Moving Target Defense-Based Event-Triggered Attack Detection and State Estimation in WSN

Abstract

This paper is concerned with the attack detection and state estimation problems in wireless sensor networks (WSNs) under stealthy false data injection (FDI) attacks. Firstly, to better detect stealthy FDI attacks on the system, an extended moving target defense strategy was introduced to expand the system’s attack surface. Then, based on the construction of an extended system, a distributed Kalman filter was designed, and the ${\chi }^2$ detector was constructed using the prior estimation information of the filter to jointly achieve attack detection and state estimation. To reduce the occupation rate of WSN communication resources, an event-triggered mechanism was designed between the sensor and the estimator. Finally, simulation results demonstrate the efficiency and advantage of the proposed approach.

1. Introduction

As a class of distributed sensor networks, wireless sensor networks (WSNs) have found extensive applications across various fields due to their straightforward network deployment, low-cost sensor nodes, diverse types, and ease of replacement and arrangement. They have garnered significant attention and research interest from both the academic and industrial sectors [1]. As the significance of WSNs has grown, numerous national research institutions have successively joined the study of WSNs. This has led to rapid advancements in wireless sensor technology. However, there are still many issues that need to be further studied and resolved. In numerous pragmatic contexts, the comprehensive state of a dynamic system is not invariably quantifiable or attainable. For instance, the system model may be contaminated by external disturbances and noise. Therefore, state estimation is challenging [2]. On the other hand, communication networks increase the flexibility and scalability of WSNs by enabling more nodes to access the network media. Nonetheless, this also increases the risk of WSNs being attacked [3,4]. In particular, bit-flip errors in noisy communication channels can severely degrade the performance of dynamic encoding-based control schemes, necessitating active error-resistant mechanisms [5]. These communication imperfections not only threaten data integrity but also provide potential attack vectors for adversaries to inject false data stealthily. With the diversification and complexity of attack types, it has been difficult for single intrusion detection systems to meet network security requirements. Therefore, it is necessary to conduct new research based on existing detection technologies [6,7].

Currently, the most frequently used and earliest proposed attack detection method is the residual-based attack detection method. By comparing the discrepancies between the actual output and the estimated output of the system, it determines whether the system is under attack. However, with the rapid advancement of computer science and technology, intelligent adversaries can steal system model information to launch stealthy attacks that are hard to detect. Merely relying on residual anomalies has become insufficient for detecting some covert attack signals [8,9,10]. In response to this situation, it is necessary to actively incorporate defense strategies to enhance the performance of the attack detector. Watermarking-based attack detection methods and moving target defense (MTD)-based attack detection methods have gradually become new research hotspots [11,12].

Considering that each sensor node may be susceptible to false data injection (FDI) attacks when transmitting local estimates to the fusion center, a straightforward encryption scheme was designed for the transmission channel in [13]. Building upon this encryption scheme, an attack detection mechanism was developed to enable real-time detection of FDI attack signals. To address FDI attacks, a random watermark signal was embedded into the original measurement data of the system sensors in [14], thereby concealing the true sensor measurements from potential attackers. This approach offers a novel solution to the security challenges faced in WSNs. However, since the watermarking method relies on embedded signals, it is challenging to guarantee that these signals will not be predicted by malicious adversaries, allowing them to bypass or disrupt the watermark. This can lead to delayed or failed attack detection, rendering the watermark actively added by defenders ineffective. To address this shortcoming, ref. [15] addressed the scenario where multi-sensor systems may be subjected to spoofing attacks by incorporating watermark signals into each sensor of the system. Since the watermark signals are artificially added by the defender, even if adversaries detect the presence of the watermark, the defender can dynamically adjust the parameters of the watermark to ensure the proper functioning of the attack detection mechanism. It is noteworthy that although watermarking methods have been widely applied in WSNs, the system performance may degrade due to the added watermark signals.

In [16], three MTD methods for cyber-physical systems under covert attacks are proposed, namely, hybrid MTD, extended MTD and nonlinear MTD. These three MTD strategies were combined with the ${\chi }^2$ detector, and the detection performance of these methods in cyber-physical systems under covert attacks was analyzed. However, considering only covert attacks has certain limitations; ref. [17] combined MTD and watermarking to propose a new hybrid active detection scheme for detecting invisible attacks on cyber-physical systems with unknown but bounded noise. Different from [16], this active detection framework can be used to detect multiple varieties of attacks within a singular system. Moreover, the MTD strategy was applied to the power system subject to cyber attacks to enhance the ability to detect expected cyber attacks in [18,19]. In summary, MTD strategies have been broadly utilized in cyber-physical systems. Furthermore, modifications and enhancements have been made to MTD strategies to address specific kinds of cyber attacks, with the aim of achieving the objective of effective attack detection. As another active defense mechanism, MTD strategies offer a viable solution to secure systems without compromising their performance. Furthermore, the application of MTD strategies in the context of WSNs remains an underexplored area in the research on active defense mechanisms.

The most commonly considered method for state estimation in existing work is distributed state estimation. A set of interconnected sensors collaboratively estimate some parameters of interest from noisy measurements without a fusion center. Compared with the traditional centralized or decentralized processing with a fusion center, distributed state estimation avoids the vulnerability of central node dysfunction [20]. In [21], a recursive distributed Kalman fusion estimator was designed for a cyber-physical system under replay attacks in the sense of linear minimum variance. However, once the fusion center fails, the effectiveness of this method on state estimation may be significantly reduced. Therefore, ref. [22] considers the design of distributed filters for WSNs under the influence of deception attacks. Additionally, the distributed secure state estimation problems of WSNs under different cyber attacks are studied in [23,24]. From the perspective of resource conservation, the traditional continuous or periodic sampling transmission mode will lead to inefficient utilization of limited resources such as sensor power and bandwidth. Therefore, it is necessary to introduce an event-triggered (ET) mechanism [25]. The ET mechanism was set in different transmission channels of the system to save communication resources in [26,27] while also considering the impact on system performance. It can be seen that the ET mechanism has a significant effect on reducing the pressure on system communication bandwidth.

In this paper, a distributed secure state estimation method based on ET mechanism for WSNs is proposed. Based on the extended MTD strategy, an extended subsystem was designed for each sensor system to prevent the effect of stealthy FDI attacks injected by malicious attackers. On this basis, a distributed Kalman filter and ${\chi }^2$ detector were devised to solve the attack detection and state estimation problems of WSNs under stealthy FDI attacks. The proposed framework introduces the following technical breakthroughs: (1) For WSNs under stealthy FDI attacks, an extended MTD strategy was designed to attain secure defense. The dynamically varying extended system parameter matrix can prevent adversaries from obtaining the specific system model, thereby achieving secure defense. (2) Based on the extended system, a distributed Kalman filter utilizes the ET mechanism was designed. Moreover, the ${\chi }^2$ detector was constructed by utilizing the prior state estimation information from the Kalman filter. The method can not only detect the stealthy FDI attacks well but also achieve good state estimation results and realize attack detection and state estimation at the same time.

