Guaranteed Performance Resilient Security Consensus Control for Nonlinear Networked Control Systems Under Asynchronous DoS Cyber Attacks and Applications on Multi-UAVs Networks

Abstract

This paper investigates the guaranteed performance resilient security consensus control of nonlinear networked control systems (NCSs) subject to asynchronous denial-of-service (DoS) cyber attacks, where the communication channel disruptions and recoveries occur randomly. The main works of this paper are outlined as follows: (1) a rigorous quantitative modeling of asynchronous DoS cyber attacks is formulated, leveraging connectivity analysis and the graph theory; (2) an innovative guaranteed performance function is introduced, which imposes constraints on the system’s convergence behavior while alleviating restrictions on initial tracking errors; (3) to address the challenge of estimating unmeasurable system states arising from the output-feedback scheme, a novel fuzzy state observer is devised; and (4) based on the aforementioned designs, a switching guaranteed performance resilient security consensus controller is proposed. This controller is tailored to the network connectivity characteristics of NCSs, ensuring resilient convergence of the system despite asynchronous DoS attacks. Notably, consensus tracking errors are maintained within predefined performance bounds. The experiment results of numerical simulation and hardware-in-the-loop simulation of multiple unmanned aerial vehicles (multi-UAVs) networks illustrate the effectiveness and practicality of proposed control scheme.

1. Introduction

Recently, owing to their profound practical significance and associated extensive engineering applications, networked control systems (NCSs), exemplified by distributed power grid systems and multi-UAV (unmanned aerial vehicle) networks, have garnered significant attention, with the development of wireless communication protocols, network architectures, distributed control and computation, and advanced real-time embedded systems. As a result, the NCS domain has witnessed a proliferation of groundbreaking theoretical methodologies and engineering application research outcomes. For example, Jafari et al. [1] proposed an intelligent adaptive control strategy for unmanned aerial systems using an artificial neural network, considering system uncertainties and external disturbances. To achieve the task of controlling collective behavior, Iudice et al. [2] proposed a pinning control scheme for networked dynamical systems, where the conditions guaranteeing that all the nodes in a given strongly connected component of the network achieve bounded convergence to the trajectory of the pinner are derived. Sun et al. [3] developed a disturbance rejection control framework for NCSs subject to large input and output delays using a subpredictor-based extended state observer. To achieve the output feedback tracking of NCSs, Mu et al. [4] investigated an output tracking predictive control strategy where two-channel random communication constraints are considered. To efficiently reduce unnecessary communication transmissions, Yu et al. [5] introduced a periodic event-triggered control protocol for NCSs subject to large transmission delays, in which the transmitted signal may arrive at the destination node after the next transmission occurs. For complex switching networks in power systems, Cui et al. [6] proposed an adaptive funnel synchronization control scheme with a prespecified funnel boundary to ensure that the output is maintained within prescribed constrained regions. To achieve the joint channel access and power control optimization in large-scale UAV networks, a hierarchical mean field game approach was constructed by Chen et al. [7], in which the fast optimization approach is presented for networks with limited computing capability. However, it is imperative to acknowledge that the aforementioned state-of-the-art consensus control design methodologies pertaining to NCSs are fundamentally grounded in the assumption of a secure communication environment, devoid of any cyber attacks. In practical engineering application, the NCSs are vulnerable to various kinds of risk factors such as DoS cyber attacks, posing significant threats to system security and stability. With the aim of mitigating the impact of DoS cyber attacks on communication networks, several research studies have been conducted recently. For instance, Wu et al. [8] proposed a sampled-data-based secure control approach for NCSs under random DoS cyber attacks, where the probability of attack occurrence and the resultant number of maximum allowable consecutive packet dropouts was successfully calculated. Wan et al. [9] proposed an event-triggered secure consensus control strategy for DC microgrids under DoS cyber attacks, with a Zeno-free event-triggered aperiodic communication strategy designed to relieve the communication burden of the controller. Considering hidden DoS cyber attacks, represented by strong concealment of attack behavior, Jiao et al. [10] developed an observed-mode-dependent nonfragile control scheme for NCSs, which can stabilize the system even if actual attack modes are unavailable. For switched nonlinear systems subject to DoS cyber attacks, Xie et al. [11] proposed a secure switching event-triggered adaptive out-feedback control method. Furthermore, Fan et al. [12] proposed a resilient cooperative optimization control method for fuzzy nonlinear multi-agent systems (MASs) subject to DoS cyber attacks. Despite the myriad of groundbreaking accomplishments achieved in both theoretical and practical realms within the domain of resilient security control, there remains a notable scarcity of pertinent findings pertaining to resilient security consensus strategies for nonlinear NCSs under the challenge of asynchronous DoS cyber attacks, which is the first inspiration of this paper.

On the other hand, the stability and collaborative performance of NCSs serve as critical criteria for assessing control effectiveness. In various practical applications, predefined transient performance and optimum steady-state tracking precision also raise many concerns. Considering this perspective, the effective enhancement of the system’s convergence performance represents a focal research topic within this field. Prescribed performance control (PPC) is an effective method to ensure the prescribed convergence performance, providing a novel design concept to guarantee the desired transient steady-state performance of the NCSs. In the field of prescribed performance consensus control, numerous representative results have been reported. Bu et al. [13] proposed a PPC methodology called fragility-avoidance PPC for waverider vehicles with sudden disturbances based on fuzzy neural approximation. For strict-feedback systems with mismatched uncertainties, Mao et al. [14] developed an adaptive fuzzy control technique to provide global prescribed performance with prescribed-time convergence. Considering integer-order nonlinear systems, an adaptive fractional backstepping control framework was designed by Li et al. [15] to achieve the prescribed performance convergence, which describes the convergence rate and largest overshoot of the output error into a unitary framework. Li et al. [16] investigated the reinforcement learning-based adaptive fuzzy optimization PPC problem for a third-order nonlinear vehicle platoon. With the aid of prescribed performance technique, the designed quadratic spacing errors can be ensured to remain within a preset region. To guarantee the flexible prescribed performance and low transmission burdens of strict-feedback systems, Li et al. [17] proposed a dual-channel event-triggered robust adaptive control strategy, where the triggering mechanism is considered for the control law and the parameter estimator simultaneously. It is worth noting that although the above-mentioned methodologies achieve the PPC objective effectively, all of the involved dynamics are only single-agent systems. Recently, there has also been some progress in the field of PPC for networked systems. To list a few relevant studies, Liu et al. [18] addressed the issue of decentralized adaptive event-triggered fault-tolerant synchronization tracking control for multiple unmanned aerial vehicles (UAVs) and unmanned ground vehicles (UGVs) with prescribed performance subject to actuator faults and external disturbances. Yu et al. [19] proposed a reinforcement learning-based fractional-order adaptive fault-tolerant formation control for networked UAVs with prescribed performance. For multiple QUAVs, Cui et al. [20] developed an event-triggered distributed fixed-time adaptive attitude control with prescribed performance. Chen et al. [21] proposed a human-in-the-loop consensus tracking control method for UAV systems via an improved prescribed performance approach. Moreover, for high-order nonlinear multiagent systems under directed communication topology and unknown control directions, Li et al. [22] constructed a prescribed performance global consensus tracking control method. In [23], the authors investigated the prescribed performance output-feedback cooperative control of multiagent systems with nonparametric uncertainties. However, the conventional PPC strategy, as advocated in the aforementioned literature, is inherently limited to NCSs or MASs operating within continuous and unperturbed communication networks. In scenarios where these networks are subjected to malicious attacks orchestrated by hackers or adversaries, leading to the disruption of communication links, the efficacy of control strategies is jeopardized, potentially culminating in the failure of these strategies and, ultimately, the collapse of the entire system. Therefore, the performance constrained resilient security consensus control is still worthy of further study and exploration, which is another inspiration of this work.

