 Research
 Open access
 Published:
EventTriggered confidentiality fusion estimation against eavesdroppers in cyberphysical systems
EURASIP Journal on Advances in Signal Processing volumeÂ 2024, ArticleÂ number:Â 56 (2024)
Abstract
System state plays an important role in cyberphysical systems (CPSs). Ensuring the security of the CPSs is a key issue that can be widely applied. The confidentiality of system state is a fundamental feature of the CPSs security. This paper studies the distributed fusion estimation problem in the presence of eavesdropper, where local sensors send their estimates to a remote fusion center (FC). To prevent eavesdropping, the event triggered scheduling strategy was adopted on each sensor. Some sufficient conditions on the triggersâ€™ threshold were derived to make the eavesdropping expected covariance unbounded while the expected error covariance for the user remains bounded. Moreover, the distributed confidentiality fusion estimation algorithm is provided to achieve perfect expected secrecy. Finally, simulations of different trigger levels for two local systems are employed to show the effectiveness of the proposed methods.
1 Introduction
Cyberphysical systems (CPSs) have been widely integrated in many application fields, such as intelligent transportation, power system, and medical device systems [1, 2, 3â€“5]. Multisensor fusion estimation is an information processing process that uses the observations from multiple sensors to complete the system state estimation under certain criteria. It is widely used in CPSs because of the high reliability and strong robustness [6, 7, 8â€“10]. However, due to its open connectivity, CPSs have become the target of malicious attackers. Eavesdropping attack is one of the typical network attacks [11, 12]. The security of CPSs has received a lot of attention, among which confidentiality is a basic security issue [13]. The data transmitted in channel is easily intercepted by eavesdropper over another channel. It can launch the complex attacks after analyzing a large amount of intercepted data, such as false data injection attacks [14]. Therefore, studying secure fusion estimation in presence of eavesdropper has great important theoretical and practical significance.
Encrypting messages to prevent eavesdropping has been studied from the perspective of information theory [15, 16]. The energy of sensors often comes from batteries, which limits their energy. Thus, it is difficult to exploit conventional strong encryption scheme due to the large energy demand. In recent years, secure communication problem has been studied by using physical layer information and artificial noise (AN). From the perspective of control theory, the concept of perfect encryption has been proposed. In [17], which required that the user's state estimation error is bounded, while the eavesdropper's estimation error tends to be unbounded over time. Then, an optimal confidentiality strategy against eavesdropper without feedback was given to obtain the perfect secrecy. Meanwhile, with feedback, similar results were derived in [18]. An event triggered sensor data scheduling strategy was designed to prevent eavesdropping by recurrent Markov chain in [19]. Moreover, considering the dynamic characteristics and physical layer information of the CPSs, statesecrecy codes was introduced to achieve the goal of perfect encryption for stable, unstable, and arbitrary systems in [20â€“22]. Consider the operation cost, an optimal encryption schedule was proposed to improve system state confidentiality in [23]. Under the distributed framework, the problem of secure fusion estimation with state privacy protection was studied in [24], where perfect secrecy was achieved by injecting AN. In the framework of state component transmission, an AN design strategy based on the system parameters was developed, which makes the eavesdroppersâ€™ fusion error covariance became worse in [25]. Then, the strategies for actively polluting local estimation components were presented to enhance the privacy level of local estimates in [26]. The finitehorizon energytopeak state estimation issue was considered for timevarying systems in [27], where the desired timevarying estimator parameter was designed for online computation. For a networked system with multirate measurements, a novel encryptiondecryption scheme was proposed to protect the privacy of the system state in [28]. Under the constraint of sensor energy, the confidentiality fusion estimation against eavesdroppers algorithm was proposed in [29] by combining event triggers and artificial noise. Recently, the AN based on the channel gain matrix was introduced to maintain confidentiality for distributed fusion estimation in [30]. However, the injected AN consumed more sensor energy, which added the challenge of antieavesdropping strategy design.