The modeling of WSNs and the problems considered are described in the next section. Section 3 presents the main results of the design of attack detector and distributed Kalman filter. In Section 4, an illustrative example is presented to show the effectiveness of the proposed method. Finally, conclusions are drawn in Section 5.

2. System Description and Problem Statement

2.1. System and Extended Moving Target Defense Model

In this paper, a spatially distributed network system composed of multiple sensor nodes is considered, with the aim of achieving precise monitoring of targets. These sensors collaborate through wireless communication technology to accomplish the tasks of data measurement and transmission. To precisely describe the topological structure of this complex network, this paper employs directed graph theory as an analytical tool. This approach provides a solid theoretical foundation and an intuitive representation for subsequent research. Consider the discrete time linear system model:

$$\begin{array}{cc}\hfill x_{k+1}& =A{x}_k+B{u}_k+{\omega }_k\hfill \\ \hfill y_{i,k}& =C_i{x}_k+{\nu }_{i,k}\hfill \end{array}$$

(1)

where $x_k\in {\mathbb{R}}^n$ represents the system state at time k, $u_k\in {\mathbb{R}}^p$ is a vector of control inputs. $y_{i,k}\in {\mathbb{R}}^q$ denotes the measurement output of sensor i, and $i=1,2,\cdots ,s$ is the number of sensors. The process noise ${\omega }_k\sim N(0,Q_k)$ and the sensor noise ${\nu }_{i,k}\sim N(0,R_{i,k})$ are independent and identically distributed Gaussian processes. A, B, $C_i$ are known real matrices. A is a stable matrix. The initial state $x_0$ has the mean ${\widehat{x}}_0$ and covariance $P_0$, which is assumed to be mutually uncorrelated with ${\omega }_k$ and ${\nu }_{i,k}$.

To better address potential stealthy FDI attacks on the system, this paper introduces an extended MTD strategy. This involves adding an extension system that is coupled with the original system without affecting its performance. The dynamic expression for this system is given as presented below:

$$\begin{array}{cc}\hfill \left[\begin{array}{c}{\check{x}}_{k+1}\\ x_{k+1}\end{array}\right]& =\left[\begin{array}{cc}\check{A}& {\check{A}}_k\\ 0& A\end{array}\right]\left[\begin{array}{c}{\check{x}}_k\\ x_k\end{array}\right]+\left[\begin{array}{c}{\check{B}}_k\\ B\end{array}\right]u_k+\left[\begin{array}{c}{\check{\omega }}_k\\ {\omega }_k\end{array}\right]\hfill \\ \hfill \left[\begin{array}{c}{\check{y}}_{i,k}\\ y_{i,k}\end{array}\right]& =\left[\begin{array}{cc}{\check{C}}_i& {\check{C}}_{i,k}\\ 0& C_i\end{array}\right]\left[\begin{array}{c}{\check{x}}_k\\ x_k\end{array}\right]+\left[\begin{array}{c}{\check{\nu }}_{i,k}\\ {\nu }_{i,k}\end{array}\right]\hfill \end{array}$$

(2)

In this context, ${\check{x}}_k\in {\mathbb{R}}^n$ represents the extended system state, ${\check{y}}_{i,k}\in {\mathbb{R}}^q$ denotes the measurement output of sensor i in the extended system. The extended MTD strategy follows a simple design principle. It assumes that attackers try to inject stealthy FDI attack signals. These signals aim to change the original system state without affecting its measurements. However, the same signals will also alter the state of the extended system. As a result, the measurement values of the extended system will change. Due to the lack of understanding of the extended system, attackers are unable to conceal the impact of the attack signal on the sensor measurement values of the extended system. The time varying parameter matrices are determined by an encrypted pseudo random number generator and entirely governed by its seed. The extended MTD strategy introduced by sensor i is shown in Figure 1.

With the rapid development of intelligent technologies, cyber attack methods are increasingly showing a trend towards high intelligence. Their concealment and complexity are constantly increasing, presenting unprecedented challenges to traditional detection mechanisms. These intelligent attacks often cleverly evade conventional security defenses, making timely and accurate detection and defense more difficult. Attackers can access and modify the input and output data transmitted through networks, thereby deducing the system model parameters A, B, $C_i$, $Q_k$ and $R_{i,k}$ through these inputs and outputs. Finally, they use these parameters to generate attack signals. This paper considers the stealthy FDI attack model on the WSN as follows:

$$\begin{array}{cc}\hfill x_{k+1}^a& =A{x}_k^a+B{u}_k^a\hfill \\ \hfill s_{i,k}^a& =-C_i{x}_k^a\hfill \\ \hfill {\check{x}}_{k+1}^a& =A{\check{x}}_k^a+B{u}_k^a\hfill \\ \hfill {\check{s}}_{i,k}^a& =-C_i{\check{x}}_k^a\hfill \end{array}$$

(3)

In this context, $u_k^a$ represents the attack signal injected by the attacker into the input channel. The states after being subjected to an attack are denoted as $x_k^a$ and ${\check{x}}_k^a$. Similarly, $s_{i,k}^a$ and ${\check{s}}_{i,k}^a$ represent the attack signals injected by the attacker into the sensor measurement channels.

Assumption 1. 

There exists a positive integer ε such that

$$\begin{array}{c}\hfill u_k^a{u}_k^{aT}\le \epsilon I\end{array}$$

(4)

Assumption 1 means the constraint of unknown attacks. We consider a stealthy FDI attack model that enables the system’s output data to be consistent with normal operation during an attack, thus making it difficult to detect. The introduction of an extended subsystem limits the malicious attacker’s understanding of the system model, enabling the subsequently designed detector to detect the attack signal.

Remark 1. 

Assumption 1 is a standard assumption in the literature to ensure the physical implementability of the attack. Following the stealthy FDI attack model in [28], we assume that the attacker is capable of eavesdropping on and tampering with the input and output data transmitted through the network. By exploiting these data, the attacker can identify the system model parameters A, B, $C_i$, $Q_k$ and $R_{i,k}$ and subsequently construct stealthy attack signals that evade conventional detection mechanisms.

