Privacy-Aware State Estimation: From Coarse to Precise Privacy Protection
Pith reviewed 2026-06-30 02:05 UTC · model grok-4.3
The pith
Precise privacy is achieved by making the eavesdropper's directional MSE unbounded when the direction's unstable component is unobservable.
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
By analyzing the Riccati equation on the unobservable subspace, the eavesdropper's directional mean-square error becomes unbounded if and only if the direction's unstable component lies outside the observable subspace. A systematic method is proposed to exclude target vectors from the observable subspace, forcing the directional MSE to infinity.
What carries the argument
The decomposition of the system into observable and unobservable subspaces and the behavior of the Riccati equation on the unobservable part, which governs divergence of directional error.
If this is right
- The legitimate user's estimation optimality is maintained while forcing the eavesdropper's total MSE to infinity at a polynomial-exponential rate.
- A lower bound on the encryption probability in the stochastic intermittent encryption scheme guarantees divergence of the eavesdropper's error.
- Precise privacy can be systematically designed by ensuring confidential directions have their unstable components unobservable.
- The condition for unbounded directional MSE is both necessary and sufficient based on the subspace analysis.
Where Pith is reading between the lines
- This framework could extend to multi-agent systems where different agents have different privacy requirements for directions.
- It suggests designing sensors or communication protocols to control observability for privacy.
- Numerical simulations on linear systems like vehicle tracking could test the encryption probability bounds.
Load-bearing premise
The linear system dynamics allow a clean decomposition into observable and unobservable parts with standard Riccati convergence properties.
What would settle it
A counterexample linear system where a direction's unstable component is inside the observable subspace yet the directional MSE still diverges to infinity, or where it is outside but remains bounded.
Figures
read the original abstract
This paper addresses the problem of achieving both coarse and precise privacy in state estimation. Coarse privacy forces the eavesdropper's total mean-square error (MSE) to infinity, but errors along certain confidential directions may remain bounded. This motivates precise privacy, which additionally drives the MSE along any prescribed direction to infinity. For coarse privacy, an analytical transformation is established, preserving the user's optimality and driving the eavesdropper's total MSE to infinity at a polynomial-exponential rate. A stochastic intermittent encryption scheme is further developed, and an explicit lower bound on the encryption probability is derived to guarantee divergence. For precise privacy, by analyzing the behavior of the Riccati equation on the unobservable subspace, we prove that the eavesdropper's directional MSE becomes unbounded if and only if the direction's unstable component lies outside the observable subspace. Finally, a systematic method is proposed to exclude target vectors from the observable subspace, forcing the directional MSE to infinity.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper develops methods for coarse and precise privacy protection in linear state estimation against an eavesdropper. Coarse privacy is achieved via an analytical transformation that preserves the legitimate user's optimality while driving the eavesdropper's total MSE to infinity at a polynomial-exponential rate, together with a stochastic intermittent encryption scheme and an explicit lower bound on the encryption probability that guarantees divergence. Precise privacy is obtained by analyzing the Riccati recursion restricted to the unobservable subspace, proving that the eavesdropper's directional MSE diverges if and only if the target direction's unstable component lies outside the observable subspace, and providing a systematic procedure to exclude prescribed directions from that subspace.
Significance. If the central claims hold, the work provides a control-theoretic framework that cleanly separates total-MSE privacy from directional privacy, which is relevant for applications such as secure sensor networks and cyber-physical systems. The explicit encryption-probability bound and the iff characterization via observability of unstable modes are concrete, falsifiable contributions that could guide practical design. The approach builds on standard Riccati and observability theory rather than ad-hoc fitting, which strengthens its potential impact if the projection and decoupling arguments are fully rigorous.
major comments (2)
- [precise privacy analysis] Precise-privacy section (analysis of Riccati equation on unobservable subspace): the iff claim that directional MSE diverges exactly when the unstable component lies outside the observable subspace requires explicit verification that (i) the orthogonal projection onto the unobservable subspace commutes with the Riccati recursion, (ii) the quadratic form along the target direction isolates the unstable-mode contribution without residual bounded terms, and (iii) the stochastic encryption schedule introduces no cross-coupling between observable and unobservable subspaces. These three steps are load-bearing for the central precise-privacy result; their absence from the visible derivation leaves the divergence claim unconfirmed.
