Neural Network-Adaptive Secure Control for Nonlinear Cyber-Physical Systems Against Adversarial Attacks

Abstract

The “insecurity of the network” characterizes each agent as being remotely controlled through unreliable network channels. In such an insecure network, the output signal can be altered through carefully designed adversarial attacks to produce erroneous results. To address this, this paper proposes a neural network (NN) adaptive secure control scheme for cyber-physical systems (CPSs) via attack reconstruction strategies, where the attack reconstruction strategy serves as the solution to the NNs estimation problem on the insecurity of the network. Consequently, by introducing a novel error transformation, an NN-adaptive secure control method is formulated as the framework of backstepping. Based on the Lyapunov stability theory and defined error transformation, it is proven that the above secure control process reaches the expected trajectory, and all the signals are bounded in closed-loop systems. Finally, its effectiveness is verified via a simulation of attitude control of two-joint robots.

1. Introduction

The wireless communication connection between physical components and network computing layers in cyber-physical systems (CPSs) introduces vulnerabilities in network attacks [1,2]. Consequently, there is a crucial need to thoroughly study and address the security issues associated with CPSs to enhance the security of CPSs and safeguard CPSs against cyber-attacks.

Thus, many researchers focus on improving the means of keeping CPSs secure. The secure state estimation (SSE) is the problem of estimating the system state from the compromised data packets and the noisy [3]. To ensure an SSE under cyber-attacks, it is crucial to identify the information transmission channel affected when a portion of the collected information is tampered with. In the context of an SSE amidst cyber-attacks, the challenge lies in identifying the precise set of compromised channels among numerous possibilities, rendering the problem an instance of combinatorial optimization and falling within the realm of NP-hard problems [4,5,6,7,8]. To solve such difficulties, the author devotes the $L_1/L_r$ relaxation technique in reference [4]. The author applies the ideas from reference [4] to the event-triggered projected gradient descent algorithm [5]. Note that the aforementioned algorithms [4,5] can only guarantee the correctness of the estimates under certain restrictive assumptions about the system structure. Reference [6] investigates the impact of cyber-attacks, establishing that the stability of the observation error system is stable as long as the $2s$-sparse observable condition of the original system is satisfied. The existing work provides fundamental limits for estimation against integrity attacks, specifically proving the necessity of $2s$-sparse observable for SSE against $s$-sparse attacks. For example, reference [7] analyzes the convergence of observation errors under $s$-sparse attacks using the separation principle and Lyapunov stability theory via a system based on $2s$-sparse observable. However, it is worth noting that control systems are often nonlinear. In such complex systems, accurate SSE may require the use of complex models and algorithms, increasing computational complexity and cost.

Existing studies suggest that increasing secure/resilient control or prior knowledge can alleviate the damage caused by cyber-attacks. Through further research on the assumption that attacks can be parameterized, which is state-dependent, reference [9,10] relaxed the requirement for attacks to be bounded, allowing attacks to be unbounded. Reference [11] introduces the coordinate transformations in controller design, which can overcome the negative impact caused by cyber-attacks. References [12,13] propose an attack compensator that effectively suppresses the impact of attacks by removing extreme values, thereby ensuring that normal nodes correctly estimate the system state under malicious node interference and avoid traversal search methods. Meanwhile, reference [14] proposes a novel attack compensator to suppress the effect of the attack signal on state information by compressing the amplitude of abnormal measurement signals. Due to the challenge of unknown time-varying gains in the design of control systems after the parameterization of attacks, to solve it, the author proposes a Nussbaum gain technique [15]. In addition, the authors propose an observer with attack compensation in [15], which successfully solved the problem of unknown control gain caused by unknown time-varying coefficients. However, the assumption that attacks can be parameterized is too strict, and it is difficult to find conditions that satisfy this assumption in real physical systems.

As deep learning continues to be studied, the performance of NN models is constantly improving. Researchers have proposed many prediction methods [16], making the application of NN more reliable and understandable. Therefore, in security maintenance and system performance evaluations, neural networks are usually used to estimate attack functions to maintain the security of the system [17,18,19]. Therefore, the authors propose the NN estimation algorithm for the systems in [17,18], excluding the strict assumption of parameterization. At the same time, in reference [19], the authors use nonlinear mapping to the cyber-attack function, applying it to a compact set, achieving the estimation requirements for the attack. In addition, an anti-attack estimation algorithm is also designed to suppress the impact of attack signals [19]. Hence, developing new control algorithms against sensor and actuator attacks is of significant importance in both theory and practice. Therefore, the main challenge of adversarial attack recovery algorithms lies in how to achieve complete compensation or suppression of attack signals and ensure convergence to the equilibrium point in any situation (with or without attacks).

In this paper, we propose an NN adaptive secure control scheme under the NN estimation algorithm framework. Specifically, we consider the following situations:

In the above research on secure/resilient control [9,10,11,12,13,14,15,16], secure/resilient control strategies are designed under the assumption that attacks can be parameterized. If an attack cannot be parameterized, how can we design an attack reconstruction strategy to eliminate the adverse effects of the cyber-attack? Furthermore, compared to [17,18,19], how can we utilize this insecure information to restore system security when attacking all channels?

The goal of this paper is to obtain the NN attack reconstruction strategies in an insecure network with all information unavailable to cope with the aforementioned situations. The innovations of this paper are as follows:

(1)

We formulate the attack reconstruction algorithm in an insecure network with all information unavailable, where the attack reconstruction strategy involves the final solution of the estimation algorithm. Specifically, by introducing mapping, time is first mapped into a compact set. Then, we use the NN estimation algorithm to solve approximate learning for unknown adversarial attacks, thereby improving the ability to cope with the adversarial attacks. Note that, although [9,10,11,12,13,14,15,16] also investigates the problems of adversarial attacks, the adversarial attacks model in [9,10,11,12,13,14,15,16] requires that the adversarial attacks must be parameterized; this article removes this restrictive assumption and is more applicable to general attack models.

(2)

We study the NN adaptive secure control scheme within the framework of backstepping, where the attack reconstruction algorithm is utilized to solve approximate learning for unknown adversarial attacks. We have demonstrated, based on the Lyapunov stability analysis theory, that the proposed secure control can ensure system performance even in the presence of adversarial attacks. Different from the requirements in the literature [20,21], and considering that the sensor attacks should be $s$-sparse [3,4,5,6,7,8,21,22], this paper utilizes the attack reconstruction algorithm to solve approximate learning for unknown adversarial attacks, no longer requiring these restrictive assumptions.

To ensure clarity and consistency in the text, the abbreviations employed throughout the paper are summarized in Abbreviations prat.

The remainder of this paper is organized as follows. Section 2 introduces the system architecture. Section 3 introduces the NN attack reconstruction algorithm to estimate the cyber-attacks. Section 4 discusses the NN adaptive secure control method. In Section 5, a stability analysis was conducted on the designed the NN adaptive secure control method. Section 6 discusses the feasibility of the algorithm through simulation.

2. Preliminaries and Problem Formulation

A. 

System Descriptions

Consider the following nonlinear CPSs as

$$\begin{array}{l}{\dot{x}}_i=x_{i+1}+f_i({\overline{\mathit{x}}}_i)\\ {\dot{x}}_n=\tilde{u}+f_n({\overline{\mathit{x}}}_n)\\ y=x_1\end{array}$$

(1)

where ${\overline{\mathit{x}}}_i={\left[x_1,\cdots ,x_i\right]}^T, \forall {\overline{x}}_i\in \Omega \subset {\mathit{R}}^i$, $i=1,\cdots ,n-1$ is the state vector [16]. $\tilde{u}$ denotes the actuator output. $f_i({\overline{\mathit{x}}}_i)$ and $f_n({\overline{\mathit{x}}}_n)$ are unknown smooth nonlinear dynamics functions of the CPSs (1). $y$ denotes the output of the controlled system.

