officers. This study utilized Abraham Maslow's Hierarchy of Needs theory as the foundation for explaining relationships between the variables: quality supervision and intent to stay and job satisfaction, job search, and job embeddedness of juvenile correctional officers across the United States. Survey data were collected from 247 juvenile correctional officers using a web-based survey containing 5 scales including Quality of Supervision and Intent to Stay, and Job Embeddedness, Job Satisfaction, and Job Search. The relationship between quality of supervision and intent to stay and job embeddedness, job satisfaction, and job search, were analyzed through correlational and multiple regression analyses. An ordinal regression analysis determined that of the variables examined, job satisfaction was a significant factor in the quality of supervision for juvenile correctional officers supervising female youth in secure facilities. A multiple linear regression analysis determined that of the variables analyzed only job satisfaction and job search had a significant effect on juvenile correctional officers supervising female youth intent to stay employed at secure female facilities. This research enhances the body of knowledge examining the cause of individuals' intent to stay and quality of supervision. Reduction of employee turnover increase of job satisfaction, and quality of supervision can positively benefit juvenile justice organizations by enabling correctional staff to meet the overall mission of keeping youth and communities safe.

corrections officers

intent to stay

job embeddedness

job satisfaction

juveniles

secure facilities

Psychology

Efficient Linear Secure Computation and Symmetric Private Information Retrieval Protocols

Zhou, Yanliang

12 1900

Security and privacy are of paramount importance in the modern information age. Secure multi-party computation and private information retrieval are canonical and representative problems in cryptography that capture the key challenges in understanding the fundamentals of security and privacy. In this dissertation, we use information theoretic tools to tackle these two classical cryptographic primitives. In the first part, we consider the secure multi-party computation problem, where multiple users, each holding an independent message, wish to compute a function on the messages without revealing any additional information. We present an efficient protocol in terms of randomness cost to securely compute a vector linear function. In the second part, we discuss the symmetric private information retrieval problem, where a user wishes to retrieve one message from a number of replicated databases while keeping the desired message index a secret from each individual database. Further, the user learns nothing about the other messages. We present an optimal protocol that achieves the minimum upload cost for symmetric private information retrieval, i.e., the queries sent from the user to the databases have the minimum number of bits.

secure multi-party computation

private information retrieval

randomness cost

communication cost

A Study on Cryptographic Protocols: Achieving Strong Security for Zero-knowledge Proofs and Secure Computation / 暗号プロトコルに関する研究 : ゼロ知識証明と秘密計算における高度な安全性の実現について

Kiyoshima, Susumu

26 March 2018

京都大学 / 0048 / 新制・論文博士 / 博士(情報学) / 乙第13184号 / 論情博第94号 / 新制||情||116(附属図書館) / (主査)教授 石田 亨, 教授 中村 佳正, 教授 岡部 寿男, 教授 岡本 龍明 / 学位規則第4条第2項該当 / Doctor of Informatics / Kyoto University / DGAM

Cryptography

Cryptographic protocol

Zero-knowledge proof

Secure computation

Concurrent security

Leakage resilience

007