Observer-Based Active Control Strategy for Networked Switched Systems against Two-Channel Asynchronous DoS Attacks

Abstract

This paper addresses the security issue of networked switched systems under two-channel asynchronous denial-of-service (DoS) attacks, where the measurement channel and the control channel are subject to DoS attacks independently. For the case of partial-state measurements, an observer-based active control strategy is proposed to mitigate the negative impact on the control performance and stability of the system caused by the attacks. In this strategy, a novel mode-dependent finite-time observer is designed to estimate the system state rapidly and accurately, the predictor and the buffer are designed to ensure that the control signals transmitted to the actuator can be updated even when the control channel is blocked. Compared to the earlier results on the active control strategy that only consider the case of full-state measurements and assume that the DoS signals followed specific patterns, our work only limits the frequency and duration of the DoS signals, which is more general and challenging. Furthermore, the switching signal is designed to ensure the input-to-state stability (ISS) of the networked switched system with the active control strategy under two-channel asynchronous DoS attacks and asynchronous switching behaviors. Finally, the effectiveness and the merits of our work are validated through an example and a comparative experiment.

1. Introduction

With the combination and development of sensing, computing and communication technologies, cyber-physical systems (CPSs), i.e., systems whose physical processes are sensed and controlled by networks and remote computers [1,2], have found practical applications in many fields, such as smart grids [3,4,5], autonomous driving and intelligent industrial systems [6]. However, the security issue of CPSs has also attracted a lot of attention due to the use of remote computers and networks, where the external attacks introduced through the networked feedback channels may lead to deterioration of the control performance or even lead to instability [7].

The main types of cyber attacks that have been studied against CPSs include deception attacks and denial-of-service (DoS) attacks. Unlike deception attacks, DoS attacks are more practical and common as they disrupt the control performance and stability of the physical processes by blocking networked control channels and measurement channels without model knowledge and disclosure information [8,9]. Many resilient control theories have been proposed against DoS attacks on CPSs, such as DoS detection [10,11], secure state estimation [12,13,14,15,16], stability analysis [17,18,19,20], robust design [21,22,23] and so on.

Modelling of the DoS attacks is crucial for the analysis of resilience control. In [24], the DoS attack pattern is assumed to obey the Bernoulli distribution. In [25,26], the Pulse-Width Modulated DoS attacks have been studied. In [27], DoS signals with minimum sleeping time have been studied. More generally, in [17], an average dwell time (ADT)-like method is proposed to constrain the duration and frequency of DoS attacks without assuming that the DoS signals obey a certain pattern. In this paper, we will follow this DoS signal description and assume that the attack patterns employed by the adversaries are unknown.

In addition, DoS attacks against different networked channels have been widely studied. In [12,21,28,29], it is assumed that only the measurement channel is subject to DoS attacks. In [17,30], it is assumed that DoS attacks synchronously affect both the measurement and the control channels. In [31], CPSs with multiple transmission channels under DoS attacks are studied. However, asynchronous DoS attacks on both the measurement channel and the control channel are more challenging and have not received much attention.

On the other hand, as a special class of hybrid systems, networked switched systems, have been systematically studied in recent years [32,33,34]. In [32], the stability analysis is studied for the sampled-data switched systems with static quantizers by using the CLF method. In [33], the issue of stabilizing the switched and hybrid system with an encoding and control strategy is investigated. In [34], the adaptive tracking control problem of uncertain hybrid switching Markovian systems is studied by using the SMPLF method.

Additionally, the security issues of the networked switched systems under DoS attacks are studied in [35,36,37,38]. Specifically, in [35], the stability of networked switched systems with a ZOH controller under two-channel synchronous DoS attacks is investigated. In [36], the ISS problem of switched linear systems with unstabilizable modes is further investigated. However, it is shown that the passive defense strategies proposed in the above works lead to conservative results and strict constraints on DoS signals. In [37], the stability of the discrete switched system based on an active control strategy under two-channel asynchronous DoS attacks is investigated. This paper focuses on the scenario without any disturbances. However, in practical applications, disturbances are prevalent and can significantly impact the prediction accuracy in the active control strategy. This can, in turn, undermine the assurance of system robustness. In [38], the active control strategy is designed for switched systems suffering from disturbances and asynchronous attacks. However, the ISS conditions of the system are still not investigated.

Furthermore, observer design has been extensively studied in both networked switched systems [39,40] and CPSs [21,41,42]. Specifically, in [41], an observer-based ETC architecture is proposed for CPSs under DoS attacks, which necessitates sensors and actuators with specific computational capabilities. In [21], the robust design incorporating a finite-time observer and a predictor is proposed to rapidly estimate the system state during the sleeping periods of DoS attacks on the measurement channel. In [42], observer-based event-triggered control is studied for the continuous networked system subject to DoS attacks. In [39], a mode-dependent Luenberger-type observer is proposed for switched systems in both continuous-time and discrete-time contexts. In [40], an adaptive neural network observer is designed for networked switched systems via quantized output signals. However, to the best of our knowledge, the security issue for observer-based resilient control of networked switched systems under two-channel asynchronous DoS attacks has not been fully investigated, which motivates our work.

The main contributions of this paper are as follows:

• An observer-based active control strategy is proposed for networked switched systems, which exhibits resilience and robustness against two-channel asynchronous DoS attacks and asynchronous switching behaviors. In addition, the buffer size design approach is proposed.
• The switching signals are designed to ensure the ISS of the networked switched systems under active control strategy against two-channel asynchronous DoS attacks and asynchronous switching behaviors, specifically, the quantitative relationship between the frequency and duration of two-channel DoS attacks and the switching frequency is revealed under ISS conditions. The results can be degraded to the non-switched system case.
• Unlike [26,37,38,43] that only consider the case of full-state measurements, the case of partial-state measurements is studied, and a mode-dependent finite-time observer is designed to rapidly and accurately estimate the system state. In addition, external disturbances are also considered in our work.
• In the existing methods [37,38,43], the effectiveness of active control strategies often relies on assuming that the DoS signals adhere to specific patterns. However, in our work, the effectiveness of the active control strategy is only related to the frequency and duration of DoS attacks, without making any assumptions about specific patterns for DoS attacks, which is more general and challenging.

The remainder of the paper is organized as follows. In Section 2, the problem statement and preliminaries are presented. The observer-based active control strategy is proposed in Section 3. The ISS analysis of the networked switched systems under two-channel asynchronous DoS attacks and asynchronous switching behaviors is given in Section 4. Section 5 gives an example and a comparative experiment to validate the availability and merits of our work. Section 6 concludes the work of this paper.

Notations: $\mathbb{N}$ and $\mathbb{R}$ denote the integer set and real number set, respectively. Given an integer (real number) $\alpha$, denote ${\mathbb{N}}_{\ge }\alpha$ (${\mathbb{R}}_{\ge }\alpha$) be the set of integers (reals) which are not smaller than $\alpha$. Given a vector $v\in {\mathbb{R}}^n$, $\Vert v\Vert$ denotes its Euclidean norm. Given a matrix M, $\Vert M\Vert$ denotes its spectral norm. $U\setminus V$ denotes the set of all elements belonging to set U, but not to set V. I stands for the identity matrix. ${\mu }_A$ denotes the logarithmic norm of mitrix A. $\overline{\lambda }\left(Q\right)$ and $\underline{\lambda }\left(Q\right)$ represent the maximum and minimum eigenvalues of matrix Q, respectively.

2. Problem Statement and Preliminaries

2.1. Networked Switched Linear System

The system to be investigated is a networked switched linear system described by

$$\left\{\begin{array}{c}\dot{x}\left(t\right)=A_{\sigma \left(t\right)}x\left(t\right)+B_{\sigma \left(t\right)}u\left(t\right)+w\left(t\right)\hfill \\ y\left(t\right)=C_{\sigma \left(t\right)}x\left(t\right)\hfill \end{array}\right.$$

(1)

where $x\left(t\right)\in {\mathbb{R}}^n$, $t\in {\mathbb{R}}_{\ge t_0}$ denotes the state vector, $u\left(t\right)\in {\mathbb{R}}^m$ denotes the control input, $w\left(t\right)\in {\mathbb{R}}^w$ stands for the unknown bounded external disturbance. $\sigma \left(t\right)$: $[t_0,\infty )$→$\mathcal{M}$ = $\left\{1,2,\dots ,m\right\}$ denotes the switching signal which is a right-continuous piecewise constant function and $A_i$, $B_i$, $C_i$ with $i\in$$\mathcal{M}$ denote constant matrices with suitable dimensions. In this paper, we assume that ($A_i$, $B_i$) is stabilizable, ($C_i$, $e^{A_i\Delta }$) is ${\mu }_i$-steps observable and that a state-feedback matrix $K_i$ has been predesigned such that ${\Phi }_i$ = $(A_i+B_i{K}_i)$ is hurwitz. At all switching instants, there is no state jump.