B. 

Adversarial Attack Model

In this paper, we consider the adversarial attack as follows [9,23]:

$${\tilde{x}}_s(t)=x_s(t)+a_s(t,{\overline{\mathit{x}}}_s)$$

(2)

$$\tilde{u}(t)=u(t)+a(t,{\overline{\mathit{x}}}_n)$$

(3)

where the compromise state ${\tilde{x}}_s, s=1,\cdots ,n$ is the available variable after being attacked. $u(t)$ is the unavailable control input caused by the adversarial attack. $a_s(t,{\overline{\mathit{x}}}_s)$ is defined as a time-varying, state-dependent malicious adversarial attack function, meaning it changes over time and is influenced by the system’s current state.

Remark 1.

In the presence of sensor attacks, this paper proposes an NN estimation algorithm to estimate the unknown sensor attacks, essentially letting the network train itself and determine which attack values are most important. The proposed a NN estimation algorithm method does not require that the sensor attacks must be parameterized. Note that, although [10,11,12,13,14,15] also investigate the problems of injection unknown sensor attacks, the proposed control methods in [10,11,12,13,14,15] require that the sensor attacks must be parameterized, that is, the restrictive assumption is removed in this paper.

In defining the reference signal $y_0$, the control objectives are given as follows:

Control objective. The control objective of this paper is to design a state-feedback secure control scheme based on the NN attack reconstruction strategies in an insecure network with all the information available for nonlinear CPSs (1) against adversarial attack (2) and (3), such that:

(1)

The obtained NN attack reconstruction strategies in an insecure network with all information unavailable can effectively estimate unknown attacks.

(2)

The above secure control process reaches the expected trajectory, and all the closed-loop signals are bounded.

(3)

The output error of the system converges to a small neighborhood of zero.

3. NN Attack Reconstruction Algorithm

Due to the unknown adversarial attack functions $a_s(t,{\overline{\mathit{x}}}_s)$ and $a(t,{\overline{\mathit{x}}}_n)$ being unusable, this section needs to construct the attack reconstruction strategies during the control design process. Thus, the NN estimation algorithm is proposed to solve approximate learning for unknown adversarial attacks.

According to the research in reference [16,19], the estimation performance of neural networks (NNs) is only guaranteed on the compact set $\Omega$. However, adversarial attack functions $a(t,{\overline{\mathit{x}}}_n)$ are time-dependent; therefore, according to reference [19], we propose a nonlinear mapping that maps $t$ to a compact set:

$$h(t)={\displaystyle \frac{t}{t+1}}, t\in [0,\infty )$$

(4)

This paper takes the inverse mapping $h^{-1}:[0,1]\to [0,\infty )$ of (4), which we can obtain as follows:

$$h^{-1}(\varsigma )={\displaystyle \frac{\varsigma }{1-\varsigma }} ,\varsigma \in [0,1]$$

(5)

According to (4) and (5), the time-related adversarial attack functions $a_s(t,{\overline{\mathit{x}}}_s)$ and $a(t,{\overline{\mathit{x}}}_n)$ have been mapped to the compact set $\varsigma \in [0,1]$. NNs are capable of learning complex nonlinear relationships, making them highly adaptable to various types of data and problems. Next, we use NNs to capture adversarial attack patterns and features. We define

$$a_s(t,0)=a_s(h^{-1}(\varsigma ),0)=a_{s,h}(\varsigma ,0)$$

(6)

$$a(t,0)=a(h^{-1}(\varsigma ),0)=a_h(\varsigma ,0)$$

(7)

Similarly to work [19], we have

$$a_{s,h}(\varsigma ,{\overline{\mathit{x}}}_s)=w_s^{\ast T}{\phi }_s(\varsigma ,{\overline{\mathit{x}}}_s)+{\epsilon }_{s0}$$

(8)

$$a_h(\varsigma ,{\overline{\mathit{x}}}_n)=v^{\ast T}\varphi (\varsigma ,{\overline{\mathit{x}}}_n)+{\upsilon }_0$$

(9)

where $w_s^{\ast T}=[w_{s,1}^{\ast },\cdots ,w_{s,r}^{\ast }]$ and $v^{\ast T}=[v_1^{\ast },\cdots ,v_{\mathit{r}}^{\ast }]$ present an ideal weight vector, which is the optimal weight vector found through training to minimize error, while $\mathit{r}$ is the NN rules number; ${\phi }_s(\varsigma ,{\overline{\mathit{x}}}_s)={[{\phi }_{s,1}(\varsigma ,{\overline{\mathit{x}}}_s),\cdots ,{\phi }_{s,r}(\varsigma ,{\overline{\mathit{x}}}_s)]}^T$ and $\varphi (\varsigma ,{\overline{\mathit{x}}}_n)={[{\varphi }_1(\varsigma ,{\overline{\mathit{x}}}_n),\cdots ,{\varphi }_r(\varsigma ,{\overline{\mathit{x}}}_n)]}^T$ are activation function vectors, aiding in the Gaussian activation function, with parameters being tuned during training for optimal performance; and ${\epsilon }_{s0}$ and ${\upsilon }_0$ are approximation errors of the NN and satisfy that $\left|{\epsilon }_{s0}\right|\le {\epsilon }_{s0}^{\ast }$ and $\left|{\upsilon }_0\right|\le {\upsilon }_0^{\ast }$, respectively. ${\epsilon }_{s0}^{\ast }$ and ${\upsilon }_0^{\ast }$ are positive constants.

Based on (8) and (9), we can use ${\widehat{w}}_s^T{\phi }_s(\varsigma ,{\overline{\mathit{x}}}_s)$ and ${\widehat{v}}^T\varphi (\varsigma ,{\overline{\mathit{x}}}_n)$ to solve approximate learning for unknown adversarial attacks, respectively.

4. Controller Design

Based on the NN attack reconstruction strategies (8) and (9), and under the framework of a backstepping recursive control design algorithm, an NN-adaptive control scheme is developed which can solve approximate learning for unknown adversarial attacks.

To analyze the stability of the designed controller, we define the following error coordinate change as follows:

$$\begin{array}{l}{z}_1=x_1-y_0\\ z_s=x_s-v_s\\ {\xi }_s=v_s-{\beta }_{s-1}\end{array}$$

(10)

where ${\beta }_{s-1}\in \mathit{R}$ is the virtual controller, which is a virtual controller, which means that the value of ${\beta }_{s-1}\in \mathit{R}$ is not a virtual value (it represents the control parameters within the system); $z_s$ is the error surface; ${\xi }_s\in \mathit{R}$ is a coordinate of the first-order filter output; $v_s\in \mathit{R}$ is a variable, which is obtained through a first-order filter on intermediate virtual control ${\beta }_{s-1}\in \mathit{R}$ with a constant ${\tau }_s$ to obtain ${\nu }_s$, i.e.,

$${\tau }_s{\dot{v}}_s+v_s={\beta }_{s-1}, v_s(0)={\beta }_{s-1}(0)$$

(11)

where ${\tau }_s$ is positive constant.

Step 1: Similarly to Equations (8) and (9), we can express the approximation of the NN as follows:

$$f_s({\overline{\mathit{x}}}_s)={\theta }_s^{\ast T}{\phi }_s({\overline{\mathit{x}}}_s)+{\epsilon }_s$$

(12)

where ${\theta }_s^{\ast T}=[{\theta }_{s,1}^{\ast },\cdots ,{\theta }_{s,\mathit{r}}^{\ast }]$ is an ideal weight vector, which is the optimal weight vector found through training to minimize error; ${\phi }_s({\overline{\mathit{x}}}_s)={[{\phi }_{s,1}({\overline{\mathit{x}}}_s),\cdots ,{\phi }_{s,\mathit{r}}({\overline{\mathit{x}}}_s)]}^T$ is an activation function vector, which is the Gaussian activation function, with parameters tuned during training for optimal performance; given the positive constant ${\epsilon }_s^{\ast }>0$, the error ${\epsilon }_s$ of NN and satisfies $\left|{\epsilon }_s\right|\le {\epsilon }_s^{\ast }$. For unknown nonlinear dynamics, a NN learns it by adjusting weights during training based on input-output data $f_s({\overline{\mathit{x}}}_s)$.