Inspired by the preceding discourse, this paper delves into the guaranteed performance resilient security consensus control for nonlinear networked control systems (NCSs) in the scenario of asynchronous DoS cyber attacks. Moreover, the practical applications of the constructed control framework are further investigated based on multi-UAV networks. The key contributions of this work can be summarized as follows:

• Different from state-of-the-art consensus tracking control schemes [24,25,26], which obtain the system states using sensor measurements, a more practical attack pattern-based fuzzy state observer strategy is proposed in this paper to effectively estimate the inaccessible system information under the output-feedback framework, even in the scenario of asynchronous DoS cyber attacks.
• Compared with existing prescribed performance consensus control methodologies [27,28], which impose stringent constraints on the initial system states, the constricted improved guaranteed performance consensus control framework, which significantly alleviates restrictions on initial conditions, is applied for the first time to an NCS suffering asynchronous DoS cyber attacks. Technically, a pioneering performance function is presented with the constrained error system eventually converted into the equivalent unconstrained counterpart, thereby rendering it inherently immune to initial consensus tracking errors. Further, a new barrier Lyapunov function embedded with the characteristics of DoS signals is built, based on which the consensus tracking accuracy and the settling time can be preset arbitrarily according to engineering requirements.
• Owing to the existence of DoS cyber attacks, the consensus strategy in [29,30] becomes inapplicable. To overcome this obstacle, a novel guaranteed performance resilient security consensus control scheme for nonlinear NCSs is proposed for the first time, where the resilient controller can be switched according to the attack patterns. Further, the sufficient conditions of resilient convergence of the NCSs are formulated by the linear matrix inequalities (LMIs) related to the DoS cyber attack strength parameters using the Lyapunov stability proof process.

2. Problem Formulation and Preliminaries

In this section, the considered security control problem is introduced. Then, the model of asynchronous DoS cyber attacks is presented. In addition, the basic graph theory and several useful mathematical lemmas are given.

2.1. Dynamical Model of Nonlinear NCSs

Consider a nonlinear networked control system (NCS) consisting of N follower agents, $i=1,2,\dots ,N$, and one leader agent. The $i\mathrm{th}$ follower is modeled by

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}\hfill {\dot{x}}_{i,m}\left(t\right)& =x_{i,m+1}\left(t\right)+f_{i,m}\left({\overline{x}}_{i,m}\left(t\right)\right)+d_{i,m}\left(t\right)\hfill \\ \hfill {\dot{x}}_{i,n_i}\left(t\right)& =u_i\left(t\right)+f_{i,n_i}\left({\overline{x}}_{i,n_i}\left(t\right)\right)+d_{i,n_i}\left(t\right)\hfill \\ \hfill y_i\left(t\right)& =x_{i,1}\left(t\right),m=1,2,\dots n_i-1\hfill \end{array}\right.\end{array}$$

(1)

where ${\overline{x}}_{i,m}={[x_{i,1},\dots ,x_{i,m}]}^{\top }\in {\mathbb{R}}^m$$(m\in {\mathbb{N}}_{1:n})$ represents the system state vector; $f_{i,m}\left({\overline{x}}_{i,m}\left(t\right)\right):$${\mathbb{R}}^m\to \mathbb{R}$ denotes the unknown continuous function; $d_{i,m}\left(t\right)$ represents the external disturbances satisfying $|d_{i,m}\left(t\right)|\le d_i$ where $d_i>0$ is an unknown constant; and $u_i\left(t\right)\in \mathbb{R}$ denotes the control input signal for the $i\mathrm{th}$ follower. In this paper, we consider the scenario that only the outputs of followers $y_i$ are available for control protocol design.

2.2. Basic Graph Theory

The topology of an NCS under asynchronous DoS attacks can be represented as a directed graph $\mathcal{G}=(\mathcal{V},\mathcal{E},\mathcal{A})$, in which $\mathcal{V}$ is the node set, $\mathcal{E}$ is the edge set, and $\mathcal{A}=\left\{a_{ij}\right\}\in {\mathbb{R}}^{N\times N}$ is the adjacency matrix that denotes the communication between nodes. If node ${\nu }_i$ has access to the information of node ${\nu }_j$ without attack, $a_{ij}>0$, else, $a_{ij}=0$. The Laplacian matrix is given by $\mathcal{L}=\mathcal{D}-\mathcal{A}$, where the indegree matrix $\mathcal{D}=diag\{d_1,\dots ,d_N\}$ with $d_i={\sum }_{j=1}^N{a}_{ij}$. The information exchange matrix is represented by $\overline{\mathcal{L}}=\mathcal{L}+\mathcal{B}$, where $\mathcal{B}=diag\{b_1,\dots ,b_N\}$ denotes the weight of the edge from leader to follower agent ${\nu }_i$.

2.3. Mathematical Preliminaries

Lemma 1.

[20]: For $x\in \mathbb{R}$, $y\in \mathbb{R}$, $p\in \mathbb{R}$, $q\in \mathbb{R}$, if $p>1$, $q>1$, and $(p-1)(q-1)=1$, then for any $a>0$, one has $xy\le {\displaystyle \frac{a^p}{p}}{\left|x\right|}^p+{\displaystyle \frac{1}{q{a}^q}}{\left|y\right|}^q$.

Lemma 2.

[23]: For unknown function $f\left(x\right)$ defined on a compact set Ω, there exists a fuzzy logic system (FLS) such that ${sup}_{x\in \mathrm{\Omega }}\left|f\left(x\right)-{\theta }^{*\top }\varphi \left(x\right)\right|\le \delta$, where ${\gamma }^{*}={[{\gamma }_1^{*},\dots ,{\gamma }_m^{*}]}^{\top }$ denotes the ideal weight vector with $m>1$ being the number of fuzzy rules. $\varphi \left(x\right)={[{\varphi }_1\left(x\right),\dots ,{\varphi }_m\left(x\right)]}^T/$${\sum }_{k=1}^m{\varphi }_k\left(x\right)$ is the fuzzy basis function, which is chosen as the Gaussian function ${\varphi }_k\left(x\right)=$$exp[-{(x-{\mu }_k)}^{\top }(x-{\mu }_k)/{\eta }_k^2]$, where ${\mu }_k={[{\mu }_{k,1},\dots ,{\mu }_{k,n}]}^{\top }$ and ${\eta }_k$ represent the center vector and width, respectively. Moreover, δ denotes the approximation error.