Based on the aboveanalysis, we shall study the eventbased confidentiality fusion estimation problem with limited sensor energy for CPSs. To save the sensor power, we do not encrypt signals, but schedule the transmission based on event triggers. In our scenario, the sensors transmitting their outputs to a user, where all transmission channels may be tapped by the eavesdroppers. Under this case, the eavesdroppers can obtain an accurate state estimation result through the fusion estimation method. From the user's perspective, in order to protect state privacy, each local sensor needs to design rules for transmitting local estimates to prevent the eavesdropper from getting the real system state through fusion estimation. This is the most important goal of this article, and the main contributions include: (1) We provide some sufficient conditions about the threshold of event triggering to achieve perfect expected secrecy. (2) The eventbased distributed confidentiality fusion estimation algorithm is proposed to ensure the effective of the transmission scheduling strategy.
2 Problem formulation
2.1 System model
The system structure is shown in Fig.Â 1, which is described by the following physical model:
where \(x(t) \in R^{n}\) is state vector with dimension n, and \(y_{i} (t) \in R^{{q_{i} }}\) is sensor observation value of the ith sensor with dimension q_{i}. \(w(t)\) and \(v_{i} (t)\) are Gaussian white noise with zero mean value, and the variances are \(Q\) and \(R_{i}\) respectively. L means there are L sensors to observe the system state. Assume that the matrix pair \((C_{i} ,A)\) is detectable and \((A,Q^{1/2} )\) is controllable.
In our scenario, all sensors are smart sensors with computing capability [31]. At time t, the ith sensor observes the physical process to obtain the observation \(y_{i} (t)\). After collecting the observations until time t, the information set of the ith local estimator is given as \({\text{Y}}_{i} (t)=y_{i} (1), \ldots ,y_{i} (t)\) with \({\text{Y}}_{i} (  1) = \emptyset\). Further, define
where \({\hat{x}}_{i}^{  } (t)\)and \({\hat{x}}_{i} (t)\) are a priori and a posteriori MMSE estimates,\(P_{i}^{  } (t)\) and \(P_{i} (t)\) are estimation error covariance, and E[Â·] represents the mathematical expectation. Recall from the standard Kalman filter [32], \(\hat{x}_{i} (t)\) and \(P_{i} (t)\) can be obtained according to the local estimator (LE) of the ith sensor:
According to literature [33], it usually takes only a few iterations for \(P_{i} (t)\) to converge exponentially to the steadystate value. Therefore, for simplicity, let \(P_{i} (0)\) be the initial error covariance of the ith sensor, and it is equal to \(\overline{P}_{ii}\). Further, we know that \(P_{i} (t) = \overline{P}_{ii}\) for all times t.
After obtaining the LE \(\hat{x}_{i} (t)\), the ith sensor decides whether to transmit it to the fusion center (FC). We introduce the binary variable \(\alpha_{i} (t)\) to model the decision process. \(\alpha_{i} (t) = 1\) indicates that the LE \({\hat{x}}_{i} (t)\) is sent by the ith sensor, otherwise it will not send. The channels between the sensors and the FC are not reliable, which may lead to data packet loss. In addition, the packets transmitted on the channel can be intercepted on another channel by eavesdroppers. Let the binary variable \(\beta_{i} (t) = 1\) and 0 denote whether the ith LE is intercepted by the eavesdropper or not. Let the binary variable \(\gamma_{i} (t) = 1\) and 0 denote whether the ith LE is successfully received by the user or not.
In the FC, in order to obtain accurate state estimation, user and eavesdropper use the weighted matrix fusion method to obtain the final state estimation based on the received LE. To avoid symbol misuse, the fusion estimation of the userâ€™s FC is taken as an example to illustrate how to implement the weighted matrix fusion algorithm. Let \(h\) and \(h^{k}\) be functions. In specific, \(h(X) \triangleq AXA^{T} + Q\) and \(h^{k} (X) \triangleq \underbrace {h \circ h \circ \cdots \circ h}_{{\quad \quad k\;{\text{times}}}}(X)\). According to [34, 35], if \(k_{1} \le k_{2}\),\(k_{1} ,k_{2} \in Z^{ + }\), then \(\overline{P}_{ii} < h^{{k_{1} }} (\overline{P}_{ii} ) \le h^{{k_{2} }} (\overline{P}_{ii} )\).