By taking the derivative of both sides of (10) simultaneously, and using (1), it can be derived that

$$\begin{array}{ll}{\dot{z}}_1& ={\dot{x}}_1=x_2+f_1(x_1)\\ & =x_2+{\theta }_1^{\ast T}{\phi }_1(x_1)+{\epsilon }_1\end{array}$$

(13)

To analyze the system stability, we have chosen the following quadratic Lyapunov function. This function is selected to effectively capture the system’s dynamics and provide a suitable framework for evaluating its stability; we have

$$V_1={\displaystyle \frac{1}{2}}(z_1^2+{\displaystyle \frac{1}{p_1}}{\tilde{\theta }}_1^T{\tilde{\theta }}_1+{\displaystyle \frac{1}{q_1}}{\tilde{w}}_1^T{\tilde{w}}_1)$$

(14)

where ${\tilde{\theta }}_s={\theta }_s^{\ast }-{\widehat{\theta }}_s$.

To ensure stability, we design the virtual controller and the parameter adaptation laws as follows, and the stability will be proven in the next section.

$${\beta }_1=-c_1{\widehat{z}}_1-3{\widehat{z}}_1-{\widehat{\theta }}_1^T{\phi }_1({\tilde{x}}_1)-{\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\dot{y}}_0$$

(15)

$${\dot{\widehat{\theta }}}_1=p_1{\widehat{z}}_1{\phi }_1({\tilde{x}}_1)+{\sigma }_1{\widehat{\theta }}_1$$

(16)

$${\dot{\widehat{w}}}_1=q_1{\widehat{z}}_1{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\overline{\sigma }}_1{\widehat{w}}_1$$

(17)

where $c_1>0$, $p_1>0$, $q_1>0$, ${\sigma }_1>0$ and ${\overline{\sigma }}_1>0$ are design parameters. ${\widehat{z}}_1={\tilde{x}}_1-w_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)$ and the vector ${\widehat{\theta }}_s$ provide estimates for the ideal learning weight of ${\theta }_s^{\ast }$.

Remark 2.

Therefore, the main challenge of adversarial attack recovery algorithms lies in how to achieve complete compensation or suppression of attack signals. Due to the unavailability of the tracking error $z_1$ in (10), we introduce a novel error transformation to construct an equivalent ${\widehat{z}}_1={\tilde{x}}_1-w_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)$ instead of $z_1$. The equivalence between ${\widehat{z}}_1={\tilde{x}}_1-w_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)$ and $z_1$ depends on the performance of (8) and (9), respectively. The estimation performance of NNs can be supported within tight sets.

Step $s$ $(2\le s\le n-1)$: By taking the derivative of both sides of (10) simultaneously, it can be obtained that

$$\begin{array}{ll}{\dot{z}}_s& ={\dot{x}}_s-{\dot{\beta }}_{s-1}\\ & =x_{s+1}+f_s({\overline{x}}_s)-{\dot{\beta }}_{s-1}\\ & =x_{s+1}+{\theta }_s^{\ast T}{\phi }_s({\overline{\mathit{x}}}_s)+{\epsilon }_s-{\dot{\beta }}_{s-1}\end{array}$$

(18)

From (11), one has

$$\begin{array}{ll}{\dot{\xi }}_s& ={\dot{\nu }}_s-{\dot{\beta }}_{s-1}\\ & ={\dot{\beta }}_{s-1}-{\displaystyle \frac{{\beta }_{s-1}-v_s}{{\tau }_s}}=N_s(\cdot )-{\displaystyle \frac{{\xi }_s}{{\tau }_s}}\end{array}$$

(19)

where ${\dot{\beta }}_{s-1}=N_s(\cdot )=N_s(z_1,\cdots ,z_s,{\theta }_1,\cdots ,{\theta }_s,w_1,\cdots ,w_s,{\xi }_2\cdots ,{\xi }_s,y_0,{\dot{y}}_0)$ is a known continuous function.

Similarly to the Lyapunov function in (14), we choose the following Lyapunov function in step $s$; we obtain

$$V_s=V_{s-1}+{\displaystyle \frac{1}{2}}(z_s^2+{\displaystyle \frac{1}{p_s}}{\tilde{\theta }}_s^T{\tilde{\theta }}_s+{\displaystyle \frac{1}{q_s}}{\tilde{w}}_s^T{\tilde{w}}_s+{\xi }_s^2)$$

(20)

To ensure stability, we design the virtual controller and the parameter adaptation laws as follows, and the stability will be proven in the next section.

$${\beta }_s=-c_s{\widehat{z}}_s-3{\widehat{z}}_s-{\widehat{\theta }}_s^T{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)-{\widehat{w}}_s^T{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)+{\dot{\nu }}_s$$

(21)

$${\dot{\widehat{\theta }}}_s=p_s{\widehat{z}}_s{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)+{\sigma }_s{\widehat{\theta }}_s$$

(22)

$${\dot{\widehat{w}}}_s=q_s{\widehat{z}}_s{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)+{\overline{\sigma }}_s{\widehat{w}}_s$$

(23)

where $c_s>0$, $p_s>0$, $q_s>0$, ${\sigma }_s>0$ and ${\overline{\sigma }}_s>0$ are design parameters. And ${\widehat{z}}_s={\tilde{x}}_s-{\widehat{w}}_s^T{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)$.

Remark 3.

The author has designed an anti-attack observer that can compensate for attacks to restore the system state in [19], which only requires the sensor output to be attacked. Unlike reference [19], this article studies all states being attacked, and all variables are unavailable. The estimation performance of NNs can be supported within tight sets.

Step $n$: Similarly to Step $s$, from (1), (3) and (12) and (10), by taking the derivative of both sides of (10) simultaneously, it can be gathered that

$$\begin{array}{ll}{\dot{z}}_n& ={\dot{x}}_n-{\dot{v}}_n\\ & =\tilde{u}+f_n({\overline{\mathit{x}}}_n)-{\dot{v}}_n\\ & =u+a(t,{\overline{\mathit{x}}}_n)+f_n({\overline{\mathit{x}}}_n)-{\dot{v}}_n\\ & =u+v^{\ast T}\varphi (\varsigma ,{\overline{\mathit{x}}}_n)+{\upsilon }_0+{\theta }_n^{\ast T}{\phi }_n({\overline{\mathit{x}}}_n)+{\epsilon }_n-{\dot{v}}_n\end{array}$$

(24)

Similarly to the Lyapunov functions (14) and (20), we choose the following Lyapunov function in step $s$, finding the following:

$$V_n=V_{n-1}+{\displaystyle \frac{1}{2}}(z_n^2+{\displaystyle \frac{1}{p_n}}{\tilde{\theta }}_n^T{\tilde{\theta }}_n+{\displaystyle \frac{1}{q_n}}{\tilde{w}}_n^T{\tilde{w}}_n+{\displaystyle \frac{1}{m}}{\tilde{v}}^T\tilde{v})$$

(25)

To ensure stability, we design the virtual controller and the parameter adaptation laws as follows, and the stability will be proven in the next section.

$$u=-c_n{\widehat{z}}_n-3{\widehat{z}}_n-{\widehat{\theta }}_n^T{\phi }_n({\widetilde{\overline{\mathit{x}}}}_n)-{\widehat{v}}^T\varphi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+{\dot{\nu }}_n$$

(26)

$${\dot{\widehat{\theta }}}_n=p_n{\widehat{z}}_n{\phi }_n({\widetilde{\overline{\mathit{x}}}}_n)+{\sigma }_n{\widehat{\theta }}_n$$

(27)

$${\dot{\widehat{w}}}_n=q_n{\widehat{z}}_n{\phi }_n(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+{\overline{\sigma }}_n{\widehat{w}}_n$$

(28)

$$\dot{\widehat{v}}=m{\widehat{z}}_n{\varphi }_n(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+\overline{\sigma }\widehat{v}$$

(29)

where $c_n>0$, $p_n>0$, $q_n>0$, ${\sigma }_n>0$, ${\overline{\sigma }}_n>0$ and $\overline{\mathit{\sigma }}>0$ are design parameters. Additionally, ${\widehat{z}}_n={\tilde{x}}_n-{\widehat{w}}_n^T{\phi }_n(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)$.