2.4. Asynchronous DoS Attacks

The data sensor of the $i\mathrm{th}$ agent measures the neighbors’ real-time output signals $y_j$, $j\in \mathcal{N}$. Due to the open communication environment, the network may be attacked by malicious adversaries or hackers. In this work, we consider the random occurrence of asynchronous DoS cyber attacks, which may disrupt communication transmissions within channels. In contrast to the security control strategies executed under synchronous DoS attacks or periodic DoS attacks in state-of-the-art works, we present a more general and practical resilient security control method, in which the asynchronous DoS attack pattern is considered, and  the disconnection and restoration of the communication channels is random. We define the set of resulting topologies as $\overline{\mathcal{G}}=\left\{{\mathcal{G}}_1,\dots ,{\mathcal{G}}_M\right\}$. Then, we have $\overline{\mathcal{G}}={\overline{\mathcal{G}}}_S\cup {\overline{\mathcal{G}}}_U$ and $\mathcal{P}={\mathcal{P}}_S\cup {\mathcal{P}}_U$, where ${\overline{\mathcal{G}}}_S$ and ${\overline{\mathcal{G}}}_U$ represent the sets of connected graphs and unconnected graphs, respectively. In addition, $\mathcal{P}={\mathcal{P}}_S\cup {\mathcal{P}}_U$ represents the set of all possible topology combinations, where ${\mathcal{P}}_S$ denotes the set of secure topologies and ${\mathcal{P}}_U$ denotes the set of topologies under attack.

We define $0<{\tau }_0<{\tau }_1<\dots <{\tau }_{M_{\sigma }(0,t)}$ as the attack topology switching instants, with $M_{\sigma }(0,t)$ being the number of switches during $(0,t)$. According to the above analysis, two types of DoS attacks can be summarized:

Definition 1.

Connectivity-Sustained DoS Attack: The network connectivity is sustained and there exists at least one directed spanning tree (see Figure 1a).

Definition 2.

Connectivity-Broken DoS Attack: The network connectivity is broken with no directed spanning tree among the network topology (see Figure 1b,c).

We set the activation duration of a specific topology ${\mathcal{G}}_s$, $s\in \mathcal{P}$ under asynchronous DoS attacks as ${\mathrm{\Xi }}_s[\tau ,t)$, which can be calculated by

$$\begin{array}{c}\hfill {\mathrm{\Xi }}_s[\tau ,t)=\left({\bigcup }_{\sigma \left({\tau }_l\right)=s}\left[{\tau }_l,{\tau }_{l+1}\right)\right)\bigcap \left[\tau ,t\right)\end{array}$$

(2)

where $\tau$ represents the initial time of the observation interval, ${\tau }_l$ denotes the specific time instant within the interval, and $\sigma \left({\tau }_l\right)$ represents the topology switching signal at time ${\tau }_l$, indicating the active topology during the DoS attack.

Moreover, from a practical point of view, the DoS attack strength is usually limited, which can be described by following assumptions:

Assumption 1.

(DoS Duration): There exist constants $T_U\ge 1$ and ${\rho }_U>0$ such that

$$\begin{array}{c}\hfill \left|{\overline{\mathrm{\Xi }}}_s(\tau ,t)\right|\le {\displaystyle \frac{t-\tau }{T_U}}+{\rho }_U,s\in {\mathcal{P}}_U,\end{array}$$

(3)

where $|{\overline{\mathrm{\Xi }}}_s(\tau ,t)|$, $s\in {\mathcal{P}}_U$ denotes the total period of the connectivity-broken DoS attack.

Assumption 2.

(DoS Frequency): There exist constants ${\tau }_U\ge 0$ and ${\eta }_U>0$ such that

$$\begin{array}{c}\hfill \left|{\overline{n}}_s(\tau ,t)\right|\le {\displaystyle \frac{t-\tau }{{\tau }_U}}+{\eta }_U,s\in {\mathcal{P}}_U,\end{array}$$

(4)

where $|{\overline{n}}_s(\tau ,t)|$, $s\in {\mathcal{P}}_U$ denotes the attack frequency, and $\tau \ge 0$, $t\ge 0$, with $\tau \ge t$.

Remark 1.

The above assumptions about the strength of DoS attack signals are obviously reasonable because the attack resources are limited in practical engineering control, which is the consensus in the field of attack-oriented security control. The constraints on DoS duration (3) and DoS frequency (4) are widely considered in resilient security control designs [9,11,12].

Control Objective: The control objective of this paper is to design a resilient security guaranteed performance control framework such that the distributed consensus of nonlinear NCSs (1) is achieved in spite of asynchronous DoS cyber attacks. Meanwhile, the consensus tracking errors are guaranteed to be restrained within the pre-designated performance bounds. The control design process is depicted in Figure 2.

3. Adaptive Guaranteed Performance Resilient Security Consensus Control Design

In this section, a novel guaranteed performance function is proposed, which relaxes the restriction on initial tracking errors. Moreover, a fuzzy state observer is designed to estimate the unavailable states of the network. Then, a fuzzy-adaptive guaranteed performance resilient security consensus control protocol is proposed.

3.1. An Improved Guaranteed Performance Function

Definition 3.

Performance Scalar Function: A continuous function ${\vartheta }_i\left(t\right)$ is called a performance scalar function if it satisfies the following properties:

(i) 

${\vartheta }_i\left(t\right)$ is at least second-order differentiable;

(ii) 

$0\le t\le T_p$, ${\vartheta }_i\left(t\right)$ is an increasing function with ${\vartheta }_i\left(T_p\right)=1/{\rho }_i$;

(iii) 

$T_p\le t\le +\infty$, ${\vartheta }_i\left(t\right)=1/{\rho }_i$ is a constant, where $0<{\rho }_i<1$ is a preassigned performance parameter, and $T_p$ denotes the prescribed settling time.

In this paper, the improved performance scalar function is designed as

$$\begin{array}{c}\hfill {\vartheta }_i\left(t\right)=\left\{\begin{array}{cc}{\displaystyle \frac{1}{\left(1-{\rho }_i\right){\left(\frac{T_p-t}{T_p}\right)}^{k_1}{e}^{-k_{2}t}+{\rho }_i}},\hfill & t<T_p\hfill \\ {\displaystyle \frac{1}{{\rho }_i}},\hfill & t\ge T_p\hfill \end{array}\right.\end{array}$$

(5)

where $k_1>0$ and $k_2>0$ are constants to adjust the decay rate.

In the following, we further design the guaranteed performance function based on the performance scalar function (5).

The guaranteed performance function is defined as

$$\begin{array}{c}\hfill {\zeta }_i\left(t\right)={\displaystyle \frac{\sqrt{{\eta }_i}}{\sqrt{{\vartheta }_i^2\left(t\right)-1}}},i=1,2,\dots ,N\end{array}$$

(6)

where ${\eta }_i>0$ is a design parameter. Moreover, taking the time derivative of ${\zeta }_i\left(t\right)$ yields that ${\dot{\zeta }}_i\left(t\right)=\sqrt{{\eta }_i}/\sqrt{{\vartheta }_i^2\left(t\right)-1}$. From (5), ${\vartheta }_i\left(t\right)$ is increasing; thus ${\zeta }_i\left(t\right)$, is a decreasing function from ${\zeta }_i\left(0\right)=+\infty$ to ${\zeta }_i\left(T_p\right)={\rho }_i\sqrt{{\eta }_i}/\sqrt{1-{\rho }_i^2}$.

