UC San Diego

This work proposes a verification framework for detecting violations of differential privacy for dynamic systems. Differential privacy aims to protect the privacy of the inputs of a mechanism so an adversary can not obtain relevant information about any of them by analyzing its outputs. The framework evaluates the differential privacy of a dynamic system mechanism. An event is defined as a subset of the state space. Considering the outputs of the mechanism (continuous-space) state estimates, the number of events required to perform the test is infinite. Thus, to obtain a tractable test, we limit events containing the outputs up to a given resolution. Further, to limit the effect of long-time horizons, we restrict events to those which will contain the outputs with high probability using a data-driven scenario approach. Finally, a statistical hypothesis test is employed to detect the violations of differential privacy. In order to find the event that is most likely to disclose the violations, one event is chosen based on the test values. Numerical simulation results of W2-Moving-Horizon-Estimator and Extended Kalman Filter are performed and evaluated using this framework. The results demonstrate that the differential privacy is achieved at the cost of inaccuracy.