The configuration of the NN-adaptive state-feedback control scheme is shown in Figure 1.

5. Stability Analysis

Theorem 1.

For nonlinear CPSs (1), if we adopt the NN attack reconstruction strategies (8) and (9), the secure control scheme (26), adaptive laws (16) and (17), (22) and (23), (28) and (29) and the virtual control laws (15), (21), (27), and if, for all the initial conditions, $‖V_n(0)‖$ is bounded, then a whole-state-feedback secure control scheme makes the following properties valid:

(1)

The obtained NN attack reconstruction strategies in an insecure network with all information unavailable can effectively estimate unknown attacks.

(2)

The above secure control process reaches the expected trajectory and all the closed-loop signals are bounded.

(3)

The output error of the system converges to a small neighborhood of zero.

Proof. 

According to (19) and (20), we can obtain

$$\begin{array}{ll}{\dot{V}}_1& =z_1{\dot{z}}_1+{\displaystyle \frac{1}{p_1}}{\tilde{\theta }}_1^T({\dot{\theta }}_1^{\ast }-{\dot{\widehat{\theta }}}_1)+{\displaystyle \frac{1}{q_1}}{\tilde{w}}_1^T({\dot{w}}_1^{\ast }-{\dot{\widehat{w}}}_1)\\ & =z_1(z_2+{\xi }_2+{\theta }_1^{\ast T}{\phi }_1(x_1)+{\epsilon }_1)-{\displaystyle \frac{1}{p_1}}{\tilde{\theta }}_1^T{\dot{\widehat{\theta }}}_1-{\displaystyle \frac{1}{q_1}}{\tilde{w}}_1^T{\dot{\widehat{w}}}_1\\ & =z_1(z_2+{\xi }_2+{\theta }_1^{\ast T}{\phi }_1(x_1)-{\theta }_1^{\ast T}{\phi }_1({\tilde{x}}_1)+{\theta }_1^{\ast T}{\phi }_1({\tilde{x}}_1)+{\epsilon }_1+{\tilde{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)\\ & -{\tilde{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1))-{\displaystyle \frac{1}{p_1}}{\tilde{\theta }}_1^T{\dot{\widehat{\theta }}}_1-{\displaystyle \frac{1}{q_1}}{\tilde{w}}_1^T{\dot{\widehat{w}}}_1\\ & =z_1(z_2+{\xi }_2+{\theta }_1^{\ast T}{\phi }_1(x_1)-{\theta }_1^{\ast T}{\phi }_1({\tilde{x}}_1)+{\widehat{\theta }}_1^T{\phi }_1({\tilde{x}}_1)+{\epsilon }_1+{\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)\\ & -w_1^{\ast T}{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\beta }_1)+(z_1-{\widehat{z}}_1){\tilde{\theta }}_1^T{\phi }_1({\tilde{x}}_1)+{\displaystyle \frac{1}{p_1}}{\tilde{\theta }}_1^T(p_1{\widehat{z}}_1{\phi }_1({\tilde{x}}_1)-{\dot{\widehat{\theta }}}_1)\\ & +(z_1-{\widehat{z}}_1){\tilde{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\displaystyle \frac{1}{q_1}}{\tilde{w}}_1^T(q_1{\widehat{z}}_1{\phi }_1(\varsigma ,{\tilde{x}}_1)-{\dot{\widehat{w}}}_1)\end{array}$$

(30)

According to (1) and (10), we have

$$\begin{array}{ll}{z}_1-{\widehat{z}}_1& =-a_1(t,x_1)+{\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)\\ & =-(w_1^{\ast T}{\phi }_1(\varsigma ,x_1)+{\epsilon }_{10})+{\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)\end{array}$$

(31)

From (14), by applying the inequality $2ab\le a^2+b^2$, we can derive the following expression/relationship, which will help in simplifying the analysis and in providing a clearer understanding of the system’s behavior.

$$z_1(z_2+{\xi }_2+{\epsilon }_1)\le {\displaystyle \frac{3}{2}}{z}_1^2+{\displaystyle \frac{1}{2}}{z}_2^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_1^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{\xi }_2^2$$

(32)

$$z_1({\theta }_1^{\ast T}{\phi }_1(x_1)-{\theta }_1^{\ast T}{\phi }_1({\tilde{x}}_1)-w_1^{\ast T}{\phi }_1(\varsigma ,{\tilde{x}}_1))\le {\displaystyle \frac{3}{2}}{z}_1^2+{‖{\theta }_1^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖w_1^{\ast }‖}^2$$

(33)

$$\begin{array}{l}(z_1-{\widehat{z}}_1){\tilde{\theta }}_1^T{\phi }_1({\tilde{x}}_1)+(z_1-{\widehat{z}}_1){\tilde{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)\\ \le ({\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)-w_1^{\ast T}{\phi }_1(\varsigma ,x_1)-{\epsilon }_{10})({\tilde{w}}_1^T+{\tilde{\theta }}_1^T){\phi }_1(\varsigma ,{\tilde{x}}_1)\\ =(w_1^{\ast T}{\phi }_1(\varsigma ,{\tilde{x}}_1)-{\tilde{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)-w_1^{\ast T}{\phi }_1(\varsigma ,x_1)-{\epsilon }_{10})({\tilde{w}}_1^T+{\tilde{\theta }}_1^T){\phi }_1(\varsigma ,{\tilde{x}}_1)\\ \le (2‖w_1^{\ast }‖+‖{\tilde{w}}_1‖-{\epsilon }_{10})(‖{\tilde{w}}_1‖+‖{\tilde{\theta }}_1‖)\\ \le {‖w_1^{\ast }‖}^2+{‖{\tilde{w}}_1‖}^2+2{‖{\tilde{\theta }}_1‖}^2+{‖{\epsilon }_{10}^{\ast }‖}^2\end{array}$$

(34)

Substituting (30)–(32) into (12) yields

$$\begin{array}{ll}{V}_1& \le z_1(3z_1+{\widehat{\theta }}_1^T{\phi }_1({\tilde{x}}_1)+{\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\beta }_1)+{\displaystyle \frac{1}{2}}{z}_2^2+{\displaystyle \frac{1}{2}}{\xi }_2^2\\ & +2{‖{\tilde{\theta }}_1‖}^2+{‖{\tilde{w}}_1‖}^2+{\displaystyle \frac{1}{p_1}}{\tilde{\theta }}_1^T(p_1{\widehat{z}}_1{\phi }_1({{\tilde{x}}^{\prime }}_1)-{\dot{\widehat{\theta }}}_1)+{‖{\theta }_1^{\ast }‖}^2\\ & +{\displaystyle \frac{1}{q_1}}{\tilde{w}}_1^T(q_1{\widehat{z}}_1{\phi }_1(\varsigma ,{\tilde{x}}_1)-{\dot{w}}_1)+{\displaystyle \frac{3}{2}}{‖w_1^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_1^{\ast }‖}^2+{‖{\epsilon }_{10}^{\ast }‖}^2\end{array}$$

(35)

