Access Type

Open Access Dissertation

Date of Award

January 2013

Degree Type


Degree Name



Electrical and Computer Engineering

First Advisor

Feng Lin


The exchange of sensitive information in many systems over a network can be manipulated

by unauthorized access. Opacity is a property to investigate security and

privacy problems in such systems. Opacity characterizes whether a secret information

of a system can be inferred by an unauthorized user. One approach to verify security

and privacy properties using opacity problem is to model the system that may leak confidential

information as a discrete event system. The problem that has not investigated

intensively is the enforcement of opacity properties by supervisory control. In other

words, constructing a minimally restrictive supervisor to limit the system's behavior so

an unauthorized user cannot discover or infer the secret information.

We describe and analyze the complexity of opacity in systems that are modeled as

a discrete event system with partial observation mapping. We define three types of

opacity: strong opacity, weak opacity, and no opacity. Strong Opacity describes the

inability for the system's observer to know what happened in a system. On the other

hand, No-opacity refers to the condition where there is no ambiguity in the system

behavior. The definitions introduce properties of opacity and its effects on the system

behavior. Strong opacity can be used to study security related problems while no opacity

can be used to study fault, detection and diagnosis, among many other applications. In

this dissertation, we investigate the largest opaque sublanguages and smallest opaque

superlanguages of a language if the language is not opaque. We studied how to ensure

strong opacity, weak opacity and no opacity by supervisory control. If strong opacity,

weak opacity or no opacity is not satisfied, then we can restrict the system's behavior by a

supervisor so that strong opacity, weak opacity or no opacity is satisfied. We investigate

the strong opacity control problem (SOCP), the weak opacity control problem (WOCP),

and no opacity control problem (NOCP).

As illustrated by examples in the dissertation, the above properties of opacity can

be used to characterize the security requirements in many applications, as anonymity

requirements in protocols for web browsing. Solutions to SOCP in terms of the largest

sublanguage that is controllable, observable (or normal), and strongly opaque were characterized.

Similar characterization is available for solutions to NOCP.