In the userâ€™s FC, the LE of the ith sensor cannot be successfully received in two cases by. One is that the ith sensor does not send LE to the FC, in which case \(\alpha_{i} (t) = 0\). The second is that the ith LE is sent, but packet loss occurs in the channel with \(\gamma_{i} (t) = 0\). In this case, it needs to perform a onestep prediction compensation on the local estimate. Therefore, the final LE \(\hat{x}_{i}^{u} (t)\) and covariance \(P_{ii}^{u} (t)\) is computed as
Further, the distributed matrixweighted fusion filter \(\hat{x}_{{}}^{u} (t)\) can be obtained by4
where,
Then, define \(\Xi (t) \triangleq \left[ {\begin{array}{*{20}l} {P_{11}^{u} (t) \ldots P_{1L}^{u} (t)} \hfill \\ {\;\quad \vdots \quad \quad \quad \vdots } \hfill \\ {P_{L1}^{u} (t) \ldots P_{LL}^{u} (t)} \hfill \\ \end{array} } \right]\), where \(P_{ij}^{u} (t)\) (iâ€‰â‰ â€‰j) is crosscovariance matrix between any two LEs, which is calculated by:
It usually takes only a few iterations for \(P_{ij}^{u} (t)\) to converge exponentially to the steadystate value [36]. For simplicity, we represent the initial error crosscovariance matrix as \(P_{ij} (0)\) for the ith sensor, and it is equal to \(\overline{P}_{ij}\). Then, it can be concluded that \(P_{ij}^{u} (t) = \overline{P}_{ij}\) for all times t, and the initial of \(\Xi (0)\) is \(\left[ \begin{gathered} \overline{P}_{11} \ldots \;\overline{P}_{1L} \hfill \\ \;\; \vdots \;\;\;\;\;\quad \vdots \hfill \\ \overline{P}_{L1} \ldots \overline{P}_{LL} \hfill \\ \end{gathered} \right]\).
Under the linear minimum variance criterion, in terms of the result in [37], the optimal W_{1}(t), W_{2}(t),â€¦,W_{L}(t) in (6) can be given by:
where \(\Upsilon_{{}}^{s} = [I_{n} ,I_{n} , \ldots ,I_{n} ]^{T}\). Further, the fusion error covariance \(P^{u} (t) \triangleq {\text{E}}\{ (x(t)  \hat{x}^{u} (t))(x(k)  \hat{x}^{u} (t))^{T} \}.\) can be computed by:
Remark 1
For the eavesdropper, if he is strong enough to eavesdrop on the transmission data of multiple sensors at the same time, he can use the intercepted LEs to obtain more accurate state estimation through fusion estimation method. This brings challenges to the distributed secure fusion estimation.
2.2 Problem of interest
First, we denote by p_{i} the probability that the ith sensor decides to send the LE to the FC. To prevent eavesdropping, the stochastic event triggering strategy is adopted for all sensors. In detail, the processor of the ith sensor can generate a random variable \(\zeta_{i}\) at each time t. These variables obey a uniform distribution on (0, 1), i.e.,\(\zeta_{i} \sim U(0,1)\). The stochastic event triggers are given by
Further, assume that each sensor always decides to send LE to the FC, i.e., \(\alpha_{i} (t) = 1\) for all time t. We model the packet drops and packet interceptions as i.i.d. over time, which are commonly used assumptions by researchers. In particular, we let \(\rho_{i}\) represent the probability that the ith local estimate is intercepted by the eavesdropper. Similarly, \(\lambda_{i}\) denotes the probability that the ith local estimate is received by the user. Thus, the channel model can be given as follows:
Remark 2
In the description of physical layer security problems, knowing exactly the channel model of the eavesdropper for the user is a common assumption[38]. The channel gain can be obtained by using blind estimation, pilotbased estimation, etc. Under this case, knowing the probability \(\rho_{i}\) is less restrictive than knowing the exact eavesdropperâ€™s channel model. In fact, \(\rho_{i}\) can be considered as the confidence level of the system designer on the ability of the eavesdropper to successfully eavesdrop data packs.
Next, the concept of perfect encryption is introduced in the following definition.
Definition 1
(Perfect Expected Secrecy) [17]. For any initial condition \(P(0)\), a secrecy mechanism achieve perfect expected secrecy if and only if both of the following condition hold:
where the covariance of the state estimation error for the eavesdropper is denoted by \(P^{e} (t)\), Sup represents upper bound, and Tr denotes trace operator.