The control objective is to develop a control protocol such that the local consensus errors of all followers is constrained within the performance bounds, i.e., $-{\zeta }_i\left(t\right)<e_i<{\zeta }_i\left(t\right)$, which implies that

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}-\infty <e_i<\infty ,\hfill & t=0\hfill \\ -{\displaystyle \frac{\sqrt{{\eta }_i}}{\sqrt{{\vartheta }_i^2\left(t\right)-1}}}<e_i<{\displaystyle \frac{\sqrt{{\eta }_i}}{\sqrt{{\vartheta }_i^2\left(t\right)-1}}},\hfill & 0<t<T_p\hfill \\ -{\displaystyle \frac{{\rho }_i\sqrt{{\eta }_i}}{\sqrt{1-{\rho }_i^2}}}<e_i<{\displaystyle \frac{{\rho }_i\sqrt{{\eta }_i}}{\sqrt{1-{\rho }_i^2}}},\hfill & t\ge T_p.\hfill \end{array}\right.\end{array}$$

(7)

Based on the guaranteed performance function (6), the following error transformation function is further introduced:

$$\begin{array}{c}\hfill {\xi }_i\left(e_i\right)={\displaystyle \frac{e_i}{\sqrt{e_i^2+{\eta }_i}}},i=1,2,\dots ,N\end{array}$$

(8)

which satisfies that ${\zeta }_i\left({\xi }_i\left(e_i\right)\right)=e_i$, i.e., ${\xi }_i\left(e_i\right)$ is the inverse function of ${\zeta }_i\left(t\right)$. According to (5) and (6), it can be derived that the objective $-{\zeta }_i\left(t\right)<e_i<{\zeta }_i\left(t\right)$ can be achieved by ensuring $-1/{\vartheta }_i\left(t\right)<{\xi }_i\left(e_i\right)<1/{\vartheta }_i\left(t\right)$.

Remark 2.

Compared with existing performance constrained control strategies [27,28], the proposed improved guaranteed performance function (6) is more advanced and practical from the perspective of convergence speed and relaxing initial condition. Concretely, (1) the decay rate of the performance function ${\vartheta }_i\left(t\right)$ can be adjusted by tuning the design parameters $k_1$ and $k_2$. The large $k_1$, small $k_2$, and small $T_p$ lead to fast convergence; and (2) the proposed guaranteed performance function relaxes the restriction on the initial consensus errors. ${\vartheta }_i\left(0\right)=1$ implies that ${\vartheta }_i\left(0\right)=+\infty$, which extends the initial boundary to the entire performance domain. Thus, the initial states of the system can be arbitrarily assigned without the need to satisfy initial performance constraints.

3.2. Fuzzy State Observer Design

Note that only the first-order state $x_{i,1}$ (i.e., output signal $y_i$) is accessible, and the others, i.e., $x_{i,m}$, $k=2,\dots ,n_i$, are unavailable. Thus, the network state information $x_{i,m}$, $k=2,\dots ,n_i$ cannot be directly used for control design. Given this consideration, a fuzzy state observer is designed to estimate $x_{i,m}$ under asynchronous DoS cyber attack conditions.

Based on the aforementioned discussions, the fuzzy state observer for the $i\mathrm{th}$ follower, $i=1,2,\dots ,N$ is designed as

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}\hfill {\dot{\widehat{x}}}_{i,m}& ={\widehat{x}}_{i,k+1}+{\widehat{\gamma }}_{i,m}^{\top }{\varphi }_{i,m}\left({\tau }_{i,m}\right)-{\ell }_{i,m}\left({\widehat{y}}_i-y_i\right)\hfill \\ \hfill {\dot{\widehat{x}}}_{i,n_i}& =u_i+{\widehat{\gamma }}_{i,n_i}^{\top }{\varphi }_{i,n_i}\left({\tau }_{i,n_i}\right)-{\ell }_{i,n_i}\left({\widehat{y}}_i-y_i\right)\hfill \\ \hfill {\widehat{y}}_i& ={\widehat{x}}_{i,1},m=1,2,\dots n_i\hfill \end{array}\right.\end{array}$$

(9)

where ${\widehat{\gamma }}_{i,m}$ is the estimation of the ideal fuzzy weight parameter vector ${\gamma }_{i,m}^{*}$, which satisfies that ${\hat{\gamma }}_{i,m}={\gamma }_{i,m}^{*}-{\tilde{\gamma }}_{i,m}$, with ${\tilde{\gamma }}_{i,m}$ being the estimated error, and ${\tau }_{i,m}={[x_{i,1},{\widehat{x}}_{i,2},\dots ,{\widehat{x}}_{i,m}]}^{\top }$.

The selection principle of the design parameters ${\ell }_{i,m}$, $k\in {\mathbb{N}}_{1:n_i}$ is given as follows.

Firstly, we define the observer gain matrix as

$$\begin{array}{c}\hfill A_i=\left[\begin{array}{ccc}-{\ell }_{i,1},& & \\ ⋮& I_{n-1}& \\ -{\ell }_{i,n_i}& \cdots & 0\end{array}\right],i=1,2,\dots ,N.\end{array}$$

(10)

If $t\in {\mathrm{\Xi }}_s(\tau ,t)$, $s\in {\mathcal{P}}_S$, i.e., the topology of the NCS (1) maintains connectivity under the asynchronous DoS attacks, then the gain matrix $A_i$ is selected to be Hurwitz, i.e., there exists a positive definite symmetric matrix $P_{S,i}$ such that $A_i^{\top }{P}_{S,i}+P_{S,i}{A}_i<-k_i^s{Q}_{S,i}$ for any positive definite symmetric matrix $Q_{S,i}$ and design parameter $k_i>0$, to be determined later. Conversely, if $t\in {\mathrm{\Xi }}_s(\tau ,t)$, $s\in {\mathcal{P}}_U$, i.e., the NCS (1) is suffering from connectivity-broken DoS attacks, then the gain matrix $-A_i$ is Hurwitz, i.e., there exists a positive definite symmetric matrix $P_{U,i}$ such that $A_i^{\top }{P}_{U,i}+P_{U,i}{A}_i<k_i^a{Q}_{U,i}$ for any positive definite symmetric matrix $Q_{U,i}$.

For the $i\mathrm{th}$ follower agent, the unknown function $f_{i,m}\left({\overline{x}}_{i,m}\right)$ is approximated by the following fuzzy logic system:

$$\begin{array}{cc}\hfill f_{i,m}\left({\overline{x}}_{i,m}\right)& ={\gamma }_{i,m}^{*\top }{\varphi }_{i,m}\left({\overline{x}}_{i,m}\right)+{\delta }_{i,m}={\gamma }_{i,m}^{*\top }{\varphi }_{i,m}\left({\tau }_{i,m}\right)+{\overline{\delta }}_{i,m}\hfill \end{array}$$

(11)

where ${\overline{\delta }}_{i,m}={\gamma }_{i,m}^{*\top }({\varphi }_{i,m}\left({\tau }_{i,m}\right)-{\varphi }_{i,m}\left({\overline{x}}_{i,m}\right))+{\delta }_{ik}$.