- [coarse privacy encryption scheme] Coarse-privacy encryption bound: the lower bound on encryption probability is stated to guarantee divergence of total MSE, but the derivation must confirm that the bound remains valid under the intermittent schedule and does not inadvertently stabilize any unstable modes that the transformation was intended to expose.
minor comments (2)
- Notation for the transformed system matrices and the projected Riccati solution should be introduced with explicit definitions to avoid ambiguity when moving between the original and transformed coordinates.
- The abstract claims a 'polynomial-exponential rate' for MSE divergence; the precise asymptotic expression (including the polynomial degree) should be stated in the main theorem for clarity.
Simulated Author's Rebuttal
We thank the referee for the constructive and detailed comments, which help clarify the rigor required for the central claims. We address each major comment below and will revise the manuscript to incorporate the requested verifications.
read point-by-point responses
-
Referee: [precise privacy analysis] Precise-privacy section (analysis of Riccati equation on unobservable subspace): the iff claim that directional MSE diverges exactly when the unstable component lies outside the observable subspace requires explicit verification that (i) the orthogonal projection onto the unobservable subspace commutes with the Riccati recursion, (ii) the quadratic form along the target direction isolates the unstable-mode contribution without residual bounded terms, and (iii) the stochastic encryption schedule introduces no cross-coupling between observable and unobservable subspaces. These three steps are load-bearing for the central precise-privacy result; their absence from the visible derivation leaves the divergence claim unconfirmed.
Authors: We agree that these three properties must be verified explicitly for the iff characterization to be fully rigorous. The manuscript presents the main result but does not detail the supporting arguments. In the revision we will add a new lemma immediately after the precise-privacy theorem that proves: (i) commutation by showing that the unobservable subspace is invariant under both the nominal dynamics and the transformed coordinates used for encryption; (ii) isolation of the unstable component by modal decomposition of the quadratic form, demonstrating that all stable-mode contributions remain bounded while the unstable part grows without residual cross terms; and (iii) absence of cross-coupling by noting that the intermittent encryption is applied identically across the state and that the observable/unobservable splitting is preserved by the linear transformation. These additions will confirm the divergence claim without altering the stated result. revision: yes
-
Referee: [coarse privacy encryption scheme] Coarse-privacy encryption bound: the lower bound on encryption probability is stated to guarantee divergence of total MSE, but the derivation must confirm that the bound remains valid under the intermittent schedule and does not inadvertently stabilize any unstable modes that the transformation was intended to expose.
Authors: The referee correctly identifies that the bound's validity under the stochastic intermittent schedule requires explicit confirmation. The original derivation computes the bound from the expected Riccati update but does not separately address potential stabilization. We will revise the coarse-privacy section to include a short proposition showing that any encryption probability strictly above the derived threshold forces the expected spectral radius of the effective closed-loop matrix (in the directions exposed by the transformation) to exceed one. The argument uses a stochastic Lyapunov function that averages over the encryption events and demonstrates that the polynomial-exponential growth rate is preserved. This addition will verify that the bound does not inadvertently stabilize the targeted modes. revision: yes
Circularity Check
No circularity; derivation grounded in standard linear systems theory
full rationale
The abstract and description present a derivation based on Riccati equation analysis for observable/unobservable subspaces, stochastic encryption schemes, and polynomial-exponential divergence rates. These steps rely on established detectability conditions and subspace decompositions from linear system theory rather than self-referential definitions, fitted parameters renamed as predictions, or load-bearing self-citations. No quoted equations reduce the central iff claim or privacy guarantees to their own inputs by construction. The result is self-contained against external benchmarks in control theory.
