Passivity-based Attack Identification and Mitigation with Event-triggered Observer Feedback and Switching Controller

Pushkal Purohit and Anoop Jain
The authors are with the Department of Electrical Engineering, Indian Institute of Technology Jodhpur, Rajasthan, India 342030 (e-mail: [email protected], [email protected]).

Abstract

This paper addresses the problem of output consensus in linear passive multi-agent systems under a False Data Injection (FDI) attack, considering the unavailability of complete state information. Our formulation relies on an event-based cryptographic authentication scheme for sensor integrity and considers FDI attacks at the actuator end, inspired by their practical nature and usages. For secure consensus, we propose (i) a passivity-based approach for detecting FDI attacks on the system and (ii) a Zeno-free event-triggered observer-based switching controller, which switches between the normal and the defense modes following an attack detection. We show that the closed-loop system achieves practical consensus under the controller’s action in the defense mode. Simulation examples are provided to support the theoretical findings.

Index Terms:

Consensus, false data injection attack, event-triggered observer, networked system, passive systems.

I Introduction

Cyber-Physical Systems (CPS) are often exposed to adversarial attacks due to their operation over insecure communication networks. In particular, FDI attacks are a major threat to the secure operation of a CPS, as they can corrupt both the actuation signal and the sensor measurements [9, 12]. Since the sensor feedback cannot be trusted in this situation, cryptographic tools like message authentication code [6], etc., have been popular as these guarantee sensor measurement integrity from such attacks by preventing data alteration in transit [6]. This situation is shown in Fig. 1, where a cryptographic authenticator is employed in conjunction with an observer to design the secure controllers. However, continuous use of cryptographic tools can generate computation and communication overhead primarily due to the limited resources of CPS [15]. As a remedy, one could employ an event-based cryptographic authentication scheme where the communication is realized using sensors (such as ultrasonic and infrared) that are practically discrete or event-based [2]. Consequently, the controller can ignore an attack injected in between adjacent events, limiting adverse effects on the system. On the other hand, actuators usually work in a continuous fashion and have faster actuation than sensor measurements (for example, the motor in Khepera IV mobile robot [13]). Thereby, an attack injected in between adjacent events at the actuator side cannot be rejected by the actuator. For these practical reasons, it is viable to consider an event-based cryptographic authentication at the sensor end and the FDI attacks at the actuator end.

Refer to caption — Figure 1: The $i^{\text{th}}$ agent under the FDI attack at the actuator end and with cryptographic authenticator at the sensor end.

For the secure control of CPS, attack detection is often the foremost objective [25]. While most of the existing works focus on residual-based and estimation-based attack detectors, these might be vulnerable to destabilizing stealthy attacks [15, 8]. The authors in [5] presented an energy equivalence-based attack detection approach that checks for equality between the supplied, and the dissipated and stored energies. Consequently, the attacks are classified as passive and non-passive. A generalized notion of this is referred to as passivity theory [14], which relies on an inequality between the supplied energy and the change in stored energy. Besides being a flexible tool for control design and analyzing the system’s stability, the passivity property can be leveraged in identifying an attack in a CPS. Unlike [5], our attack identification approach relies on a passivity inequality between the energy supplied and the change in the system’s stored energy, along with an event-based observer setting. With an observer, while an event-triggering mechanism can be implemented either by continuously monitoring the system output [21] or the observer output [24], we consider the former case in this paper where the event condition is independent of the observer state in the presence of a malicious attack.

Attack mitigation is the second necessary step for securely controlling a CPS towards its desired goal following an attack detection. For this, it is essential to have (accurate) knowledge of the attack signal to mitigate its effect, usually accomplished using attack estimators designed as part of the state observers. Some popular works in this direction are [18, 11], where the attack estimators operate continuously irrespective of the absence of an attack signal and hence, are computationally expensive [28]. Unlike these works, this paper proposes a switching-based controller scheme employing the attack estimator only in the case of attack detection and works according to an event-triggered authentication scheme.

Main Contributions: As shown in Fig. 1, we consider a multi-agent system comprising linear passive agents interacting towards achieving output consensus over a network susceptible to malicious FDI attacks. We envisage the presence of actuator attacks $u_{i}^{a}$ while relying on an event-based cryptographic authentication for sensor measurement integrity. The proposed controller receives information about estimated states $\hat{x}_{i}$ from its cascaded observer and the estimated outputs $\hat{y}_{j}$ from the neighboring agents and works in the dual modes, namely, the normal mode (no-attack detection) and the defense mode (attack detection). We first obtain the Zeno-free event condition for cryptographic authentication for the stable operation of the observer, independent of the overall system’s stability. We then propose a passivity-based approach for the detection of actuator attacks. It is shown that the difference between the agents’ output remains bounded under the action of the proposed switching controller in the defense mode and the previously derived event condition. Alternatively, it can be said that the system achieves practical output consensus.

Paper Organization: Section II describes the system and attack models, followed by the problem statement. Section III introduces the Zeno-free event condition for observer stability. Section IV discusses attack detection and mitigation by introducing the idea of the switching controller, followed by proof of the closed-loop system’s stability. Section V provides simulation results before we conclude the paper and discuss the future direction of work in Section VI.

I-A Notations

The set of real, non-negative real numbers and positive integers is denoted by $\mathbb{R}$ , $\mathbb{R}_{+}$ , and $\mathbb{Z}_{+}$ , respectively. $\boldsymbol{0}_{n}\in\mathbb{R}^{n}$ , $\boldsymbol{1}_{n}\in\mathbb{R}^{n}$ are column vectors with all entries $0$ , $1$ , respectively. $I_{n}\in\mathbb{R}^{n\times n}$ is an identity matrix. The induced $2$ -norm (resp., Euclidean norm) for any matrix $M$ (resp., vector $z$ ) is represented by $\|M\|:\mathbb{R}^{m\times n}\to\mathbb{R}_{+}$ (resp., $\|z\|:\mathbb{R}^{n}\to\mathbb{R}_{+}$ ). The symbol $\otimes$ denotes the Kronecker product of two matrices and $\text{diag}\{k_{1},\ldots,k_{n}\}\in\mathbb{R}^{n\times n}$ denotes a diagonal matrix with diagonal entries $k_{i}$ . The maximum and minimum eigenvalues of a symmetric matrix $M\in\mathbb{R}^{n\times n}$ are represented by $\lambda_{\text{max}}(M)$ and $\lambda_{\text{min}}(M)$ , respectively. The Moore–Penrose pseudo-inverse of a matrix $M\in\mathbb{R}^{m\times n}$ is $M^{\dagger}\in\mathbb{R}^{n\times m}$ , having the property $MM^{\dagger}M=M$ . If $M$ has full column rank, $M^{\dagger}=(M^{T}M)^{-1}M^{T}$ and $M^{\dagger}M=I_{n}$ [23]. For a digraph with edge set $\mathbb{E}$ , $(i,j)\in\mathbb{E}$ is a directed edge from node $i$ to node $j$ . The Laplacian for a graph with $N$ nodes is denoted by $\mathcal{L}_{s}\in\mathbb{R}^{N\times N}$ (please refer to [7] for details).