Substituting (14)–(16) into (35) yields

$$\begin{array}{ll}{V}_1& \le z_1(-c_1{\widehat{z}}_1+3z_1-3{\widehat{z}}_1)+{\displaystyle \frac{1}{2}}{z}_2^2+{\displaystyle \frac{1}{2}}{\xi }_2^2+2{‖{\tilde{\theta }}_1‖}^2+{‖{\tilde{w}}_1‖}^2\\ & +{\displaystyle \frac{{\sigma }_1}{p_1}}{\tilde{\theta }}_1^T{\widehat{\theta }}_1+{\displaystyle \frac{{\overline{\sigma }}_1}{q_1}}{\tilde{w}}_1^T{\widehat{w}}_1+{‖{\theta }_1^{\ast }‖}^2+{\displaystyle \frac{3}{2}}{‖w_1^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_1^{\ast }‖}^2+{‖{\epsilon }_{10}^{\ast }‖}^2\end{array}$$

(36)

By employing the inequality $2ab\le a^2+b^2$, we can obtain

$$\begin{array}{l}{z}_1(-c_1{\widehat{z}}_1+3z_1-3{\widehat{z}}_1)\\ =-c_1{z}_1(z_1+w_1^{\ast T}{\phi }_1(\varsigma ,x_1)+{\epsilon }_{10}-w_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1))+3z_1(z_1-3{\widehat{z}}_1)\\ \le -c_1{z}_1(z_1+2‖w_1^{\ast }‖+‖{\tilde{w}}_1‖+{\epsilon }_{10})-3z_1(2‖w_1^{\ast }‖+‖{\tilde{w}}_1‖+{\epsilon }_{10})+3z_1^2\\ \le -c_1{z}_1^2+3z_1^2+{\displaystyle \frac{9+4c_1^2}{2}}{‖{\tilde{w}}_1‖}^2+(18+2c_1^2){‖w_1^{\ast }‖}^2+5{‖{\epsilon }_{10}^{\ast }‖}^2\end{array}$$

(37)

According to (36) and (37), we have

$$V_1\le -(c_1-3)z_1^2+{\displaystyle \frac{1}{2}}{z}_2^2+{\displaystyle \frac{1}{2}}{\xi }_2^2+{‖{\tilde{\theta }}_1‖}^2+{\displaystyle \frac{9+4c_1^2}{2}}{‖{\tilde{w}}_1‖}^2+{\displaystyle \frac{{\sigma }_1}{p_1}}{\tilde{\theta }}_1^T{\widehat{\theta }}_1+{\displaystyle \frac{{\overline{\sigma }}_1}{q_1}}{\tilde{w}}_1^T{\widehat{w}}_1+D_1$$

(38)

where $D_1={‖{\theta }_1^{\ast }‖}^2+({\displaystyle \frac{39}{2}}+2c_1^2){‖w_1^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_1^{\ast }‖}^2+6{‖{\epsilon }_{10}^{\ast }‖}^2$.

According to (12) and (18), we can obtain

$$\begin{array}{ll}{V}_s& =z_s({\beta }_s-{\dot{\nu }}_s+z_{s+1}+{\xi }_{s+1}+{\epsilon }_s+{\theta }_s^{\ast T}{\phi }_s({\overline{\mathit{x}}}_s))+{\xi }_s({\dot{\nu }}_s-{\dot{\beta }}_{s-1})-{\displaystyle \frac{1}{p_s}}{\tilde{\theta }}_s^T{\dot{\widehat{\theta }}}_s-{\displaystyle \frac{1}{q_s}}{\tilde{w}}_s^T{\dot{\widehat{w}}}_s\\ & =z_s({\beta }_s-{\dot{\nu }}_s+z_{s+1}+{\xi }_{s+1}+{\theta }_s^{\ast T}{\phi }_s({\overline{\mathit{x}}}_s)-{\theta }_s^{\ast T}{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)+{\widehat{\theta }}_s^T{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)+{\epsilon }_s+{\widehat{w}}_s^T{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)\\ & -w_s^{\ast T}{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s))+{\xi }_s({\dot{\nu }}_s-{\dot{\alpha }}_{s-1})+(z_s-{\widehat{z}}_s){\tilde{\theta }}_s^T{\phi }_s({{\widetilde{\overline{\mathit{x}}}}^{\prime }}_s)\\ & +{\displaystyle \frac{1}{p_s}}{\tilde{\theta }}_s^T(p_s{\widehat{z}}_s{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)-{\dot{\widehat{\theta }}}_s)+(z_s-{\widehat{z}}_s){\tilde{w}}_s^T{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)+{\displaystyle \frac{1}{q_s}}{\tilde{w}}_s^T(q_s{\widehat{z}}_s{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)-{\dot{\widehat{w}}}_s)\end{array}$$

(39)

Let $\Omega =\{(z_k,{\tilde{\theta }}_k,{\tilde{w}}_k,{\xi }_k)|{\displaystyle \sum _{k=1}^s(z_k^2+\frac{1}{p_k}{\tilde{\theta }}_k^T{\tilde{\theta }}_k+\frac{1}{m_k}{\tilde{w}}_k^T{\tilde{w}}_k)+{\displaystyle \sum _{k=2}^s{\xi }_k^2}}\le N_k\}$. Since $\Omega$ is a compact set and $N_s(\cdot )$ satisfies $‖N_s(\cdot )‖\le N_s$ on $\Omega$ with a constant $N_s$, from (11) and (20), and by using the inequality $2ab\le a^2+b^2$, we can obtain

$$z_s(z_{s+1}+{\xi }_{s+1}+{\epsilon }_s)\le {\displaystyle \frac{3}{2}}{z}_s^2+{\displaystyle \frac{1}{2}}{z}_{s+1}^2+{\displaystyle \frac{1}{2}}{\xi }_{s+1}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_s^{\ast }‖}^2$$

(40)

$$z_s({\theta }_s^{\ast T}{\phi }_s({\overline{\mathit{x}}}_s)-{\theta }_s^{\ast T}{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)-w_s^{\ast T}{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s))\le {\displaystyle \frac{3}{2}}{z}_s^2+{‖{\theta }_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖w_s^{\ast }‖}^2$$

(41)

$${\xi }_s({\dot{\nu }}_s-{\dot{\alpha }}_{s-1})\le -({\displaystyle \frac{1}{{\tau }_s}}-N_s^2){\xi }_s^2$$

(42)

$$(z_s-{\widehat{z}}_s){\tilde{\theta }}_s^T{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)+(z_s-{\widehat{z}}_s){\tilde{w}}_s^T{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)\le {‖w_s^{\ast }‖}^2+2{‖{\tilde{\theta }}_s‖}^2+{‖{\tilde{w}}_s‖}^2+{‖{\epsilon }_{s0}^{\ast }‖}^2$$

(43)

Substituting (40)–(43) into (20) yields

$$\begin{array}{ll}{V}_s& \le V_{s-1}+z_s(3z_s+{\widehat{w}}_s^T{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)+{\widehat{w}}_s^T{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)-{\dot{\nu }}_s+{\beta }_s)+{\displaystyle \frac{1}{2}}{z}_{s+1}^2\\ & -({\displaystyle \frac{1}{{\tau }_s}}-N_s^2){\xi }_s^2+{\displaystyle \frac{1}{2}}{\xi }_{s+1}^2+{‖{\tilde{w}}_s‖}^2+{\displaystyle \frac{1}{p_s}}{\tilde{\theta }}_s^T(p_s{\widehat{z}}_s{\phi }_s({\widetilde{\overline{\mathit{x}}}}_s)-{\dot{\widehat{\theta }}}_s)+2{‖{\tilde{\theta }}_s‖}^2\\ & +{\displaystyle \frac{1}{q_s}}{\tilde{w}}_s^T(q_s{\widehat{z}}_s{\phi }_s(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_s)-{\dot{\widehat{w}}}_s)+{‖{\theta }_s^{\ast }‖}^2+{\displaystyle \frac{3}{2}}{‖w_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_s^{\ast }‖}^2+{‖{\epsilon }_{s0}^{\ast }‖}^2\end{array}$$