Remark 3
For any initial system estimation error covariance, when the data transmitted is encrypted according to a scheduling mechanism, the trace of the user's covariance tends to be bounded in the expected sense over time, while the trace of the eavesdroppersâ€™ tends to be unbounded. In this case, the eavesdropper's state estimation error is infinite, and the accurate information of the system state cannot be obtained. Therefore, it can be said that perfect expected encryption is achieved under this encryption mechanism.
Further, the problems we need to solve is described as follows:

(1)
For the distributed fusion estimation, the first aim of this paper is to answer â€śhow to design eventtriggered data scheduler for the sensors so that the user's estimation error is convergent, but the estimation error for the eavesdropper will be unboundedâ€ť.

(2)
From the perspective of the defender, another goal is to design the eventtriggered confidentiality fusion estimation algorithm, which guarantee the effectiveness of our data scheduling method.
3 Main results
For a stable system, as long as the eavesdropper has the system model parameters, the system state can be predicted in real time without eavesdropping, and the prediction error is always bounded. Therefore, we studies the problem of confidentiality fusion estimation for unstable systems. As pointed out in the literature [17], fusion estimation to against eavesdroppers for unstable systems is more interesting than that for stable systems. Let the spectral radius of A in the unstable system (1) satisfy \(\rho (A) > 1\). We will explore some sufficient conditions under which we can obtain the distributed security fusion estimation algorithm to protect state privacy.
Theorem 1
For the unstable system (1) with channel model (11), under the encryption mechanism (10), if the trigger thresholds of all sensors satisfy:

(i)
There is an positive integer i such that
$$\eta_{i} > \frac{1}{{\lambda_{i} }}\left( {1  \frac{1}{{\rho (A)^{2} }}} \right)$$(14) 
(ii)
For any positive integer i, the following inequality holds
$$\eta_{i} < \min \left\{ {\frac{1}{{\rho_{i} }}(1  \rho (A)^{{  \frac{2}{L}}} ),1} \right\}$$(15)
Then the Perfect Expected Secrecy can be obtained.
Proof
According to the Definition 1, we need to prove that Eqs.Â (12) and (13) holds simultaneously under condition (14) and (15). We first prove that the Perfect Expected Secrecy condition (12) is satisfied under the condition (14). Suppose that the event trigger threshold \(\eta_{i}\) of the s_{0}th sensor satisfies \(\eta_{i} > \frac{1}{{\lambda_{i} }}(1  \frac{1}{{\rho (A)^{2} }})\), then we have
In this case, the probability that the userâ€™s FC can successfully receive the LE of the \(s_{0}\)th sensor always satisfies \(p(\alpha_{i} (t)\gamma_{i} (t) = 1) > 1  \frac{1}{{\rho (A)^{2} }}\). Then, according to [37], the estimation error covariance of the \(s_{0}\) th sensor is bounded, i.e. \(P_{ii}^{u} (t) < \infty\). Denote \(\Upsilon_{i}^{s} = [{\mathbf{0}}, \ldots ,I_{n} , \ldots ,{\mathbf{0}}]^{T} \in R^{nL \times n}\), where, the ith block place is an identity matrix \(I_{n}\).\({\mathbf{0}}\) represents zero matrix with dimension n. Then, we have
This means that as long as the LE error covariance of one sensor is bounded, the state error covariance obtained after the FC fuses all local estimates must be bounded. Therefore, the conditions (12) is satisfied.
Further, we prove that the Perfect Expected Secrecy condition (13) is satisfied under the condition (15). Let \(\Omega\) denote the event that the event triggers of all sensors are not triggered and all LEs are not successfully intercepted when the LEs are transmitted. \(\Omega^{ \bot }\) represents its complement. Further, we consider the probability of the event \(\Omega\) over the finite time N, one has
where \(t = 1,2, \ldots ,N,i = 1,2, \ldots ,L\).