Under these conditions, the extended system in (2) can be rephrased as presented below:

$$\begin{array}{cc}\hfill {\overline{x}}_{k+1}& =A_k{\overline{x}}_k+B_k{\overline{u}}_k+{\overline{\omega }}_k\hfill \\ \hfill {\overline{y}}_{i,k}& =C_{i,k}{\overline{x}}_k+{\overline{s}}_{i,k}+{\overline{\nu }}_{i,k},\hfill \end{array}$$

(5)

where ${\overline{x}}_k=\left[\begin{array}{c}{\check{x}}_k\\ x_k\end{array}\right]$, ${\overline{y}}_{i,k}=\left[\begin{array}{c}{\check{y}}_{i,k}\\ y_{i,k}\end{array}\right]$, ${\overline{u}}_k=u_k+u_k^a$, ${\overline{s}}_{i,k}=\left[\begin{array}{c}{\check{s}}_{i,k}^a\\ s_{i,k}^a\end{array}\right]$, ${\overline{\omega }}_k=\left[\begin{array}{c}{\check{\omega }}_k\\ {\omega }_k\end{array}\right]$, ${\overline{\nu }}_{i,k}=\left[\begin{array}{c}{\check{\nu }}_{i,k}\\ {\nu }_{i,k}\end{array}\right]$, $A_k=\left[\begin{array}{cc}\check{A}& {\check{A}}_k\\ 0& A\end{array}\right]$, $B_k=\left[\begin{array}{c}{\check{B}}_k\\ B\end{array}\right]$, $C_{i,k}=\left[\begin{array}{cc}{\check{C}}_i& {\check{C}}_{i,k}\\ 0& C_i\end{array}\right]$.

   To address the issue of conserving network resources, the following ET mechanism is incorporated between the sensor nodes and the Kalman filter:

$$\begin{array}{c}\hfill {\gamma }_{i,k}=\left\{\begin{array}{cc}1,\hfill & \mathit{if}{\varphi }_{i,k}^{\top }{\overline{\varphi }}_{i,k}\ge {\eta }_i{y}_{i,k}^{\top }{y}_{i,k}\hfill \\ 0,\hfill & \mathit{otherwise}\hfill \end{array}\right.\end{array}$$

(6)

where ${\overline{\varphi }}_{i,k}={\overline{y}}_{i,k_i}-{\overline{y}}_{i,k}$, ${\eta }_i$ represents a positive constant that can be adjusted based on the practical operating conditions of the system.

Remark 2. 

The ET mechanism inevitably introduces a small detection delay between the occurrence of an attack and its identification, as the detector is only activated at triggered instants rather than at every sampling step. However, this delay is typically bounded by a few sampling periods and is negligible compared to the time scale of physical system dynamics. The analysis and mitigation of such delays are beyond the scope of this paper and are deferred to future work.

2.2. Estimation and Detection

To effectively combat network attacks and conserve communication resources, the form of distributed Kalman filter for sensor i is constructed as follows:

$$\begin{array}{cc}\hfill {\breve{\overline{x}}}_{i,k}^{-}& =A_{k-1}{\breve{\overline{x}}}_{i,k-1}^{+}+B_{k-1}{\overline{u}}_{k-1}\hfill \\ \hfill {\breve{\overline{x}}}_{i,k}^{+}& ={\breve{\overline{x}}}_{i,k}^{-}+{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}({\overline{y}}_{r,k}-C_{r,k}{\breve{\overline{x}}}_{r,k}^{-})\hfill \end{array}$$

(7)

where ${\breve{\overline{x}}}_{i,k}^{-}$ and ${\breve{\overline{x}}}_{i,k}^{+}$ represent the prior and posterior state estimates of sensor i, ${\overline{L}}_{i,k}$ is the Kalman filter gain which should be designed. ${\gamma }_{r,k}$ is a constant. ${\gamma }_{r,k}=1$ indicates that the sampled data at the current moment satisfies the event triggered condition. Otherwise, the exemplified data at the present instant does not conform to the event triggered condition.

In order to detect stealthy FDI attacks, this section adopts the ${\chi }^2$ detector for attack detection. When the data passes through the Kalman filter, these data will also be received by the detector. The model of the ${\chi }^2$ detector is as follows:

$$\begin{array}{cc}\hfill G_k={\displaystyle \sum _{i=k-J+1}^k}{Z}_{i,k}^T{\sum }_z^{-1}{Z}_{i,k}& \lessgtr \delta \hfill \end{array}$$

(8)

where $Z_{i,k}={\gamma }_{i,k}({\overline{y}}_{i,k}-C_{i,k}{\breve{\overline{x}}}_{i,k}^{-})$, J represents the window size, $\delta$ denotes the detection threshold. $Z_{i,k}$ is the residual at the current time, and ${\sum }_z$ is the covariance of $Z_{i,k}$. When $G_k<\delta$, the system is considered to be operating normally. Conversely, when $G_k>\delta$, the system is deemed to be under attack, which will trigger an alert. The system model diagram is shown in Figure 2.

Remark 3. 

The threshold setting of the ${\chi }^2$ detector follows the standard criterion established in [29]. Under the null hypothesis, the detection statistic $G_k$ asymptotically follows a central ${\chi }^2$ distribution with $mJ$ degrees of freedom, and the threshold is selected as the $(1-\alpha )$-quantile for a prescribed significance level α.

3. Main Results

3.1. Design of Distributed State Estimator

Lemma 1 

([30]). For any matrices $A,B,C,D\in {\mathbb{R}}^n$ and any positive scalar $\theta >0$, if $(\theta A-B)$ and $(\theta C-D)$ are bounded, then there exists a bounded matrix $\xi \in {\mathbb{R}}^n$ such that the following matrix inequality holds:

$$A{D}^{\mathrm{T}}+B{C}^{\mathrm{T}}\le \theta A{C}^{\mathrm{T}}+{\theta }^{-1}B{D}^{\mathrm{T}}+\xi .$$

(9)

Theorem 1. 