I-B Preliminaries

Definition 1 (Passive System [14]).

Consider the system

\dot{x}=f(x,u);\quad y=h(x,u),

(1)

with state $x\in\mathbb{R}^{m}$ , control input $u\in\mathbb{R}^{p}$ , and output $y\in\mathbb{R}^{p}$ . The function $f$ is locally Lipschitz, $h$ is continuous, $f(\boldsymbol{0}_{m},\boldsymbol{0}_{p})=\boldsymbol{0}_{m}$ and $h(\boldsymbol{0}_{m},\boldsymbol{0}_{p})=\boldsymbol{0}_{p}$ . The system (1) is said to be passive if there exists a continuously differentiable storage function $S(x):\mathbb{R}^{m}\to\mathbb{R}$ , $S(x)\geq 0,S(\boldsymbol{0}_{m})=0$ , such that

u^{T}y\geq\dot{S}=({\partial S}/{\partial x})f(x,u),\quad\forall(x,u)\in\mathbb{R}^{m}\times\mathbb{R}^{p}.

(2)

Note that the storage function $S(x)$ in (2) (which is also referred to as passivity inequality) is not unique. However, the quadratic storage function of the form $S(x)=(1/2)x^{T}x$ has its own vantages over others in analyzing linear systems, as it is computationally moderate, easy to implement, and close to the concept of energy in linear systems. Particularly, it is shown in [26] that any storage function can be represented as a quadratic storage function for a linear dynamical system. Motivated by this fact, we exploit the quadratic storage function in our analysis in this paper.

Lemma 1 (Implications of Passivity [4]).

Consider the linear system

\dot{x}=Ax+Bu,\quad y=Cx,

(3)

where $x\in\mathbb{R}^{m},u\in\mathbb{R}^{p},y\in\mathbb{R}^{p}$ are state, input and output vectors, and $A\in\mathbb{R}^{m\times m},B\in\mathbb{R}^{m\times p}$ and $C\in\mathbb{R}^{p\times m}$ are system, input and output matrices, respectively. The system (3) is said to be passive if there exists a differentiable scalar storage function $V:\mathbb{R}^{m}\to\mathbb{R}$ for (3) such that $V(x)\geq 0,V(\boldsymbol{0}_{m})=0$ , and $W(x)\geq 0$ , such that $(\frac{\partial V}{\partial x})^{T}Ax=-W(x),\ (\frac{\partial V}{\partial x})^{T}B=y^{T}$ .

II System Modeling and Problem Description

II-A The Agent and Attack Models

II-A1 Agent Model

We consider a multi-agent system comprising $N$ linear passive agents under the influence of FDI attack and having combined system dynamics (see Fig. 1):

\dot{x}=Ax+Bu^{c},\quad y=Cx,

(4)

where $x=[x_{1}^{T},\ldots,x_{N}^{T}]^{T}\in\mathbb{R}^{Nm}$ , $u^{c}=[(u^{c}_{1})^{T},\ldots,(u^{c}_{N})^{T}]^{T}\in\mathbb{R}^{Np}$ and $y=[y_{1}^{T},\ldots,y_{N}^{T}]^{T}\in\mathbb{R}^{Np}$ are the stacked state, input and output vectors, respectively, where $x_{i}\in\mathbb{R}^{m}$ , $u_{i}\in\mathbb{R}^{p}$ and $y_{i}\in\mathbb{R}^{p}$ $\forall i$ . Further, ${A}=\text{diag}\{A_{1},\ldots,A_{N}\}\in\mathbb{R}^{Nm\times Nm}$ , ${B}=\text{diag}\{B_{1},\ldots,B_{N}\}\in\mathbb{R}^{Nm\times Np}$ , and ${C}=\text{diag}\{C_{1},\ldots,C_{N}\}\in\mathbb{R}^{Np\times Nm}$ are the stacked system, input and output block diagonal matrices, respectively. We incorporate the following reasonable assumptions on system (4) (unless otherwise explicitly stated):

(A1)

The matrix pair $(A_{i},B_{i})$ is controllable and $(A_{i},C_{i})$ is observable for all $i$ .
(A2)

The matrix $B_{i}$ has full column rank for all $i$ .
(A3)

The agents are strongly connected over a fixed directed network having Laplacian $\mathcal{L}_{s}$ .

Remark 1.

Note that the assumption (A2) follows from the fact that the agents are usually under-actuated where $p<m$ . If the rank of $B_{i}$ is less than the number of columns for an under-actuated system, there exists a set of inputs that do not affect the system dynamics, which is not practically desired. Further, in over-actuated systems, if the columns of $B_{i}$ are linearly dependent, some inputs will be redundant. Thus, it is reasonable to remove dependent columns and corresponding inputs with the assumption that $B_{i}$ has full column rank (please refer to [3, Section 6.2.1]). Some of the most widely used robotic models, like quadcopter and car-like models, among others, satisfy (A2) [28, 17]. Other examples are $-$ tugboats [10], which follow second-order Lagrangian dynamics, and harmonic oscillators [27]. Both these systems are passive and satisfy the preconditions (A1) and (A2).

II-A2 FDI Attack Model

The FDI attack on the $i^{\text{th}}$ agent can be modeled as shown in Fig. 1, implying that the compromised signal reaching its actuator can be written as

u^{c}_{i}=u_{i}+u^{a}_{i},

(5)

for each $i$ , where $u_{i}$ , $u^{a}_{i}$ , and $u^{c}_{i}$ are designed control, actuator attack, and compromised control signals, respectively. As discussed in Section I, since we employ an event-based cryptographic authentication scheme for the sensor measurements collected at point R in Fig. 1, the attack at the sensor end can be neglected for a suitably chosen event condition such that the observer error dynamics remains stable. The following reasonable limitations are considered on the actuator attack signal:

Assumption 1.

The attack signal $u^{a}{=}[(u_{1}^{a})^{T},\ldots,(u_{N}^{a})^{T}]^{T}$ $\in\mathbb{R}^{Np}$ is bounded and has a bounded derivative, that is, $\|u^{a}\|\leq\bar{u}^{a}$ and $\|\dot{u}^{a}\|\leq\tilde{u}^{a}$ , for some $\bar{u}^{a},\tilde{u}^{a}\in\mathbb{R}_{+}$ .

