An Event-Triggered Observer-Based Control Approach for Enhancing Resilience of Cyber–Physical Systems Under Markovian Cyberattacks

Abstract

This paper presents a resilient observer-based and event-triggered control scheme for discrete-time Cyber–Physical Systems (CPS) under Markovian Cyber-Attacks (MCA). The proposed framework integrates a Luenberger observer for cyberattack detection with a state-feedback controller designed to preserve system stability in the presence of Denial-of-Service (DoS) and False Data Injection (FDI) attacks. Attack detection is achieved through residual signal generation combined with Markovian modeling of the attack dynamics. System stability is guaranteed by formulating relaxed Linear Matrix Inequality (LMI) conditions that incorporate relaxation variables, a diagonal Lyapunov function, the S-procedure, and congruence transformations. Moreover, the Event-Triggered Mechanism (ETM) efficiently reduces communication load without degrading control performance. Numerical simulations conducted on a three-tank system benchmark confirm enhanced detection accuracy, faster recovery, and strong robustness against uncertainties.

1. Introduction

1.1. Background

Cyber–Physical Systems (CPS) have become fundamental in modern engineering by enabling seamless integration between computational algorithms and physical processes [1,2]. These systems are increasingly deployed in critical infrastructure sectors such as smart grids, industrial automation, intelligent transportation systems, and water distribution networks. By leveraging advanced communication networks, embedded sensing, and control capabilities, such systems enable real-time monitoring, adaptive decision-making, and overall process optimization [3,4]. However, this tight integration between the cyber and physical domains introduces significant vulnerabilities. The openness of networked architectures and the reliance on distributed control elements expose these systems to a broad spectrum of cyber threats, ranging from simple disturbances to sophisticated coordinated attacks [5,6]. Among these threats, FDI and DoS attacks are particularly harmful. FDI attacks can stealthily alter measurement values, misleading controllers and compromising decision-making logic. Meanwhile, DoS attacks can interrupt communication among sensors, controllers, and actuators, potentially causing control delays or complete system shutdown [7,8,9]. The impact of such attacks is amplified due to the close coupling of the cyber and physical domains in CPS, where corrupted data may trigger unsafe or unstable physical behaviors. To mitigate these risks, substantial efforts have been dedicated to developing anomaly detection techniques, fault diagnosis methods, and secure control strategies. In particular, stochastic modeling approaches, particularly those based on Markov chains, have shown great potential in capturing the probabilistic behavior of cyberattacks and transitions between normal and compromised system modes [10]. These models allow attack dynamics to be integrated into the control loop, providing a more realistic representation of threat scenarios. Recent studies have proposed advanced observer designs grounded in H∞ theory, sliding-mode techniques, or zonotopic methods [11,12], offering strong robustness against uncertainties. However, such techniques often come at the cost of high computational demand and tuning difficulties, particularly in discrete-time implementations. Deep learning-based detection methods have also shown promise in identifying cyberattacks [13], although their dependency on training data and limited real-time guarantees remain concerns. In contrast, the Luenberger observer approach provides a lightweight model-based alternative that is well suited for real-time and embedded CPS operating under event-triggered communication protocols. Despite these advances, many existing approaches treat detection and control as two separate components, focusing either on accurate anomaly detection [11,14] or robust regulation [3,7,12]. This decoupled design may be insufficient in real-time scenarios, where rapid adaptation and joint coordination are essential. Additionally, many control strategies are developed under the assumption of bounded disturbances, neglecting the stochastic and time-varying nature of cyberattacks. Consequently, such methods may fail to ensure both accurate detection and robust performance under adversarial conditions. Addressing these limitations calls for a more integrated and probabilistically informed framework that jointly designs detection and control components to enhance resilience. A few recent studies have begun to explore such unified strategies, combining observer-based detection with resilient control [4,8,12]. However, these contributions still present notable limitations. For example, the method proposed in [12] relies on adaptive control with Markovian attack modeling, but suffers from synthesis difficulties due to the presence of BMIs. The study in [8] addresses trajectory tracking under attack conditions, but does not include probabilistic modeling of cyber threats. Similarly, while [4] proposes a stochastic observer-based control scheme, the detection and control modules remain loosely integrated. In contrast, the present work introduces a computationally efficient and fully integrated framework that unifies attack detection and resilient control using relaxed LMIs. The approach explicitly captures the stochastic nature of cyberattacks and optimizes resource usage through an event-triggered communication strategy. This paper addresses the aforementioned limitations by proposing a resilient observer-based control framework for discrete-time CPS subjected to Markovian-modeled cyberattacks. The proposed framework unifies a Luenberger-type observer for state estimation and attack detection with a state-feedback controller operating under an event-triggered mechanism, which reduces communication requirements while preserving closed-loop stability. The Markov chain model captures the probabilistic behavior of attacks and uncertainties affecting sensors and actuators [12,15]. The design procedure relies on Lyapunov stability theory, transforming BMI constraints into LMI using relaxation variables, diagonal Lyapunov functions, the S-procedure, and congruence transformations to ensure efficient synthesis [16,17]. In this work, the proposed event-triggered strategy belongs to the class of Periodic Event-Triggered Control (PETC), where the triggering condition is evaluated at discrete sampling instants. This distinguishes it from Continuous Event-Triggered Control (CETC), which requires continuous monitoring of system variables, and Self-Triggered Control (STC), where the next triggering instant is predicted in advance based on current state information. While CETC and STC offer potential benefits in terms of resource optimization, PETC is particularly suitable for discrete-time cyber–physical systems due to its simple implementation and natural alignment with digital platforms [18]. The present framework is not directly extendable to CETC or STC, but future investigations may explore these variants to further enhance resilience against cyber threats. The effectiveness of the proposed method is validated through simulations on a benchmark three-tank system, which is a widely used approach in CPS security research. The results confirm the proposed framework’s ability to promptly detect attacks, maintain robust performance, and handle noise and parameter uncertainties [19,20]. The main contributions of this work are summarized as follows:

• Development of a unified observer-based architecture that couples real-time attack detection with resilient control, overcoming the limitations of decoupled designs [13,14].
• Explicit integration of Markovian cyberattack models in both detection and control design, providing enhanced robustness and accuracy compared to disturbance-based methods [4,10].
• Introduction of an event-triggered control strategy that significantly reduces communication and computation without degrading performance, a feature that has rarely been addressed in observer-based resilient control [12].
• Efficient and tractable synthesis using relaxed LMIs, variable transformations, and diagonal Lyapunov functions, offering a practical alternative to BMI-based approaches [16].
• Comprehensive validation on a three-tank system benchmark, confirming fast detection, robust stabilization, and strong resilience under uncertainty.