For the augmented system in (5), considering the prior state estimation error covariance as ${\Lambda }_{ii,k}^{-}$ and ${\Lambda }_{ij,k}^{-}$, the posterior state estimation error covariance as ${\Lambda }_{ii,k}^{+}$ and ${\Lambda }_{ij,k}^{+}$. For the given positive scalars ${\theta }_1$ and ${\varsigma }_1$, as well as the bounded matrix ${\xi }_1$, if there exist two matrices, denoted as ${\mathsf{\Omega }}_{ii,k}^{-}$ and ${\mathsf{\Omega }}_{ii,k}^{+}$, that satisfy the following equations:

$$\begin{array}{cc}\hfill {\mathsf{\Omega }}_{ii,k}^{-}& =A_{k-1}{\Lambda }_{ii,k-1}^{+}{A}_{k-1}^T+{\overline{Q}}_{k-1}\hfill \\ \hfill {\mathsf{\Omega }}_{ij,k}^{-}& =A_{k-1}{\Lambda }_{ij,k-1}^{+}{A}_{k-1}^T+{\overline{Q}}_{k-1}\hfill \end{array}$$

(10)

$$\begin{array}{cc}\hfill {\mathsf{\Omega }}_{ii,k}^{+}=& {\mathsf{\Omega }}_{ii,k}^{-}-\sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir,k}^{-}{C}_{r,k}^T{\overline{L}}_{i,k}^T-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\mathsf{\Omega }}_{ri,k}^{-}\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\mathsf{\Omega }}_{rr,k}^{-}{C}_{r,k}^T{\overline{L}}_{i,k}^T+{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(N_{r,k}+R_{r,k}){\overline{L}}_{i,k}^T\hfill \\ \hfill {\mathsf{\Omega }}_{ij,k}^{+}=& (1+{\theta }_1){\mathsf{\Omega }}_{ij,k}^{-}+{\overline{L}}_{i,k}\sum _{\begin{array}{c}r\in N_i,s\in N_{j}r\ne s\end{array}}{\gamma }_{r,k}{\gamma }_{s,k}{N}_{rs,k}{\overline{L}}_{j,k}^T+{\xi }_1+{\varsigma }_{1}I\hfill \\ \hfill & +(1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{\begin{array}{c}r\in N_i,s\in N_{j}r\ne s\end{array}}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\mathsf{\Omega }}_{rs,k}^{-}{C}_{s,k}^T{\overline{L}}_{j,k}^T\hfill \end{array}$$

(11)

the matrix ${\mathsf{\Omega }}_{ii,k}^{+}$ represents the upper bound of ${\Lambda }_{ii,k}^{+}$, and the gain is furnished by

$$\begin{array}{c}\hfill {\overline{L}}_{i,k}={\overline{D}}_{i,k}{\overline{E}}_{i,k}^{-1}\end{array}$$

(12)

where ${\overline{E}}_{i,k}={\sum }_{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\mathsf{\Omega }}_{rr,k}^{-}{C}_{r,k}^T+N_{rr,k}+R_{r,k})$, ${\overline{D}}_{i,k}={\sum }_{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir,k}^{-}{C}_{r,k}^T$.

Proof. 

For the convenience of analysis, define the prior state estimation error is ${\psi }_{i,k}^{-}={\overline{x}}_k-{\breve{\overline{x}}}_{i,k}^{-}$, the posterior state estimation error is ${\psi }_{i,k}^{+}={\overline{x}}_k-{\breve{\overline{x}}}_{i,k}^{+}$. Combining Equation (7), the state estimation can be written as

$$\begin{array}{cc}\hfill {\psi }_{i,k}^{-}& =A_{k-1}{\psi }_{i,k-1}^{+}+{\overline{\omega }}_{k-1}\hfill \\ \hfill {\psi }_{i,k}^{+}& ={\psi }_{i,k}^{-}-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\psi }_{r,k}^{-}+{\overline{s}}_{r,k}+{\overline{v}}_{r,k})\hfill \end{array}$$

(13)

The prior state estimation error covariances ${\Lambda }_{ii,k}^{-}$ and ${\Lambda }_{ij,k}^{-}$ are obtained as follows:

$$\begin{array}{cc}\hfill {\Lambda }_{ii,k}^{-}& =E\{{\psi }_{i,k}^{-}{{\psi }_{i,k}^{-}}^T\}\hfill \\ \hfill & =E\{(A_{k-1}{\psi }_{i,k-1}^{+}+{\overline{\omega }}_{k-1}){(A_{k-1}{\psi }_{i,k-1}^{+}+{\overline{\omega }}_{k-1})}^T\}\hfill \\ \hfill & =A_{k-1}{\Lambda }_{ii,k-1}^{+}{A}_{k-1}^T+{\overline{Q}}_{k-1}\hfill \\ \hfill & ={\mathsf{\Omega }}_{ii,k}^{-}\hfill \\ \hfill {\Lambda }_{ij,k}^{-}& =E\{{\psi }_{i,k}^{-}{{\psi }_{j,k}^{-}}^T\}\hfill \\ \hfill & =E\{(A_{k-1}{e}_{i,k-1}^{+}+{\overline{\omega }}_{k-1}){(A_{k-1}{\psi }_{j,k-1}^{+}+{\overline{\omega }}_{k-1})}^T\}\hfill \\ \hfill & =A_{k-1}{\Lambda }_{ij,k-1}^{+}{A}_{k-1}^T+{\overline{Q}}_{k-1}\hfill \\ \hfill & ={\mathsf{\Omega }}_{ij,k}^{-}\hfill \end{array}$$

(14)

In the subsequent derivation process, the attack signals ${\overline{s}}_{i,k}$ injected by the attacker into the system’s sensor measurement channels need to be addressed. This section employs a method for solving the dynamic equations of a linear discrete system to handle ${\overline{s}}_{i,k}$.

For ease of expression, the attack signal model is

$$\begin{array}{cc}\hfill {\overline{\delta }}_{k+1}& =D{\overline{\delta }}_k+F{u}_k^a\hfill \\ \hfill {\overline{s}}_{i,k}& =H_i{\overline{\delta }}_k\hfill \end{array}$$

(15)

where ${\overline{\delta }}_k=\left[\begin{array}{c}{\check{x}}_k^a\\ x_k^a\end{array}\right]$, $D=\left[\begin{array}{cc}A& 0\\ 0& A\end{array}\right]$, $F=\left[\begin{array}{c}B\\ B\end{array}\right]$, $H_i=\left[\begin{array}{cc}-C_i& 0\\ 0& -C_i\end{array}\right]$.