Similar to (9), for all times N in event \(\Omega\), we have the terminal estimation error covariance for the eavesdropper \(P^{e} (N) = ((I_{{}}^{a} )^{T} (\sum^{e} (N))^{  1} I^{a} )^{  1}\). Then, according to the definition of \(\Omega\), we know that the eavesdropper cannot successfully intercept the LEs of all sensors at all times N. In this case, the eavesdropper can only perform onestep prediction instead of LE. According to (4), we have
where, \(h^{N} (\overline{P}_{ij} ) = A^{N} \overline{P}_{ij} (A^{T} )^{N} + \sum\limits_{s = 0}^{N  1} {A^{s} Q(A^{T} )^{s} }\)ă€‚
Taking the trace of terminal estimation error covariance \(P^{e} (N)\), one can get:
Then, there is an positive integer i, which makes the following equation hold:
Furthermore, according to the condition (15), we can get \(\eta_{i} \rho_{i} < 1  \rho (A)^{{  \frac{2}{L}}}.\) Combing (21), the following inequality can be obtained:
Therefore, it can be concluded that \({\mathrm{Tr\{E}}\{ P^{e} (N)\}\} \to \infty\) when N goes to infinity, i.e.\(\mathop {{\mathrm{lim}}}\limits_{t \to \infty} {\mathrm{Tr\{E}}\{ P^{e} (t)\}\}= \infty.\)
Remark 4
The above theorem shows that as long as the event trigger threshold of one sensor is greater than \(\frac{1}{{\lambda_{i} }}(1  \frac{1}{{\rho (A)^{2} }})\), the userâ€™s fusion estimation error can be guaranteed to be bounded. On this basis, if the event trigger thresholds of all sensors are controlled to satisfy the condition (15), the state estimation error for eavesdropper will tend to be unbounded. For the perspective of user, to protect the privacy of state data from leakage, the event trigger thresholds should be reduced as much as possible when the condition (14) is satisfied. In this case, the probability that the eavesdropper successfully intercepts each local estimation is small, which makes the fusion estimation performance worse. In addition, the larger the number of sensors L is, the more local estimates the eavesdropper may intercept. Then, the user needs to reduce the event trigger threshold to a greater extent to ensure confidentiality. In the special case of only a single sensor with Lâ€‰=â€‰1, the result \(1  \rho (A)^{{  \frac{2}{L}}}\) degenerate into \(1  \frac{1}{{\rho^{2} (A)}}\), which is consistent with the result in literature [39].
Remark 5
The proposed stochastic event triggering strategy ensures that eavesdroppers cannot obtain the true system state information by fusing data from the local sensors intercepted on unreliable channels. At the same time, the energy of local sensors is saved under the event triggering mechanisms. It is worth noting that the fusion estimation performance of the user will also decrease. This is a compromise on the fusion estimation performance for the sake of confidentiality.
We provide two sufficient conditions for event triggered security fusion estimation above. Next, we present a distributed confidentiality fusion estimation algorithm to achieve the Perfect Expected Secrecy. The specific steps are as follows (Table 1):
4 Result and discussion
Consider a scene where two sensors observe a dynamic system. The model parameters are given as follows
Through several iterations, the steadystate covariance matrices can be obtained as:
Suppose that the probability \(\lambda_{i} \;(i = 1,2)\) of successful data reception between the userâ€™s FC and the two local sensors are 0.7 and 0.9, respectively. Both channels are eavesdropped, and the data interception probability \(\rho_{i} \;(i = 1,2)\) are both 0.4. We can calculate the values of \(\frac{1}{{\lambda_{i} }}(1  \frac{1}{{\rho (A)^{2} }})\;(i = 1,2)\) as 0.5080 and 0.3951 respectively, and the values \(\frac{1}{{\rho_{i} }}(1  \rho (A)^{{  \frac{2}{L}}} )\;(i = 1,2)\) are both 0.4932. All results are 1000 Monte Carlo simulations. To better interpret the simulation results, we define the following abbreviations: trace of error covariance (TEC), and trace of fusion error covariance (TFEC).
First, we do not set event triggers for all local sensors, and observe the fusion estimation performance for the eavesdropper and the user. In fact, this is equivalent to making the event trigger thresholds \(\eta_{i} \;(i = 1,2)\) of both sensors. The specific simulation results are shown in Figs.Â 2 and 3.