(44)

Substituting (21)–(23) into (44) yields

$$\begin{array}{ll}{V}_s& \le V_{s-1}+z_s(-c_s{\widehat{z}}_s+3z_s-3{\widehat{z}}_s)+{\displaystyle \frac{1}{2}}{z}_{s+1}^2-({\displaystyle \frac{1}{{\tau }_s}}-N_s^2){\xi }_s^2+{\displaystyle \frac{1}{2}}{\xi }_{s+1}^2+{‖{\tilde{w}}_s‖}^2\\ & +2{‖{\tilde{\theta }}_s‖}^2+{\displaystyle \frac{{\sigma }_s}{p_s}}{\tilde{\theta }}_s^T{\widehat{\theta }}_s+{\displaystyle \frac{{\overline{\sigma }}_s}{q_s}}{\tilde{w}}_s^T{\widehat{w}}_s+{‖{\theta }_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖w_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_s^{\ast }‖}^2+{‖{\epsilon }_{s0}^{\ast }‖}^2\end{array}$$

(45)

By employing the inequality $2ab\le a^2+b^2$, we can obtain

$$\begin{array}{l} z_s(-c_s{\widehat{z}}_s+3z_s-3{\widehat{z}}_s)\\ \le -c_s{z}_s^2+3z_s^2+{\displaystyle \frac{9+4c_s^2}{2}}{‖{\tilde{w}}_s‖}^2+(18+2c_s^2){‖w_s^{\ast }‖}^2+5{‖{\epsilon }_{s0}^{\ast }‖}^2\end{array}$$

(46)

According to (45) and (46), we have

$$\begin{array}{ll}{\dot{V}}_s& \le -{\displaystyle \sum _{k=1}^s(c_k-3)z_k^2}+{\displaystyle \frac{1}{2}}{z}_{s+1}^2-{\displaystyle \sum _{k=2}^s(\frac{1}{{\tau }_k}-N_k^2-\frac{1}{2}){\xi }_k^2}+{\displaystyle \sum _{k=1}^s(\frac{{\sigma }_k}{p_k}{\tilde{\theta }}_k^T{\widehat{\theta }}_k+\frac{{\overline{\sigma }}_k}{q_k}{\tilde{w}}_k^T{\widehat{w}}_k)}\\ & +2s{‖{\tilde{\theta }}_1‖}^2+{\displaystyle \sum _{k=1}^s(\frac{9+4c_k^2}{2}{‖{\tilde{w}}_1‖}^2+}{‖{\tilde{w}}_k‖}^2)+D_s\end{array}$$

(47)

where $D_s=D_{s-1}+{\Vert {\theta }_s^{\ast }\Vert }^2+({\displaystyle \frac{39}{2}}+2c_s^2){‖w_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_s^{\ast }‖}^2+6{‖{\epsilon }_{s0}^{\ast }‖}^2$.

According to (1), (3), (9) and (10), we can obtain

$$\begin{array}{ll}{\dot{V}}_n& ={\dot{V}}_{n-1}+z_n(u+v^{\ast T}\varphi (\varsigma ,{\overline{\mathit{x}}}_n)-v^{\ast T}\varphi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+{\widehat{v}}^T\varphi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+{\theta }_n^{\ast T}{\phi }_n({\overline{\mathit{x}}}_n)-{\theta }_n^{\ast T}{\phi }_n({\widetilde{\overline{\mathit{x}}}}_n)\\ & +{\widehat{\theta }}_n^T{\phi }_n({\widetilde{\overline{\mathit{x}}}}_n)+{\upsilon }_0+{\epsilon }_n-w^{\ast T}\phi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)-{\widehat{w}}^T\phi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n))+(z_n-{\widehat{z}}_n){\tilde{\theta }}_n^T{\phi }_n({\widetilde{\overline{\mathit{x}}}}_n)\\ & +(z_n-{\widehat{z}}_n){\tilde{w}}^T\phi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+(z_n-{\widehat{z}}_n){\tilde{v}}^T\varphi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)+{\displaystyle \frac{1}{p_n}}{\tilde{\theta }}_n^T(p_n{\widehat{z}}_n{\phi }_n({\widetilde{\overline{\mathit{x}}}}_n)-{\dot{\widehat{\theta }}}_n)\\ & +{\displaystyle \frac{1}{q_n}}{\tilde{w}}_n^T(q_n{\widehat{z}}_n{\phi }_n(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)-{\dot{\widehat{w}}}_n)+{\displaystyle \frac{1}{m}}{\tilde{v}}^T(m{\widehat{z}}_n\varphi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_n)-\dot{\widehat{v}})\end{array}$$

(48)

Similary to (40)–(46), we can gather that

$$\begin{array}{ll}{\dot{V}}_n& \le -{\displaystyle \sum _{s=1}^n(c_s-3)z_s^2}-{\displaystyle \sum _{s=2}^n(\frac{1}{{\tau }_s}-N_s^2-\frac{1}{2}){\xi }_s^2}+{\displaystyle \sum _{s=1}^n(\frac{{\sigma }_s}{p_s}{\tilde{\theta }}_s^T{\widehat{\theta }}_s+\frac{{\overline{\sigma }}_s}{q_s}{\tilde{w}}_s^T{\widehat{w}}_s)}\\ & +{\displaystyle \frac{\sigma }{m}}{\tilde{v}}^T\widehat{v}+2n{‖{\tilde{\theta }}_1‖}^2+{\displaystyle \sum _{s=1}^n(\frac{9+4c_s^2}{2}{‖{\tilde{w}}_1‖}^2+}{‖{\tilde{w}}_s‖}^2)+D_n\end{array}$$

(49)

where $D_n^{\prime }=D_{n-1}+{‖{\theta }_n^{\ast }‖}^2+({\displaystyle \frac{41}{2}}+2c_n^2){‖w_n^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\epsilon }_n^{\ast }‖}^2+6{‖{\epsilon }_{n0}^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖{\upsilon }_0^{\ast }‖}^2$.

By employing the inequality $2ab\le a^2+b^2$, we can obtain

$${\tilde{\theta }}_s^T{\theta }_s+{\tilde{w}}_s^T{w}_s{\displaystyle \frac{\sigma }{m}}{\tilde{v}}^T\widehat{v}\le -{\displaystyle \frac{1}{2}}{‖{\tilde{w}}_s‖}^2-{\displaystyle \frac{1}{2}}{‖\tilde{v}‖}^2-{\displaystyle \frac{1}{2}}{‖{\tilde{\theta }}_s‖}^2+{\displaystyle \frac{1}{2}}{‖{\theta }_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖w_s^{\ast }‖}^2+{\displaystyle \frac{1}{2}}{‖v^{\ast }‖}^2$$

(50)

According to (49) and (50), we have

$$\begin{array}{ll}{\dot{V}}_n& \le -{\displaystyle \sum _{s=1}^n(c_s-3)z_s^2}-{\displaystyle \sum _{s=2}^n(\frac{1}{{\tau }_s}-N_s^2-\frac{1}{2}){\xi }_s^2}-{\displaystyle \sum _{s=1}^n(\frac{{\sigma }_s}{2p_s}{‖{\tilde{\theta }}_s‖}^2-2n{‖{\tilde{\theta }}_1‖}^2)}\\ & -{\displaystyle \sum _{s=1}^n(\frac{{\overline{\sigma }}_s}{2q_s}{‖{\tilde{w}}_s‖}^2-\frac{9+4c_s^2}{2}{‖{\tilde{w}}_1‖}^2-{‖{\tilde{w}}_s‖}^2)}-{\displaystyle \frac{1}{2}}{‖\tilde{v}‖}^2+D_n\end{array}$$

(51)

where $D_n=D_n^{\prime }+{\displaystyle \sum _{s=1}^n(\frac{{\sigma }_s}{2p_s}{‖{\theta }_s^{\ast }‖}^2+\frac{{\overline{\sigma }}_s}{2q_s}{‖w_s^{\ast }‖}^2)}+{\displaystyle \frac{1}{2}}{‖v^{\ast }‖}^2$.