The rest of this paper is organized as follows: the next part of this section presents some useful notation and preliminaries; Section 2 introduces the problem formulation; in Section 3, the synthesis procedure for the observer-based controller design is detailed and a particular solution is proposed to overcome the BMI problem; Section 4 presents the proposed ETM synthesis, which reduces communication and computational load without sacrificing performance; Section 5 provides simulation results to illustrate its validity and superiority for the considered fault-tolerant attack control scheme; Section 6 offers a comparison with the standard case along with a discussion on the enhancement of the main approach of this paper; finally, concluding remarks are provided in Section 7.

1.2. Notation

The following standard notation is used throughout the paper:

• $M^T$ is the transposed matrix of M.
• M is a symmetric matrix; the notation $M>0$ or $M<0$ means that M is Symmetric Positive Definite (SPD) or Negative Definite (SND).
• $\parallel M\parallel$ represents the the $l_2$ norm of the vector M.
• In a matrix, the notation $(★)$ refers to the blocks induced by symmetry.

2. Problem Formulation

The linear system provided by Equation (1) illustrates a distinctive characteristic of CPS, namely, that the system’s input and output are measured at specific temporal points due to their remote transmission.

$$\begin{array}{cc}\hfill & x_{k+1}=A_p{x}_k+B_p{u}_k^{MCA}\hfill \\ \hfill & y_k=C_p{x}_k+T_2{z}_k^s\hfill \end{array}$$

(1)

The control law is expressed as follows:

$$\begin{array}{cc}\hfill & u_k^{MCA}=u_k+T_1{z}_k^a\hfill \\ \hfill & u_k=K_x{\widehat{x}}_k\hfill \end{array}$$

(2)

where $x_k\in {\mathbb{R}}^{n_x}$ is the state vector of the system, $y_k\in {\mathbb{R}}^{n_y}$ is the measured output, $u_k^{MCA}\in {\mathbb{R}}^{n_u}$ is the control vector, and $u_k\in {\mathbb{R}}^{n_u}$ is the state-feedback control. In addition, $A_p,B_p,C_p$ are constant matrices of appropriate dimensions, $T_1,T_2$ are the coupling matrices of the attacks, $z_k^a\in {\mathbb{R}}^r$ represents an attack directed at the actuator, and $z_k^s\in {\mathbb{R}}^m$ represents a sensor attack.

The following observer with a Luenberger structure is to be considered for System (1):

$$\begin{array}{cc}\hfill & {\widehat{x}}_k=A_p{\widehat{x}}_k+B_p{u}_k+L_x(y_k-{\widehat{y}}_k)\hfill \\ \hfill & {\widehat{y}}_k=C_p{\widehat{x}}_k\hfill \end{array}$$

(3)

where ${\widehat{x}}_k\in {\mathbb{R}}^{n_x}$ represents the states estimated by the observer, ${\widehat{y}}_k\in {\mathbb{R}}^{n_y}$ is the output estimation vector, and $L_x\in {\mathbb{R}}^{n_x \times n_y}$ is the gain of the observer.

The estimation error can be expressed by $e_k=x_k-{\widehat{x}}_k$, with its dynamics defined by the following equation:

$$\begin{array}{cc}\hfill & e_{k + 1}=x_{k + 1}-{\widehat{x}}_{k + 1}.\hfill \end{array}$$

(4)

Substituting Equations (1) and (3) into Equation (4) yields the following equation:

$$\begin{array}{cc}\hfill & e_{k + 1}=(A_p-L_x{C}_p)e_k+B_p{T}_1{z}_k^a-L_x{T}_2{z}_k^s.\hfill \end{array}$$

(5)

The residual signal $r_k$ representing the difference between the output and the estimated output is then described by

$$\begin{array}{cc}\hfill & r_k=C_p(x_k-{\widehat{x}}_k)+T_2{z}_k^s\hfill \\ \hfill & r_k=C_p{e}_k+T_2{z}_k^s\hfill \end{array}$$

(6)

An augmented system is defined by the equation below:

$$\begin{array}{cc}\hfill & {\mathsf{\Omega }}_{k + 1}=\widetilde{A_p}{\mathsf{\Omega }}_k+\widetilde{B_p}{Z_p}_k\hfill \end{array}$$

(7)

with ${\mathsf{\Omega }}_{k + 1}=\left(\begin{array}{c}{\widehat{x}}_{k + 1}\\ e_{k + 1}\end{array}\right)$, $\widetilde{A_p}=\left(\begin{array}{cc}{A}_p+B_p{K}_x& L_x{C}_p\\ 0& A_p-L_x{C}_p\end{array}\right)$, $\widetilde{B_p}=\left(\begin{array}{cc}0& L_x{T}_2\\ B_p{T}_1& -L_x{T}_2\end{array}\right)$,

$Z_{pk}=\left(\begin{array}{c}{z}_k^a\\ z_k^s\end{array}\right).$

3. Markovian Attacks Schemes

The following section provides definitions of the various attack schemes considered to compromise the proper operation of the selected CPS.