Axiom & Free-Parameter Ledger
Reference graph
Works this paper leans on
-
[1]
CAiβ = 0 for i = 0, 1, · · ·,n − 1,
-
[2]
Proof: The proof is provided in Appendix I
ϕ Tβ ̸= 0. Proof: The proof is provided in Appendix I. For ease of presentation, partition ϕ u = [ϕ u, 1,ϕ u, 2, · · ·,ϕ u,r u] and ϕ u,i = [ϕ u,i, 1;ϕ u,i, 2; · · ·;ϕ u,i, ˇdi], where ϕ u,i ∈ Rdi and ϕ u,i,j ∈ Rdi/ ˇdi. In the following corollary, we construct a family of analytical linear transformations that achieve ϕ -precise privacy. Corollary 2: If ...
-
[3]
8920 0 . 1082 0 . 1073 − 0. 0074
-
[4]
9425 − 0
0549 0 . 9425 − 0. 0037 0 . 1062 − 2. 2191 2 . 2228 1 . 1139 − 0. 1174
-
[5]
1892 − 0
1361 − 1. 1892 − 0. 0587 1 . 1092 , Bdis =
-
[6]
0001 − 0
0053 − 0. 0001 − 0. 0001 0 . 0026
-
[7]
0037 − 0
1073 − 0. 0037 − 0. 0037 0 . 0531 . Moreover, the measurement matrix is C = [e4, 1,e 4, 2,e 4, 1,e 4, 2,e 4, 3,e 4, 4]T, and the noise covariances are chosen as S = 0, Q =I, and R = 0. 25I. Fig. 1 compares the MSE of the user and the eavesdropper under the proposed coarse privacy-preserving method. The user’s MSE matches the optimal Kalman filter, ...
-
[8]
Thus, one can conclude from Proposition 4 that lim k→∞ E[∥ϕ T ˜x(Le,k )∥2]< ∞ for any mc, me, and Lu
that for any mc, me, and Lu, the inequality E[∥ϕ T ˜x(Le,k )∥2] ≤ E[∥ϕ T(xk − E[xk])∥2] =ϕ TLk(P (0);A,B,Q )ϕ holds. Thus, one can conclude from Proposition 4 that lim k→∞ E[∥ϕ T ˜x(Le,k )∥2]< ∞ for any mc, me, and Lu. If ϕ /∈ S, let me = 0 . In such case, one has Z(L,k ) = ∅. Thus, it holds that lim k→∞ E[∥ϕ T ˜x(Le,k )∥2] = lim k→∞ ϕ TLk(P (0);A,B,Q )ϕ ...
-
[9]
Under such cases, one can derive from Proposition 4 that lim k→∞ E[∥ϕ T ˜x(Le,k )∥2] = lim k→∞ ϕ TLk(P0,A,B,Q )ϕ = ∞
Since ϕ u,i,j ̸= 0 for some i ∈ { 1, · · ·,r u} and j ∈ {1, · · ·, ˇdi}, one has ϕ u ̸= 0. Under such cases, one can derive from Proposition 4 that lim k→∞ E[∥ϕ T ˜x(Le,k )∥2] = lim k→∞ ϕ TLk(P0,A,B,Q )ϕ = ∞ . When ϑ ij < rank(D), similar to the proof of Corollary 1, one can verify that the selection (16) gives [LeC]Uij = 0. This 12 also implies [LeCu]Uij...