Then, (51) can be written as

$${\dot{V}}_n\le -C_n{V}_n+D_n$$

(52)

where $C_n=\min \{c_s-3,{\displaystyle \frac{1}{{\tau }_s}}-N_s^2-{\displaystyle \frac{1}{2}},{\displaystyle \frac{{\sigma }_s}{2p_s}},{\displaystyle \frac{{\overline{\sigma }}_s}{2q_s}},2n,-{\displaystyle \frac{9+4c_s^2}{2}},-1\}, s=1,\cdots ,n$. This means that the system exhibits stability and boundedness over time, ensuring that the state variables remain within a certain range, even in the presence of potential disturbances or uncertainties.

By integrating both sides of (52) simultaneously with respect to $[0,t]$, it can be found that

$$0\le V_n(t)\le {\displaystyle \frac{D_n}{C_n}}+[V_n(0)-{\displaystyle \frac{D_n}{C_n}}]e^{-C_{n}t}$$

(53)

Denote the initial conditions are $\tilde{w}(0)={[{\tilde{w}}_1(0),\cdots ,{\tilde{w}}_n(0)]}^T$, $\tilde{\theta }(0)={[{\tilde{\theta }}_1(0),\cdots ,{\tilde{\theta }}_n(0)]}^T$, $\tilde{v}(0)={[\tilde{v}(0),\cdots ,\tilde{v}(0)]}^T$, and $z(0)={[z_1(0),\cdots ,z_n(0)]}^T$. According to (53), it can be seen that, with the definition of $V_n(z,\tilde{\theta },\tilde{w},\tilde{v}),\forall t\ge t_0+T_0$, we can obtain $‖(z,\tilde{\theta },\tilde{w},\tilde{v})‖\le \sqrt{2C_n/D_n}$, and the control tracking error satisfy $‖z‖\le \sqrt{(2V_n(0)e^{-C_{n}t}+C_n/D_n)}$.

The proof of Theorem 1 is complete. □

Remark 4.

The time complexity is generally $O(T\cdot L\cdot n)$, where $T$ is the number of iterations, $L$ is the number of layers in the network, and $n$ is the number of neurons per layer; the time complexity for such methods is generally $O(m\cdot k)$, where $m$ is the number of parameters to be optimized and $k$ is the number of optimization iterations. Although parameterized attack algorithms typically have lower computational complexity, the parameterization assumption they rely on is quite restrictive. This assumption limits their applicability to parameterized attack models exclusively, making them less flexible for general adversarial attack scenarios. In contrast, our approach removes this restrictive assumption, offering a more general and adaptable framework for evaluating a broader variety of adversarial attack methods.

In this paper, parameter selection guidelines are as follows:

(1)

Select design parameters $q_i$ and $m$ to determine the adversarial attack reconstruction adaptive laws ${\dot{\widehat{w}}}_s$ and ${\dot{\widehat{w}}}_s$.

(2)

Select design parameters such that $c_s, s=1,\cdots ,n-1$, $p_s$, ${\sigma }_s$, ${\overline{\sigma }}_s$ and $\overline{\sigma }$ to determine the virtual controller ${\beta }_s$ and the adaptive law ${\dot{\widehat{\theta }}}_s$.

6. Simulation Results

In this section, we provide two-joint robots to verify the effectiveness of the proposed NN attack reconstruction strategies and state-feedback secure control scheme against adversarial attacks. We expect to achieve the following control objective:

(1)

The obtained NN attack reconstruction strategies in an insecure network with all information unavailable can effectively estimate unknown attacks.

(2)

The above secure control process reaches the expected trajectory, and all the closed-loop signals are bounded, i.e., $‖z,\tilde{\theta },\tilde{w},\tilde{v}‖\le \sqrt{2C_n/D_n}$.

(3)

The output error of the system converges to a small neighborhood of zero, i.e., ${\lim }_{t\to \infty }‖y-y_0‖={\epsilon }_0$. ${\epsilon }_0$ is an infinitesimal constant.

Example 1.

The dynamic equation of a two-joint manipulator is defined as follows:

$$\begin{array}{l}M(q)\ddot{q}+C(q,\dot{q})\dot{q}+d=u\\ y=q\end{array}$$

(54)

where $q={[\begin{array}{cc}{\theta }_1& {\theta }_2\end{array}]}^T$, $\dot{q}$ and $\ddot{q}\in {\mathit{R}}^2$ are the angle, angular velocity and angular acceleration of the manipulator, respectively. $M(q)\in {\mathit{R}}^{2\times 2}$ is an inertia; $C(q,\dot{q})\in {\mathit{R}}^{2\times 2}$ is a centripetal force and Coriolis moment; $d$ refers to an external disturbance, which does not affect the system’s convergence but allows for a more realistic representation of the system’s behavior under practical conditions; $u={[\begin{array}{cc}{u}_1& u_2\end{array}]}^T$ is a control input torque vector; $y$ is an output vector. In order to apply the backstepping method, we define ${\mathit{x}}_1={[\begin{array}{cc}{x}_{1,1}& x_{1,2}\end{array}]}^T=q$ and ${\mathit{x}}_2={[\begin{array}{cc}{x}_{2,1}& x_{2,2}\end{array}]}^T=\dot{q}$, which is written (54) as

$$\begin{array}{l}{\dot{x}}_1=x_2\\ {\dot{x}}_2=M^{-1}(x_1)u-M^{-1}(x_1)C(x_1,x_2)x_2-M^{-1}(x_1)d\\ y=x_1\end{array}$$

(55)

with

$$M^{-1}({\mathit{x}}_1)=\left[\begin{array}{cc}{J}_1+J_2+2m_2{\mathit{r}}_2{l}_1\cos {\theta }_2& J_2{m}_2{\mathit{r}}_2{l}_1\cos {\theta }_2\\ J_2+m_2{\mathit{r}}_2{l}_1\cos {\theta }_2& J_2\end{array}\right]$$

(56)

$$J_1={\displaystyle \frac{4}{3}}{m}_1{\mathit{r}}_1^2+m_2{l}_1^2,J_2={\displaystyle \frac{4}{3}}{m}_2{\mathit{r}}_2^2$$

(57)

$$C({\mathit{x}}_1,{\mathit{x}}_2)=\left[\begin{array}{cc}-2m_2{\mathit{r}}_2{l}_1{\dot{\theta }}_2\sin {\theta }_2& -m_2{\mathit{r}}_2{l}_1{\dot{\theta }}_2\sin {\theta }_2\\ m_2{\mathit{r}}_2{l}_1{\dot{\theta }}_1\sin {\theta }_2& 0\end{array}\right]$$

(58)

where $m_1$ is the mass of the first connecting rod and $m_2$ is the mass of the second connecting rod ; $l_1$ is the length of the first connecting rod and $l_2$ is the length of the second connecting rod; ${\mathit{r}}_1$ is the distance from the first joint to the center of gravity of the first connecting rod and ${\mathit{r}}_2$ is the distance from the second joint to the center of gravity of the first connecting rod; ${\theta }_1$ is the angle of the first connecting rod and ${\theta }_2$ is the angle of the second connecting rod; $J_1$ is the inertia matrix of the first connecting rod and $J_2$ is the inertia matrix of the second connecting rod. We describe the two-joint robotic in simulation by means of a 3-dimensional model, which is shown in Figure 2.