Assumption 1 is motivated by the fact that the attack signal cannot be arbitrarily large, as the attacker has limited resources [20]. Secondly, arbitrarily large attack signals are easy to detect, while the attacker generally wants to remain stealthy. Further, this paper does not deal with sensor noise. In practice, noise and attacks have inherently different characteristics; noise is caused randomly and unintentionally, while attacks are injected intentionally by an intruder to mislead or even paralyze the whole network’s behaviors while remaining undetected [12].

II-B Event-based Observer and Switching Controller

II-B1 The Observer

Due to event-triggered sensor feedback, the latest measurements $y$ are not always available at point G (in Fig. 1). Let the sensor measurement at the last event $t_{k}$ be $\bar{y}=y(t_{k}),\ k\in\mathbb{Z}_{+}$ . We define an error variable $e(t)=\bar{y}-y(t),\ t\in[t_{k},t_{k+1}),\forall k$ . Clearly, $e(t_{k})=\boldsymbol{0}_{Np},\forall k$ . With the error term $e$ , the event-triggered observer dynamics is given by:

\dot{\hat{x}}=A\hat{x}+B(u+\hat{u}^{a})+H(y-\hat{y}+e),\quad\hat{y}=C\hat{x},

(6)

where $H\in\mathbb{R}^{Nm\times Np}$ is the observer gain matrix, $\hat{x}$ is the estimated state and $\hat{u}^{a}$ is the estimated input attack signal proposed as:

\hat{u}^{a}=B^{\dagger}(\dot{\hat{x}}-A\hat{x}-Bu+B\hat{u}^{a}(t-t_{d})),

(7)

where $t_{d}>0$ is a small constant reaction time, representing the time required to observe the effect of control $u(t)$ on the sensor output. Clearly, $\hat{u}^{a}$ is Lipschitz under Assumption 1, i.e.,

\|\hat{u}^{a}(t)-\hat{u}^{a}(t-t_{d})\|\leq\psi t_{d},

(8)

for some constant $\psi\in\mathbb{R}_{+}$ . Ideally, $t_{d}\to 0$ , however, it may not be feasible in practice due to the components’ response time and can be assumed sufficiently small. Next, we define the state estimation error $\xi(t)=x(t)-\hat{x}(t)$ , whose time-derivative, using (4) and (6), is obtained as

\dot{\xi}=\dot{x}-\dot{\hat{x}}=(A-HC)\xi+B(u^{a}-\hat{u}^{a})-He.

(9)

In the absence of an attack (i.e., $u^{a}=\boldsymbol{0}_{Np}$ ), attack estimator is inactive, that is, $\hat{u}^{a}\coloneqq\boldsymbol{0}_{Np}$ , and hence, (9) can be written as $\dot{\xi}=(A-HC)\xi-He$ , which is independent of $t_{d}$ , and can be stabilized with the event condition as provided in further analysis in the paper. Without loss of generality, we consider the following assumption for the initialization of the observer states:

Assumption 2.

The state estimation error is zero at the instant of time when an attack starts. For instance, if the attack begins at time $t=t_{a}$ , $\xi(t_{a})\approx\boldsymbol{0}_{Nm}\iff\hat{x}(t_{a})\approx x(t_{a})$ .

Please note that Assumption 2 does not imply a prior knowledge of the attack time $t_{a}$ and only assumes that the observer error is small at the beginning of an attack. Similar assumptions have been made in literature [1], as such assumptions are generally required for attack detection with residual based attack detection approaches but not mentioned explicitly. We have the following proposition about the boundedness of the signal $B(\hat{u}^{a}-u^{a})$ (whose proof is discussed in Section IV):

Proposition 1.

Under the proposed event-based observer (6), it holds that $\|B(u^{a}-\hat{u}^{a})\|\leq\varPhi,\forall t\geq t_{a}$ , where $\varPhi=\psi t_{d}\|B\|\in\mathbb{R}_{+}$ is a constant.

II-B2 The Controller

Let us introduce a logic $\delta$ such that $\delta=0$ indicates “no attack detection”, while $\delta=1$ indicates an “attack detection”. Based on this, the following switching-based control strategy is proposed:

u=u_{\delta}\coloneqq(1-\delta)u^{n}+\delta u^{d},

(10)

where $u^{n}$ and $u^{d}$ are the control actions in normal (no attack detection) and defense (attack detection) modes, respectively. In the absence of an attack, it follows from [4, Theorem 2.1] that the system (4), under passivity assumption, achieve output consensus with the following control:

u^{n}=-K\mathcal{L}y,

(11)

where $\mathcal{L}\coloneqq(\mathcal{L}_{s}\otimes I_{p})\in\mathbb{R}^{Np\times Np}$ is the extended Laplacian, $K\in\mathbb{R}_{+}$ is a constant gain, and $u^{n}\in\mathbb{R}^{Np}$ is the stacked input vector under normal operation. Under the action of an observer, (11) can be written equivalently in terms of the estimated measurement signal $\hat{y}$ as [16]:

\hat{u}^{n}=-K\mathcal{L}\hat{y},

(12)

which would be used in the subsequent analysis in this paper.

II-C The Problem

Consider the linear passive system (4) under FDI attacks (5) with observer dynamics (6) equipped with an event-based authentication mechanism as shown in Fig. 1. Let the system be governed by a switching-based control protocol (10), where the attack estimator operates only in the defense mode and the event-authentication mechanism is in operation for all time. Suppose that the aforementioned assumptions hold. The following problems are addressed in this paper:

(P1)

Obtain an event condition for authentication feedback to the observer such that the observer error dynamics (9) is practically stable and the estimation error remains near the origin, i.e., $\lim_{t\to\infty}\|\xi\|\approx 0$ .
(P2)

Device an FDI attack detection mechanism using passivity inequality (2) with the quadratic storage function.
(P3)

Design the switching control law $u$ in (10) (effectively $u^{d}$ ) such that the system achieves (practical) output consensus, i.e., there exists a small constant $\epsilon_{o}>0$ such that $\lim_{t\to\infty}\|y_{i}-y_{j}\|\leq\epsilon_{o},\ \forall(i,j)\in\mathbb{E}$ .