We define the fuzzy estimation error as ${\omega }_{i,m}=x_{i,m}-{\widehat{x}}_{i,m},i=1,2,\dots ,N$,where ${\omega }_{i,n_i+1}=0$. Then, the total observation error for the $i\mathrm{th}$ follower, $i=1,2,\dots ,N$, is defined as ${\omega }_i={[{\omega }_{i,1},\dots ,{\omega }_{i,n_i}]}^{\top }$. Considering both the cases of connection-sustained and connection-broken DoS cyber attacks, we choose the switching Lyapunov function as

$$\begin{array}{c}\hfill V_{i,0}=\left\{\begin{array}{cc}{\omega }_i^{s\top }{P}_{S,i}{\omega }_i^s,\hfill & t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S\hfill \\ {\omega }_i^{a\top }{P}_{U,i}{\omega }_i^a,\hfill & t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U.\hfill \end{array}\right.\end{array}$$

(12)

where ${\omega }_i^s$ represents the fuzzy estimation error associated with the secure state of the system, and ${\omega }_i^u$ represents the fuzzy estimation error associated with the attacked state of the system.

Invoking (1), (9), and (12), one has ${\dot{\omega }}_{i,m}={\omega }_{i,k+1}+{\tilde{\gamma }}_{i,m}^{\top }{\varphi }_{i,m}\left({\tau }_{i,m}\right)+d_{i,m}-{\ell }_{i,m}{\omega }_{i,1}+{\overline{\delta }}_{i,m}$, which leads to

$$\begin{array}{c}\hfill {\dot{V}}_{i,0}<\left\{\begin{array}{cc}-k_i^s{\omega }_i^{s\top }{Q}_{S,i}{\omega }_i^s+2{\omega }_i^{s\top }{P}_{S,i}\left({\mathrm{\Gamma }}_i^s+{\mathrm{\Sigma }}_i^s\right),\hfill & s\in {\mathcal{P}}_S\hfill \\ k_i^a{\omega }_i^{a\top }{Q}_{U,i}{\omega }_i^a+2{\omega }_i^{a\top }{P}_{U,i}\left({\mathrm{\Gamma }}_i^a+{\mathrm{\Sigma }}_i^a\right),\hfill & s\in {\mathcal{P}}_U\hfill \end{array}\right.\end{array}$$

(13)

where ${\mathrm{\Gamma }}_i={[{\mathrm{\Gamma }}_{i,1},{\mathrm{\Gamma }}_{i,2}\dots ,{\mathrm{\Gamma }}_{i,n_i}]}^{\top }$ with ${\mathrm{\Gamma }}_{i,m}={\tilde{\gamma }}_{i,m}^{\top }{\varphi }_{i,m}\left({\tau }_{i,m}\right)$, and ${\mathrm{\Sigma }}_i={[{\mathrm{\Sigma }}_{i,1},\dots ,{\mathrm{\Sigma }}_{i,n_i}]}^{\top }$ with ${\mathrm{\Sigma }}_{i,m}=d_{i,m}+{\overline{\delta }}_{i,m}$. From (13), the quadratic terms $-k_i^s{\omega }_i^{s\top }{Q}_{S,i}{\omega }_i^s$ and $k_i^a{\omega }_i^{a\top }{Q}_{U,i}{\omega }_i^a$ in ${\dot{V}}_{i,0}$ make the Lyapunov function decrease and increase when $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$, and $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, respectively. Therefore, there may exist resilient fluctuation of the system performance when the network is suffering from connectivity-broken DoS attacks. The resilience analysis of the system will be discussed in subsequent sections. By using Lemma 1 and noting ${\varphi }_{i,m}^{\top }\left({\tau }_{i,m}\right){\varphi }_{i,m}\left({\tau }_{i,m}\right)\le 1$, we can derive $2{\omega }_i^{s\top }{P}_i{\gamma }_i^s\le {\omega }_i^{s\top }{\omega }_i^s+{\parallel P_{i,S}\parallel }^2{\sum }_{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s$, and $2{\omega }_i^{s\top }{P}_{i,S}{\mathrm{\Sigma }}_i^s\le {\omega }_i^{s\top }{\omega }_i^s+{\parallel P_{i,S}\parallel }^2{\sum }_{m=1}^{n_i}{(d_{i,m}^s+{\overline{\delta }}_{i,m}^s)}^2$.

When $t\in {\mathrm{\Xi }}_s(\tau ,t)$, $s\in {\mathcal{P}}_S$, the network still maintains connectivity in spite of the DoS attack signals. Thus, it is concluded from (13) that

$$\begin{array}{cc}\hfill {\dot{V}}_{i,0}^s\le & -\left(k_i^s{\lambda }_{min}\left(Q_{S,i}\right)-2\right){\omega }_i^{s\top }{\omega }_i^s\hfill \\ \hfill & +\parallel P_{S,i}{\parallel }^2\sum _{M=1}^{n_i}{\left(d_{i,m}^s+{\overline{\delta }}_{i,m}^s\right)}^2+{\parallel P_{S,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s.\hfill \end{array}$$

(14)

When $t\in {\mathrm{\Xi }}_s(\tau ,t)$, $s\in {\mathcal{P}}_U$, the connectivity is broken by asynchronous DoS attacks, and it can be concluded from (13) that

$$\begin{array}{cc}\hfill {\dot{V}}_{i,0}^a\le & \left(k_i^a{\lambda }_{min}\left(Q_{U,i}\right)+2\right){\omega }_i^{a\top }{\omega }_i^a\hfill \\ \hfill & +\parallel P_{U,i}{\parallel }^2\sum _{m=1}^{n_i}{\left(d_{i,m}^a+{\overline{\delta }}_{i,m}^a\right)}^2+{\parallel P_{U,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{a\top }{\tilde{\gamma }}_{i,m}^a.\hfill \end{array}$$

(15)

Then, combining (14) and (15) yields

$$\begin{array}{c}\hfill {\dot{V}}_{i,0}\le \left\{\begin{array}{cc}-{\kappa }_{S,i}{\omega }_i^{s\top }{\omega }_i^s+{\parallel P_{S,i}\parallel }^2{\displaystyle \sum _{m=1}^{n_i}}\left({\varsigma }_{i,m}^{s2}+{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s\right),\hfill & s\in {\mathcal{P}}_S\hfill \\ {\kappa }_{U,i}{\omega }_i^{a\top }{\omega }_i^a+{\parallel P_{U,i}\parallel }^2{\displaystyle \sum _{m=1}^{n_i}}\left({\varsigma }_{i,m}^{u2}+{\tilde{\gamma }}_{i,m}^{a\top }{\tilde{\gamma }}_{i,m}^a\right), \hfill & s\in {\mathcal{P}}_U.\hfill \end{array}\right.\end{array}$$

(16)

where the observer parameter satisfies $-(k_i^s{\lambda }_{min}\left(Q_{S,i}\right)-2)<-{\kappa }_{S,i}$, and $(k_i^a{\lambda }_{min}\left(Q_{U,i}\right)+2)$$>{\kappa }_{U,i}$, and ${\varsigma }_{i,m}=d_{i,m}+{\overline{\delta }}_{i,m}$ is a positive constant.