FigureÂ 2 shows the final LE error covariance curve of the eavesdropper and userâ€™s FC, and Fig.Â 3 shows the trace curve of their fusion estimation error covariance. It is seen that the final LE error of the eavesdropper is much larger than that of the user. This is because the successful reception rate of the user's FC is higher than that of the eavesdropper. Notice that both the eavesdropper and the user can obtain much smaller estimation error than the final local estimation through the fusion estimation method. Therefore, the fusion estimation can greatly reduce the user's state estimation error, but at the same time, it may lead to more state privacy disclosure. Next, the antieavesdropping strategy based on event triggering is verified.
The stochastic event triggers are designed for two local sensors according to (10). Let the trigger thresholds combinations for two local sensors be (0.4, 0.4), (0.45, 0.9), (0.9, 0.9). The specific simulation results are shown in Figs.Â 4 and 5.
FigureÂ 4 shows the final local estimation curve of the eavesdropperâ€™s FC, and Fig.Â 5 reflects the fusion estimation performance under different event trigger threshold combinations of two sensors. It is seen from Fig.Â 4 that the eavesdropperâ€™s TEC grows unbounded when the communication rate between the sensors and the FC is low. From Fig.Â 5, when the trigger thresholds is selected as (0.4, 0.4), the eavesdropperâ€™s estimation performance is poor. Its TFEC grows unbounded over time. This is because the sufficiency condition (15) is satisfied under this communication rate combination, so that the eavesdropper cannot obtain the real state information. In this case, the user's TFEC is bounded. This is because the userâ€™s FC has a high successful rate of receiving data from the local sensors, which makes the sufficiency condition (14) satisfied. For other combinations, the conditions (14) and (15) are not satisfied at the same time. The eavesdropper can always obtain a bounded estimation error, which makes the event trigger invalid. Therefore, in order to prevent the disclosure of state privacy, the user must design smaller trigger thresholds so that the sufficiency conditions of Theorem 1 are satisfied.
5 Conclusions
This paper studied the state privacy protection of distributed fusion estimation for CPSs. The goal was to make the TFEC matrix of the eavesdropper become unbounded over time while the expected error covariance for the user remained bounded. The random event triggering strategy was adopted to maintain confidentiality. The relationship between event triggering thresholds and estimation performance in FC was established. Some sufficient conditions of trigger thresholds were derived to guarantee the Perfect Expected Secrecy. Finally, a simulation example was employed to verify the effectiveness of the proposed method. Future research topics include (1) the privacy protection for stable systems; (2) the perfect encryption strategies based on encryption and decryption, and (3) the encryption strategy design and security fusion estimation for nonlinear systems.
Availability of data and materials
Please contact authors for data requests.
Abbreviations
 CPSs:

Cyberphysical systems
 FC:

Fusion center
 AN:

Artificial noise
 LE:

Local estimator
 TEC:

Trace of error covariance
 TFEC:

Trace of fusion error covariance
References
G. Cisotto, M. Capuzzo, A.V. Guglielmi et al., Feature stability and setup minimization for EEGEMGenabled monitoring systems. EURASIP J. Adv. Signal Process. 2022(1), 1â€“22 (2022)
A.S.S. Thuluva, M.S. Somanathan, R. Somula et al., Secure and efficient transmission of data based on Caesar Cipher Algorithm for Sybil attack in IoT. EURASIP J. Adv. Signal Process. 2021, 1â€“23 (2021)