III Event Condition and Zeno Behavior

In this section, we introduce the event condition and show that the observer states follow the agents’ states closely with a small error. To ensure that the observer error dynamics (9) is stable and $\xi$ converges to zero, $V=\xi^{T}P\xi$ could be a candidate Lyapunov function, where $P$ is a symmetric positive definite matrix satisfying $(A-HC)^{T}P+P(A-HC)=-Q$ for some symmetric positive definite matrix $Q$ . The time-derivative of the Lyapunov function $V$ , along the error dynamics (9), is

	$\displaystyle\dot{V}$	$\displaystyle=\xi^{T}P\dot{\xi}+\dot{\xi}^{T}P\xi$
		$\displaystyle=\xi^{T}(P(A-HC)+(A-HC)^{T}P)\xi$
		$\displaystyle~{}~{}~{}+2\xi^{T}PB(u^{a}-\hat{u}^{a})-2\xi^{T}PHe$
		$\displaystyle\leq-\xi^{T}Q\xi+2\\|\xi\\|\\|PB(u^{a}-\hat{u}^{a})\\|+2\\|\xi\\|\\|PHe\\|.$

From the inequality¹¹1The proof follows from the fact that the arithmetic mean is greater than or equal to geometric mean for any two positive numbers $cX^{2}$ and $Y^{2}/c,c>0$ . $2XY\leq cX^{2}+({1}/{c})Y^{2}$ for some $c>0$ and $X,Y\in\mathbb{R}$ , it follows that $2\|\xi\|\|PB(u^{a}-\hat{u}^{a})\|\leq c\|\xi\|^{2}{+}({\|PB(u^{a}-\hat{u}^{a})\|^{2}}/{c})$ and $2\|\xi\|\|PHe\|\leq c\|\xi\|^{2}{+}({\|PHe\|^{2}}/{c})$ . Using these, it can be written that

	$\displaystyle\dot{V}$	$\displaystyle{\leq}-\lambda_{\text{min}}(Q)\\|\xi\\|^{2}{+}2c\\|\xi\\|^{2}$
		$\displaystyle~{}~{}~{}+(1/c)({\\|PB(u^{a}{-}\hat{u}^{a})\\|^{2}}+{\\|PHe\\|^{2}})$
		$\displaystyle{\leq}-\lambda_{\text{min}}(Q)\left(1-\frac{2c}{\lambda_{\text{min}}(Q)}\right)\\|\xi\\|^{2}$
		$\displaystyle~{}~{}~{}+(1/c)({\\|PB(u^{a}-\hat{u}^{a})\\|^{2}}{+}{\\|PHe\\|^{2}})$
		$\displaystyle{\leq}-\frac{\lambda_{\text{min}}(Q)}{\lambda_{\text{max}}(P)}\left(1-\frac{2c}{\lambda_{\text{min}}(Q)}\right)\xi^{T}P\xi$
		$\displaystyle~{}~{}~{}+\frac{\\|P\\|^{2}}{c}\\|B(u^{a}-\hat{u}^{a})\\|^{2}+\frac{\\|PH\\|^{2}}{c}\\|e\\|^{2}$
		$\displaystyle{\leq}-\alpha V(\xi)+\beta\varPhi^{2}+\gamma\\|e\\|^{2},$

where $\alpha\coloneqq\frac{\lambda_{\text{min}}(Q)}{\lambda_{\text{max}}(P)}\left(1-\frac{2c}{\lambda_{\text{min}}(Q)}\right)>0$ , $\beta\coloneqq{\|P\|^{2}}/{c}>0$ , $\gamma\coloneqq{\|PH\|^{2}}/{c}>0$ , and $c\in(0,\frac{1}{2}\lambda_{\text{min}}(Q))$ is a design variable. If the event condition is set as $\gamma\|e\|^{2}+\beta\varPhi^{2}\leq\rho\alpha V(\xi)$ for some $\rho\in(0,1)$ , $\dot{V}\leq-\alpha(a-\rho)V$ , implying stability of the observer error dynamics. However, non-availability of the entire error vector $\xi$ and requirement to monitor both system and observer states restricts its implementation, as discussed in Section I. Therefore, motivated by the dynamic event-triggered scheme [21], we introduce an auxiliary variable $\eta$ with dynamics:

\dot{\eta}=-c_{1}\eta+c_{2}\|e\|^{2},

(13)

where $\eta\in\mathbb{R}$ , and $c_{1}>0$ and $c_{2}\geq 0$ are design parameters. Clearly, solution of (13) is given by $\eta={\rm e}^{-c_{1}t}\eta(0)+\int_{0}^{t}{\rm e}^{-c_{1}(t-\tau)}c_{2}\|e\|^{2}d\tau$ , which non-negative for $\eta(0)\geq 0$ . Thus, $\eta\geq 0,\forall t\geq 0\iff\eta(0)\geq 0$ .

Theorem 1.

The observer error dynamics (9) is stable and the error $\xi$ converges to a small ball around the origin under the following dynamic event condition:

({\gamma+dc_{2}})\|e\|^{2}=(dc_{1}\eta+\varOmega),

(14)

where $\varOmega=\varepsilon-\beta\varPhi^{2}>0$ , $\varepsilon\in\mathbb{R}_{+}$ and $d\in\mathbb{R}_{+}$ are arbitrary design constants ( $\beta,\gamma$ are defined as above).

Proof.

Consider the composite Lyapunov function $U=V(\xi)+d\eta$ , whose time-derivative, along (9) and (13), is $\dot{U}{=}\dot{V}+d\dot{\eta}\leq-\alpha V(\xi)+\gamma\|e\|^{2}+\beta\varPhi^{2}-dc_{1}\eta+dc_{2}\|e\|^{2}=-\alpha V(\xi)+(\gamma+dc_{2})\|e\|^{2}+\beta\varPhi^{2}-dc_{1}\eta$ . Under the event condition (14) and substituting for $\varOmega$ , yields $\dot{U}\leq-\alpha V(\xi)+\varepsilon$ . Now, it can be concluded that the dynamics (9) is practically stable and the estimation error $\xi$ converges to a small ball near the origin having its radius dependent on $\varepsilon$ . ∎

Next, we prove the exclusion of Zeno behavior by showing that there exists a positive minimum inter event time (MIET). Before proceeding, we consider that the system’s output has bounded derivative, i.e., $\|\dot{y}\|=\|C\dot{x}\|=\|CAx+CBu\|\leq\sigma,\ \forall t\geq 0$ , where $\sigma$ is arbitrary large positive constant.

Theorem 2.

Consider error dynamics (9). Under the event condition (14), the system (9) has positive MIET, $\tau=\frac{1}{2\sigma}\sqrt{\frac{\varOmega}{\gamma+dc_{2}}}$ and does not exhibit Zeno behavior.

Proof.

Differentiating $\|e\|^{2}$ for $t\in[t_{k},t_{k+1})$ we get $\frac{d}{dt}\|e\|^{2}=2e^{T}\dot{e}=2e^{T}(\dot{\bar{y}}-\dot{y})$ $=-2e^{T}C(Ax+Bu)$ $\leq 2\|e\|\|CAx+CBu\|$ $\leq 2\sigma\|e\|$ . For MIET $(\tau)$ , the event triggers when the right side of the equality in (14) is minimum, which is achieved when $\eta=0$ (since $\eta\geq 0\forall t\geq 0$ , see (13)). The value of error at MIET $(\tau)$ is

\displaystyle\|e(t_{k}+\tau)\|=\min_{\eta}\sqrt{\frac{dc_{1}\eta+\varOmega}{\gamma+dc_{2}}}=\sqrt{\frac{\varOmega}{\gamma+dc_{2}}},

(15)

and using (15) in the expression of $\frac{d}{dt}\|e\|^{2}$ , we get

\frac{d}{dt}\|e\|^{2}\leq 2\sigma\sqrt{\frac{\varOmega}{\gamma+dc_{2}}}.