In this paper, we assume that both the measurement channel and the control channel are networked and adopt the same sampling scheme synchronously with a fixed sampling period $\Delta$. Let ${\left\{t_k\right\}}_{k\in {\mathbb{N}}_{\ge 0}}$ denote the sequence of sampling instants, i.e.,

$$t_{k+1}-t_k=\Delta ,k\in {\mathbb{N}}_{\ge 0}.$$

(2)

The system’s mode can switch at any $t_s\left(n\right)\ge t_0$, where $n\in {\mathbb{N}}_{\ge 1}$ represents the nth switching, then the sensor transmits the system’s mode to the observer at the first successful transmission after $t_s\left(n\right)$. Next we introduce some assumptions used in this paper.

Assumption A1.

[44] (switching frequency). Let $n_{\sigma }(t_0,t)$, $t>t_0$ be the number of switching behaviors over the interval $[t_0,t)$. If

$$n_{\sigma }(t_0,t)\le N_{\sigma }+\frac{t-t_0}{{\tau }_{\sigma }}$$

(3)

with $N_{\sigma }\ge 1$, then ${\tau }_{\sigma }>\Delta$ is called the ADT. for ${\tau }_d\in {\mathbb{R}}_{>0}$, If any two consecutive switching instants $t_s\left(n\right)$ and $t_s(n+1)$ satisfy $t_s(n+1)-t_s\left(n\right)\ge {\tau }_d$, then ${\tau }_d<{\tau }_{\sigma }$ is called the minimum dwell time.

Remark 1.

If ${\tau }_a\le \Delta$, then the switches occurring right after each sampling instant is allowed, the closed-loop system will always be mismatched and the system will become unstable.

2.2. Two-Channel Asynchronous DoS Attacks

In this paper, we assume that both the measurement channel and the control channel are subject to DoS attacks. Both the mode signal and the measurement/control signal can be blocked by DoS attacks. Due to the unknown attack strategy applied by the attacker, we only limit the frequency and duration of the two-channel attacks.

We define $h_n^o$ as the sequence of DoS off/on transitions, and ${\Gamma }_n^o,n\ge 0$ as the nth DoS interval on channel $o\in \{m,c\}$. where “m” denotes the measurement channel and “c” denotes the control channel. Given $t_0,t\in {\mathbb{R}}_{\ge t_0}$, let

$$\begin{array}{c}\hfill {\Xi }^o(t_0,t):=\bigcup _{n\in {\mathbb{N}}_{\ge }0}{\Gamma }_n^o\bigcap [t_0,t]\end{array}$$

(4)

and let

$$\begin{array}{cc}\hfill & {\Theta }^o(t_0,t):=[t_0,t]\setminus {\Xi }^o(t_0,t)\hfill \end{array}$$

(5)

denote the union of time intervals over $[t_0,t]$ during which the o channel is subject to DoS attacks and not subject to DoS attacks, respectively.

Assumption A2.

[17] (DoS duration). There exist ${\kappa }_{\mathcal{D}}^o$∈${\mathbb{R}}_{\ge 0}$ and ${\mathit{T}}_{\mathcal{D}}^o\in {\mathbb{R}}_{>1}$ such that

$$\mid {\Xi }^o(t_0,t)\mid \le {\kappa }_{\mathcal{D}}^o+\frac{t-t_0}{{\mathit{T}}_{\mathcal{D}}^o}$$

(6)

for all $t_0,t\in {\mathbb{R}}_{\ge t_0}$.

Remark 2.

${\mathit{T}}_{\sigma }>1$ ensures that the DoS duration cannot be infinitely long.

Assumption A3.

[17] (DoS frequency). Let $n_{\mathcal{D}}^o(t_0,t)$, $t>t_0$ be the number of DoS attacks over the interval $[t_0,t)$. If

$$n_{\mathcal{D}}^o(t_0,t)\le N_{\mathcal{D}}^o+\frac{t-t_0}{{\tau }_{\mathcal{D}}^o}$$

(7)

with $N_{\mathcal{D}}^o\ge 1$ and ${\tau }_{\mathcal{D}}^o>\Delta$.

2.3. Control Objective

Definition 1.

[45] System under unknown bounded external disturbance $w\left(t\right)$ is defined as input-to-state stable (ISS) if there exist some $\chi \in \mathcal{KL}$-function and $\upsilon \in {\mathcal{K}}_{\infty }$-function such that

$$\begin{array}{c}\hfill \Vert x\left(t\right)\Vert \le \chi (\Vert x\left(t_0\right)\Vert ,t)+\upsilon (\Vert w_t{\Vert }_{\infty })\end{array}$$

(8)

holds for all $t\ge t_0$. $\Vert w_t{\Vert }_{\infty }$:= ess sup${}_{s\in [t_0,t)}$$\Vert w\left(s\right)\Vert$.

The objective of our work is to design an observer-based active control strategy that exhibits resilience against DoS attacks on both the measurement channel and the control channel, thereby ensuring the ISS of the switched system.

3. Observer-Based Active Control Strategy

3.1. Mode-Dependent Finite-Time Observer Design

Let ${\left\{w_j\right\}}_{j\in {\mathbb{N}}_{\ge 0}}$ stand for the sequence of successful transmission attempts on measurement channel and let ${\left\{z_m\right\}}_{m\in {\mathbb{N}}_{\ge 0}}$ stand for the sequence of successful transmission attempts preceded by $\mu -1$ consecutive $w_j$ with the same mode i. the observer scheme is designed as follows:

$$\left\{\begin{array}{cc}\dot{\xi }\left(t\right)=A_{\sigma \left(w_{j\left(t\right)}\right)}\xi \left(t\right)+B_{\sigma \left(w_{j\left(t\right)}\right)}u\left(t\right),\hfill & t\ne w_j\hfill \\ \xi \left(t\right)=\xi \left(t^{-}\right)+L_{\sigma \left(w_{j\left(t\right)}\right)}\left(y\left(t\right)-C_{\sigma \left(w_{j\left(t\right)}\right)}\xi \left(t^{-}\right)\right),\hfill & t=w_j\hfill \end{array}\right.$$

(9)

where

$$\xi \left(t_0\right)=\left\{\begin{array}{cc}{L}_{\sigma \left(w_0\right)}y\left(t_0\right),\hfill & t_0=w_0\hfill \\ \xi \left(z_{-1}\right)=0,\hfill & otherwise\hfill \end{array}\right.$$

(10)

and

$$j\left(t\right)=\left\{\begin{array}{cc}-1,\hfill & if\Theta (t_0,t)=\varnothing \hfill \\ sup\left\{j\in {\mathbb{N}}_{\ge 0}\mid w_j\in \Theta (t_0,t)\right\},\hfill & otherwise\hfill \end{array}\right.$$

$\xi \left(t\right)$ in (9) represents the state of the finite-time observer, the initial condition is given by $\xi \left(z_{-1}\right)=0$. Without loss of generality, we assume that at $t_0$, the observer’s mode may not necessarily match the system’s mode, i.e., $\sigma \left(w_{-1}\right)=\sigma \left(z_{-1}\right)$ can be any $i\in \mathcal{M}$. There exists a state reconstruction matrix $L_i$ such that $R_i^{{\mu }_i}=0$ holds, where ${\mu }_i$ denotes the observability index of $(C_i,e^{A_i\Delta })$ and $R_i=(I-L_i{C}_i)e^{A_i\Delta }$.

3.2. Active Control Strategy

In the case of DoS attacks on the control channel, the existing works usually employ a ZOH controller [17,35,36], where the actuator maintains the previous control signal when the control channel is blocked by DoS. This paper proposes an observer-based active control strategy for switched systems under two-channel asynchronous DoS attacks, ensuring that the actuator can update the control signal at each sampling instant (cf. Figure 1).

Denote ${\left\{s_r\right\}}_{r\in {\mathbb{N}}_{\ge 0}}$ as the sequence of successful transmission attempts on the control channel, and let ${\left\{s_m\right\}}_{m\in {\mathbb{N}}_{\ge 0}}$ denotes the sequence of the first $s_r$ following $z_m$ (cf. Figure 2).