Q. Yang, S. Jagannathan, Reinforcement learning controller design for affine nonlinear discretetime systems using online approximators. IEEE Trans. Syst. Man Cybern. Part B Cybern. 42(2), 377â€“390 (2011)
Q. Yang, W. Cao, W. Meng, J. Si, Reinforcementlearningbased tracking control of waste water treatment process under realistic system conditions and control performance requirements. IEEE Trans. Syst. Man Cybern. Syst. 52(8), 5284â€“5294 (2022)
A. Arunan, Y. Qin, X. Li, C. Yuen, A federated learningbased industrial health prognostics for heterogeneous edge devices using matched feature extraction. IEEE Trans. Autom. Sci. Eng. (2023). https://doi.org/10.1109/TASE.2023.3274648
S.Y. Lai, B. Chen, T. Li, L. Yu, Packetbased feedback control under Dos attacks in cyberphysical systems. IEEE Trans. Circuits Syst. II Express Briefs 66(8), 1421â€“1425 (2019)
B. Chen, D. Ho, G.Q. Hu, L. Yu, Secure fusion estimation for bandwidth constrained cyberphysical systems under replay attacks. IEEE Trans. Cybern. 48(6), 1862â€“1876 (2018)
Z. Ruan, Q. Yang, S.S. Ge, Y. Sun, Adaptive fuzzy fault tolerant control of uncertain MIMO nonlinear systems with output constraints and unknown control directions. IEEE Trans. Fuzzy Syst. 30(5), 1224â€“1238 (2022)
K. Q. Zhou, Y. Qin, C. Yuen, Lithiumion battery online knee onset detection by matrix profile. arXiv preprint arXiv:2304.00691 (2023)
Y. Qin, A. Auran, C. Yuen, Digital twin for realtime Liion battery state of health estimation with partially discharged cycling data. IEEE Trans. Ind. Inf. 19(5), 7247â€“7257 (2023)
B. Chen, G.Q. Hu, D. Ho, L. Yu, Distributed covariance intersection fusion estimation for cyberphysical systems with communication constraints. IEEE Trans. Autom. Control 61(12), 4020â€“4026 (2018)
K. Koo, D. Moo, J.H. Huh et al., Attack graph generation with machine learning for network security. Electron. 11(9), 1332 (2022)
Q.N. Wang, H.B. Mu, Privacypreserving and lightweight selective aggregation with faulttolerance for edge computingenhanced IoT. Sens. 21(16), 5369 (2021)
B. Chen, D. Ho, W. Zhang, L. Yu, Distributed dimensionality reduction fusion estimation for cyberphysical systems under DoS attacks. IEEE Trans. Syst. Man Cybern. 49(2), 455â€“468 (2019)
C. Shannon, Communication theory of secrecy systems. Bell Syst. Tech. J. 28(4), 656â€“715 (1949)
S. William, Cryptography and network security: principles and practices (Pearson Education India, Noida, 2006)
A. Tsiamis, K. Gatsis, G.J. Pappas, State estimation with secrecy against eavesdroppers. In Proceedings of IFAC world congress, Toulouse, France, pp. 8715â€“22 (2017)
A.S. Leong, D.E. Quevedo, D. Dolz, Transmission scheduling for remote state estimation over packet dropping links in the presence of an eavesdropper. IEEE Trans. Autom. Control. 64(9), 3732â€“3739 (2019)
J. Lu, A.S. Leong, D.E. Quevedo, Optimal eventtriggered transmission scheduling for privacypreserving wireless state estimation. Int. J. Robust Nonlinear Control 30(11), 4205â€“4224 (2020)
A. Tsiamis, K. Gatsis, G. Pappas, Statesecrecy codes for networked linear systems. IEEE Trans. Autom. Control 65(5), 2001â€“2015 (2019)
A. Tsiamis, K. Gatsis, G. Pappas, An information matrix approach for state secrecy. In Proceedings of the Conference on Decision and Control, Fontainebleau Miami Beach, United States, 17â€“19 December 2018; pp. 2062â€“2067(2018)
A. Tsiamis, K. Gatsis, G. Pappas, StateSecrecy Codes for Stable Systems. In Proceedings of the Annual American Control Conference , Milwaukee WI, USA, 27â€“29, 2018; pp. 171â€“17(2018)
L.Y. Huang, A.S. Leong, D.E. Quevedo, L. Shi, Finite time encryption schedule in the presence of an eavesdropper with operation cost. arXiv preprint arXiv:1903.11763 (2019).