(16)

Integrating (16) for $t\in[t_{k},t_{k}+\tau)$ , we get $\|e(t_{k}+\tau)\|^{2}-\|e(t_{k})\|^{2}=2\sigma(t_{k}+\tau-t_{k})\sqrt{{\varOmega}/(\gamma+dc_{2})}$ . Since $\|e(t_{k})\|=0,\forall k\in\mathbb{Z}_{+}$ and substituting $\|e(t_{k}+\tau)\|$ from (15), we get $\tau=({1}/{2\sigma})\sqrt{{\varOmega}/(\gamma+dc_{2})}$ . ∎

IV Attack Detection, Mitigation and Closed-Loop System Stability

IV-A Passivity-Based Attack Detection

The proposed passivity-based attack detector relies on the verification of passivity inequality (2) for the measurable signals in Fig. 1. Note that the agents’ output $y$ , controllers’ output $u$ , and observers’ state $\hat{x}$ and the output $\hat{y}=C\hat{x}$ are measurable. Note that the original input signal $u$ is measurable and the corrupted input $u^{c}$ , applied to the agent, is not measurable. However, the output $y$ is available only at events of cryptographic authentication. This suggests verification of (2) for the input-output pair $(u,\hat{y})$ across the observer (i.e., points E and F in Fig. 1) with the quadratic storage function $S(\hat{x})=(1/2)\hat{x}^{T}\hat{x}$ associated with the observer’s states $\hat{x}$ . It is straightforward that (2) holds for appropriately designed observer, across points E and F if there is no attack on the system [22], while this might not be true in case of an actuator attack. We leverage this fact in detecting the presence of an attack $u^{a}$ . We classify the attack signal as detectable and undetectable as follows:

Definition 2.

An attack $u^{a}$ which does not satisfy (resp., satisfy) passivity inequality (2) with respect to the points E and F in Fig. 1 with quadratic storage function $S(\hat{x})=(1/2)\hat{x}^{T}\hat{x}$ is detectable (resp., undetectable).

Note that it is sufficient to check (2) for the detection of an attack on the system. However, we also provide the following theorem to establish a connection between the system and network properties (in terms of the matrices $A,B,C,H$ , and $\mathcal{L}$ ) under the attack signal $u_{a}$ on the system, however, it is not necessary for the purpose of implementation $-$ verifying only (2) is sufficient.

Theorem 3.

Let $\mathcal{M}\coloneqq(K(B\mathcal{L}-C^{T}\mathcal{L}^{T})+H)C-A$ be a matrix of order $Nm\times Nm$ . If there exists an attack signal $u^{a}$ such that

\hat{x}^{T}\mathcal{M}\hat{x}<\hat{x}^{T}HC\int_{0}^{t_{k}}(Ax+B\hat{u}^{n}+Bu^{a})d\tau,

(17)

where $t_{k}$ is the latest event time, then the passivity inequality (2) is not satisfied across points E and F. Consequently, an attack $u^{a}$ is detected in accordance with Definition 2.

Proof.

We prove it by contradiction. Assume that (2) is satisfied across points E and F with $S(\hat{x})=(1/2)\hat{x}^{T}\hat{x}$ . This implies that $u^{T}\hat{y}\geq\dot{S}=\hat{x}^{T}\dot{\hat{x}}$ . Since the system is operating in normal mode, we have $u=\hat{u}^{n}$ as $\delta=0$ in (10). Substituting $\dot{\hat{x}}$ and $\hat{u}^{n}$ from (6) and (12) results in $-K\hat{x}^{T}C^{T}\mathcal{L}^{T}C\hat{x}\geq\hat{x}^{T}(A\hat{x}+B\hat{u}^{n}+H(y-\hat{y}+e))\implies-K\hat{x}^{T}C^{T}\mathcal{L}^{T}C\hat{x}\geq\hat{x}^{T}(A\hat{x}-BK\mathcal{L}C\hat{x}+HC(x-\hat{x}+\bar{x}-x))$ , where $\bar{x}=x(t_{k})$ . Rearranging, we get $\hat{x}^{T}((K(B\mathcal{L}-C^{T}\mathcal{L}^{T})+H)C-A)\hat{x}\geq\hat{x}^{T}HC\bar{x}$ . Replacing $(K(B\mathcal{L}-C^{T}\mathcal{L}^{T})+H)C-A$ by $\mathcal{M}$ as defined in the statement of theorem, the preceding inequality becomes $\hat{x}^{T}\mathcal{M}\hat{x}\geq\hat{x}^{T}HC\bar{x}$ . Now, substituting $\bar{x}=\int_{0}^{t_{k}}\dot{x}(\tau)d\tau$ , where $\dot{x}(\tau)$ is given by (4), we get $\hat{x}^{T}\mathcal{M}\hat{x}\geq\hat{x}^{T}HC\int_{0}^{t_{k}}(Ax+B\hat{u}^{n}+Bu^{a})d\tau$ . Now, it can be concluded that any $u^{a}$ which violates the preceding inequality (i.e., satisfies (17)) does not satisfy (2) across points E and F in Fig. 1, and hence, are detectable. ∎

IV-B Attack Mitigation

Once the attack is detected, the controller (10) switches to the defense mode, i.e., $\delta=1$ and $u=u^{d}$ . Relying on the estimated attack signal $\hat{u}^{a}$ in (7), we propose the control in defense mode as

u^{d}=\hat{u}^{n}-\hat{u}^{a},

(18)

where $\hat{u}^{n}$ is given by (12). As a result, the compromised control input to the actuators becomes

u^{c}=u^{d}+u^{a}=\hat{u}^{n}-\hat{u}^{a}+u^{a}.

(19)

We are now ready to prove Proposition 1.

Proof of Proposition 1.

Left multiplying (7) with $B$ on both sides, yields

B\hat{u}^{a}=BB^{\dagger}(\dot{\hat{x}}-A\hat{x}-Bu^{n}+B\hat{u}^{a}(t-t_{d})).