   By solving the dynamic equations of the linear discrete system, the solution for the aforementioned attack signal model leads to

$$\begin{array}{cc}\hfill {\overline{\delta }}_k& =D^k{\overline{\delta }}_{k_0}+{\displaystyle \sum _{j=0}^{k-1}}{D}^{k-j-1}F{u}_j\hfill \\ \hfill {\overline{s}}_{i,k}& =H_i{\overline{\delta }}_k\hfill \\ \hfill & =H_i(D^k{\overline{\delta }}_{k_0}+{\displaystyle \sum _{j=0}^{k-1}}{D}^{k-j-1}F{u}_j)\hfill \end{array}$$

(16)

Applying the boundedness of $u_k^a$ in Assumption 1, the attack signal covariances $N_{ii,k}$ and $N_{ij,k}$ can be formulated as

$$\begin{array}{cc}\hfill N_{ii,k}& =E\{{\overline{s}}_{i,k}{\overline{s}}_{i,k}^T\}\hfill \\ \hfill & =E\{[H_i(D^k{\overline{\delta }}_{k_0}+{\displaystyle \sum _{j=0}^{k-1}}{D}^{k-j-1}F{u}_j)][H_i{(D^k{\overline{\delta }}_{k_0}+{\displaystyle \sum _{j=0}^{k-1}}{D}^{k-j-1}F{u}_j]}^T\}\hfill \\ \hfill N_{ij,k}& =E\{{\overline{s}}_{i,k}{\overline{s}}_{j,k}^T\}\hfill \\ \hfill & =E\{[H_i(D^k{\overline{\delta }}_{k_0}+{\displaystyle \sum _{r=0}^{k-1}}{D}^{k-r-1}F{u}_r)][H_j{(D^k{\overline{\delta }}_{k_0}+{\displaystyle \sum _{s=0}^{k-1}}{D}^{k-s-1}F{u}_s]}^T\}\hfill \end{array}$$

(17)

Based on the above conditions, the posterior state estimation error covariance ${\Lambda }_{ij,k}^{+}$ can be obtained as presented below:

$$\begin{array}{cc}\hfill {\Lambda }_{ij,k}^{+}=& E\{{\psi }_{i,k}^{+}{{\psi }_{j,k}^{+}}^T\}\hfill \\ \hfill =& E\{[{\psi }_{i,k}^{-}-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\psi }_{r,k}^{-}+{\overline{s}}_{r,k}+{\overline{\nu }}_{r,k})]\hfill \\ \hfill & {[{\psi }_{j,k}^{-}-{\overline{L}}_{j,k}\sum _{s\in N_i}{\gamma }_{s,k}(C_{s,k}{\psi }_{s,k}^{-}+{\overline{s}}_{s,k}+{\overline{\nu }}_{s,k})]}^T\}\hfill \\ \hfill =& E\{{\psi }_{i,k}^{-}{{\psi }_{j,k}^{-}}^T-\sum _{s\in N_i}{\gamma }_{s,k}{\psi }_{i,k}^{-}{{\psi }_{s,k}^{-}}^T{C}_{s,k}^T{\overline{L}}_{j,k}^T-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\psi }_{r,k}^{-}{{\psi }_{j,k}^{-}}^T\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\psi }_{r,k}^{-}{{\psi }_{s,k}^{-}}^T{C}_{s,k}^T{\overline{L}}_{j,k}^T\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{\overline{s}}_{r,k}{\overline{s}}_{s,k}^T{\overline{L}}_{i,k}^T\}\hfill \end{array}$$

(18)

By applying Lemma 1, we obtain

$$\begin{array}{cc}\hfill & E\{-\sum _{s\in N_i}{\gamma }_{s,k}{\psi }_{i,k}^{-}{{\psi }_{s,k}^{-}}^T{C}_{s,k}^T{\overline{L}}_{j,k}^T-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\psi }_{r,k}^{-}{{\psi }_{j,k}^{-}}^T\}\hfill \\ \hfill & \le E\{{\theta }_1{\psi }_{i,k}^{-}{{\psi }_{j,k}^{-}}^T+{\theta }_1^{-1}{\overline{L}}_{i,k}\sum _{r\in N}\sum _{s\in N}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\psi }_{r,k}^{-}{{\psi }_{s,k}^{-}}^T{C}_{s,k}^T{\overline{L}}_{j,k}^T+{\xi }_1\}\hfill \end{array}$$

(19)

where ${\xi }_1$ is a bounded matrix. ${\theta }_1$ is a scalar which satisfies ${\theta }_1>0$, making ${\theta }_1{\psi }_{i,k}^{-}-{\overline{L}}_{i,k}{\sum }_{r\in N}{\gamma }_{r,k}{C}_{r,k}{\psi }_{r,k}^{-}$ and ${\theta }_1{\psi }_{j,k}^{-}-{\sum }_{s\in N_i}{\gamma }_{s,k}{\overline{L}}_{j,k}{C}_{s,k}{\psi }_{s,k}^{-}$ bounded.

Therefore, the error covariance ${\Lambda }_{ij,k}^{+}$ can be further described as

$$\begin{array}{cc}\hfill {\Lambda }_{ij,k}^{+}\le & (1+{\theta }_1)E\{{\psi }_{i,k}^{-}{{\psi }_{j,k}^{-}}^T\}+{\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}E\{{\overline{s}}_{r,k}{\overline{s}}_{s,k}^T\}{\overline{L}}_{i,k}^T\hfill \\ \hfill & +(1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}E\{{\psi }_{r,k}^{-}{{\psi }_{s,k}^{-}}^T\}{C}_{s,k}^T{\overline{L}}_{j,k}^T+{\xi }_1\hfill \\ \hfill \le & (1+{\theta }_1){\Lambda }_{ij,k}^{-}+(1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\Lambda }_{rs,k}^{-}{C}_{s,k}^T{\overline{L}}_{j,k}^T\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{N}_{rs,k}{\overline{L}}_{j,k}^T+{\xi }_1\hfill \end{array}$$

(20)

For the convenience of expression, let us define a bounded matrix as ${\lambda }_{rs,k}=(1+{\theta }_1^{-1}){\overline{L}}_{i,k}{\sum }_{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}\times ({\Lambda }_{rs,k}^{-}-{\mathsf{\Omega }}_{rs,k}^{-})C_{s,k}^T{\overline{L}}_{j,k}^T$.

   Through the aforementioned definition, it is thereby deducible that

$$\begin{array}{cc}\hfill & (1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\Lambda }_{rs,k}^{-}{C}_{s,k}^T{\overline{L}}_{j,k}^T\hfill \\ \hfill =& (1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\mathsf{\Omega }}_{rs,k}^{-}{C}_{s,k}^T{\overline{L}}_{j,k}^T+{\lambda }_{rs,k}\hfill \\ \hfill \le & (1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\mathsf{\Omega }}_{rs,k}^{-}{C}_{s,k}^T{\overline{L}}_{j,k}^T+{\varsigma }_{1}I\hfill \end{array}$$

(21)

where ${\varsigma }_1$ is a constant. Ultimately, the upper bound ${\mathsf{\Omega }}_{ij,k}^{+}$ leads to

$$\begin{array}{cc}\hfill {\Lambda }_{ij,k}^{+}\le & (1+{\theta }_1){\mathsf{\Omega }}_{ij,k}^{-}+(1+{\theta }_1^{-1}){\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{C}_{r,k}{\mathsf{\Omega }}_{rs,k}^{-}{C}_{s,k}^T{\overline{L}}_{j,k}^T\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i,s\in N_j}{\gamma }_{r,k}{\gamma }_{s,k}{N}_{rs,k}{\overline{L}}_{j,k}^T+{\xi }_1+{\varsigma }_{1}I\hfill \\ \hfill =& {\mathsf{\Omega }}_{ij,k}^{+}\hfill \end{array}$$