D. X. Xu, B. Chen, L. Yu, Secure fusion estimation against eavesdroppers. In Proceedings of the 37th Chinese control conference, Wuhan, China, 25â€“27 July 2018; pp. 4310â€“4315 (2018)
D.X. Xu, B. Chen, L. Yu, W.A. Zhang, Secure dimensionality reduction fusion estimation against eavesdroppers in cyberâ€“physical systems. ISA Trans. 104, 154â€“161 (2020)
X.H. Yan, Y.C. Zhang, D.X. Xu, B. Chen, Distributed confidentiality fusion estimation against eavesdroppers. IEEE Trans. Aerosp. Electron. Syst. 58(4), 3633â€“3642 (2021)
L. Zou, Z.D. Wang, B. Shen, H.L. Dong, G.P. Lu, Encrypted finitehorizon energytopeak state estimation for timevarying systems under eavesdropping attacks: tackling secrecy capacity. IEEE/CAA J Autom Sin 10(4), 985â€“996 (2023)
L. Zou, Z.D. Wang, B. Shen, H.L. Dong, Encryptiondecryptionbased state estimation with multirate measurements against eavesdroppers: a recursive minimumvariance approach. IEEE Trans. Autom. Control (2023). https://doi.org/10.1109/TAC.2023.3288624
D.X. Xu, B. Chen, Y.C. Zhang, L. Yu, Energyconstrained confidentiality fusion estimation against eavesdroppers. IEEE Trans. Circuits Syst. II Express Briefs 69(2), 624â€“628 (2021)
D.X. Xu, B. Wang, L. Zhang, A new adaptive highdegree unscented Kalman filter with unknown process noise. Electron. 11(12), 1863 (2020)
A. Jazwinski, Stochastic processes and filtering theory (Academic, New York, 1970)
B. Li, Y. Lu, H.R. Karimi, Adaptive fading extended Kalman filtering for mobile robot localization using a dopplerâ€“azimuth radar. Electron. 10(20), 2544 (2021)
L. Shi, P. Cheng, J.M. Chen, Sensor data scheduling for optimal state estimation with communication energy constraint. Autom. 47(8), 1693â€“1698 (2011)
H. Zhang, Y.F. Qi, J.F. Wu, L. Fu, L.D. He, DoS attack energy management against remote state estimation. IEEE Trans. Control Network Syst. 5(1), 383â€“394 (2016)
Y. Gao, Z. Deng, Robust integrated covariance intersection fusion Kalman estimators for networked mixed uncertain timevarying systems. IMA J. Math. Control. Inf. 38(1), 232â€“266 (2021)
M. Sun, M.E. Davies, I.K. Proudler, Adaptive kernel Kalman filter. IEEE Trans on Signal Process. 71, 713â€“726 (2023)
P. A. Regalia, A. Khisti, Y. Liang, S. Tomasin, Secure communications via physicallayer and informationtheoretic techniques. In Proceeding of the IEEE 2015, 103, pp. 1698â€“1701 (2015)
T. Rhouma, J.Y. Keller, M.N. Abdelkrim, A Kalman filter with intermittent observations and reconstruction of data losses. Int. J. Appl. Math. Comput. Sci. 32(2), 241â€“253 (2022)
J. Qin, J. Wang, L. Shi et al., Randomized consensusbased distributed Kalman filtering over wireless sensor networks. IEEE Trans. Autom. Control 66(8), 3794â€“3801 (2020)
Acknowledgements
The authors thank the editor and anonymous reviewers for their helpful comments and valuable suggestions.
Funding
This research was funded by Natural Science Foundation of Zhejiang Province, Grant No. LZY23F030001, LZY22E050003, LZY22E050005, and the Quzhou Science and Technology Plan Project under Grant 2023K223, 2022K100, 2021F013.
Author information
Authors and Affiliations
Contributions
Methodology, D.X.; software, Z.C.; formal analysis, D.X., Z.C. and H.W.; investigation, D.X.; resources, Z.C. and H.W.; data curation, Z.C.; writingâ€”D.X. and Z.C.; writingâ€”review and editing, H.W.; project administration, Z.C.; funding acquisition, D.X. and H.W. All authors have read and agreed to the published version of the manuscript.
Corresponding author
Ethics declarations
Ethics approval and consent to participate
Not applicable.
Consent for publication
Not applicable.
Competing interests
The authors declare that they have no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Xu, D., Chen, Z. & Wang, H. EventTriggered confidentiality fusion estimation against eavesdroppers in cyberphysical systems. EURASIP J. Adv. Signal Process. 2024, 56 (2024). https://doi.org/10.1186/s13634024011244
Received:
Accepted:
Published:
DOI: https://doi.org/10.1186/s13634024011244