(20)

From (9), substituting $\hat{x}=x-\xi$ and $\dot{\hat{x}}=\dot{x}-\dot{\xi}$ , we obtain $B\hat{u}^{a}=BB^{\dagger}(\dot{x}-\dot{\xi}-A(x-\xi)-B\hat{u}^{n}+B\hat{u}^{a}(t-t_{d}))$ . Substituting for $\dot{x}$ and $u^{c}$ from (4) and (19), respectively, and using the property $BB^{\dagger}B=B$ (as stated in notations), we get $B\hat{u}^{a}=BB^{\dagger}(Ax+B\hat{u}^{n}-B\hat{u}^{a}+Bu^{a}-Ax-B\hat{u}^{n}+B\hat{u}^{a}(t-t_{d})-\dot{\xi}+A\xi)$ $=Bu^{a}+B\hat{u}^{a}(t-t_{d})-B\hat{u}^{a}+\nu$ , where $\nu=BB^{\dagger}(-\dot{\xi}+A\xi)$ . Rearranging, we have $B(\hat{u}^{a}-u^{a})=-B(\hat{u}^{a}-\hat{u}^{a}(t-t_{d}))+\nu\implies\|B(\hat{u}^{a}-u^{a})\|\leq\|B(\hat{u}^{a}-\hat{u}^{a}(t-t_{d}))\|+\|\nu\|$ . Using (8), we get $\|B(\hat{u}^{a}-u^{a})\|\leq\psi t_{d}\|B\|+\|\nu\|$ . According to Assumption 2 and Theorem 1, $\xi\to 0$ as $t\to t_{a}$ , this implies that $\|\nu\|\to 0$ as $t\to t_{a}$ . Now, it follows that there exists a constant $\varPhi=\psi t_{d}\|B\|>0$ such that $\|B(\hat{u}^{a}-u^{a})\|\leq\varPhi,\ \forall t\geq t_{a}$ , proving our claim. ∎

Remark 2.

Multiplying by $\|B^{\dagger}\|$ on both sides of the inequality $\|B(\hat{u}^{a}-u^{a})\|\leq\varPhi$ , we have $\|B^{\dagger}\|\|B(\hat{u}^{a}-u^{a})\|\leq\varPhi\|B^{\dagger}\|\implies\|B^{\dagger}B(\hat{u}^{a}-u^{a})\|\leq\|B^{\dagger}\|\|B(\hat{u}^{a}-u^{a})\|\leq\varPhi\|B^{\dagger}\|$ . Since $B^{\dagger}B=I$ for the full column rank matrix $B$ (see (A2)) and $\varPhi=\psi t_{d}\|B\|$ , it follows from the preceding relation that $\|\hat{u}^{a}-u^{a}\|\leq\psi t_{d},\ \forall t\geq t_{a}$ . Clearly, $\|\hat{u}^{a}-u^{a}\|\approx 0,\forall t\geq t_{a}$ for sufficiently small reaction time $t_{d}$ .

Note that there seems to be an inter-dependency among Proposition 1 and Theorem 1. However, under Assumption 2, Theorem 1 holds independently for $t<t_{a}$ , as the attack estimator is “OFF” (i.e., $\hat{u}^{a}=\boldsymbol{0}_{Np}$ ) in the absence of an attack (i.e., $u^{a}=\boldsymbol{0}_{Np}$ ), and can be considered as initialization to our problem. On the other hand, in the presence of an attack (i.e., $u^{a}\neq\boldsymbol{0}_{Np}$ ), we make sure with the aid of Assumption 1 that when an attack starts at $t=t_{a}$ , the state observer has a small error for accurate detection and estimation of the attack signal (similar assumption is also made in [1]).

IV-C Closed-Loop System Stability

In the below theorem, we show that the difference among agents’ outputs remain bounded during attack and the closed-loop system achieves practical consensus.

Theorem 4.

Consider the closed-loop system as shown in Fig. 1 with agent, observer and attack estimator models (4), (6) and (7), respectively. Let the system be governed by the switching controller (10) where $u^{n}$ and $u^{d}$ are defined in (12) and (18), respectively. Then, the system achieves (practical) output consensus, i.e., there exists a small constant $\epsilon_{o}>0$ such that $\lim_{t\to\infty}\|y_{i}-y_{j}\|\leq\epsilon_{o},\forall(i,j)\in\mathbb{E}$ . Additionally, if the communication topology is balanced, then $\epsilon_{o}$ is given by $\epsilon_{o}=\sqrt{\bar{\omega}/K}$ , where $\bar{\omega}$ depends on $\|\xi\|$ and $\|\hat{u}^{a}-u^{a}\|$ .

Proof.

Under no attack condition, the convergence directly follows from [4], as $u=\hat{u}^{n}$ (see (12)). Our main goal here is to prove convergence in case when the controller operates in the defense mode under attack, i.e., $u=u^{d}$ , given by (18). Since the agents (4) are passive, Lemma 1 assures existence of a candidate Lyapunov function $V_{s}(x)$ such that its time-derivative along agent dynamics (4) satisfies $\dot{V}_{s}=({\partial V_{s}}/{\partial x})^{T}(Ax+Bu^{c})=-W(x)+y^{T}u^{c}=-W(x)+y^{T}\hat{u}^{n}-y^{T}(\hat{u}^{a}-u^{a})$ , where $W(x)>0,\forall x\neq\boldsymbol{0}_{Nn}$ . Substituting for $\hat{u}^{n}$ from (12) and $\hat{x}=x-\xi$ , we obtain

	$\displaystyle\dot{V}_{s}$	$\displaystyle=-W-Ky^{T}\mathcal{L}\hat{y}-y^{T}(\hat{u}^{a}-u^{a})$
		$\displaystyle=-W-Ky^{T}\mathcal{L}C\hat{x}-y^{T}(\hat{u}^{a}-u^{a})$
		$\displaystyle=-W-Ky^{T}\mathcal{L}C(x-\xi)-y^{T}(\hat{u}^{a}-u^{a})$
		$\displaystyle=-W-Ky^{T}\mathcal{L}y{+}Ky^{T}\mathcal{L}C\xi{-}y^{T}(\hat{u}^{a}{-}u^{a})$
		$\displaystyle=-W-Ky^{T}\mathcal{L}y+\omega,$

where $\omega=y^{T}(K\mathcal{L}C\xi-(\hat{u}^{a}-u^{a}))$ . If $\omega\equiv 0$ , the trajectories converges to the set $\Gamma=\{x\in\mathbb{R}^{Nm}\ |\ \dot{V}_{s}\equiv 0\}$ . The set $\Gamma$ is characterized by all the trajectories such that $\{W(x)\equiv 0,y\equiv\mu\boldsymbol{1}_{Np},\mu\in\mathbb{R}\}$ . If $\omega\neq 0$ , it can be written that $\dot{V}_{s}\leq-W-Ky^{T}\mathcal{L}y+|\omega|$ . Following Proposition 1 and Remark 2, it can be concluded that $|\omega|\leq\bar{\omega}$ for some $\bar{\omega}$ , which is a small positive constant for small values of $\|\xi\|$ and $\|\hat{u}^{a}{-}u^{a}\|$ . Consequently, $\dot{V}_{s}\leq-W(x)-Ky^{T}\mathcal{L}y+\bar{\omega}$ , and the convergence follows in the sense of practical stability.

