The security in information-flow has become a major concern for cyber-physical systems (CPSs). In this work, we focus on the analysis of an information-flow security property, called opacity. Opacity characterizes the plausible deniability of a system's secret in the presence of a malicious outside intruder. We propose a methodology of checking a notion of opacity, called approximate initial-state opacity, for networks of discrete-time switched systems. Our framework relies on compositional constructions of finite abstractions for networks of switched systems and their so-called approximate initial-state opacity-preserving simulation functions (InitSOPSFs). Those functions characterize how close concrete networks and their finite abstractions are in terms of the satisfaction of approximate initial-state opacity. We show that such InitSOPSFs can be obtained compositionally by assuming some small-gain type conditions and composing so-called local InitSOPSFs constructed for each subsystem separately. Additionally, assuming certain stability property of switched systems, we also provide a technique on constructing their finite abstractions together with the corresponding local InitSOPSFs. Finally, we illustrate the effectiveness of our results through an example.

中文翻译：

---

验证切换系统的初始状态不透明度：一种组合方法

信息流的安全性已成为网络物理系统 (CPS) 的主要关注点。在这项工作中，我们专注于分析称为不透明度的信息流安全属性。不透明性表征了在存在恶意外部入侵者的情况下对系统秘密的合理否认。我们提出了一种检查不透明度概念的方法，称为近似初始状态不透明度，用于离散时间交换系统的网络。我们的框架依赖于交换系统网络的有限抽象的组合构造及其所谓的近似初始状态不透明度保持模拟函数（InitSOPSFs）。这些函数表征了具体网络及其有限抽象在近似初始状态不透明度的满意度方面的接近程度。我们表明，可以通过假设一些小增益类型条件并组合为每个子系统分别构造的所谓局部 InitSOPSF 来组合地获得此类 InitSOPSF。此外，假设切换系统具有一定的稳定性，我们还提供了一种将它们的有限抽象与相应的本地 InitSOPSF 一起构造的技术。最后，我们通过一个例子来说明我们结果的有效性。