Dr. Matthew Bradbury

Matthew Bradbury is a Senior Lecturer conducting research into security, context privacy and trust assessment in resource-constrained and distributed systems.

Classes of Cyber Physical System Observation Privacy Techniques

Chathuranga Sampath Kalutharage and Matthew Bradbury. Classes of Cyber Physical System Observation Privacy Techniques. In 12th ACM Cyber-Physical System Security Workshop. Bangalore, India, 2 June 2026.

[ bibtex] [ file] [ project]

Across a wide range of different Cyber Physical System (CPS) domains there has been much work on addressing observation privacy threats to CPSs. However, an issue is that much of this work has been siloed in that specific domain and there has been little opportunity to take advantage of the approaches used in different domains. In this paper we present a classification of different observation privacy techniques to understand what work has been peformed and where gaps may exist across domains in underutilised classes of observation privacy techniques.

Importance

Developing observation privacy techniques is challenging and time consuming. Existing data privacy techniques are typically necessary, but they are insufficient to protect against direct observation of a CPS, its state, the actions it takes and the context in which it takes those actions. It is important that different approaches across CPS domains are used to inform observation privacy techniques in new CPS domains or to address new observation privacy threats, such that techniques can be developed faster.

Perspectives

We classified observation privacy techniques into three classes:

  1. Add Noise — Which introduces behavioural change that acts as noise to the adversary. For example, this may be to introduce unneeded actions in addition to the actions needed for the system to achieve its goals.
  2. Decorrelate — Which try to break the link between observations made by an adversary and an underlying sensitive context. For example, this might be to break a correlation between cause and effect by delaying an actuation.
  3. Change Observability — Which changes how the system acts to prevent it from being observed by the adversary. This tends to be challenging to achieve in practice.

Additionally, we considered a foruth speculative class:

  1. Make Sensitive Commonplace — Which has the system commonly perform sensitive actions alongside non-sensitive actions in order to obscure an underlying change in goal or motivation of the system. The intuition is that the suprise an adversary has in observing an event is decreased when it is more common, making it a less useful event to observe.

We saw that most techniques applied (i) Add Noise or (ii) Decorrelated and fewer considered (iii) Change Observability. No works considered (iv) Make Sensitive Commonplace, indicating that there is a potential for new scope of techniques here. We also identified that some domains were already using information from other CPS domains. For example, UAVs taking inspiration from Connected Vehicles.