To prove the second statement, we analyze the time-derivative $\dot{V}_{s}$ . Clearly, $\dot{V}_{s}\leq 0$ , if $\bar{\omega}\leq W(x)+Ky^{T}\mathcal{L}y$ . Since the preceding inequality must hold even in the worst-case scenario where $W(x)\equiv 0$ , the condition $Ky^{T}\mathcal{L}y\geq\bar{\omega}$ must be satisfied. In this situation, as $\dot{V}_{s}\leq 0$ outside the region where $Ky^{T}\mathcal{L}y\geq\bar{\omega}$ , it follows from [14, Lemmea 4.6] that all the solution trajectories fall within the region where $Ky^{T}\mathcal{L}y\leq\bar{\omega}$ , as $t\to\infty$ . For balanced and strongly connected digraphs (i.e., $L=L^{T}$ ), the preceding inequality can be written as $\sum_{(i,j)\in\mathbb{E}}\|y_{i}-y_{j}\|^{2}\leq\bar{\omega}/{K}\implies\|y_{i}-y_{j}\|\leq\sqrt{\bar{\omega}/{K}}$ for each $(i,j)\in\mathbb{E}$ . As $\bar{\omega}$ relies on $\|\xi\|$ and $\|\hat{u}^{a}{-}u^{a}\|$ , small values of $\|\xi\|$ and the reaction time $t_{d}$ (see Remark 2) will lead to small value of $\bar{\omega}$ , and hence, $\epsilon_{o}$ . Alternatively, by increasing $K$ , $\epsilon_{o}$ can be made small. ∎

V Simulation Example

Consider $N=5$ agents interacting according to a communication graph as shown in Fig. 2. Agent’s initial states are taken randomly in the interval $[-20,25]$ . The FDI attack on actuator is of the form $u^{a}_{i}=a_{i}\sin{\omega_{i}t}$ , where $a_{i},\omega_{i}$ are chosen randomly in the interval $[10,20]$ and $[0,10\pi]$ , respectively, for $i=1,2,4,5$ , and $a_{3}=0$ , i.e., no attack on agent $3$ . Note that the attack information is given only for the purpose of illustration and is unavailable to the controller. We consider that the attack remains active for $t\in[2,5]s$ . We discuss three case studies as follows:

V-A Passive Agents with Real Poles

Consider heterogeneous agents with the following governing matrices in (4):

A_{i}=i\begin{bmatrix}-6&i&0.5i\\ i&-9&0.4i\\ 0.5i&0.4i&-9\end{bmatrix},~{}B_{i}=i\begin{bmatrix}0\\ 0\\ 0.5\end{bmatrix},~{}C_{i}=\frac{1}{i}\begin{bmatrix}2\\ 0\\ 0\end{bmatrix}^{T},

respectively, where $i=1,\ldots,5$ . It can be easily verified that the agents are passive as the associated transfer function is positive real (please refer to positive real lemma [14, Lemma 6.4]). Further, the preconditions (A1) and (A2) are trivially satisfied.

Fig. 3(a) depicts the plots for storage function $S(\hat{x})$ , change in the stored energy $\dot{S}(\hat{x})$ , and the supplied energy $u^{T}\hat{y}$ for agent 4. It can be observed that the passivity is lost at $t=2$ s as soon as the attack begins. Consequently, the attack is detected and the controller switches to defense mode. Fig. 3(b) shows the attack estimation and the actual attack signals $-$ it is clearly visible that their difference is finite. The plots for other agents are similar and omitted for brevity. Fig. 4(a) shows that the output (of all the agents) remains bounded even under attack, as established in Theorem 4. Finally, Fig. 4(b) depicts the events generated for the observer and shows the absence of Zeno behavior. Because of the fast-moving system states, there is a higher density of events initially and during the attack period, and a lower density when the states do not change.

V-B Passive Agents with Complex Poles

Consider the network of homogeneous harmonic oscillators [27], characterized by the following matrices in (4):

A_{i}=\begin{bmatrix}0&1\\ -1&1\end{bmatrix},\quad B_{i}=\begin{bmatrix}0\\ 1\end{bmatrix},\quad C_{i}=\begin{bmatrix}0&1\end{bmatrix},\ \forall i,

is a passive system according to the positive real lemma [14, Section 6.3] and satisfy the preconditions (A1) and (A2). Figs. 5 and 6 show the simulation results for this case where conclusions, similar to the previous case, can be drawn. It is observed that the presence of complex poles degrades the attack estimation performance of the system due to the presence of oscillations in the system output.

V-C Passive Agents with Imaginary Poles

We consider the network of homogeneous harmonic oscillators [27], having the following matrices:

A_{i}=\begin{bmatrix}0&1\\ -1&0\end{bmatrix},\quad B_{i}=\begin{bmatrix}0\\ 1\end{bmatrix},\quad C_{i}=\begin{bmatrix}0&1\end{bmatrix},\forall i.

Again, the agents are passive and satisfy the preconditions (A1) and (A2). Figs. 7 and 8 show the simulation results for this case. It can be noted that i) the presence of imaginary poles degrades the attack estimation performance of the system, and ii) the number of events is relatively higher, as compared to earlier cases, which is expected due to the oscillating nature of output [19].

VI Conclusions

The problem of output consensus for networked linear passive agents under FDI actuator attacks is examined in this paper. To reduce the computation and communication overhead, an event-triggered observer-based switching controller was proposed in conjunction with cryptographic authentication for estimating the non-measurable states. It was shown that the proposed event condition does not result in Zeno behavior and has a positive MIET. Relying on the measurements from the observer, a passivity-based attack detection approach was presented. It was shown that the error between the estimated and the actual attack signal is norm-bounded during the controller’s functioning in the defense mode. Finally, the system was shown to achieve practical output consensus.

As discussed in Definition 2, only the attacks that violate the passivity condition (2) are detected and mitigated in this paper. Since undetectable attacks do not cause the system to lose passivity (Definition 2), they are not of concern as the system’s consensus properties are unaffected by such attacks. We have simulated a result in this direction as shown in Fig. 9 for the agents in Subsection V-A, which supports our claim. This happens because the total energy of passive agents approaches zero towards consensus for undetectable attacks, forcing the attack signal to eventually converge to zero to remain undetectable (see Fig. 9(b)). This shows that the undetectable attacks are decrescent with time and asymptotically converge to zero.

