Verification and Synthesis of Embedded Insertion Functions for Opacity Enforcement

We investigate the enforcement of opacity, an information- flow privacy property, using insertion decisions that modify the output of the system by event insertions. Previous work considered the problem of enforcing opacity under the assumption that the insertion functions were based on the observed system strings. Now, we investigate the more powerful method of insertion decisions based on the exact system states and events. In this case, the insertion function would be embedded into the system itself, rather than being an output interface. In this paper we develop methods that (i) verify if a valid insertion function exists in this setting; and (ii) if one exists, synthesize one using a computationally effective algorithm.