(22)

The posterior state estimation error covariance ${\Lambda }_{ii,k}^{+}$ is formulated as

$$\begin{array}{cc}\hfill {\Lambda }_{ii,k}^{+}=& E\{{\psi }_{i,k}^{+}{{\psi }_{i,k}^{+}}^T\}\hfill \\ \hfill =& E\{[{\psi }_{i,k}^{-}-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\psi }_{r,k}^{-}+{\overline{s}}_{r,k}+{\overline{\nu }}_{r,k})]\hfill \\ \hfill & {[{\psi }_{i,k}^{-}-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\psi }_{r,k}^{-}+{\overline{s}}_{r,k}+{\overline{\nu }}_{r,k})]}^T\}\hfill \end{array}$$

(23)

Further processing of Equation (23) leads to

$$\begin{array}{cc}\hfill {\Lambda }_{ii,k}^{+}=& E\{{\psi }_{i,k}^{-}{{\psi }_{i,k}^{-}}^T\}-\sum _{r\in N_i}{\gamma }_{r,k}E\{{\psi }_{i,k}^{-}{{\psi }_{r,k}^{-}}^T\}{C}_{r,k}^T{\overline{L}}_{i,k}^T\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}E\{{\psi }_{r,k}^{-}{{\psi }_{r,k}^{-}}^T\}{C}_{r,k}^T{\overline{L}}_{i,k}^T+{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(E\{{\overline{s}}_{r,k}{\overline{s}}_{r,k}^T\}\hfill \\ \hfill & +E\{{\overline{\nu }}_{r,k}{\overline{\nu }}_{r,k}^T\}){\overline{L}}_{i,k}^T-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}E\{{\psi }_{r,k}^{-}{{\psi }_{i,k}^{-}}^T\}\hfill \\ \hfill =& {\Lambda }_{ii,k}^{-}-\sum _{r\in N_i}{\gamma }_{r,k}{\Lambda }_{ir,k}^{-}{C}_{r,k}^T{\overline{L}}_{i,k}^T-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\Lambda }_{ri,k}^{-}\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\Lambda }_{rr,k}^{-}{C}_{r,k}^T{\overline{L}}_{i,k}^T+{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(N_{rr,k}+R_{r,k}){\overline{L}}_{i,k}^T\hfill \end{array}$$

(24)

Therefore, the upper bound ${\mathsf{\Omega }}_{ii,k}^{+}$ is formulated as

$$\begin{array}{cc}\hfill {\Lambda }_{ii,k}^{+}\le & {\mathsf{\Omega }}_{ii,k}^{-}-\sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir,k}^{-}{C}_{r,k}^T{\overline{L}}_{i,k}^T-{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\mathsf{\Omega }}_{ri,k}^{-}\hfill \\ \hfill & +{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}{C}_{r,k}{\mathsf{\Omega }}_{rr,k}^{-}{C}_{r,k}^T{\overline{L}}_{i,k}^T+{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(N_{rr,k}+R_{r,k}){\overline{L}}_{i,k}^T\hfill \\ \hfill =& {\mathsf{\Omega }}_{ii,k}^{+}\hfill \end{array}$$

(25)

Then, the partial derivative of ${\mathsf{\Omega }}_{ii,k}^{+}$ is computed with respect to ${\overline{L}}_{i,k}$:

$$\begin{array}{cc}\hfill {\displaystyle \frac{\partial tr\{{\mathsf{\Omega }}_{ii,k}^{+}\}}{\partial {\overline{L}}_{i,k}}}& =2{\overline{L}}_{i,k}\sum _{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\mathsf{\Omega }}_{rr,k}^{-}{C}_{r,k}^T+N_{rr,k}+R_{r,k})-2\sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir,k}^{-}{C}_{r,k}^T\hfill \\ \hfill & =0\hfill \end{array}$$

(26)

Ultimately, upon reorganizing Equation (26), the gain ${\overline{L}}_{i,k}$ is formulated as (12).    □

Remark 4. 

The filter gain ${\overline{L}}_{i,k}$ is derived by minimizing the trace of the upper bound ${\mathsf{\Omega }}_{ii,k}^{+}$, rather than the true error covariance. Consequently, the obtained gain is sub-optimal. Nevertheless, this sub-optimal gain guarantees a bounded estimation error and is computationally tractable for distributed implementation.

Remark 5. 

The per-step computational complexity at each sensor node is $𝒪(n^3+q^3)$, dominated by the Kalman filter covariance update ($𝒪(n^3)$) and the ${\chi }^2$ detector ($𝒪(q^3)$), where n and q are the dimensions of the extended state ${\breve{x}}_k$ and measurement ${\breve{y}}_{i,k}$, respectively. The ET mechanism reduces communication to $𝒪(1)$ per trigger, versus $𝒪(q)$ for periodic transmission.

3.2. Stability Analysis

Assumption 2. 

There exist positive real numbers $\underline{a}$, $\overline{a}$, $\underline{c}$, $\overline{c}$, $\underline{r}$, $\overline{r}$, $\underline{q}$, $\overline{q}$, $\underline{n}$, $\overline{n}$ such that for all $i=1,2,\cdots ,s$, the following inequalities hold:

$$\begin{array}{c}\hfill \underline{a}\le ∥A_k∥\le \overline{a},\underline{c}\le ∥C_{i,k}∥\le \overline{c},\\ \hfill \underline{r}\le ∥R_{i,k}∥\le \overline{r},\underline{q}\le \parallel Q_k\parallel \le \overline{q},\\ \hfill \underline{n}\le ∥N_{ii,k}∥\le \overline{n}\end{array}$$

(27)

Theorem 2. 

For the augmented system in (5) and the designed distributed Kalman filter (7), under Assumption 2, let $∥{\mathsf{\Omega }}_{ii,0}^{+}∥\le {\mathsf{\Omega }}_{ii}^{+}$, where ${\overline{\Pi }}_{ii}^{+}$ are positive real numbers. If

$$\begin{array}{c}\hfill {\mathsf{\Omega }}_{ii}^{-}-\sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir}^{-}\overline{c}\overline{k}-\overline{k}\sum _{r\in N_i}{\gamma }_{r,k}\overline{c}{\mathsf{\Omega }}_{ri}^{-}+{\overline{k}}^2\sum _{r\in N_i}{\gamma }_{r,k}({\overline{c}}^2{\mathsf{\Omega }}_{rr}^{-}+\overline{n}+\overline{r})\le {\mathsf{\Omega }}_{ii}^{+}\end{array}$$

(28)

then for any $k\ge 1$, the inequality $∥{\mathsf{\Omega }}_{ii,k}^{+}∥\le {\overline{\Pi }}_{ii}^{+}$ holds.