3.3. Guaranteed Performance Resilient Security Controller Design

Information transmission within the communication channel is interrupted under DoS cyber attacks, which may lead to network collapse. Therefore, the existing common consensus design approaches are no longer valid in the face of malicious DoS cyber attacks. The attack compensator signal is introduced to reestablish the transmission of information during the DoS-active period using the latest successfully captured control signal, which is formulated as

$$\begin{array}{c}\hfill y_j^a=\left\{\begin{array}{cc}{y}_j\left(T_{ij,l}^{a-}\right),\hfill & t\in [T_{ij,l}^a,T_{ij,l}^s)\hfill \\ y_j\left(t\right),\hfill & t\in [T_{ij,l}^s,T_{ij,l+1}^a)\hfill \end{array}\right.\end{array}$$

(17)

where $T_{ij,l}^a$ and $T_{ij,l}^s$ represent the beginning instant and ending instant of the $l\mathrm{th}$ DoS attack active interval for the specific communication channel $(i,j)$.

To further achieve the demand of guaranteed performance convergence, we introduce the coordinate transformation as ${\overline{\xi }}_i\left(t\right)={\vartheta }_i\left(t\right){\xi }_i\left(e_i\right)$. Then, the performance-constrained consensus tracking error is defined as

$$\begin{array}{c}\hfill s_{i,m}=\left\{\begin{array}{c}{\displaystyle \frac{{\overline{\xi }}_i\left(t\right)}{\sqrt{1-{\overline{\xi }}_i^2\left(t\right)}}},m=1\hfill \\ {\widehat{x}}_{i,m}-{\beta }_{i,m},m=2,3,\dots ,n_i\hfill \end{array}\right.\end{array}$$

(18)

where the attack-oriented local consensus tracking error $e_i$ is given as $e_i={\sum }_{j=1}^N{a}_{ij}(y_i-y_j^a)+b_i(y_i-y_r^a)$. The update of the filter ${\beta }_{i,m}$ is driven by

$$\begin{array}{c}\hfill \left\{\begin{array}{c}{\dot{\beta }}_{i,m}\left(t\right)={\displaystyle \frac{-{\beta }_{i,m}\left(t\right)+{\alpha }_{i,m-1}\left(t\right)}{q_{i,m}}},m=2,3,\dots ,n_i\hfill \\ {\beta }_{i,m}\left(0\right)={\alpha }_{i,m-1}\left(0\right)\hfill \end{array}\right.\end{array}$$

(19)

where $q_{i,m}$ is a positive filter parameter, and ${\alpha }_{i,m-1}$ denotes the virtual control signal which will be determined later. Moreover, the filtering error is defined as ${\epsilon }_{i,m}={\beta }_{i,m}-{\alpha }_{i,m-1}$.

In the following, we will present the derivation process of the resilient security guaranteed performance controller step by step using the backstepping design method.

Step 1: By invoking (18), it can be deduced that

$$\begin{array}{c}\hfill {\dot{s}}_{i,1}={\displaystyle \frac{1+{\overline{\xi }}_i^2\left(t\right)}{{\left(1-{\overline{\xi }}_i^2\left(t\right)\right)}^2}}{\dot{\overline{\xi }}}_i\left(t\right)\stackrel{\mathrm{\Delta }}{=}{\zeta }_i^a\left({\overline{\xi }}_i\right){\dot{\overline{\xi }}}_i\left(t\right).\end{array}$$

(20)

From the definition of ${\overline{\xi }}_i\left(t\right)$, we have ${\dot{\overline{\xi }}}_i\left(t\right)={\dot{\vartheta }}_i\left(t\right){\xi }_i\left(e_i\right)+{\vartheta }_i\left(t\right){\dot{\xi }}_i\left(e_i\right)$. Then, by considering above-mentioned results, one can derive that

$$\begin{array}{c}\hfill {\dot{\xi }}_i\left(e_i\right)={\displaystyle \frac{{\eta }_i}{\sqrt{e_i^2+{\eta }_i}\left(e_i^2+{\eta }_i\right)}}{\dot{e}}_i\stackrel{\mathrm{\Delta }}{=}{\zeta }_i^b\left(e_i\right){\dot{e}}_i.\end{array}$$

(21)

The design process of the guaranteed performance resilient security consensus controller will be divided into two parts in light of the attack patterns.

When the network topology remains connected under asynchronous DoS attacks, i.e., $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$, noting that the compensation signal $y_j^a=y_j\left(T_{ij,l}^{a-}\right)$ is a constant during $[T_{ij,l}^a,T_{ij,l}^s)$, combining (1) and (20) leads to ${\dot{e}}_i^s=(d_i+b_i)({\omega }_{i,2}^s+s_{i,2}^s+{\epsilon }_{i,2}^s+{\alpha }_{i,1}^s+f_{i,1}^s\left({\overline{x}}_{i,1}\right)+d_{i,1}^s)$ $-{\sum }_{q\in {\mathcal{N}}_{i,s}^s}{a}_{iq}({\omega }_{q,2}^s+{\widehat{x}}_{q,2}^s+f_{q,1}^s\left({\overline{x}}_{q,1}\right)+d_{i,1}^s)-b_i{\dot{y}}_r^a$, with ${\mathcal{N}}_{i,s}$ being the neighbors of the $i\mathrm{th}$ follower where channel $(i,j)$ is not attacked, from which we further derive

$$\begin{array}{cc}\hfill {\dot{s}}_{i,1}^s=& {\varphi }_{i,1}^s[{\omega }_{i,2}^s+s_{i,2}^s+{\epsilon }_{i,2}^s+{\alpha }_{i,1}^s+f_{i,1}^s\left({\overline{x}}_{i,1}\right)-{\displaystyle \frac{b_i}{d_i+b_i}}{\dot{y}}_r^a+{\overline{d}}_{i,1}^s\hfill \\ \hfill & -\sum _{q\in {\mathcal{N}}_{i,s}}{\displaystyle \frac{a_{iq}}{d_i+b_i}}\left({\omega }_{q,2}^s+{\widehat{x}}_{q,2}^s+f_{q,1}^s\left({\overline{x}}_{q,1}\right)\right)]+{\varphi }_{i,2}^s\hfill \end{array}$$

(22)

where the functions ${\varphi }_{i,1}^s$, ${\varphi }_{i,1}^s$, and $d_{i,1}$ are given as ${\varphi }_{i,1}^s={\zeta }_i^a{\vartheta }_i\left(t\right){\zeta }_i^b(d_i+b_i)$, ${\varphi }_{i,2}^s={\zeta }_i^a{\dot{\vartheta }}_i\left(t\right){\xi }_i\left(e_i\right)$, and ${\overline{d}}_{i,1}^s=d_{i,1}^s-{\sum }_{q\in {\mathcal{N}}_{i,s}}{\displaystyle \frac{a_{iq}}{d_i+b_i}}{d}_{q,1}^s$. Moreover, the unknown nonlinear function is approximated by the fuzzy logic system, which will be illustrated in detail later.

