Given a network of interconnected nodes, each with its own value (such as a measurement, position, vote, or other data), we develop a distributed strategy that enables some or all of the nodes to calculate any arbitrary function of the node values, despite the actions of malicious nodes in the network. Our scheme assumes a broadcast model of communication (where all nodes transmit the same value to all of their neighbors) and utilizes a linear iteration where, at each time-step, each node updates its value to be a weighted average of its own previous value and those of its neighbors. We consider a node to be malicious or faulty if, instead of following the predefined linear strategy, it updates its value arbitrarily at each time-step (perhaps conspiring with other malicious nodes in the process). We show that the topology of the network completely characterizes the resilience of linear iterative strategies to this kind of malicious behavior. First, when the network contains 2 or fewer vertex-disjoint paths from some node to another node , we provide an explicit strategy for malicious nodes to follow in order to prevent node from receiving any information about 's value. Next, if node has at least 2 + 1 vertex-disjoint paths from every other (non-neighboring) node, we show that is guaranteed to be able to calculate any arbitrary function of all node values when the number of malicious nodes is or less. Furthermore, we show that this function can be calculated after running the linear iteration for a finite number of time-steps (upper bounded by the number of nodes in the network) with almost any set of weights (i.e., for all weights except for a set of measure zero).
In this paper, we follow a state-based approach to extend the notion of opacity in computer security to discrete event systems. A system is (S, P )-opaque if the evolution of its true state through a set of secret states S remains opaque to an observer who is observing activity in the system through the projection map P . In other words, based on observations through the mapping P , the observer is never certain that the current state of the system is within the set of secret states S. We also introduce the stronger notion of (S, P, K)-opacity which requires opacity to remain true for K observations following the departure of the system's state from the set S. We show that the state-based definition of opacity enables the use of observer constructions for verification purposes. In particular, the verification of (S, P, K)-opacity is accomplished via an observer with K-delay which is constructed to capture state estimates with K-delay. These are the estimates of the state of the system K observations ago and are consistent with all observations (including the last K observations). We also analyze the properties and complexity of the observer with Kdelay.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.