It would be interesting to also consider the attack on the global communication network and generalize the problem for more complex systems.

References

[1] Francesca Boem, Alexander J Gallo, Giancarlo Ferrari-Trecate, and Thomas Parisini. A distributed attack detection method for multi-agent systems governed by consensus-based control. In 2017 IEEE 56th Annual Conference on Decision and Control (CDC), pages 5961–5966. IEEE, 2017.
[2] Alessio Carullo, Marco Parvis, et al. An ultrasonic sensor for distance measurement in automotive applications. IEEE Sensors journal, 1(2):143, 2001.
[3] Chi-Tsong Chen. Linear System Theory and Design. Oxford University Press, 1999.
[4] Nikhil Chopra. Output synchronization on strongly connected graphs. IEEE Transactions on Automatic Control, 57(11):2896–2901, 2012.
[5] Emeka Eyisi and Xenofon Koutsoukos. Energy-based attack detection in networked control systems. In Proceedings of the 3rd international conference on High confidence networked systems, pages 115–124, 2014.
[6] Behrouz A. Forouzan. Cryptography and Network Security. McGraw-Hill Forouzan networking series. McGraw-Hill, 2008.
[7] Chris Godsil and Gordon F Royle. Algebraic graph theory, volume 207. Springer Science & Business Media, 2001.
[8] Haibin Guo, Jian Sun, and Zhong-Hua Pang. Stealthy false data injection attacks with resource constraints against multi-sensor estimation systems. ISA transactions, 2022.
[9] Shicheng Huo, Ya Zhang, Frank L Lewis, and Changyin Sun. Observer-based resilient consensus control for heterogeneous multi-agent systems against cyber-attacks. IEEE Transactions on Control of Network Systems, 2022.
[10] Ivar-André F Ihle, Murat Arcak, and Thor I Fossen. Passivity-based designs for synchronized path-following. Automatica, 43(9):1508–1518, 2007.
[11] Xu Jin, Wassim M Haddad, and Tansel Yucelen. An adaptive control architecture for mitigating sensor and actuator attacks in cyber-physical systems. IEEE Transactions on Automatic Control, 62(11):6058–6064, 2017.
[12] Youngjun Joo, Zhihua Qu, and Toru Namerikawa. Resilient control of cyber-physical system using nonlinear encoding signal against system integrity attacks. IEEE Transactions on Automatic Control, 66(9):4334–4341, 2020.
[13] K-Team. KHEPERA IV NEW - K-Team Corporation. Accessed on 2023-01-19.
[14] H.K. Khalil. Nonlinear Systems. Pearson Education. Prentice Hall, 2002.
[15] Amir Khazraei and Miroslav Pajic. Attack-resilient state estimation with intermittent data authentication. Automatica, 138:110035, 2022.
[16] Zhongkui Li, Xiangdong Liu, Peng Lin, and Wei Ren. Consensus of linear multi-agent systems with reduced-order observer-based protocols. Systems & Control Letters, 60(7):510–516, 2011.
[17] Kevin M Lynch and Frank C Park. Modern robotics. Cambridge University Press, 2017.
[18] Min Meng, Gaoxi Xiao, and Beibei Li. Adaptive consensus for heterogeneous multi-agent systems under sensor and actuator attacks. Automatica, 122:109242, 2020.
[19] Cameron Nowzari, Eloy Garcia, and Jorge Cortés. Event-triggered communication and control of networked systems for multi-agent consensus. Automatica, 105:1–27, 2019.
[20] Chen Peng and Hongtao Sun. Switching-like event-triggered control for networked control systems under malicious denial of service attacks. IEEE Transactions on Automatic Control, 65(9):3943–3949, 2020.
[21] Elena Petri, Romain Postoyan, Daniele Astolfi, D Nešić, and WP Maurice H Heemels. Event-triggered observer design for linear systems. In 2021 60th IEEE Conference on Decision and Control (CDC), pages 546–551. IEEE, 2021.
[22] Li Qin, Zhang Qingling, Zhang Yanjuan, and An Yichun. Observer-based passive control for descriptor systems with time-delay. Journal of Systems Engineering and Electronics, 20(1):120–128, 2009.
[23] C.R. Rao, Sujit Kumar Mitra, and J.K. Mitra. Generalized Inverse of Matrices and Its Applications. Probability and Statistics Series. Wiley, 1971.
[24] Dawei Shi, Tongwen Chen, and Ling Shi. Event-triggered maximum likelihood state estimation. Automatica, 50(1):247–254, 2014.
[25] Sen Tan, Josep M Guerrero, Peilin Xie, Renke Han, and Juan C Vasquez. Brief survey on attack detection methods for cyber-physical systems. IEEE Systems Journal, 14(4):5329–5339, 2020.
[26] Harry L Trentelman and Jan C Willems. Storage functions for dissipative linear systems are quadratic state functions. In Proceedings of the 36th IEEE Conference on Decision and Control, volume 1, pages 42–47. IEEE, 1997.
[27] Tian Xia and Luca Scardovi. Synchronization of linear time-invariant systems on rooted graphs. In 2016 IEEE 55th Conference on Decision and Control (CDC), pages 4376–4381. IEEE, 2016.
[28] Yang Yan, Panos Antsaklis, and Vijay Gupta. A resilient design for cyber physical systems under attack. In 2017 American Control Conference (ACC), pages 4418–4423. IEEE, 2017.

	$\displaystyle\dot{V}$	$\displaystyle{\leq}-\lambda_{\text{min}}(Q)\\|\xi\\|^{2}{+}2c\\|\xi\\|^{2}$
		$\displaystyle~{}~{}~{}+(1/c)({\\|PB(u^{a}{-}\hat{u}^{a})\\|^{2}}+{\\|PHe\\|^{2}})$
		$\displaystyle{\leq}-\lambda_{\text{min}}(Q)\left(1-\frac{2c}{\lambda_{\text{min}}(Q)}\right)\\|\xi\\|^{2}$
		$\displaystyle~{}~{}~{}+(1/c)({\\|PB(u^{a}-\hat{u}^{a})\\|^{2}}{+}{\\|PHe\\|^{2}})$
		$\displaystyle{\leq}-\frac{\lambda_{\text{min}}(Q)}{\lambda_{\text{max}}(P)}\left(1-\frac{2c}{\lambda_{\text{min}}(Q)}\right)\xi^{T}P\xi$
		$\displaystyle~{}~{}~{}+\frac{\\|P\\|^{2}}{c}\\|B(u^{a}-\hat{u}^{a})\\|^{2}+\frac{\\|PH\\|^{2}}{c}\\|e\\|^{2}$
		$\displaystyle{\leq}-\alpha V(\xi)+\beta\varPhi^{2}+\gamma\\|e\\|^{2},$