The algorithm of the active control strategy can be described as follows:

• Step 1: The observer resets the estimate of the system state $\xi \left(z_m\right)$ when it receives $\mu$ consecutive measurement signals with the same mode i from the sensor, and then sends it to the predictor.
• Step 2: Based on the estimate $\xi \left(z_m\right)$, the system’s mode $\sigma \left(z_m\right)$ and the actual control signals, the predictor predicts the system state $\widehat{x}$ and the controller generate the control sequence $\mathcal{U}\left(z_m\right)$ and transmit it to the buffer at $s_m$ by using one data packet.
• Step 3: The buffer discards the outdated control signals and sequentially sends the control signals to the actuator, one by one, at each sampling instant. The actuator holds the control signal until the next sampling instant. Return to Step 1.

The control sequence $\mathcal{U}\left(z_m\right)$ can be expressed by

$$\begin{array}{c}\hfill \mathcal{U}\left(z_m\right)=\{u[z_m\mid z_m],u[z_m+\Delta \mid z_m],\dots ,u[z_m+(\mathcal{H}-1)\Delta \mid z_m]\}\end{array}$$

(11)

with $u[z_m+n\Delta \mid z_m]=K_{\sigma \left(z_m\right)}\widehat{x}(z_m+n\Delta \mid z_m)$,$n\in [0,\mathcal{H}-1]$ for all $m\in {\mathbb{N}}_{\ge 0}$. $\mathcal{H}$ represents the buffer size that will be designed later. $\widehat{x}(z_m+n\Delta \mid z_m)$ represents the prediction of $x(z_m+n\Delta )$ based on $\xi \left(z_m\right)$ and $\sigma \left(z_m\right)$, and can be calculated iteratively through

$$\begin{array}{c}\hfill \left\{\begin{array}{c}\widehat{x}(t_k+\Delta \mid z_m)=A_{{\sigma }_{\left(z_m\right)}}^{\delta }\widehat{x}(t_k\mid z_m)+B_{{\sigma }_{\left(z_m\right)}}^{\delta }u\left(t_k\right),t_k\in [z_m,s_{m+1})\hfill \\ \widehat{x}(z_m\mid z_m)=\xi \left(z_m\right)\hfill \end{array}\right.\end{array}$$

(12)

where the actual control signal $u\left(t_k\right)$ can be described as

$$\begin{array}{c}\hfill u\left(t_k\right)=\left\{\begin{array}{cc}u[t_k\mid z_{m-1}]=K_{\sigma \left(z_{m-1}\right)}\widehat{x}(t_k\mid z_{m-1}),\hfill & t_k\in [z_m,s_m)\hfill \\ u[t_k\mid z_m]=K_{\sigma \left(z_m\right)}\widehat{x}(t_k\mid z_m),\hfill & t_k\in [s_m,z_{m+1})\hfill \end{array}\right.\end{array}$$

for all $m\in \{-1\}\bigcup {\mathbb{N}}_{\ge 0}$, where $A_i^{\delta }=e^{A_i\Delta }$ and $B_i^{\delta }=B_i{\int }_0^{\Delta }{e}^{A_{i}s}ds$. The initial condition is given by $\widehat{x}(t_0\mid z_{-1})=\widehat{x}(z_{-1}\mid z_{-1})=\xi \left(z_{-1}\right)=0$.

After the buffer receives the new control sequence $\mathcal{U}\left(z_m\right)$, it sends an acknowledgment (ack) signal back to the controller through the control channel. Upon receiving the ack signal, the controller sends the new control sequence to the observer and the predictor to ensure that the observer, the predictor and the system adopt the same control signal at all sampling instants.

Remark 3.

In the time interval $[z_m,s_m)$, the system applies the preceding control sequence $\mathcal{U}\left(z_{m-1}\right)$. Due to the uncertainty of the control channel’s availability, the prediction of the system can only be generated one by one at each sampling instant. At $s_m$, the remaining control signals of the control sequence $\mathcal{U}\left(z_m\right)$ are generated all at once.

3.3. Buffer Size Design

In the measurement channel, both DoS attacks and the switching behaviors can disrupt the estimation of the system state by the observer. Furthermore, in the control channel, DoS attacks prevent the transmission of control sequences based on the latest estimate to the buffer. Therefore, establishing the sufficient conditions for the control mechanism to generate control signals and transmit them to the buffer within a finite time is crucial for buffer size design and system ISS analysis.

First, the sufficient conditions are proposed for the mode-dependent finite-time observer to estimate the system state under DoS attacks on the measurement channel and switching behaviors.

Lemma 1.

Consider the networked switched linear system (1) under the transmission policy (2) and the active control strategy (9) and (11), consider the DoS signal satisfying (6) and (7), the swicthing signal satisfying (3), the observer can necessarily estimate the system state within a finite time if

$$1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\sigma }}>0$$

(13)

holds true, where $\mu =max\left\{{\mu }_i\right\},i\in \mathcal{M}$. And ${\left\{z_m\right\}}_{m\in {\mathbb{N}}_{\ge 0}}$ satisfies

$$\left\{\begin{array}{c}{z}_{m+1}-z_m\le {\mathcal{Q}}^m+\Delta \hfill \\ z_0\le t_0+{\mathcal{Q}}^m+(\mu -1)\Delta \hfill \end{array}\right.$$

(14)

where ${\mathcal{Q}}^m=({\kappa }_{\mathcal{D}}^m+N_{\mathcal{D}}^m\mu \Delta +N_{\sigma }\mu \Delta ){(1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\sigma }})}^{-1}$.

Proof. 

Define ${\tilde{\Theta }}^m(h_n^m,t)$ as the time interval starting from $h_n^m$ during which the observer is capable of generating $\xi \left(z_m\right)$ at each sampling instant. Prolonging each DoS interval and each asynchronous switching interval by $\mu$ samplings, we have

$$\begin{array}{cc}\hfill \mid {\tilde{\Theta }}^m(h_n^m,t)\mid & \ge t-h_n^m-\mid {\Xi }^m(h_n^m,t)\mid -n_{\mathcal{D}}^m(h_n^m,t)\mu \Delta -n_{\sigma }(h_n^m,t)\mu \Delta \hfill \\ \hfill & \ge t-h_n^m-({\kappa }_{\mathcal{D}}^m+\frac{t-h_n^m}{{\mathit{T}}_{\mathcal{D}}^m})-(N_{\mathcal{D}}^m+\frac{t-h_n^m}{{\tau }_{\mathcal{D}}^m})\mu \Delta -(N_{\sigma }+\frac{t-h_n^m}{{\tau }_{\sigma }})\mu \Delta \hfill \\ \hfill & \ge (t-h_n^m)(1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\sigma }})-{\kappa }_{\mathcal{D}}^m-N_{\mathcal{D}}^m\mu \Delta -N_{\sigma }\mu \Delta \hfill \end{array}$$

(15)

$\mid {\tilde{\Theta }}^m(h_n^m,t)\mid >0$ implies that within the time interval $[h_n,t]$, there must be at least $\mu$ consecutive successful transmissions with the same mode passing through the measurement channel and being received by the observer. From (15) we can see that, if (13) holds true, then there must exist a sufficiently large t such that $\mid {\tilde{\Theta }}^m(h_n^m,t)\mid >0$ is satisfied.

Then, if switching signals or DoS attacks do not occur in $[t_0,t_0+(\mu -1)\Delta ]$, then $z_0\le t_0+{\mathcal{Q}}^m+(\mu -1)\Delta$ holds trivially. If switching signals or DoS attacks occur in $[t_0,t_0+(\mu -1)\Delta ]$, we have $\mu$ consecutive successful transmissions with the same mode no later than $t_0+{\mathcal{Q}}^m+(\mu -1)\Delta$. Similarly, if switching signals or DoS attacks do not occur in $[z_m,z_m+\Delta ]$, then $z_{m+1}-z_m\le {\mathcal{Q}}^m+\Delta$ holds trivially. If switching signals or DoS attacks occur in $[z_m,z_m+\Delta ]$, we have $\mu$ consecutive successful transmissions with the same mode no later than $z_m+{\mathcal{Q}}^m+\Delta$. □

Remark 4.

In [21], sufficient conditions are proposed for the finite-time observer to estimate the system state under DoS attacks on the measurement channel. In this paper, both DoS attacks and switching behaviors can interrupt the estimation of system state by the finite-time observer. Lemma 1 provides the limitation for DoS signals on the measurement channel and switching signals in the worst-case scenario, under which the estimation of the system state can be achieved.

Next, the sufficient conditions are proposed for the data packet of the control sequence $\mathcal{U}\left(z_m\right)$ to be transmitted to the buffer under DoS attacks on the control channel.

Lemma 2.