-
[10]
Differential priva cy techniques for cyber physical systems: A survey,
M. U. Hassan, M. H. Rehmani, and J. Chen, “Differential priva cy techniques for cyber physical systems: A survey,” IEEE Communications Surveys & Tutorials , vol. 22, no. 1, pp. 746–789, 2020
2020
-
[11]
Privacy-preserving state estimation in the presence of ea vesdroppers: A survey,
X. Y an, G. Zhou, D. E. Quevedo, C. Murguia, B. Chen, and H. Huan g, “Privacy-preserving state estimation in the presence of ea vesdroppers: A survey,” IEEE Transactions on Automation Science and Engineering , pp. 1–18, 2024
2024
-
[12]
Differentially private filtering,
J. Le Ny and G. J. Pappas, “Differentially private filtering, ” IEEE Transactions on Automatic Control , vol. 59, no. 2, pp. 341–354, 2014
2014
-
[13]
Differentially private Kalman filte ring with signal aggregation,
K. H. Degue and J. Le Ny, “Differentially private Kalman filte ring with signal aggregation,” IEEE Transactions on Automatic Control , vol. 68, no. 10, pp. 6240–6246, 2023
2023
-
[14]
Consensus of linear multivariab le discrete-time multiagent systems: Differential privacy perspective,
Y . Wang, J. Lam, and H. Lin, “Consensus of linear multivariab le discrete-time multiagent systems: Differential privacy perspective,” IEEE Transactions on Cybernetics , vol. 52, no. 12, pp. 13915–13926, 2022
2022
-
[15]
On the use of arti- ficial noise for secure state estimation in the presence of ea vesdroppers,
A. S. Leong, A. Redder, D. E. Quevedo, and S. Dey, “On the use of arti- ficial noise for secure state estimation in the presence of ea vesdroppers,” in 2018 European Control Conference (ECC) , pp. 325–330, 2018
2018
-
[16]
A probabilistic scheme f or secure estimation of sensor networks in the presence of pack et losses and eavesdroppers,
L. Du, Y . Zhang, Y . Chen, and C. Sun, “A probabilistic scheme f or secure estimation of sensor networks in the presence of pack et losses and eavesdroppers,” in 2019 IEEE 15th International Conference on Control and Automation (ICCA) , pp. 190–195, 2019
2019
-
[17]
Probabilistic transmission scheme for distributed filtering over randomly lossy sensor networks i n the presence of eavesdropper,
B. Zhao, Y . Zhang, and Z. Ding, “Probabilistic transmission scheme for distributed filtering over randomly lossy sensor networks i n the presence of eavesdropper,” IEEE Transactions on Control of Network Systems , vol. 9, no. 2, pp. 800–810, 2022
2022
-
[18]
State estimation wi th secrecy against eavesdroppers,
A. Tsiamis, K. Gatsis, and G. J. Pappas, “State estimation wi th secrecy against eavesdroppers,” IF AC-PapersOnLine, vol. 50, no. 1, pp. 8385– 8392, 2017. 20th IFAC World Congress
2017
-
[19]
Transmission scheduling for remote state estimation over packet droppin g links in the presence of an eavesdropper,
A. S. Leong, D. E. Quevedo, D. Dolz, and S. Dey, “Transmission scheduling for remote state estimation over packet droppin g links in the presence of an eavesdropper,” IEEE Transactions on Automatic Control , vol. 64, no. 9, pp. 3732–3739, 2019
2019
-
[20]
State-secrecy code s for networked linear systems,
A. Tsiamis, K. Gatsis, and G. J. Pappas, “State-secrecy code s for networked linear systems,” IEEE Transactions on Automatic Control , vol. 65, no. 5, pp. 2001–2015, 2020
2001
-
[21]
Inn ovation- based remote state estimation secrecy with no acknowledgme nts,
J. M. Kennedy, J. J. Ford, D. E. Quevedo, and F. Dressler, “Inn ovation- based remote state estimation secrecy with no acknowledgme nts,” IEEE Transactions on Automatic Control , vol. 69, no. 11, pp. 7433–7448, 2024
2024
-
[22]
Coding for secrecy in rem ote state estimation with an adversary,
M. L ¨ ucke, J. Lu, and D. E. Quevedo, “Coding for secrecy in rem ote state estimation with an adversary,” IEEE Transactions on Automatic Control, vol. 67, no. 9, pp. 4955–4962, 2022