Proof. 

This section employs mathematical induction to address the difficulties arising from the coupling between covariances.

We assume $∥{\mathsf{\Omega }}_{ii,k-1}^{+}∥\le {\mathsf{\Omega }}_{ii}^{+}$, and then we prove its validity for any k. Since $∥{\mathsf{\Omega }}_{ii,k-1}^{+}∥\le {\mathsf{\Omega }}_{ii}^{+}$ holds, it follows that $∥{\mathsf{\Omega }}_{ij,k-1}^{+}∥\le {\mathsf{\Omega }}_{ij}^{+}$, where ${\mathsf{\Omega }}_{ij}^{+}\le \sqrt{{\mathsf{\Omega }}_{ii}^{+}{\mathsf{\Omega }}_{jj}^{+}}$. The following inequality can be obtained from Equations (12) and (14):

$$\begin{array}{cc}\hfill ∥{\mathsf{\Omega }}_{ii,k}^{-}∥& =∥A_{k-1}{\mathsf{\Omega }}_{ii,k-1}^{+}{A}_{k-1}^T+{\overline{Q}}_{k-1}∥\hfill \\ \hfill & \le {\overline{a}}^2{\mathsf{\Omega }}_{ii}^{+}+\overline{q}\hfill \\ \hfill & ={\mathsf{\Omega }}_{ii}^{-}\hfill \\ \hfill ∥{\mathsf{\Omega }}_{ij,k}^{-}∥& =∥A_{k-1}{\mathsf{\Omega }}_{ij,k-1}^{+}{A}_{k-1}^T+{\overline{Q}}_{k-1}∥\hfill \\ \hfill & \le {\overline{a}}^2{\mathsf{\Omega }}_{ij}^{+}+\overline{q}\hfill \\ \hfill & ={\mathsf{\Omega }}_{ij}^{-}\hfill \end{array}$$

(29)

$$\begin{array}{cc}\hfill ∥{\overline{D}}_{i,k}∥& =∥\sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir,k}^{-}{C}_{r,k}^T∥\hfill \\ \hfill & \le \sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir}^{-}\overline{c}\hfill \\ \hfill & =\overline{d}\hfill \end{array}$$

(30)

$$\begin{array}{cc}\hfill ∥{\overline{E}}_{i,k}∥& =\parallel \sum _{r\in N_i}{\gamma }_{r,k}(C_{r,k}{\mathsf{\Omega }}_{rr,k}^{-}{C}_{r,k}^T+N_{rr,k}+R_{r,k})\parallel \hfill \\ \hfill & \ge \sum _{r\in N_i}{\gamma }_{r,k}({\underline{c}}^2∥{\mathsf{\Omega }}_{rr,k}^{-}∥+\underline{n}+\underline{R})\hfill \\ \hfill & =\underline{e}\hfill \end{array}$$

(31)

Therefore, the gain ${\overline{L}}_{i,k}$ satisfies

$$\begin{array}{c}\hfill \parallel {\overline{L}}_{i,k}\parallel =∥{\overline{D}}_{i,k}{\overline{E}}_{i,k}^{-1}∥\le {\displaystyle \frac{\overline{d}}{\underline{e}}}=\overline{L}\end{array}$$

(32)

Then, the following inequality is formulated as

$$\begin{array}{cc}\hfill ∥{\mathsf{\Omega }}_{ii,k}^{+}∥& \le {\mathsf{\Omega }}_{ii}^{-}-\sum _{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir}^{-}\overline{c}\overline{k}-\overline{k}\sum _{r\in N_i}{\gamma }_{r,k}\overline{c}{\mathsf{\Omega }}_{ri}^{-}+{\overline{k}}^2\sum _{r\in N_i}{\gamma }_{r,k}({\overline{c}}^2{\mathsf{\Omega }}_{rr}^{-}+\overline{n}+\overline{r})\hfill \\ \hfill & ={\mathsf{\Omega }}_{ii}^{+}\hfill \end{array}$$

(33)

Therefore, if ${\mathsf{\Omega }}_{ii}^{-}-{\sum }_{r\in N_i}{\gamma }_{r,k}{\mathsf{\Omega }}_{ir}^{-}\overline{c}\overline{k}-\overline{k}{\sum }_{r\in N_i}{\gamma }_{r,k}\overline{c}{\mathsf{\Omega }}_{ri}^{-}+{\overline{k}}^2{\sum }_{r\in N_i}{\gamma }_{r,k}({\overline{c}}^2{\mathsf{\Omega }}_{rr}^{-}+\overline{n}+\overline{r})\le {\mathsf{\Omega }}_{ii}^{+}$, then for any $k\ge 1$, the inequality $∥{\mathsf{\Omega }}_{ii,k}^{+}∥\le {\mathsf{\Omega }}_{ii}^{+}$ holds.    □

In order to facilitate the understanding of the theoretical analysis and design, the implementation process of the event-triggered state estimation and attack detection scheme is summarized into Algorithm 1.

Algorithm 1 Event-triggered state estimation and attack detection

Input: Initial values of state estimations Output: The prior and posterior state estimations ${\breve{\overline{x}}}_{i,k}^{-}$ and ${\breve{\overline{x}}}_{i,k}^{+}$ and detection alarm 1: Initialize the estimations ${\breve{\overline{x}}}_{i,k}^{-}=0,$ and ${\breve{\overline{x}}}_{i,k}^{+}=0.$ 2: Calculate the filter gains ${\overline{L}}_{i,k}$ according to (12). 3: Determine the event-triggered variable ${\gamma }_{r,k}$ according to (6). 4: Execute the state estimations according to (7). 5: Update $G_k$ according to the residual $Z_{i,k}$ and covariance ${\sum }_z$. 6: Generate the detection decision according to (8) and $\delta$. 7: Repeat steps 2–6 for the next sample.