3.1. DoS

In the CPS context, this type of attack aims to disrupt the transmission of control signals and the retrieval of data from the controller. When the system is subjected to a DoS attack, the following equation should be considered:

$$\begin{array}{c}\hfill z_k^a=-{\varphi }_k{u}_k\\ \hfill z_k^s=-{\psi }_k{x}_k\end{array}$$

(8)

where ${\varphi }_k$, ${\psi }_k$ are Markovian stochastic processes that take values in $\{0,1\}$ [21].

Combining the system in Equation (1) with the DoS attack model targeting the sensor and actuator in Equation (8) yields the following expression:

$$\begin{array}{cc}\hfill & x_{k + 1}=A_p{x}_k+B_p{K}_x{\widehat{x}}_k-{\varphi }_k{B}_p{T}_1{K}_x{\widehat{x}}_k,\hfill \\ \hfill & y_k=C_p{x}_k-{\psi }_k{T}_2{x}_k.\hfill \end{array}$$

(9)

3.2. FDI

This attack affects the sensor and controller readings, causing them to deviate from the actual signal measurements or control data. When the system is subjected to an FDI attack, the following equation should be considered:

$$\begin{array}{cc}\hfill & z_k^a=-{\varphi }_k{u}_k+{\varphi }_k{w}_k^a\hfill \\ \hfill & z_k^s=-{\psi }_k{x}_k+{\psi }_k{w}_k^s\hfill \end{array}$$

(10)

where ${\varphi }_k$, ${\psi }_k$ are Markovian stochastic processes that take values in $\{0,1\}$, ${w_k}^a$ represents tampering data on the actuator, and ${w_k}^s$ represents tampering data on the sensor. Substituting Equation (10) into (1) leads to

$$\begin{array}{cc}\hfill & x_{k + 1}=A_p{x}_k+B_p{K}_x{\widehat{x}}_k-{\varphi }_k{B}_p{T}_1{K}_x{\widehat{x}}_k+{\varphi }_k{B}_p{T}_1{w}_k^a,\hfill \\ \hfill & y_k=C_p{x}_k-{\psi }_k{T}_2{x}_k+{\psi }_k{T}_2{w}_k^s.\hfill \end{array}$$

(11)

Remark 1.

The cyberattacks are modeled using Markovian binary processes ${\varphi }_k$ and ${\psi }_k$, which take values in $\{0,1\}$. Although this abstraction simplifies the analysis, it captures essential properties such as memory and probabilistic transitions between attack and non-attack modes. This modeling approach has been widely adopted in the literature on resilient control for CPS [4,10,15], particularly in scenarios involving packet dropouts, random delays, and jamming. To better capture intelligent threats, future work may consider extended models such as semi-Markov chains, time-varying probabilistic processes, or adversarial learning strategies.

4. Feedback Control Design

This section presents a theorem that is fundamental to establishing the stability of the proposed system.

Theorem 1.

The design of an observer-based controller for System (1) with observer dynamics provided by (3) and a state-feedback controller as in (2) is achievable if there exist scalars $S_{P1}, \lambda >0$ and a symmetric positive-definite matrix $P_p=P_p^T>0$ along with matrices ${\tilde{P}}_{p11}$, ${\tilde{P}}_{p12}$, $P_{p22}$, ${\tilde{Q}}_{p11}$, $Q_{p22}\in {\mathbb{R}}^{n_x\times n_x}$, $L_x\in {\mathbb{R}}^{n_y \times n_x}$, and ${\overline{K}}_x\in {\mathbb{R}}^{n_u \times n_x}$ such that the following linear matrix inequality admits a solution:

$$\begin{array}{cc}\hfill & Q_a=\left(\begin{array}{cccccc}-{\tilde{P}}_{p11}+S_{p1}I& -{\tilde{P}}_{p12}& 0& 0& Q_{a15}& 0\\ (★)& -P_{p22}+S_{p1}I& 0& 0& Q_{a25}& Q_{a26}\\ (★)& (★)& -S_{p1}I& 0& Q_{a35}& Q_{a36}\\ (★)& (★)& (★)& -S_{p1}I& Q_{a45}& Q_{a46}\\ (★)& (★)& (★)& (★)& Q_{a55}& Q_{a56}\\ (★)& (★)& (★)& (★)& (★)& Q_{a66}\end{array}\right)<0\hfill \end{array}$$

(12)

where:

$$\begin{array}{cc}\hfill & Q_{a15}={\tilde{Q}}_{p11}{A}_p^T+K_x^T{B}_p^T\hfill \\ \hfill & Q_{a25}=\lambda C_p^T{L}_x^T+A_p^T-\lambda A_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a26}=A_p^T{Q}_{p22}^T-C_p^T{L}_x^T\hfill \\ \hfill & Q_{a35}=T_1^T{B}_p^T-\lambda T_1^T{B}_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a36}=T_1^T{B}_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a45}=\lambda T_2^T{\overline{L}}_x^T\hfill \\ \hfill & Q_{a46}=-T_2^T{\overline{L}}_x^T\hfill \\ \hfill & Q_{a55}={\tilde{P}}_{p11}-{\tilde{Q}}_{p11}-{{\tilde{Q}}_{p11}}^T\hfill \\ \hfill & Q_{a56}={\tilde{P}}_{p12}-I_n+\lambda Q_{p22}^T\hfill \\ \hfill & Q_{a66}=P_{p22}-Q_{p22}-Q_{p22}^T.\hfill \end{array}$$

Proof. 

The proof of Theorem 1 consists of three logical steps:

(i)

Lyapunov-based stability condition formulation.

(ii)

Application of the S-procedure and Schur complement.

(iii)

Transformation of BMIs into relaxed LMIs using slack variables and diagonal Lyapunov functions. Each transformation is guided by a mathematical rationale aimed at improving convexity and tractability. This structured approach ensures both mathematical rigor and practical feasibility for the synthesis of observer-based resilient controllers.