We define the candidate Lyapunov function as $V_{i,1}^s=V_{i,0}^s+{\displaystyle \frac{1}{2}}{s}_{i,1}^{s2}+{\sum }_{m=0}^1{\displaystyle \frac{1}{2r_{i,m}^s}}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s$, where $r_{i,m}^s$ is a positive design parameter. According to Young’s inequality, it holds that $s_{i,1}^s{\varphi }_{i,1}^s({\omega }_{i,2}^s+{\epsilon }_{i,2}^s+{\delta }_{i,0}^s+{\delta }_{i,1}^s+{\overline{d}}_{i,1}^s-{\sum }_{q\in {\mathcal{N}}_{i,s}}{\displaystyle \frac{a_{iq}}{d_i+b_i}}{\omega }_{q,2}^s)$ $\le {\displaystyle \frac{5+|{\mathcal{N}}_{i,s}|}{2}}{s}_{i,1}^{s2}{\varphi }_{i,1}^{s2}+{\displaystyle \frac{1}{2}}({\omega }_{i,2}^{s2}+{\epsilon }_{i,2}^{s2}+{\mathrm{\Delta }}_{i,1}^{s2}+{\sum }_{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{s2})$, where ${\mathrm{\Delta }}_{i,1}^s={\delta }_{i,0}^{s2}+{\delta }_{i,1}^{s2}+{\overline{d}}_{i,1}^{s2}$, and $|{\mathcal{N}}_{i,s}|$ represents the number of followers that send state information to the $i\mathrm{th}$ follower while the communication channel $(i,j)$ is not under attack. Then, combining (11), (13), and (22) yields

$$\begin{array}{cc}\hfill {\dot{V}}_{i,1}^s& ={\dot{V}}_{i,0}^s+s_{i,1}^s\left[{\varphi }_{i,1}^s\right(s_{i,2}^s+{\displaystyle \frac{5+\left|{\mathcal{N}}_{i,s}\right|}{2}}{s}_{i,1}^s{\varphi }_{i,1}^s-{\displaystyle \frac{b_i}{d_i+b_i}}{\dot{y}}_r^a\hfill \\ \hfill & +{\alpha }_{i,1}^s-\sum _{q\in {\mathcal{N}}_{i,s}}{\displaystyle \frac{a_{iq}}{d_i+b_i}}{\widehat{x}}_{q,2}^s+\sum _{m=0}^1{\widehat{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right))+{\varphi }_{i,2}^s]\hfill \\ \hfill & +{\displaystyle \frac{1}{2}}\left({\omega }_{i,2}^{s2}+{\epsilon }_{i,2}^{s2}+{\mathrm{\Delta }}_{i,1}^{s2}+\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{ij}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{s2}\right)\hfill \\ \hfill & -\sum _{m=0}^1{\displaystyle \frac{1}{r_{i,m}^s}}{\tilde{\gamma }}_{i,m}^{s\top }\left({\dot{\widehat{\gamma }}}_{i,m}^s-r_{i,m}^s{s}_{i,1}^s{\varphi }_{i,1}^s{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)\right).\hfill \end{array}$$

(23)

The first-order virtual control signal is designed as

$$\begin{array}{cc}\hfill {\alpha }_{i,1}^s=& -{\displaystyle \frac{c_{i,1}^s{s}_{i,1}^s}{{\varphi }_{i,1}^s}}-\sum _{m=0}^1{\widehat{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\displaystyle \frac{5+\left|{\mathcal{N}}_{i,s}\right|}{2}}{s}_{i,1}^s{\varphi }_{i,1}^s\hfill \\ \hfill & +\sum _{q\in {\mathcal{N}}_{i,s}}{\displaystyle \frac{a_{iq}}{d_i+b_i}}{\widehat{x}}_{q,2}^s+{\displaystyle \frac{b_i}{d_i+b_i}}{\dot{y}}_r^a-{\displaystyle \frac{{\varphi }_{i,2}^s}{{\varphi }_{i,1}^s}},i=1,2,\dots ,N\hfill \end{array}$$

(24)

where $c_{i,1}^s$ is a positive design parameter.

Moreover, the fuzzy parameter adaptive law is designed as

$$\begin{array}{c}\hfill {\dot{\widehat{\gamma }}}_{i,m}^s=r_{i,m}^s{s}_{i,1}^s{\varphi }_{i,1}^s{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\sigma }_{i,m}^s{\widehat{\gamma }}_{i,m}^s,m=0,1\end{array}$$

(25)

where ${\sigma }_{i,m}^s$ is a positive design parameter.

Then, substituting (24) and (25) into (23), we have

$$\begin{array}{cc}\hfill {\dot{V}}_{i,1}^s\le & -{\kappa }_{S,i}{\omega }_i^{s\top }{\omega }_i^s+{\parallel P_{S,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s-c_{i,1}^s{s}_{i,1}^{s2}\hfill \\ \hfill & +\sum _{m=0}^1{\displaystyle \frac{{\sigma }_{i,m}^s}{r_{i,m}^s}}{\tilde{\gamma }}_{i,m}^{s\top }{\widehat{\gamma }}_{i,m}^s+s_{i,1}^s{\varphi }_{i,1}^s{s}_{i,2}^s+{\displaystyle \frac{1}{2}}{\epsilon }_{i,2}^{s2}+{\overline{\mathrm{\Delta }}}_{i,1}^s\hfill \\ \hfill & +{\displaystyle \frac{1}{2}}\left({\omega }_{i,2}^{s2}+\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{s2}\right)\hfill \end{array}$$

(26)

where ${\overline{\mathrm{\Delta }}}_{i,1}^s={\mathrm{\Delta }}_{i,1}^s+{\parallel P_{S,i}\parallel }^2{\sum }_{m=1}^{n_i}{\varsigma }_{i,m}^{s2}$.

When the network connectivity is disrupted by connectivity-broken DoS cyber attacks, i.e., $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, the control design process is similar to the case of connectivity-sustained DoS cyber attacks. The virtual control signal for $s\in {\mathcal{P}}_U$ is given by

$$\begin{array}{cc}\hfill {\alpha }_{i,1}^a=& {\displaystyle \frac{c_{i,1}^a{s}_{i,1}^a}{{\varphi }_{i,1}^a}}-\sum _{m=0}^1{\widehat{\gamma }}_{i,m}^{a\top }{\varphi }_{i,m}^a\left({\tau }_{i,m}^a\right)-{\displaystyle \frac{5+\left|{\mathcal{N}}_{i,s}\right|}{2}}{s}_{i,1}^a{\varphi }_{i,1}^a\hfill \\ \hfill & +\sum _{q\in {\mathcal{N}}_{i,s}}{\displaystyle \frac{a_{iq}}{d_i+b_i}}{\widehat{x}}_{q,2}^a+{\displaystyle \frac{b_i}{d_i+b_i}}{\dot{y}}_r^a-{\displaystyle \frac{{\varphi }_{i,2}^a}{{\varphi }_{i,1}^a}},i=1,2,\dots ,N.\hfill \end{array}$$

(27)

Using protocols (25) and (27) leads to

$$\begin{array}{cc}\hfill {\dot{V}}_{i,1}^a\le & {\kappa }_{U,i}{\omega }_i^{a\top }{\omega }_i^a+{\parallel P_{U,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{a\top }{\tilde{\gamma }}_{i,m}^a+c_{i,1}^a{s}_{i,1}^{a2}\hfill \\ \hfill & +\sum _{m=0}^1{\displaystyle \frac{{\sigma }_{i,m}^a}{r_{i,m}^a}}{\tilde{\gamma }}_{i,m}^{a\top }{\widehat{\gamma }}_{i,m}^a+s_{i,1}^a{\varphi }_{i,1}^a{s}_{i,2}^a+{\displaystyle \frac{1}{2}}{\epsilon }_{i,2}^{a2}+{\overline{\mathrm{\Delta }}}_{i,1}^a\hfill \\ \hfill & +{\displaystyle \frac{1}{2}}\left({\omega }_{i,2}^{a2}+\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{a2}\right)\hfill \end{array}$$

(28)

where ${\overline{\mathrm{\Delta }}}_{i,1}^a={\mathrm{\Delta }}_{i,1}^a+{\parallel P_{U,i}\parallel }^2{\sum }_{m=1}^{n_i}{\varsigma }_{i,m}^{a2}$.