4. Simulation

To validate the proposed approach, it was assumed that the continuous-time plant is discretized with a proper sampling period T and that the samples are transmitted based on an event-triggering mechanism. After discretization with sampling period $T=0.01 \mathrm{s}$, the discrete-time system can be described as the original system (1), the parameter matrices are given by

$$A=\left[\begin{array}{cc}0.8& 0.2\\ 0& 0.8\end{array}\right],B=\left[\begin{array}{cc}0.6& 0.5\\ 0.4& 0.6\end{array}\right],Q_k=\left[\begin{array}{cc}0.5& 0\\ 0& 0.7\end{array}\right],$$

$$C_1=\left[\begin{array}{cc}0.2& 0.8\end{array}\right],C_2=\left[\begin{array}{cc}0.2& 1\end{array}\right],C_3=\left[\begin{array}{cc}0& 1\end{array}\right],$$

$$R_{1,k}=0.81,R_{2,k}=1,R_{3,k}=3.$$

As shown in Figure 3, the sensor network topology is represented by $G=(V_G,E_G,A_G)$, where $V_G=\{1,2,3\}$, $E_G=\{(1,1),(1,2),(2,1),(2,2),(3,1),(3,2),(3,3)\}$.

An extended MTD strategy was introduced for the aforementioned system. Here, the seed was selected as 1. The parameter matrices of the extended system are given in

Table 1. Related parameter matrices of the extended system.

Parameter Matrices	Value/Distribution
$\check{A}$	$\left[\begin{array}{cc}0.1& 0\\ 0& 0.1\end{array}\right]$
${\check{A}}_k$	$N({\mu }_a,{\sum }_a),{\mu }_a=0.5,{\sum }_a=\left[\begin{array}{cc}0.1& 0.1\\ 0.1& 0.1\end{array}\right]$
${\check{B}}_k$	$N({\mu }_b,{\sum }_b),{\mu }_b=0,{\sum }_b=\left[\begin{array}{cc}0.5& 0.1\\ 0.1& 0.5\end{array}\right]$
${\check{C}}_1$	$\left[\begin{array}{cc}0.05& 0\end{array}\right]$
${\check{C}}_{1,k}$	$N({\mu }_{c1},{\sum }_{c1}),{\mu }_{c1}=0.5,{\sum }_{c}1=0.1$
${\check{C}}_2$	$\left[\begin{array}{cc}0.05& 0\end{array}\right]$
${\check{C}}_{2,k}$	$N({\mu }_{c2},{\sum }_{c2}),{\mu }_{c2}=3.1,{\sum }_{c2}=0.1$
${\check{C}}_3$	$\left[\begin{array}{cc}0.55& 0\end{array}\right]$
${\check{C}}_{3,k}$	$N({\mu }_{c3},{\sum }_{c3}),{\mu }_{c3}=4.5,{\sum }_{c3}=0.1$
${\overline{Q}}_k$	$\left[\begin{array}{cc}{Q}_k& Q_k{Q}_k^T\\ Q_k^T{Q}_k& Q_k^T\end{array}\right]$
${\overline{R}}_{i,k}$	$\left[\begin{array}{c}{R}_{i,k}\\ R_{i,k}\end{array}\right],i=1,2,3.$

.

The initial values of the state and variance were selected to be zero. The adjustable parameters ${\theta }_1$ was set to 1, ${\varsigma }_1$ was set to $0.01$, and ${\xi }_1$ was set to $0.01I$. The input channel was injected with the attack signal $u_k^a={[1.5,0]}^T$ from $k=5.5$ to $k=6$ and $k=7$ to $k=7.5$. The attack signal is injected into the output channel during the same time periods to counteract the influence of the attack signal injected into the input channel on the output channel concurrently.

The instants of communication triggering the event-triggered mechanism for the three sensors are presented in Figure 4, Figure 5 and Figure 6. The adjustable parameters of the ET mechanism for the three sensors were set to $0.0075$, $0.0199$, and $0.0175$ respectively. The reduction ratio in the number of transmissions is presented in

Table 2. Communication resource savings for ET mechanism.

Sensor Node	Periodic Transmission Count	ET Transmission Count	Reduction Ratio(%)
1	1000	38	$96.2\%$
2	1000	42	$95.8\%$
3	1000	45	$95.5\%$

. The results show that the ET mechanism significantly reduces unnecessary data transmissions, confirming its effectiveness in conserving communication resources.

The state estimations of the proposed estimator across different sensor nodes are shown in Figure 7, Figure 8, Figure 9 and Figure 10. Each subplot presents a comparison between the actual system states and their estimated states, demonstrating that the estimator accurately tracks the true system states under various conditions. All state variables in the system are dimensionless normalized values. Figure 11 illustrates the trace of the upper bound of the estimation error covariance of sensor 1, and the mean square error is illustrated in Figure 12. The convergence trend of the trace confirms the stability of the proposed state estimator.

The detection performance of the proposed detector against stealthy FDI attacks is shown in Figure 13. The detection threshold $\delta =1400$ is determined within the statistical hypothesis testing framework according to Remark 3 with $J=1$ and $\alpha =0.05$. During the attack-free interval ($k=0$ to $5.5$), the detection statistic fluctuates between 1200 and 1300, approaching yet remaining below the threshold 1400. Such elevated values are attributed to the inherent measurement noise and process uncertainties under normal operating conditions, which are well within the expected statistical variation. Since the statistic does not exceed the preset threshold, no false alarm is triggered. Furthermore, a persistent-violation criterion is implemented, whereby an alarm is declared only if the detection statistic consecutively exceeds the threshold for $N\ge 3$ sampling instants. The empirical false alarm rate is measured to be below $5\%$, consistent with the prescribed significance level $\alpha =0.05$. The results indicate that the detector is capable of effectively identifying stealthy FDI attacks, thereby verifying the reliability of the detection mechanism.

5. Conclusions

In this study, a distributed Kalman filter was designed to address attack detection and state estimation problems in WSNs under stealthy FDI attacks. In designing the Kalman filter gain, the partial derivative of ${\mathsf{\Omega }}_{ii,k}^{+}$ was computed with respect to ${\overline{L}}_{i,k}$. The prior state estimation information from the filter was utilized to construct the ${\chi }^2$ detector for attack detection, and the ET mechanism was considered to conserve communication resources. The validity of the designed estimation algorithm was analyzed and confirmed by simulation. Although the proposed distributed estimation and detection framework demonstrates satisfactory performance in the simulations presented, several practical limitations warrant further investigation. First, with the increasing scale of WSNs comes increasing computation complexity. Next, the defense assumes complete model knowledge for attackers. Its robustness against adaptive attackers who can dynamically adjust strategies is not fully addressed. The distributed filter also entails computationally intensive real-time matrix operations, which may exceed the processing capability of resource-constrained sensors. Future work will explore lightweight filter structures, adaptive event-triggering mechanisms, and game-theoretic approaches to counter adaptive adversaries in large-scale deployments.