2022
-
[23]
Secrecy codes for state estimation of general linear systems,
D. Marelli, T. Sui, M. Fu, and Q. Cai, “Secrecy codes for state estimation of general linear systems,” IEEE Transactions on Automatic Control , vol. 70, no. 2, pp. 1161–1168, 2025
2025
-
[24]
Remote state esti- mation with privacy against active eavesdroppers,
M. J. Crimson, J. M. Kennedy, and D. E. Quevedo, “Remote state esti- mation with privacy against active eavesdroppers,” Automatica, vol. 171, p. 111932, 2025
2025
-
[25]
An encoding mechanism for secrecy of remote state estimation,
W. Y ang, D. Li, H. Zhang, Y . Tang, and W. X. Zheng, “An encoding mechanism for secrecy of remote state estimation,” Automatica, vol. 120, p. 109116, 2020
2020
-
[26]
Enhancement of opacity for distribute d state estimation in cyber–physical systems,
L. An and G.-H. Y ang, “Enhancement of opacity for distribute d state estimation in cyber–physical systems,” Automatica, vol. 136, p. 110087, 2022
2022
-
[27]
A survey of public-key cryptographic primitiv es in wireless sensor networks,
K.-A. Shim, “A survey of public-key cryptographic primitiv es in wireless sensor networks,” IEEE Communications Surveys Tutorials , vol. 18, no. 1, pp. 577–601, 2016
2016
-
[28]
A survey on secu rity and cryptographic perspective of industrial-internet-of -things,
N. Mishra, S. Hafizul Islam, and S. Zeadally, “A survey on secu rity and cryptographic perspective of industrial-internet-of -things,” Internet of Things , vol. 25, p. 101037, 2024
2024
-
[29]
Transmissi on scheduling for privacy-optimal encryption against eavesd ropping attacks on remote state estimation,
L. Wang, X. Cao, H. Zhang, C. Sun, and W. X. Zheng, “Transmissi on scheduling for privacy-optimal encryption against eavesd ropping attacks on remote state estimation,” Automatica, vol. 137, p. 110145, 2022
2022
-
[30]
Encr yption scheduling for remote state estimation under an operation c onstraint,
L. Huang, K. Ding, A. S. Leong, D. E. Quevedo, and L. Shi, “Encr yption scheduling for remote state estimation under an operation c onstraint,” Automatica, vol. 127, p. 109537, 2021
2021
-
[31]
Optimal encryption scheduling policy agai nst eavesdropping attacks in cyber-physical systems,
F. Tao and D. Y e, “Optimal encryption scheduling policy agai nst eavesdropping attacks in cyber-physical systems,” IEEE Transactions on Industrial Informatics , vol. 20, no. 11, pp. 13147–13157, 2024
2024
-
[32]
Linear encryption against eavesdropp ing on remote state estimation,
J. Shang and T. Chen, “Linear encryption against eavesdropp ing on remote state estimation,” IEEE Transactions on Automatic Control , vol. 68, no. 7, pp. 4413–4419, 2023
2023
-
[33]
Secure recursive state estima- tion of networked systems against eavesdropping: A partial -encryption- decryption method,
L. Zou, Z. Wang, B. Shen, and H. Dong, “Secure recursive state estima- tion of networked systems against eavesdropping: A partial -encryption- decryption method,” IEEE Transactions on Automatic Control, pp. 1–14, 2024
2024
-
[34]
Chen, Linear System Theory and Design
C.-T. Chen, Linear System Theory and Design . Saunders college publishing, 1984
1984
-
[35]
R. A. Horn and C. R. Johnson, Matrix Analysis . Cambridge university press, 2012
2012
-
[36]
B. D. Anderson and J. B. Moore, Optimal Filtering. Courier Corpora- tion, 2005
2005
-
[37]
Detectability and stabili zability of time-varying discrete-time linear systems,
B. D. O. Anderson and J. B. Moore, “Detectability and stabili zability of time-varying discrete-time linear systems,” SIAM Journal on Control and Optimization , vol. 19, no. 1, pp. 20–32, 1981
1981
-
[38]
Kailath, A
T. Kailath, A. H. Sayed, and B. Hassibi, Linear Estimation . Prentice Hall, 2000
2000
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.