Consider the transmission policy (2) and the DoS signal satisfying (6) and (7), the control sequence $\mathcal{U}\left(z_m\right)$ can be transmitted to the buffer within a finite time if

$$1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^c}-\frac{\Delta }{{\tau }_{\mathcal{D}}^c}>0$$

(16)

holds true. Recall that we denote ${\left\{s_r\right\}}_{r\in {\mathbb{N}}_{\ge 0}}$ as the sequence of successful transmission attempts on the control channel and ${\left\{s_r\right\}}_{r\in {\mathbb{N}}_{\ge 0}}$ satisfies

$$\left\{\begin{array}{c}{s}_{r+1}-s_r\le {\mathcal{Q}}^c+\Delta \hfill \\ s_0\le t_0+{\mathcal{Q}}^c\hfill \end{array}\right.$$

(17)

where ${\mathcal{Q}}^c=({\kappa }_{\mathcal{D}}^c+N_{\mathcal{D}}^c\Delta ){(1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^c}-\frac{\Delta }{{\tau }_{\mathcal{D}}^c})}^{-1}$.

Proof. 

The proof of Lemma 2 is similar to the proof of Lemma 1 under the conditions of $\mu =1$ and swicthing-free. Therefore, it is omitted. □

Finally, based on Lemma 1 and Lemma 2, the minimum buffer size in the worst-case scenario is designed.

Lemma 3.

Consider system (1) under the transmission policy (2) and the active control strategy (9) and (11), consider the DoS signals on the measurement channel and the switching signals satisfying (13) and the DoS signals on the control channel satisfying (16). The buffer size is designed to update the control signal to the actuator at any sampling time under switching signals and two-channel asynchronous DoS attacks if

$$\begin{array}{c}\hfill \mathcal{H}\ge \frac{{\mathcal{Q}}^m+{\mathcal{Q}}^c}{\Delta }+1\end{array}$$

(18)

holds true.

Proof. 

Recall that we denote ${\left\{s_m\right\}}_{m\in {\mathbb{N}}_{\ge 0}}$ as the sequence of the first $s_r$ following $z_m$. At $z_m$, the controller needs to calculate the control sequence from $u[z_m\mid z_m]$ to $u[s_{m+1}-\Delta \mid z_m]$ based on the value of $\xi \left(z_m\right)$. In the worst-case scenario, we assume that there are DoS attacks on the control channel right at $z_{m+1}$, then combining (14) and (17), we have

$$\begin{array}{c}\hfill s_{m+1}-z_m\le {\mathcal{Q}}^m+{\mathcal{Q}}^c+\Delta .\end{array}$$

(19)

Therefore, as long as the buffer size meets (18), it is guaranteed that the actuator can update the control sequence $\mathcal{U}\left(z_m\right)$ at each sampling time before the next control sequence $\mathcal{U}\left(z_{m+1}\right)$ based on $\xi \left(z_{m+1}\right)$ is successfully transmitted to the buffer through the control channel. □

Remark 5.

Since the initial condition is given by $\xi \left(z_{-1}\right)=0$, the control sequence $u[t_k\mid z_{-1}]=K_{\sigma \left(z_{-1}\right)}\widehat{x}(t_k\mid z_{-1})=0$ for all $t_k\in [t_0,s_0)$, the buffer outputs remain at 0 before $s_0$. Therefore, when designing the buffer size, there is no need to consider the time interval $[t_0,s_0]$.

4. Input-to-State Stability Analysis

4.1. Dynamics under Two-Channel DoS Attacks without Asynchronous Switching

First, we consider the scenario without asynchronous switching. Denote $\widehat{x}\left(t\right)$ as the prediction of $x\left(t\right)$ applied be the actuators. We define $\theta \left(t\right)=\widehat{x}\left(t\right)-x\left(t\right)$ as the prediction error, and let $e\left(t\right)=x\left(t_k\right)-x\left(t\right)$ be the error between the state at the last sampling instant and the state at t. Then consider any interval $[t_k,t_{k+1}]$, the dynamics of the switched system can be rewritten as

$$\begin{array}{cc}\hfill \dot{x}\left(t\right)& ={\Phi }_{i}x\left(t\right)+B_i{K}_i(\widehat{x}\left(t_k\right)-x\left(t\right))+w\left(t\right)\hfill \\ \hfill & ={\Phi }_{i}x\left(t\right)+B_i{K}_i(\widehat{x}\left(t_k\right)-x\left(t_k\right)+x\left(t_k\right)-x\left(t\right))+w\left(t\right)\hfill \\ \hfill & ={\Phi }_{i}x\left(t\right)+B_i{K}_i\theta \left(t_k\right)+B_i{K}_{i}e\left(t\right)+w\left(t\right).\hfill \end{array}$$

(20)

First, we find the upper bound of $\theta \left(t_k\right)$. We denote $\varphi \left(t\right)=\xi \left(t\right)-x\left(t\right)$ as the observation error. Considering the finite-time observer (9), we obtain

$$\begin{array}{c}\hfill \varphi \left(z_m\right)=(I-L_i{C}_i)\varphi \left(z_m^{-}\right),\end{array}$$

(21)

combining with $\dot{\varphi }\left(t\right)=A_i\varphi \left(t\right)-w\left(t\right)$ and $R_i^{{\mu }_i}=0$, we obtain

$$\begin{array}{cc}\hfill \varphi \left(z_m\right)=& (I-L_i{C}_i)\left(e^{A_i\Delta }\varphi (z_m-\Delta )-{\int }_{z_m-\Delta }^{z_m}{e}^{A_i(z_m-\tau )}w\left(\tau \right)d\tau \right)\hfill \\ \hfill =& R_i(I-L_i{C}_i)\varphi \left({(z_m-\Delta )}^{-}\right)-(I-L_i{C}_i){\int }_{z_m-\Delta }^{z_m}{e}^{A_i(z_m-\tau )}w\left(\tau \right)d\tau \hfill \\ \hfill =& R_i^{{\mu }_i-1}(I-L_i{C}_i)\varphi \left({(z_m-({\mu }_i-1)\Delta )}^{-}\right)\hfill \\ \hfill & -(I-L_i{C}_i)\sum _{p=0}^{{\mu }_i-2}{R}_i^p{\int }_{z_m-p\Delta -\Delta }^{z_m-p\Delta }{e}^{A_i(z_m-p\Delta -\tau )}w\left(\tau \right)d\tau \hfill \\ \hfill =& R_i^{{\mu }_i}{e}^{-A_i\Delta }\varphi \left({(z_m-({\mu }_i-1)\Delta )}^{-}\right)\hfill \\ \hfill & -(I-L_i{C}_i)\sum _{p=0}^{{\mu }_i-2}{R}_i^p{\int }_{z_m-p\Delta -\Delta }^{z_m-p\Delta }{e}^{A_i(z_m-p\Delta -\tau )}w\left(\tau \right)d\tau \hfill \\ \hfill =& -(I-L_i{C}_i)\sum _{p=0}^{{\mu }_i-2}{R}_i^p{\int }_{z_m-p\Delta -\Delta }^{z_m-p\Delta }{e}^{A_i(z_m-p\Delta -\tau )}w\left(\tau \right)d\tau .\hfill \end{array}$$

(22)

Using the property that $\Vert e^{At}\Vert \le e^{{\mu }_{A}t}$ for all $t\in {\mathbb{R}}_{\ge t_0}$, we have

$$\begin{array}{cc}\hfill \Vert \varphi \left(z_m\right)\Vert & \le \Vert (I-L_i{C}_i)\Vert \sum _{p=0}^{{\mu }_i-2}\Vert R_i{\Vert }^p\frac{1}{{\mu }_{A_i}}(e^{{\mu }_{A_i}\Delta }-1){\Vert w_t\Vert }_{\infty }\hfill \end{array}$$

(23)

$$\begin{array}{cc}\hfill & \le {\rho }_1{\Vert w_t\Vert }_{\infty }\hfill \end{array}$$

(24)

where ${\rho }_1=\Vert (I-L_i{C}_i)\Vert {\displaystyle \sum _{p=0}^{{\mu }_i-2}}{\Vert R_i\Vert }^p\frac{1}{{\mu }_{A_i}}(e^{{\mu }_{A_i}\Delta }-1)$, thus $\varphi \left(z_m\right)$ is upper bounded. Recall now that $\xi \left(z_m\right)=\widehat{x}(z_m\mid z_m)$, we then have

$$\begin{array}{c}\hfill \Vert \theta (z_m\mid z_m)\Vert =\Vert \widehat{x}(z_m\mid z_m)-x\left(z_m\right)\Vert \le {\rho }_1{\Vert w_t\Vert }_{\infty }.\end{array}$$

(25)