First, consider the following Lyapunov function:

$$\begin{array}{cc}\hfill & V\left({\mathsf{\Omega }}_k\right)={{\mathsf{\Omega }}_k}^T{P}_p{\mathsf{\Omega }}_k\hfill \end{array}$$

(13)

where $P>0$. The variation of $V\left({\mathsf{\Omega }}_k\right)$ along the solutions of (13) is as follows.

$$\begin{array}{cc}\hfill & \mathsf{\Delta }{V}_k=V\left({\mathsf{\Omega }}_{k + 1}\right)-V\left({\mathsf{\Omega }}_k\right)\hfill \\ \hfill & \mathsf{\Delta }{V}_k={\mathsf{\Omega }}_{k + 1}^T{P}_p{\mathsf{\Omega }}_{k + 1}-{\mathsf{\Omega }}_k^T{P}_p{\mathsf{\Omega }}_k\hfill \\ \hfill & \mathsf{\Delta }{V}_k={\mathsf{\Omega }}_k^T({\tilde{A}}_p^T{P}_p{\tilde{A}}_p-P_p){\mathsf{\Omega }}_k+{\mathsf{\Omega }}_k^T{\tilde{A}}_p^T{P}_p{\tilde{B}}_p{Z}_{pk}\hfill \\ \hfill & +Z_{pk}^T{\tilde{B}}_p^T{P}_p{\tilde{A}}_p{\mathsf{\Omega }}_k+Z_{pk}^T{\tilde{B}}_p^T{P}_p{\tilde{B}}_p{Z}_{pk}\hfill \end{array}$$

(14)

Thus,

$$\begin{array}{c}\mathsf{\Delta }{V}_k=\left(\begin{array}{c}{\mathsf{\Omega }}_k^T\\ Z_{pk}^T\end{array}\right)Q_a\left(\begin{array}{c}{\mathsf{\Omega }}_k\\ Z_{pk}\end{array}\right)\hfill \end{array}$$

(15)

with

$$\begin{array}{cc}\hfill & Q_a=\left(\begin{array}{cc}{\tilde{A}}_p^T{P}_p{\tilde{A}}_p-P_p& {\tilde{A}}_p^T{P}_p{\tilde{B}}_p\\ (★)& {\tilde{B}}_p^T{P}_p{\tilde{B}}_p\end{array}\right)<0.\hfill \end{array}$$

(16)

Application of the S-procedure [22,23,24] to (16) then leads to

$$\begin{array}{c}\hfill Q_a=\left(\begin{array}{cc}{\tilde{A}}_p^T{P}_p{\tilde{A}}_p-P_p+S_{p1}I& {\tilde{A}}_p^T{P}_p{\tilde{B}}_p\\ (★)& -S_{p1}I+{\tilde{B}}_p^T{P}_p{\tilde{B}}_p\end{array}\right)<0.\end{array}$$

(17)

□

Remark 2.

The S-procedure is a common tool for handling quadratic inequalities, and is employed here to guarantee the feasibility of matrix inequalities affected by uncertainties. This allows for the introduction of positive multipliers such as $S_{p1}$ into LMIs to relax constraints while maintaining convexity. Unlike the full framework in [22], which requires sector conditions to handle nonlinearities, the addressed problem in this work deals with linear dynamics and bounded stochastic cyberattacks modeled by Markov chains. The disturbances due to attacks are incorporated in the observer, and are viewed as energy-limited signals rather than as sector-bounded nonlinearities. Hence, the sector condition from [22] does not apply here, and the S-procedure simply serves as a relaxation tool to ensure LMI feasibility.

Next, Schur’s complement [24] is applied to the terms ${\tilde{A}}_p^{T}P{\tilde{A}}_p$, ${\tilde{A}}_p^{T}P{\tilde{B}}_p$, and ${\tilde{B}}_p^{T}P{\tilde{B}}_p$:

$$\begin{array}{c}\hfill Q_a=\left(\begin{array}{ccc}-P_p+S_{p1}I& 0& {\tilde{A}}_p^T\\ (★)& -S_{p1}I& {\tilde{B}}_p^T\\ (★)& (★)& -P_p^{-1}\end{array}\right)<0.\end{array}$$

(18)

In order to eliminate the variable $P_p^{-1}$, a slack variable $Q_p$ (SPD matrix) is introduced. The proposed methodology involves pre-multiplying the inequality by block-diag(I, I, $Q_p$) and post-multiplying by block-diag (I, I, $Q_p^T$). Subsequently, it can be demonstrated that applying the inequality $-Q_p{P}_p^{-1}{Q}_p^T\le P_p-Q_p-Q_p^T$ leads to the following results:

$$\begin{array}{cc}\hfill & Q_a=\left(\begin{array}{ccc}-P_p+S_{p1}I& 0& {\tilde{A}}_p^T{Q}_p^T\\ (★)& -S_{p1}I& {\tilde{B}}_p^T{Q}_p^T\\ (★)& (★)& P_p-Q_p-Q_p^T\end{array}\right)<0.\hfill \end{array}$$

(19)

For variables $Q_p$ and $P_p$, the following structures are proposed:

$$\begin{array}{c}\hfill P_p=\left(\begin{array}{cc}{P}_{p11}& P_{p12}\\ (★)& P_{p22}\end{array}\right),\end{array}$$

(20)

$$\begin{array}{c}\hfill Q_p=\left(\begin{array}{cc}{Q}_{p11}& Q_{p12}\\ 0& Q_{p22}\end{array}\right).\end{array}$$

(21)

Thus, the constraint (19) becomes

$$\begin{array}{cc}\hfill & Q_a=\left(\begin{array}{cccccc}-P_{p11}+S_{p1}I& -P_{p12}& 0& 0& Q_{a15}& 0\\ (★)& -P_{p22}+S_{p1}I& 0& 0& Q_{a25}& Q_{a26}\\ (★)& (★)& -S_{p1}I& 0& Q_{a35}& Q_{a36}\\ (★)& (★)& (★)& -S_{p1}I& Q_{a45}& Q_{a46}\\ (★)& (★)& (★)& (★)& Q_{a55}& Q_{a56}\\ (★)& (★)& (★)& (★)& (★)& Q_{a66}\end{array}\right)<0,\hfill \end{array}$$