The FDI attacks model in (2) is defined as follows:

$$\begin{array}{l}{\tilde{\mathit{x}}}_1(t)={\mathit{x}}_1(t)+{[\begin{array}{cc}{a}_1(t,0)& a_1(t,0)\end{array}]}^T\\ {\tilde{\mathit{x}}}_2(t)={\mathit{x}}_2(t)+{[\begin{array}{cc}{a}_2(t,x_2)& a_2(t,x_2)\end{array}]}^T\end{array}$$

(59)

with

$$a_1(t,0)=\left\{\begin{array}{ll}0,& \mathrm{if} 0\le t<15\\ \sin (t)+0.5,& \mathrm{if} t\ge 15\end{array}\right.$$

(60)

$$a_2(t,x_2)=\left\{\begin{array}{ll}0,& \mathrm{if} 0\le t<10\\ 0.5x_{2,1}^2-x_{2,1}\sin (x_{2,1}),& \mathrm{if} t\ge 10\end{array}\right.$$

(61)

The actuator attacks model in (3) is defined as follows:

$$\tilde{u}(t)=u(t)+{[\begin{array}{cc}a(0,x_1)& a(0,x_1)\end{array}]}^T$$

(62)

with

$$a(0,x_1)\left\{\begin{array}{ll}0,& \mathrm{if} 0\le t<10\\ x_{1,1}\cos (x_{1,1}),& \mathrm{if} t\ge 10\end{array}\right.$$

(63)

The parameter (the center and variance of radial basis function and the weight value from hidden layer to output layer) learning process follows the principle of automatically increasing the number of hidden neurons of the network until the number of neurons reaches the maximum. The spread of radial basis function is set to 1. In the simulation, the number of neurons for unknown function $M^{-1}({\mathit{x}}_1)$ and $C({\mathit{x}}_1,{\mathit{x}}_2)$ are chosen as 11. The number of neurons for sensor attack $a_s(t,{\overline{\mathit{x}}}_s)$ and $a(t,{\overline{\mathit{x}}}_n)$ are chosen as 101. The activation functions are chosen by $\exp (-{({\overline{\mathit{x}}}_s-(0.2l-10))}^2/2), l=0,\cdots ,100$. The layers of the NN can be presented as follows Figure 3:

We design the secure controller, virtual controller, and the parameter adaptive laws as

$$u=-c_2{\widehat{z}}_2-3{\widehat{z}}_2-{\widehat{\theta }}_2^T{\phi }_2({\tilde{\overline{x}}}_2)-{\widehat{v}}^T\varphi (\varsigma ,{\widetilde{\overline{\mathit{x}}}}_2)+{\dot{\nu }}_2$$

(64)

$${\beta }_1=-c_1{\widehat{z}}_1-3{\widehat{z}}_1-{\widehat{\theta }}_1^T{\phi }_1({\tilde{x}}_1)-{\widehat{w}}_1^T{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\dot{y}}_0$$

(65)

$${\dot{\widehat{\theta }}}_1=p_1{\widehat{z}}_1{\phi }_1({\tilde{x}}_1)+{\sigma }_1{\widehat{\theta }}_1$$

(66)

$${\dot{\widehat{\theta }}}_2=p_2{\widehat{z}}_2{\phi }_2({\widetilde{\overline{\mathit{x}}}}_2)+{\sigma }_2{\widehat{\theta }}_2$$

(67)

$${\dot{\widehat{w}}}_1=q_1{\widehat{z}}_1{\phi }_1(\varsigma ,{\tilde{x}}_1)+{\overline{\sigma }}_1{\widehat{w}}_1$$

(68)

$${\dot{\widehat{w}}}_2=q_2{\widehat{z}}_2{\phi }_2(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_2)+{\overline{\sigma }}_2{\widehat{w}}_2$$

(69)

$${\dot{\widehat{v}}}_2=m{\widehat{z}}_2{\varphi }_2(\varsigma ,{\widetilde{\overline{\mathit{x}}}}_2)+\overline{\sigma }\widehat{v}$$

(70)

The system initial conditions are chosen as ${\mathit{x}}_1(0)={\left[\begin{array}{cc}1& -0.1\end{array}\right]}^T$ and ${\mathit{x}}_2(0)={\left[\begin{array}{cc}0& 0.1\end{array}\right]}^T$. The other initial conditions of the systems are chosen as zero. Additionally, the reference signal is ${\mathit{y}}_0={\left[\begin{array}{cc}\sin t& \sin t\end{array}\right]}^T$ and the external disturbance is $\mathit{d}={\left[\begin{array}{cc}0.25\sin t& 0.25\sin t\end{array}\right]}^T$. The design parameters in (56)–(58) and (64)–(71) are given in

Table 1. Design parameters.

Design Parameters
$m_1=m_2=0.765$	$l_1=l_2=0.25$
${\mathit{r}}_1={\mathit{r}}_2=0.15$	$c_1=50$, $c_2=150$
${\sigma }_1={\sigma }_2=0.01$	${\overline{\sigma }}_1={\overline{\sigma }}_2=\overline{\sigma }=0.02$
$p_1=p_2=q_1=q_2=1$	$m=\tau =1$

.

In this simulation, we simulated a sustained confrontation between attackers and defenders. The NN attack reconstruction strategies have been plotted in Figure 4, Figure 5 and Figure 6.

Figure 4, Figure 5 and Figure 6 show that, in regard to the NN estimation, Algorithm (8) and (9) solve approximate learning for unknown adversarial attacks and improve the ability to cope with the adversarial attacks at $t=10$ and $t=15$. We use the developed NN attack reconstruction strategies (8) and (9) to solve the state-compromised problem caused by adversarial attacks, which further confirms that, in terms of NN estimation, Algorithm (8) and (9) can solve approximate learning for unknown adversarial attacks. Thus, the obtained NN attack reconstruction strategies in an insecure network with all information unavailable can effectively estimate unknown attacks.

Figure 7, Figure 8 and Figure 9 show that the performance trajectory diagram of the designed state-feedback secure control scheme in a closed-loop control system. Figure 7 shows the attitude angles ${\theta }_i,i=1,2$ and their observations of two-joint robots under the proposed NN attack reconstruction strategies, and the curves of the corresponding angular velocities ${\dot{\theta }}_i,i=1,2$ and their observations are plotted in Figure 8. Thus, it can be seen that the output error of the system converges to a small neighborhood of zero, i.e., ${\lim }_{t\to \infty }‖y-y_0‖={\epsilon }_0$. Figure 9 shows that the two-joint robots control the input signal. It indicates that the followers’ attitude can still be consistent with the reference signal trajectory attitude despite adversarial attacks. Thus, it can be seen that the above secure control process reaches the expected trajectory and that all the closed-loop signals are bounded, i.e., $‖z,\tilde{\theta },\tilde{w},\tilde{v}‖\le \sqrt{2C_n/D_n}$.

To emphasize the superiority of the designed scheme, both the algorithms in [21] and our proposed algorithm are implemented under identical conditions.

The simulation results are depicted in Figure 10, Figure 11 and Figure 12 (the adversarial attacks occur at $t=10$ and $t=15$). Figure 10, Figure 11 and Figure 12 indicate that this state-feedback control scheme cannot guarantee the stability of the considered CPSs.

7. Conclusions

This paper proposed an NN-adaptive secure control scheme for cyber-physical systems via attack reconstruction strategies where the attack reconstruction strategy served as the solution to the NN estimation problem regarding the insecurity of the network. Consequently, by introducing a novel error transformation, an NN-adaptive secure control method was formulated as the framework of backstepping. Based on the Lyapunov stability theory and the defined error transformation, it was proven that the above secure control process had reached the expected trajectory and that all the closed-loop signals had been bounded. Finally, its effectiveness was verified via a simulation of the attitude control of two-joint robots.