During the time interval $[z_m,s_{m+1}]$, we further have

$$\begin{array}{cc}\hfill \Vert \theta (t_k\mid z_m)\Vert & \le e^{{\mu }_{A_i}(t_k-z_m)}\Vert \theta (z_m\mid z_m)\Vert +{\int }_{z_m}^{t_k}{e}^{{\mu }_{A_i}(t_k-\tau )}w\left(\tau \right)d\tau \hfill \\ & \le \left({\rho }_1{e}^{{\mu }_{A_i}\mathcal{H}\Delta }+\frac{1}{{\mu }_{A_i}}(e^{{\mu }_{A_i}\mathcal{H}\Delta }-1)\right){\Vert w_t\Vert }_{\infty }\hfill \\ \hfill & \le \rho \Vert w_t{\Vert }_{\infty }\hfill \end{array}$$

(26)

where $\rho =\underset{i\in \mathcal{M}}{max}\left\{{\rho }_1{e}^{{\mu }_{A_i}\mathcal{H}\Delta }+\frac{1}{{\mu }_{A_i}}(e^{{\mu }_{A_i}\mathcal{H}\Delta }-1)\right\}$. Note that the prediction error resets at each $s_m$. We finally have

$$\begin{array}{c}\hfill \Vert \theta \left(t_k\right)\Vert \le \rho \Vert w_t{\Vert }_{\infty }.\end{array}$$

(27)

Furthermore, in the case where no switching occurs in interval $[z_{m-1},z_m)$, by applying the triangular inequality we have

$$\begin{array}{c}\hfill \Vert \widehat{x}(t_k\mid z_{m-1})-\widehat{x}(t_k\mid z_m)\Vert \le 2\rho \Vert w_t{\Vert }_{\infty },t_k\in [z_m,s_m).\end{array}$$

(28)

Next, we find the upper bound of $e\left(t\right)$.

Lemma 4.

Consider system (1) under the transmission policy (2) and the active control strategy (9) and (11), in the absence of switching, if the sampling rate is properly chosen by $\Delta =t_{k+1}-t_k\le \overline{\Delta }$, $k\in {\mathbb{N}}_{\ge 0}$,

$$\begin{array}{c}\hfill \overline{\Delta }:=\left\{\begin{array}{cc}\left(\frac{\varrho }{1+\varrho }\right)\frac{1}{max\left\{\Vert {\Phi }_i\Vert ,1,\Vert A_i\Vert \right\}},\hfill & {\mu }_{A_i}\le 0\hfill \\ \frac{1}{{\mu }_{A_i}}log\left[\left(\frac{\varrho }{1+\varrho }\right)\frac{1}{max\left\{\Vert {\Phi }_i\Vert ,1,\Vert A_i\Vert \right\}}{\mu }_{A_i}+1\right],\hfill & {\mu }_{A_i}>0.\hfill \end{array}\right.\end{array}$$

(29)

Then $e\left(t\right)=x\left(t_k\right)-x\left(t\right)$ satisfies

$$\Vert e\left(t\right)\Vert \le \varrho \Vert x\left(t\right)\Vert +\varrho (2\rho +1)\Vert w_t{\Vert }_{\infty },$$

(30)

where ϱ is designed and used to describe the disparity between the state of the system at time t and the state of the system at the most recent sampling instant before t.

Proof. 

Consider any interval $[t_k,t_{k+1}]$, the dynamics of e(t) satisfy

$$\begin{array}{cc}\hfill \dot{e}\left(t\right)& =-A_{i}x\left(t\right)-B_i{K}_i\widehat{x}\left(t_k\right)-w\left(t\right)\hfill \\ \hfill & =A_i\widehat{x}\left(t_k\right)-A_{i}x\left(t\right)-A_i\widehat{x}\left(t_k\right)-B_i{K}_i\widehat{x}\left(t_k\right)-w\left(t\right)\hfill \\ \hfill & =A_i(\widehat{x}\left(t_k\right)-x\left(t_k\right)+x\left(t_k\right)-x\left(t\right))-\varphi \widehat{x}\left(t_k\right)-w\left(t\right)\hfill \\ \hfill & =A_i\theta \left(t_k\right)+A_{i}e\left(t\right)-\varphi \widehat{x}\left(t_k\right)-w\left(t\right).\hfill \end{array}$$

(31)

Notice that $e\left(t_k\right)=0$,we then have

$$\begin{array}{c}\hfill e\left(t\right)\le \mathcal{N}{\int }_{t_k}^t{e}^{{\mu }_A(t-\tau )}\left(\Vert \theta \left(t_k\right)\Vert +\Vert \widehat{x}\left(t_k\right)\Vert +\Vert w\left(\tau \right)\Vert \right)d\tau \end{array}$$

(32)

where $\mathcal{N}=max\left\{\Vert {\Phi }_i\Vert ,1,\Vert A_i\Vert \right\}$, we further have

$$\begin{array}{c}\hfill e\left(t\right)\le \mathcal{N}\mathcal{F}(t-t_k)\left(\Vert \theta \left(t_k\right)\Vert +\Vert \widehat{x}\left(t_k\right)\Vert +\Vert w_t{\Vert }_{\infty }\right)\end{array}$$

(33)

where $\mathcal{F}(t-t_k)={\int }_{t_k}^t{e}^{{\mu }_A(t-\tau )}d\tau$. From (27) we further have

$$\begin{array}{c}\hfill \Vert \widehat{x}\left(t\right)\Vert \le \Vert x\left(t\right)\Vert +\rho \Vert w_t{\Vert }_{\infty }\end{array}$$

(34)

then we have

$$\begin{array}{cc}\hfill e\left(t\right)& \le \mathcal{N}\mathcal{F}(t-t_k)(2\rho +1)\Vert w_t{\Vert }_{\infty }+\mathcal{N}\mathcal{F}(t-t_k)(\Vert x\left(t\right)\Vert +\Vert e\left(t\right)\Vert )\hfill \\ \hfill & \le \frac{\mathcal{N}\mathcal{F}(t-t_k)}{1-\mathcal{N}\mathcal{F}(t-t_k)}\Vert x\left(t\right)\Vert +\frac{\mathcal{N}\mathcal{F}(t-t_k)}{1-\mathcal{N}\mathcal{F}(t-t_k)}(2\rho +1){\Vert w_t\Vert }_{\infty }\hfill \end{array}$$

(35)

By letting $\frac{\mathcal{N}\mathcal{F}(t-t_k)}{1-\mathcal{N}\mathcal{F}(t-t_k)}=\varrho$, notice that $\mathcal{F}\left(0\right)=0$ and that $\mathcal{F}(t-t_k)$ is monotonically increasing with t, the positive correlation between $\varrho$ and $\Delta$ can be described as

$$\begin{array}{c}\hfill \Delta =\frac{1}{{\mu }_{A_i}}log\left[\left(\frac{\varrho }{1+\varrho }\right)\frac{1}{max\left\{\Vert {\Phi }_i\Vert ,1,\Vert A_i\Vert \right\}}{\mu }_{A_i}+1\right]\end{array}$$

(36)

for special cases where ${\mu }_A\le 0$, we have

$$\begin{array}{c}\hfill \mathcal{F}(\Delta )\le \Delta .\end{array}$$

(37)

Therefore, as long as $\Delta$ is chosen to be sufficiently small to satisfy (29), (30) is guaranteed to hold true. □

Based on (27) and Lemma 4, Given any symmetric positive definite matrix $Q_i$, let $P_i$ be the unique solution of the Lyapunov equation ${\Phi }_i^{\mathsf{T}}{P}_i+P_i{\Phi }_i=-Q_i$. Let $V_i\left(x\right)=x^{\mathsf{T}}{P}_{i}x$. Substituting (20) into the derivative of $V_i\left(x\right)=x^{\mathsf{T}}{P}_{i}x$ yields

$$\begin{array}{cc}\hfill {\dot{V}}_i\left(x\left(t\right)\right)=& x{\left(t\right)}^{\mathsf{T}}({\Phi }_i^{\mathsf{T}}{P}_i+P_i{\Phi }_i)x\left(t\right)+2e{\left(t\right)}^{\mathsf{T}}{K}_i{B}_i^{\mathsf{T}}Px\left(t\right)+2\theta {\left(t_k\right)}^{\mathsf{T}}{K}_i{B}_i^{\mathsf{T}}Px\left(t\right)+2x{\left(t\right)}^{\mathsf{T}}Pw\left(t\right)\hfill \\ \hfill \le & (-{\gamma }_1+{\gamma }_2\varrho )\Vert x\left(t\right){\Vert }^2+({\gamma }_2(\rho +\varrho (2\rho +1))+{\gamma }_3)\Vert x\left(t\right)\Vert v\left(t\right),\hfill \end{array}$$