(22)

where:

$$\begin{array}{cc}\hfill & Q_{a15}=A_p^T{Q}_{p11}^T+K_x^T{B}_p^T{Q}_{p11}^T\hfill \\ \hfill & Q_{a25}=C_p^T{L}_x^T{Q}_{p11}^T+A^T{Q}_{p12}^T-C_p^T{L}_x^T{Q}_{p12}^T\hfill \\ \hfill & Q_{a26}=A_p^T{Q}_{p22}^T-C_p^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a35}=T_1^T{B}_p^T{Q}_{p12}^T\hfill \\ \hfill & Q_{a36}=T_1^T{B}_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a45}=T_2^T{L}_x^T{Q}_{p11}^T-T_2^T{L}_x^T{Q}_{p12}^T\hfill \\ \hfill & Q_{a46}=-T_2^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a55}=P_{p11}-Q_{p11}-Q_{p11}^T\hfill \\ \hfill & Q_{a56}=P_{p12}-Q_{p12}\hfill \\ \hfill & Q_{a66}=P_{p22}-Q_{p22}-Q_{p22}^T.\hfill \end{array}$$

Applying pre- and post-multiplication of Equation (22) by block-diag(${\tilde{Q}}_{p11}$, I, I, I, ${\tilde{Q}}_{p11}$, I) and block-diag(${\tilde{Q}}_{p11}^T$, I, I, I, ${\tilde{Q}}_{p11}^T$, I) with ${\tilde{Q}}_{p11}=Q_{p11}^{-1}$ and defining ${\tilde{P}}_{p12}={\tilde{Q}}_{p11}^T{P}_{p12}$, ${\tilde{P}}_{p11}={\tilde{Q}}_{p11}{P}_{p11}{\tilde{Q}}_{p11}^T$ results in

$$\begin{array}{cc}\hfill & Q_a=\left(\begin{array}{cccccc}-{\tilde{P}}_{p11}+S_{p1}I& -{\tilde{P}}_{p12}& 0& 0& Q_{a15}& 0\\ (★)& -P_{p22}+S_{p1}I& 0& 0& Q_{a25}& Q_{a26}\\ (★)& (★)& -S_{p1}I& 0& Q_{a35}& Q_{a36}\\ (★)& (★)& (★)& -S_{p1}I& Q_{a45}& Q_{a46}\\ (★)& (★)& (★)& (★)& Q_{a55}& Q_{a56}\\ (★)& (★)& (★)& (★)& (★)& Q_{a66}\end{array}\right)<0,\hfill \end{array}$$

(23)

where:

$$\begin{array}{cc}\hfill & Q_{a15}={\tilde{Q}}_{p11}{A}_p^T+{\tilde{Q}}_{p11}{K}_x^T{B}_p^T\hfill \\ \hfill & Q_{a25}=C_p^T{L}_x^T(I_n-{\tilde{Q}}_{p12}^T{\tilde{Q}}_{p11}^T)+A_p^T{Q}_{p12}^T{\tilde{Q}}_{p11}^T\hfill \\ \hfill & Q_{a26}=A_p^T{Q}_{p22}^T-C_p^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a35}=T_1^T{B}_p^T{Q}_{p12}^T{\tilde{Q}}_{p11}^T\hfill \\ \hfill & Q_{a36}=T_1^T{B}_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a45}=T_2^T{L}_x^T-T_2^T{L}_x^T{Q}_{p12}^T{\tilde{Q}}_{p11}\hfill \\ \hfill & Q_{a46}=-T_2^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a55}={\tilde{P}}_{p11}-{\tilde{Q}}_{p11}-{\tilde{Q}}_{p11}^T\hfill \\ \hfill & Q_{a56}={\tilde{P}}_{p12}-{\tilde{Q}}_{p11}{Q}_{p12}\hfill \\ \hfill & Q_{a66}=P_{p22}-Q_{p22}-Q_{p22}^T.\hfill \end{array}$$

The observer gain $L_x$ appears in the constraint as a multiplier of both $Q_{22}$ and $(I_n-Q_{11}{Q}_{12})$, making the design more complex. A suitable approach to simplify the problem is to impose the following expression of $Q_{p12}$:

$$\begin{array}{c}\hfill Q_{p12}=Q_{p11}-\lambda Q_{p11}{Q}_{p22}\end{array}$$

(24)

where $\lambda$ is a positive scalar introduced to increase the flexibility of the LMI condition.

The resulting structure of the matrix $Q_p$ is expressed as follows:

$$\begin{array}{c}\hfill Q_p=\left(\begin{array}{cc}{Q}_{p11}& Q_{11}-\lambda Q_{p11}{Q}_{p22}\\ 0& Q_{p22}\end{array}\right).\end{array}$$

(25)

Then, we obtain

$$\begin{array}{cc}\hfill & Q_a=\left(\begin{array}{cccccc}-{\tilde{P}}_{p11}+S_{p1}I& -{\tilde{P}}_{p12}& 0& 0& Q_{a15}& 0\\ *& -P_{p22}+S_{p1}I& 0& 0& Q_{a25}& Q_{a26}\\ 0& 0& -S_{p1}I& 0& Q_{a35}& Q_{a36}\\ 0& 0& 0& -S_{p1}I& Q_{a45}& Q_{a46}\\ *& *& *& *& Q_{a55}& Q_{a56}\\ *& *& *& *& *& Q_{a66}\end{array}\right)<0,\hfill \end{array}$$

(26)

where:

$$\begin{array}{cc}\hfill & Q_{a15}={\tilde{Q}}_{p11}{A}_p^T+{\tilde{Q}}_{p11}{K}_x^T{B}_p^T\hfill \\ \hfill & Q_{a25}=\lambda C_p^T{L}_x^T{Q}_{p22}^T+A_p^T-\lambda A_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a26}=A_p^T{Q}_{p22}^T-C_p^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a35}=T_1^T{B}_p^T-\lambda T_1^T{B}_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a36}=T_1^T{B}_p^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a45}=\lambda T_2^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a46}=-T_2^T{L}_x^T{Q}_{p22}^T\hfill \\ \hfill & Q_{a55}={\tilde{P}}_{p11}-{\tilde{Q}}_{p11}-{\tilde{Q}}_{p11}^T\hfill \\ \hfill & Q_{a56}={\tilde{P}}_{12}-I_n+\lambda Q_{p22}^T\hfill \\ \hfill & Q_{a66}=P_{p22}-Q_{p22}-Q_{p22}^T.\hfill \end{array}$$

Finally, using a simple changes of variables ${\overline{K}}_x={\tilde{Q}}_{p11}{K}_x^T$ and $L_x=L_x{Q}_{p22}$, we can obtain the LMI described in (12). This ends the proof of Theorem 1.