(38)

where ${\gamma }_1=\underline{\lambda }\left(Q_i\right)$, ${\gamma }_2=\Vert 2K_i{B}_i^{\mathsf{T}}{P}_i\Vert$, ${\gamma }_3=\Vert 2P_i\Vert$, $v\left(t\right)=sup\left\{\Vert w\left(t\right)\Vert ,\Vert w_t{\Vert }_{\infty }\right\}$. By selecting an appropriate sampling period $\Delta$, we can obtain a sufficiently small $\varrho$ to make $-{\gamma }_4=(-{\gamma }_1+{\gamma }_2\varrho )$ negative according to Lemma 4. Using Young’s inequality yields

$$\begin{array}{cc}\hfill {\dot{V}}_i\left(x\left(t\right)\right)& \le -\frac{{\gamma }_4}{2}{\Vert x\left(t\right)\Vert }^2+\frac{{({\gamma }_2(\rho +\varrho (2\rho +1))+{\gamma }_3)}^2}{2{\gamma }_4}{v}^2\left(t\right)\hfill \\ \hfill & \le -\frac{{\gamma }_4}{2\overline{\lambda }\left(P_i\right)}{V}_i\left(x\left(t\right)\right)+\frac{{({\gamma }_2(\rho +\varrho (2\rho +1))+{\gamma }_3)}^2}{2{\gamma }_4}{v}^2\left(t\right),\hfill \end{array}$$

(39)

finally we obtain

$$\begin{array}{cc}\hfill V_i\left(x\left(t\right)\right)& \le e^{-{\alpha }_i(t-s_m)}{V}_i\left(x\left(s_m\right)\right)+a_i{\Vert w_t\Vert }_{\infty }^2\hfill \\ \hfill & \le e^{-\alpha (t-s_m)}{V}_i\left(x\left(s_m\right)\right)+a{\Vert w_t\Vert }_{\infty }^2\hfill \end{array}$$

(40)

where ${\alpha }_i=\frac{{\gamma }_4}{2\overline{\lambda }\left(P_i\right)}$, $a_i=\frac{{({\gamma }_2(\rho +\varrho (2\rho +1))+{\gamma }_3)}^2}{2{\gamma }_4{\alpha }_i}$, $\alpha ={min}_{i\in \mathcal{M}}\left\{{\alpha }_i\right\}$, $a={max}_{i\in \mathcal{M}}\left\{a_i\right\}$.

4.2. Dynamics under Two-Channel DoS Attacks with Asynchronous Switching

Next, we consider the scenario with asynchronous switching. Based on the assumptions stated earlier, the system’s mode and $\xi \left(z_m\right)$ are transmitted to the predictor at $z_m$. Therefore, if the system switches between $[z_m,z_{m+1}]$, the mode of the control sequence will mismatch with the system’s mode throughout the interval $[t_s\left(n\right),s_{m+1})$, where $t_s\left(n\right)\in [z_m,z_{m+1}]$.

In the actual control process, the switching behaviors are not very frequent, so we assume that the asynchronous switching intervals do not overlap, and for simplicity, we assume that the minimum dwell time of the switching signal satisfies

$$\begin{array}{c}\hfill {\tau }_d\ge 2({\mathcal{Q}}^m+\Delta )\end{array}$$

(41)

Due to the negative impact of asynchronous switching on system performance and stability, in the worst-case scenario, we maximize the duration of asynchronous switching within interval $[t_0,t]$; specifically, assuming that the system switches immediately after $z_m$ each time. We denote $\Pi (t_0,t)$ as the union of asynchronous intervals within $[t_0,t]$. The dynamics of the system under asynchronous switching can be described as

$$\begin{array}{c}\hfill \dot{x}\left(t\right)=A_{j}x\left(t\right)+B_j{K}_i\widehat{x}\left(t_k\right)+w\left(t\right).\end{array}$$

(42)

Substituting it into the derivative of $V_j\left(x\right)=x^{\mathsf{T}}{P}_{j}x$ yields

$$\begin{array}{cc}\hfill \dot{V}\left(x\left(t\right)\right)& =x^{\mathsf{T}}\left(t\right)(A_j^{\mathsf{T}}{P}_j+P_j{A}_j)x\left(t\right)+2x^{\mathsf{T}}\left(t\right)P_j{B}_j{K}_i\widehat{x}\left(t_k\right)+2x^{\mathsf{T}}\left(t\right)P_{j}w\left(t\right)\hfill \\ \hfill & \le {\eta }_1{\Vert x\left(t\right)\Vert }^2+{\eta }_2\Vert x\left(t\right)\Vert \Vert \widehat{x}\left(t_k\right)\Vert +{\eta }_3\Vert x\left(t\right)\Vert v\left(t\right)\hfill \end{array}$$

(43)

where ${\eta }_1=\Vert A_j^{\mathsf{T}}{P}_j+P_j{A}_j\Vert$, ${\eta }_2=\Vert 2P_j{B}_j{K}_i\Vert$, ${\eta }_3=\Vert 2P_j\Vert$. Notice that (34) does not necessarily hold during asynchronous switching; a lemma is required to further describe the energy function of the system under asynchronous switching.

Lemma 5.

Consider the sampling scheme (2) satisfying (29) in Lemma 4, where $-{\gamma }_1+{\gamma }_2\varrho <0$, the switching signal satisfying (41), then $\widehat{x}\left(t_k\right)$ of the control sequence satisfying

$$\begin{array}{c}\hfill \Vert \widehat{x}\left(t_k\right)\Vert \le \Gamma \Vert x\left(z_m\right)\Vert +{\rm Y}\Vert w_t{\Vert }_{\infty }\end{array}$$

(44)

where $\Gamma =\frac{\overline{\lambda }\left(P_i\right)}{\underline{\lambda }\left(P_i\right)}$, ${\rm Y}=\frac{\overline{\lambda }\left(P_i\right)}{\underline{\lambda }\left(P_i\right)}\rho +\sqrt{\frac{{\theta }_2\overline{\lambda }\left(P_i\right)}{{\theta }_1{\underline{\lambda }}^2\left(P_i\right)}}$.

Proof. 

Please see Appendix A. □

By Lemma 5, (43) can be further rewritten as

$$\begin{array}{c}\hfill \dot{V}\left(x\left(t\right)\right)\le {\eta }_1{\Vert x\left(t\right)\Vert }^2+{\eta }_2\Gamma \Vert x\left(t\right)\Vert \Vert x\left(z_m\right)\Vert +({\eta }_2{\rm Y}+{\eta }_3)\Vert x\left(t\right)\Vert v\left(t\right).\end{array}$$

(45)

It can be obtained

$$\begin{array}{c}\hfill 2\Vert x\left(t\right)\Vert \Vert x\left(z_m\right)\Vert \le \frac{{\eta }_1}{{\eta }_2\Gamma }\Vert x\left(t\right){\Vert }^2+\frac{{\eta }_2\Gamma }{{\eta }_1}{\Vert x\left(z_m\right)\Vert }^2\end{array}$$

(46)

and

$$\begin{array}{c}\hfill 2\Vert x\left(t\right)\Vert v\left(t\right)\le \frac{{\eta }_1}{{\eta }_2{\rm Y}+{\eta }_3}{\Vert x\left(t\right)\Vert }^2+\frac{{\eta }_2{\rm Y}+{\eta }_3}{{\eta }_1}{v}^2\left(t\right).\end{array}$$

(47)

Then,

$$\begin{array}{c}\hfill \dot{V}\left(x\left(t\right)\right)\le 2{\eta }_1{\Vert x\left(t\right)\Vert }^2+\frac{{({\eta }_2\Gamma )}^2}{2{\eta }_1}{\Vert x\left(z_m\right)\Vert }^2+\frac{{({\eta }_2{\rm Y}+{\eta }_3)}^2}{2{\eta }_1}{v}^2\left(t\right).\end{array}$$

(48)

Thus,

$$\begin{array}{cc}\hfill \dot{V}\left(x\left(t\right)\right)& \le {\beta }_{ij}max\{V\left(x\left(t\right)\right),V\left(x\left(z_m\right)\right\}+\frac{{({\eta }_2{\rm Y}+{\eta }_3)}^2}{2{\eta }_1}{\Vert w_t\Vert }_{\infty }^2\hfill \end{array}$$

(49)

where ${\beta }_{ij}=max\{\frac{2{\eta }_1}{\underline{\lambda }\left(P_j\right)}+\frac{{({\eta }_2\Gamma )}^2}{2{\eta }_1\underline{\lambda }\left(P_j\right)}\}$. By iteration, we finally have

$$\begin{array}{c}\hfill V\left(x\left(t\right)\right)\le e^{\beta (t-z_m)}V\left(x\left(z_m\right)\right)+e^{\beta (t-z_m)}b{\Vert w_t\Vert }_{\infty }^2,t\in \Pi \left(z_m,s_{m+1}\right)\end{array}$$

(50)

where $\beta =\underset{i,j\in \mathcal{M}}{max}\left\{{\beta }_{ij}\right\}$,$b=\underset{i,j\in \mathcal{M}}{max}\left\{\frac{{({\eta }_2{\rm Y}+{\eta }_3)}^2}{2{\eta }_1{\beta }_{ij}}\right\}$.