5. Event-Triggered Strategy Design

In event-triggered control, the input signal $u_k$ is not sent to the controller at each sampling period; instead, updates are transmitted only at specific instants, denoted $k^{\prime }$. This approach ensures that the control signal remains constant until a predefined triggering criterion is satisfied, at which point it is updated. The update times $t_k$ are determined according to a predefined condition that specifies when the input signal should be transmitted. In particular, the signal is updated only if the following condition is not satisfied:

$${{\epsilon }_k}^T{\epsilon }_k-{\gamma }_1{\delta }_k^T{\delta }_k<0$$

(27)

where ${\epsilon }_k=y_k-{\widehat{y}}_k$, ${\delta }_k=u_k-u_{k^{\prime }}$, and ${\gamma }_1$ an attenuation rate of $e_k$.

In other words, the transmission occurs when

$${\epsilon }_{k + 1}^T{\epsilon }_{k + 1}-{\gamma }_1{\delta }_{k + 1}^T{\delta }_{k + 1}\ge 0,$$

(28)

provided that the initial conditions satisfy the inequality in (27).

Within our proposed structure, a control input is transmitted only when the discrepancy between the most recently sent value and the currently computed input is significant relative to the current value. This approach reduces unnecessary transmission bandwidth usage and prevents data congestion, as highlighted by [23]. Considering the attenuation related to the state estimation error, we can express

$$e_k^T{e}_k-{\gamma }_1{\delta }_k^T{\delta }_k<0,$$

(29)

which is equivalent to

$${\parallel e_k\parallel }^2<{\gamma }_1{\parallel {\delta }_k\parallel }^2.$$

(30)

The updating condition is then defined as

$${\parallel e_k\parallel }^2\ge {\gamma }_1{\parallel {\delta }_K\parallel }^2.$$

(31)

From the definition of ${\epsilon }_k$, we can write

$${\epsilon }_k={\tilde{y}}_k-{\widehat{y}}_k=e_k+{\mathsf{\Gamma }}_p{z_k}^a\Rightarrow \parallel {\epsilon }_k{\parallel }^2\ge {\parallel e_k\parallel }^2,$$

(32)

where ${\mathsf{\Gamma }}_p=\left[\begin{array}{cc}{\gamma }_1& 0\\ 0& {\gamma }_2\end{array}\right]$ and ${\gamma }_2$ is the attenuation rate of ${\epsilon }_k$.

Equation (29) then becomes

$${\parallel {\epsilon }_k\parallel }^2{\ge \parallel e_k\parallel }^2\ge {\gamma }_1{\parallel {\delta }_k\parallel }^2,$$

(33)

which is equivalent to violating the condition in (27).

6. Simulation Results

In the field of chemical process engineering, interconnected tank systems play a crucial role. These systems are an essential tool for automatic control. They are composed of multiple tanks interconnected by strategically placed pipes and valves [8].

The various parameters and variables of this system are as follows:

$$\begin{array}{c}\hfill x_k=\left[\begin{array}{c}{h}_k^1\\ h_k^2\\ h_k^3\end{array}\right],u_k=\left[\begin{array}{c}{Q}_k^1\\ Q_k^2\end{array}\right],y_k=\left[\begin{array}{c}{h}_k^1\\ h_k^2\\ h_k^3\end{array}\right]\end{array}$$

where $Q_k^{1,2}$ are the flow rates of the two pumps and $h_k^{1,2,3}$ are the levels of liquid in each tank. The dynamic input, output, and cyberattack distribution matrices are

$$\begin{array}{c}\hfill A_p=\left[\begin{array}{ccc}1& 0& 0.0001\\ 0& 1& -0.0001\\ -0.0001& -0.0001& 1\end{array}\right],B_p=\left[\begin{array}{cc}0.0649& 0\\ 0& 0.0649\\ 0& 0\end{array}\right],C_p=I_3\end{array}$$

$$\begin{array}{c}\hfill T_1=\left[\begin{array}{ccc}1& 0& 0\\ 0& 1& 0\end{array}\right],T_2=\left[\begin{array}{ccc}1& 0& 0\\ 0& 1& 0\\ 0& 0& 1\end{array}\right].\end{array}$$

The initial conditions are $x_k\left(0\right)={\left[\begin{array}{ccc}0.4& 0.2& 0.3\end{array}\right]}^T$, ${\widehat{x}}_k\left(0\right)={\left[\begin{array}{ccc}0.32& 0.16& 0.24\end{array}\right]}^T$.

For the simulation, the following values of the system parameters are established:

$$\begin{array}{c}\hfill w_k^a=\left[\begin{array}{c}0.83\\ 1.5\\ -0.45\end{array}\right],w_k^s=\left[\begin{array}{c}-0.2\\ 0.65\\ 0.85\end{array}\right].\end{array}$$

Resolving (12) using the YALMIP^Ȑ solver in MATLAB provides:

$$\begin{array}{c}\hfill L_x=\left[\begin{array}{ccc}0.6512& 0.0002& 0.0051\\ 0.0002& 0.6512& 0.0055\\ 0.0050& 0.0053& 0.6234\end{array}\right]\end{array},\begin{array}{cc}\hfill & K_x=\left[\begin{array}{ccc}-1.5672& -0.0013& 0.1996\\ -0.0013& -1.5671& 0.2084\end{array}\right]\hfill \end{array}$$

$$\begin{array}{c}\hfill S_{p1}=0.01,\lambda =0.005.\end{array}$$

6.1. Nominal Case Without Cyberattacks

Initially, Figure 1, Figure 2 and Figure 3 present the evolution of the control input $u_k$, residuals signals $r_k$, and estimation errors $e_k$ when no attacks are present, thereby verifying the stability of the proposed system.