Remark 6.

There are two reasons why switching after $z_m$ is the worst case; first, in this paper we consider the system under asynchronous switching as an open-loop system with an upper bounded input, and by Lemma 5 we show that the upper bound on the input is maximized when the switching occurs exactly after $z_m$. Furthermore, when the switching occurs exactly after the $z_m$, the mode of the system must wait until $z_{m+1}$ to be corrected and until $s_{m+1}$ to be applied to the actuator, thus maximising the asynchronous switching duration.

Remark 7.

For the case where $z_{m+1}$ belongs to $(z_m,s_m]$, $s_m$ coincides with $s_{m+1}$, and still assuming that the system switches immediately after $z_m$. it is easy to obtain that the energy function of $x\left(t\right)$ within the asynchronous switching interval $(z_m,s_m)$ can still be described by (50). The duration of the asynchronous switching is $s_m-z_m\le {\mathcal{Q}}^c$ (this case is obviously not the worst-case-scenario).

Now it is ready to derive the sufficient conditions for ISS of the switched systems under two-channel asynchronous DoS attacks.

4.3. Input-to-State Stability Analysis

Theorem 1.

Consider the switched linear system (1) under sampling logic (29) and observer-based active control strategy (9), (11), $\zeta V\left(t_s^{-}\left(n\right)\right)\ge V\left(t_s\left(n\right)\right)$ with $\zeta \ge 1$. Consider the DoS signals on the measurement channel and the switching signals satisfying (13) and the DoS signals on the control channel satisfying (16). If ${\tau }_{\sigma }$ in (3) satisfy

$$\begin{array}{c}\hfill \left\{\begin{array}{c}{\tau }_{\sigma }>\frac{ln\zeta +(\alpha +\beta )({\mathcal{Q}}^m+{\mathcal{Q}}^c+\Delta )}{\alpha }\hfill \\ {\tau }_{\sigma }>{\tau }_d\ge 2({\mathcal{Q}}^m+\Delta )\hfill \end{array}\right.\end{array}$$

(51)

where α, β are in (40) and (50), ${\mathcal{Q}}^m$ and ${\mathcal{Q}}^c$ are in (14) and (17), then the system is ISS.

Proof. 

Recall that the initial condition is given by $\xi \left(z_{-1}\right)=0$, the control sequence $\mathcal{U}\left(z_{-1}\right)=0$ over the time interval $[t_0,s_0]$. From Lemma 5 it is easy to see that (44) holds trivially and the energy function over $[t_0,s_0]$ can be expressed as (50). Combining (40) and (50), by iteration, the energy function over $[t_0,t]$ can be derived as

$$\begin{array}{cc}\hfill V\left(x\right(t\left)\right)& \le {\zeta }^{n_{\sigma }(t_0,t)}{e}^{-\alpha (t-t_0)}{e}^{(\alpha +\beta )\mid \Pi (t_0,t)\mid }V\left(x\left(t_0\right)\right)\hfill \\ \hfill & +{\zeta }^{n_{\sigma }(t_0,t)}{e}^{-\alpha (t-t_0)}{e}^{(\alpha +\beta )\mid \Pi (t_0,t)\mid }b{\Vert w_t\Vert }_{\infty }^2\hfill \\ \hfill & +max\{a,b\}\left(1+2\sum _{i=1}^{n_{\sigma }(t_0,t)}{\zeta }^{n_{\sigma }(t_s\left(i\right),t)}{e}^{-\alpha (t-t_s\left(i\right))}{e}^{(\alpha +\beta )\mid \Pi (t_s\left(i\right),t)\mid }\right){\Vert w_t\Vert }_{\infty }^2.\hfill \end{array}$$

(52)

We first prove that the third term on the RHS of the inequality (52) is bounded.

Due to Assumption 1, the summation

$$\begin{array}{c}\hfill \sum _{i=1}^{n_{\sigma }(t_0,t)}{\zeta }^{n_{\sigma }(t_s\left(i\right),t)}{e}^{-\alpha (t-t_s\left(i\right))}{e}^{(\alpha +\beta )\mid \Pi (t_s\left(i\right),t)\mid }\end{array}$$

(53)

can be rewritten as

$$\begin{array}{cc}\hfill & \sum _{i=1}^{n_{\sigma }(t_0,t)}{e}^{n_{\sigma }(t_s\left(i\right),t)ln\zeta -\alpha (t-t_s\left(i\right))+(\alpha +\beta )[n_{\sigma }(t_s\left(i\right),t)\mathcal{H}\Delta ]}\hfill \\ \hfill & \le e^{N_{\sigma }ln\zeta +(\alpha +\beta )N_{\sigma }\mathcal{H}\Delta }\sum _{i=1}^{n_{\sigma }(t_0,t)}{e}^{[\frac{ln\zeta }{{\tau }_{\sigma }}+(\alpha +\beta )\frac{\mathcal{H}\Delta }{{\tau }_{\sigma }}-\alpha ](t-t_s\left(i\right))}\hfill \\ \hfill & \le e^{N_{\sigma }ln\zeta +(\alpha +\beta )N_{\sigma }\mathcal{H}\Delta }\sum _{i=1}^{n_{\sigma }(t_0,t)}{e}^{ϵ(t-t_s\left(i\right))},\hfill \end{array}$$

(54)

where $ϵ=\frac{ln\zeta }{{\tau }_{\sigma }}+(\alpha +\beta )\frac{\mathcal{H}\Delta }{{\tau }_{\sigma }}-\alpha \le 0$, from (3), we have

$$\begin{array}{c}\hfill t-t_s\left(i\right)\ge {\tau }_{\sigma }N(t_s\left(i\right),t)-{\tau }_{\sigma }{N}_0,\end{array}$$

(55)

combining (54) and (55), the summation can be further rewritten as

$$\begin{array}{cc}\hfill & e^{N_{\sigma }ln\zeta +(\alpha +\beta )N_{\sigma }\mathcal{H}\Delta -ϵN_{\sigma }{\tau }_{\sigma }}\sum _{i=1}^{N(t_0,t)}{e}^{ϵ{\tau }_{\sigma }i}\hfill \\ \hfill & \le e^{N_{\sigma }ln\zeta +(\alpha +\beta )N_{\sigma }\mathcal{H}\Delta -ϵN_{\sigma }{\tau }_{\sigma }}\frac{e^{ϵ{\tau }_{\sigma }}}{1-e^{ϵ{\tau }_{\sigma }}}\hfill \end{array}$$

(56)

thus the third term on the RHS of (52) is bounded.

Similarly, the first and the second terms on the RHS of the inequality (52) can be respectively rewritten as

$$\begin{array}{c}\hfill e^{N_{\sigma }ln\zeta +(\alpha +\beta )(N_{\sigma }\mathcal{H}\Delta +{\mathcal{Q}}^m+{\mathcal{Q}}^c+(\mu -1)\Delta )+ϵ(t-t_0)}V\left(x\left(t_0\right)\right)\end{array}$$

(57)

and

$$\begin{array}{c}\hfill e^{N_{\sigma }ln\zeta +(\alpha +\beta )\left(N_{\sigma }\mathcal{H}\Delta +{\mathcal{Q}}^m+{\mathcal{Q}}^c+(\mu -1)\Delta \right)+ϵ(t-t_0)}b{\Vert w_t\Vert }_{\infty }^2\end{array}$$