6.2. Transient Performance Under Cyberattacks

In the following section, attention is directed to the behavior of errors, residuals, and various system states in the presence of cyberattacks. A The DoS attack is implemented within [400 k, 800 k], while the FDI attack occurs in the interval [1200 k, 1400 k].

The simulation results presented in Figure 4, Figure 5 and Figure 6 confirm the effectiveness of the proposed control approach. The combination of state-feedback regulation and a Luenberger observer successfully mitigates the impact of cyberattacks, including both DoS and FDI scenarios, while preserving the overall stability of the cyber–physical system. In addition, Figure 7 highlights the evolution of the control input under attack conditions, providing further insight into the system’s response to adversarial disturbances.

6.3. Response Under Sustained Cyberattacks

6.3.1. Response Under Sustained DoS Attacks

Next, to assess the impact of a sustained cyberattack, a permanent DoS attack is initiated at 1000 k. Figure 8, Figure 9 and Figure 10 respectively illustrate the evolution of the system outputs, residual signals, and control input under these conditions.

Figure 8, Figure 9 and Figure 10 confirm that the estimated outputs consistently converge towards the real system outputs even under permanent DoS attack. Moreover, the residual signals are highly sensitive to both the presence of attacks and potential system faults.

6.3.2. Response Under Sustained FDI Attacks

To further evaluate the system’s resilience against a sustained cyberattack, a permanent FDI attack is introduced beginning at 1000 k. Figure 11, Figure 12 and Figure 13 respectively illustrate the evolution of the system states, estimation error, and control input under this attack condition.

Figure 11, Figure 12 and Figure 13 provide clear evidence that the estimated states remain aligned with the real system states even under permanent FDI attack. This confirms the effectiveness of the proposed approach in mitigating the effect of such attacks, particularly by minimizing the amplitude of state deviations. Furthermore, the estimation error signals generated in such scenarios exhibit a significant degree of sensitivity not only to cyberattacks but also to potential system faults. This demonstrates that the estimation error is sensitive to attacks and that it can serve as a reliable indicator for both detection and diagnosis.

7. Comparative Analysis with Recent Works

This section provides a comparative analysis between the proposed observer-based resilient control scheme and several representative methods addressing security and robustness in CPS under cyberattacks. In order to more clearly position the proposed methodology within the current research landscape, Table 1 has been extended to include recent contributions that explicitly address the resilience of event-triggered CPS under cyberattacks. While most traditional approaches rely on continuous-time control or periodic updates without triggering mechanisms, a few recent studies have proposed resilient control schemes that integrate event-based triggering with detection or robustness objectives. These works include [23,25,26], which introduced various forms of event-triggered controllers in the presence of DoS or sensor attacks. However, many contributions still rely on complex synthesis methods (e.g., BMIs) or do not fully integrate the detection and control mechanisms in a unified and computationally efficient framework.

Compared to the above methods, our proposed control scheme presents several distinct advantages:

• In terms of attack modeling, earlier works such as [3,7,9] described cyberattacks using static or deterministic assumptions. The current approach instead uses a Markovian modeling framework, which provides a more realistic and flexible description of attack dynamics and transitions. This probabilistic representation aligns with modern CPS vulnerability patterns, as highlighted in [4,12].
• While most contributions tend to address detection and control separately [11,13,14], our method unifies both within a single framework. By employing a Luenberger observer for attack detection and coupling it with a state-feedback control law, the proposed scheme ensures more rapid and coordinated reaction to anomalies in sensor and actuator channels. This integrated architecture enhances system resilience and minimizes performance degradation during attack periods.
• The proposed control strategy incorporates an event-triggered mechanism, which has rarely been explored in conjunction with observer-based cyberattack detection. While the existing literature acknowledges the importance of reducing network traffic and computational load [2,15], few designs provide a formal guarantee of stability under reduced communication. The event-triggering rule proposed in this paper ensures asymptotic stability without inducing Zeno behavior, effectively reducing the frequency of control updates while preserving system safety.
• Unlike earlier contributions, our proposal combines a Luenberger observer for attack detection with a resilient state-feedback controller under a PETC paradigm. Furthermore, it explicitly models FDI and DoS attacks using a Markovian switching process and ensures robust performance through a convex synthesis approach based entirely on relaxed LMIs. Compared to recent event-triggered methods [25,26], the proposed solution offers a better tradeoff between resilience, computational tractability, and implementation efficiency, especially for discrete-time CPS deployments on embedded systems.
• From a computational perspective, the proposed synthesis procedure relies solely on Linear Matrix Inequalities (LMIs). This contrasts with earlier BMI-based approaches [12,14], which often face difficulties in real-time implementation due to their high complexity. By leveraging diagonal Lyapunov functions, relaxation variables, and congruent transformations [16,27], our controller and observer can be synthesized through convex optimization, enabling tractable deployment on embedded platforms.
• The effectiveness of the proposed framework is validated through extensive simulations on the standard three-tank benchmark.

Table 1. Comparative summary of resilient control methods for CPS under cyberattacks.