(58)

letting $\Omega =e^{N_{\sigma }ln\zeta +(\alpha +\beta )N_{\sigma }\mathcal{H}\Delta }$, ${\Omega }^{\prime }=e^{N_{\sigma }ln\zeta +(\alpha +\beta )\left(N_{\sigma }\mathcal{H}\Delta +{\mathcal{Q}}^m+{\mathcal{Q}}^c+(\mu -1)\Delta \right)}$ (52) can be rewritten as

$$\begin{array}{cc}\hfill V\left(x\right(t\left)\right)& \le {\Omega }^{\prime }{e}^{ϵ(t-t_0)}V\left(x\left(t_0\right)\right)\hfill \\ \hfill & +max\{a,b\}(1+{\Omega }^{\prime }+2\Omega e^{-ϵN_0{\tau }_{\sigma }}\frac{e^{ϵ{\tau }_{\sigma }}}{1-e^{ϵ{\tau }_{\sigma }}}){\Vert w_t\Vert }_{\infty }^2.\hfill \end{array}$$

(59)

Let $\overline{\lambda }\left(P_i\right)$ and $\underline{\lambda }\left(P_i\right)$ respectively represent the maximum and minimum eigenvalues of the positive-definite matrix $P_i,\forall i\in \mathcal{M}$. By Cauchy–Schwarz inequality, we finally obtain

$$\begin{array}{cc}\hfill \Vert x\left(t\right)\Vert \le & {\Omega }^{\prime \frac{1}{2}}\sqrt{\frac{\overline{\lambda }\left(P_i\right)}{\underline{\lambda }\left(P_i\right)}}{e}^{\frac{ϵ}{2}(t-t_0)}\Vert x\left(t_0\right)\Vert \hfill \\ \hfill & +\sqrt{\frac{max\{a,b\}}{\underline{\lambda }\left(P_i\right)}}{(1+{\Omega }^{\prime }+2\Omega e^{-ϵN_{\sigma }{\tau }_{\sigma }}\frac{e^{ϵ{\tau }_{\sigma }}}{1-e^{ϵ{\tau }_{\sigma }}})}^{\frac{1}{2}}{\Vert w_t\Vert }_{\infty }.\hfill \end{array}$$

(60)

This completes the proof. □

Remark 8.

In Section 5, we verify through simulation that β tends to be much larger than α, i.e., in (51), the average dwell time ${\tau }_{\sigma }$ is much larger than the minimum dwell time ${\tau }_d$. Therefore, it is not out of generality to assume that the asynchronous switching intervals do not overlap.

In what follows, the sufficient conditions for ISS stability of non-switched systems under the active control strategy against two-channel asynchronous DoS attacks is given.

Corollary 1.

Consider a non-switched linear system

$$\left\{\begin{array}{c}\dot{x}\left(t\right)=Ax\left(t\right)+Bu\left(t\right)+w\left(t\right)\hfill \\ y\left(t\right)=Cx\left(t\right)\hfill \end{array}\right.$$

(61)

under the active control strategy (9), (11). Consider the sampling rate chosen by sampling logic (29), where ϱ is a positive constant satisfying $-{\gamma }_1+{\gamma }_2\varrho <0$. Then the closed-loop system is ISS for two-channel asynchronous DoS attacks satisfying

$$\begin{array}{c}\hfill \left\{\begin{array}{c}1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\mathcal{D}}^m}>0\hfill \\ 1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^c}-\frac{\Delta }{{\tau }_{\mathcal{D}}^c}>0.\hfill \end{array}\right.\end{array}$$

The buffer size is designed to update the control signal to the actuator at any sampling time under two-channel asynchronous DoS attacks if

$$\begin{array}{c}\hfill \mathcal{H}\ge \frac{{\tilde{\mathcal{Q}}}^m+{\mathcal{Q}}^c}{\Delta }+1\end{array}$$

(62)

holds true. Where ${\tilde{\mathcal{Q}}}^m=({\kappa }_{\mathcal{D}}^m+N_{\mathcal{D}}^m\mu \Delta ){(1-\frac{1}{{\mathit{T}}_{\mathcal{D}}^m}-\frac{\mu \Delta }{{\tau }_{\mathcal{D}}^m})}^{-1}$.

Proof.

The proof of this corollary is similar to the derivation in Section 4.1 in the absence of switching behaviors, and is therefore omitted. □

5. Numerical Example

In this section, the main results of our work are verified by an example. Furthermore, a comparative experiment is presented to verify the superiority of the active control strategy over the existing ZOH controller proposed in [17,35,36] against two-channel DoS attacks.

Consider the networked switched system consisting of modes i and j

$$A_i=\left[\begin{array}{cc}1& 0\\ 0& -1\end{array}\right], B_i=\left[\begin{array}{c}1\\ 0\end{array}\right], C_i=\left[\begin{array}{cc}1& 1\end{array}\right], L_i=\left[\begin{array}{c}5.52\\ -4.52\end{array}\right], K_i=\left[\begin{array}{cc}-2& 0\end{array}\right],$$

$$A_j=\left[\begin{array}{cc}-1& 1\\ 1& 0\end{array}\right], B_j=\left[\begin{array}{c}0\\ 1\end{array}\right], C_j=\left[\begin{array}{cc}1& 2\end{array}\right], L_j=\left[\begin{array}{c}18.08\\ -8.54\end{array}\right], K_j=\left[\begin{array}{cc}-1& -1\end{array}\right].$$

By selecting different positive definite matrices $Q_i$, $Q_j$, the unique solution of the Lyapunov equation is given as follows

$$Q_i=\left[\begin{array}{cc}1& 0\\ 0& 1\end{array}\right], P_i=\left[\begin{array}{cc}0.5& 0\\ 0& 0.5\end{array}\right], Q_j=\left[\begin{array}{cc}1& -0.5\\ -0.5& 1\end{array}\right], P_j=\left[\begin{array}{cc}0.5& 0.25\\ 0.25& 0.75\end{array}\right]$$

$L_i$ is chosen to ensure that $R_i^{\mu }=0$ with $R_i=(I-L_i{C}_i)e^{A_i\Delta }$([46]). We know that $\alpha =0.2$, $\beta =27.7$, $\mu =2$. $\varrho <0.4$ must be satisfied in order for (40) to become a decreasing energy equation, picking for $\varrho =0.2$, Lemma 4 yields $\overline{\Delta }=0.12$. We let $\Delta =0.1$, $\zeta =2$ and the remaining variables can be easily calculated.

We assume that the DoS attacks applied to the measurement channel satisfy $\frac{1}{T_{\mathcal{D}}^m}=0.15$ and $\frac{1}{{\tau }_{\mathcal{D}}^m}=0.05$, the DoS attacks applied to the control channel satisfy $\frac{1}{T_{\mathcal{D}}^c}=0.6$ and $\frac{1}{{\tau }_{\mathcal{D}}^c}=0.4$, By Theorem 1, a feasible solution ${\tau }_{\sigma }=110\gg {\tau }_d=1.14$ can be found and the switching mode is presented in Figure 3. Figure 4 and Figure 5 depict DoS attacks on the measurement channel and the control channel, respectively. The state response of the switched system with the active control strategy under the above-mentioned situations is depicted in Figure 6.

The state response with a ZOH controller ([17,35,36]) under the same conditions is depicted in Figure 7. Comparing Figure 6 and Figure 7, it can be observed that thanks to the predictive control sequences, the active control strategy proposed in this paper exhibits better resilience and robustness against two-channel DoS attacks and asynchronous switching behaviors.

In addition, the state response of the non-switching subsystem j with the active control strategy under the two-channel DoS attacks is depicted in Figure 8. The jamming rates applied to the control and the measurement channels are approximately 60% and 45%, respectively, further validating Corollary 1.

In the Lyapunov method, the energy function of a system is divided into functions associated with energy reduction and energy increase. When the overall energy of the system decreases more than it increases, the system achieves stability.

In passive strategies [17,35,36], a system under DoS attacks, a system under asynchronous switching and a system under both DoS attacks and asynchronous switching are all described as functions associated with energy increase. However, in active control strategies, thanks to the predictor and the buffer, a system under DoS attacks can be described as function associated with energy reduction, while only system under asynchronous switching is described as function associated with energy increase. Therefore, in the same conditions, active control strategies exhibit greater energy reduction compared to passive control strategies. This energy reduction contributes to higher stability, resulting in superior robustness and resilience against DoS attacks and asynchronous switching behaviors.

6. Conclusions

In our work, the security issue of the networked switched systems under two-channel DoS attacks has been studied. An observer-based active control strategy has been devised. With this strategy, the ISS sufficient conditions for the networked switched system under asynchronous DoS attacks have been derived. In particular, the coupling relationship among the features of two-channel DoS attacks and the switching frequency is revealed. Compared to the ZOH controller, the proposed active control strategy shows better robustness and resilience against two-channel asynchronous DoS attacks and asynchronous switching behaviors. Based on the framework in this paper, event-triggered control and nonlinear dynamics can be further investigated in the future, and the strategy can be further optimized and extended to handle more complex and sophisticated cyber threats.