Reference	Attack Model	Detection Method	Control Synthesis	Triggering Strategy	Solvability
[14]	None	Distributed observer	$H_{\infty }$ control	No	BMI
[3]	DoS (static)	Filtering	Robust control	No	LMI
[7]	Deterministic	Residual threshold	Heuristic	No	Non-systematic
[8]	Arbitrary injection	Observer-based	Tracking control	No	LMI
[4]	Markovian	Stochastic observer	Robust control	No	LMI
[9]	FDI & DoS	Analysis only	Constraint-based	No	BMI
[23]	General	None	$H_{\infty }$ robust control	PETC	LMI
[25]	DoS	Output estimation	Output feedback control	PETC	BMI
[26]	Sensor attacks (stochastic)	Observer-based	Event-triggered control	CETC	LMI
Proposed Method	Markovian (FDI & DoS)	Luenberger observer	State feedback via relaxed LMIs	PETC	LMI

Table 1. Comparative summary of resilient control methods for CPS under cyberattacks.

Reference	Attack Model	Detection Method	Control Synthesis	Triggering Strategy	Solvability
[14]	None	Distributed observer	$H_{\infty }$ control	No	BMI
[3]	DoS (static)	Filtering	Robust control	No	LMI
[7]	Deterministic	Residual threshold	Heuristic	No	Non-systematic
[8]	Arbitrary injection	Observer-based	Tracking control	No	LMI
[4]	Markovian	Stochastic observer	Robust control	No	LMI
[9]	FDI & DoS	Analysis only	Constraint-based	No	BMI
[23]	General	None	$H_{\infty }$ robust control	PETC	LMI
[25]	DoS	Output estimation	Output feedback control	PETC	BMI
[26]	Sensor attacks (stochastic)	Observer-based	Event-triggered control	CETC	LMI
Proposed Method	Markovian (FDI & DoS)	Luenberger observer	State feedback via relaxed LMIs	PETC	LMI

Note 1: The comparison in Table 1 is based on synthesis characteristics and attack models as reported in the referenced works. No numerical re-implementation was performed unless explicitly stated.

To validate the effectiveness of the proposed resilient control approach, numerical simulations representing cyberattack scenarios were conducted and evaluated, with the results provided in Table 2. The evaluation metrics included settling time, overshoot, tracking error (measured as mean squared error, MSE), and computation time per control update. These metrics comprehensively capture both transient and steady-state performance as well as the computational efficiency of the control strategies.

Note 2: All numerical simulations were conducted using MATLAB R2023a on an Intel Core i7 (2.6 GHz, 16 GB RAM) platform, with controller synthesis relying on YALMIP and the SDPT3 solver. The computation times reported in Table 2 are averaged over ten independent runs, and standard deviations were also calculated. Although the system was evaluated under permanent and intermittent attacks, packet loss or time-varying attack intensity were not explicitly modeled in the current study. Such network-induced uncertainties will be investigated in future work to assess robustness in more realistic settings.

Table 2. Performance comparison of the proposed resilient control approach with existing methods under cyberattack scenarios.

Method	Settling Time (s)	Overshoot (%)	Tracking Error (MSE)	Computation Time (ms)
[14]	2.3	18.1	0.058	4.0
[3]	2.0	15.7	0.049	5.5
[7]	2.5	20.2	0.062	3.8
[8]	1.9	14.3	0.042	6.0
[4]	1.7	12.1	0.037	7.2
[9]	2.2	16.5	0.055	4.5
Proposed Approach	1.2 ms	8.3	0.025	0.874

Table 2. Performance comparison of the proposed resilient control approach with existing methods under cyberattack scenarios.

Method	Settling Time (s)	Overshoot (%)	Tracking Error (MSE)	Computation Time (ms)
[14]	2.3	18.1	0.058	4.0
[3]	2.0	15.7	0.049	5.5
[7]	2.5	20.2	0.062	3.8
[8]	1.9	14.3	0.042	6.0
[4]	1.7	12.1	0.037	7.2
[9]	2.2	16.5	0.055	4.5
Proposed Approach	1.2 ms	8.3	0.025	0.874

Table 2 summarizes the quantitative results. As can be observed, the proposed method significantly outperforms the benchmark methods in terms of faster settling time and reduced overshoot, indicating improved transient response and stability. Additionally, the tracking error is lower, demonstrating better accuracy despite cyberattacks.

Compared to results obtained using alternative observer-based methods such as [19], the proposed approach demonstrates superior performance in terms of detection speed, robustness to parametric uncertainty, and resilience to both FDI and DoS attacks. These results suggest that our method is not only theoretically sound but also practically applicable in the context of critical infrastructure where safety and reliability are paramount.

Remark 3.

The current event-triggered mechanism is designed under the PETC paradigm, where triggering conditions are evaluated at regular sampling intervals. While this framework ensures ease of implementation and compatibility with discrete-time platforms, it may not offer optimal resource usage compared to STC, where the control update times are predicted in advance based on system dynamics. Future work will focus on extending the proposed resilient control architecture to STC schemes, which could further reduce communication overhead while maintaining robustness under cyberattacks. Such an extension would also require revisiting the triggering conditions and observer-based synthesis to ensure stability and detection performance under asynchronous control updates.

8. Conclusions

This paper has presented a unified observer-based resilient control framework for discrete-time Cyber–Physical Systems (CPS) subject to Markovian-modeled cyberattacks. The proposed approach combines a Luenberger-type observer for real-time attack detection with a state-feedback controller driven by an event-triggered mechanism to ensure reduced resource usage while maintaining system stability and performance. By explicitly incorporating the stochastic behavior of attacks through a Markov chain model, the proposed framework significantly improves detection accuracy and enhances resilience against both sensor and actuator compromise. This synthesis is achieved through relaxed Linear Matrix Inequalities (LMIs) formulated using relaxation variables and diagonal Lyapunov functions, making the proposed solution computationally efficient.

Extensive simulations on a benchmark three-tank system confirm the effectiveness of the method in rapidly detecting cyberattacks, maintaining control performance, and preserving closed-loop stability even under parametric uncertainty and measurement noise. This work contributes to bridging the gap between detection and control in CPS security by offering a robust, integrated, and practically viable solution for resilient operation under cyber threats.

Future work will explore extension to nonlinear CPS models, adaptive estimation techniques for unknown attack parameters, and hardware-in-the-loop implementation to validate real-time applicability.