Step m $(2\le m<n_i)$: When the network remains connected with $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$, the $m\mathrm{th}$ candidate Lyapunov function is chosen as

$$\begin{array}{c}\hfill V_{i,m}^s=V_{i,m-1}^s+{\displaystyle \frac{1}{2}}{s}_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{r}_{i,m}^s{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s\end{array}$$

(29)

where $r_{i,m}^s$ is a positive design parameter.

From the definition of $s_{i,m}$ in (18), the fuzzy observer (9), and the first-order filter (19), it holds that

$$\begin{array}{c}\hfill {\dot{s}}_{i,m}^s={\widehat{x}}_{i,m+1}^s+{\widehat{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\ell }_{i,m}^s\left({\widehat{y}}_i-y_i\right)-{\dot{\beta }}_{i,m}^s.\end{array}$$

(30)

Moreover, according to the definition of the filter, one has

$$\begin{array}{cc}\hfill {\dot{\epsilon }}_{i,m}^s& ={\displaystyle \frac{-{\beta }_{i,m}^s\left(t\right)+{\alpha }_{i,m-1}^s\left(t\right)}{q_{i,m}^s}}-{\dot{\alpha }}_{i,m-1}^s\left(t\right)=-{\displaystyle \frac{{\epsilon }_{i,m}^s}{q_{i,m}^s}}-D_{i,m}^s\hfill \end{array}$$

(31)

where $D_{i,m}^s$ is a continuous function bounded by $|D_{i,m}^s|\le {\overline{D}}_{i,m}^s$ on a compact set ${\mathrm{\Omega }}_{D_{i,m}}$.

Combining (29)–(31), it can be deduced that

$$\begin{array}{cc}\hfill {\dot{V}}_{i,m}^s=& {\dot{V}}_{i,m-1}^s-s_{i,m}^s{\tilde{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\displaystyle \frac{1}{q_{i,m}^s}}{\epsilon }_{i,m}^{s2}-D_{i,m}^s{\epsilon }_{i,m}^s+s_{i,m}^s\left(s_{i,m+1}^s\right.\hfill \\ \hfill & \left.+{\epsilon }_{i,m+1}^s+{\alpha }_{i,m}^s+{\widehat{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\ell }_{i,m}^s\left({\widehat{y}}_i-y_i\right)-{\dot{\beta }}_{i,m}^s\right)\hfill \\ \hfill & -{\displaystyle \frac{1}{r_{i,m}^s}}{\tilde{\gamma }}_{i,m}^{s\top }\left({\dot{\widehat{\gamma }}}_{i,m}^s-r_{i,m}^s{s}_{i,m}^s{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)\right).\hfill \end{array}$$

(32)

Using Young’s inequality, one has

$$\begin{array}{cc}\hfill s_{i,m}^s{\epsilon }_{i,m+1}^s& \le {\displaystyle \frac{s_{i,m}^{s2}}{2}}+{\displaystyle \frac{{\epsilon }_{i,m+1}^{s2}}{2}}\hfill \end{array}$$

(33)

$$\begin{array}{cc}\hfill s_{i,m}^s{\tilde{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)& \le {\displaystyle \frac{1}{2}}{s}_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s\hfill \end{array}$$

(34)

$$\begin{array}{cc}\hfill D_{i,m}^s{\epsilon }_{i,m}^s& \le {\displaystyle \frac{1}{2}}{\overline{D}}_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,m}^{s2}.\hfill \end{array}$$

(35)

Submitting (33)–(35) into (32), we have

$$\begin{array}{cc}\hfill {\dot{V}}_{i,m}^s\le & {\dot{V}}_{i,m-1}^s+{\displaystyle \frac{1}{2}}{s}_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s+{\displaystyle \frac{1}{2}}{s}_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,m+1}^{s2}+{\displaystyle \frac{1}{2}}{\overline{D}}_{i,m}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,m}^{s2}\hfill \\ \hfill & +s_{i,m}^s\left(s_{i,m+1}^s+{\alpha }_{i,m}^s+{\widehat{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\ell }_{i,m}^s\left({\widehat{y}}_i-y_i\right)-{\dot{\beta }}_{i,m}^s\right)\hfill \\ \hfill & -{\displaystyle \frac{{\epsilon }_{i,m}^{s2}}{q_{i,m}^s}}-{\displaystyle \frac{1}{r_{i,m}^s}}{\tilde{\gamma }}_{i,m}^{s\top }\left({\dot{\widehat{\gamma }}}_{i,m}^s-r_{i,m}^s{s}_{i,m}^s{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)\right).\hfill \end{array}$$

(36)

The $m\mathrm{th}$-order virtual control signal is designed as

$$\begin{array}{cc}\hfill {\alpha }_{i,m}^s=& -\left(c_{i,m}^s+1\right)s_{i,m}^s+{\ell }_{i,m}^s\left({\widehat{y}}_i-y_i\right)+{\dot{\beta }}_{i,m}^s-{\widehat{\gamma }}_{i,m}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-Q_{i,m}^s\hfill \end{array}$$

(37)

where $c_{i,m}^s$ is a positive design parameter, and

$$\begin{array}{c}\hfill Q_{i,m}^s=\left\{\begin{array}{cc}{s}_{i,1}^s{\varphi }_{i,1}^s,\hfill & m=2\hfill \\ s_{i,m-1}^s,\hfill & m=3,4\dots \hfill \end{array}\right.\end{array}$$

(38)

Moreover, the adaptive law of fuzzy parameter ${\widehat{\gamma }}_{i,m}^s$ is given as

$$\begin{array}{c}\hfill {\dot{\widehat{\gamma }}}_{i,m}^s=r_{i,m}^s{s}_{i,1}^s{\varphi }_{i,m}^s\left({\tau }_{i,m}^s\right)-{\sigma }_{i,m}^s{\widehat{\gamma }}_{i,m}^s,m=2,3,\dots \end{array}$$

(39)

where ${\sigma }_{i,m}$ is a positive constant.

Substituting (37)–(39) into (36), one can derive that

$$\begin{array}{cc}\hfill {\dot{V}}_{i,m}^s\le & -{\kappa }_{S,i}{\omega }_i^{s\top }{\omega }_i^s+{\parallel P_{S,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s+\sum _{r=0}^m{\displaystyle \frac{{\sigma }_{i,r}^s}{r_{i,r}^s}}{\tilde{\gamma }}_{i,r}^{s\top }{\widehat{\gamma }}_{i,r}^s\hfill \\ \hfill & +{\displaystyle \frac{{\epsilon }_{i,m+1}^{s2}}{2}}-\sum _{r=2}^m\left({\displaystyle \frac{1}{q_{i,r}^s}}-{\displaystyle \frac{1}{2}}\right){\epsilon }_{i,r}^{s2}-\sum _{r=1}^m{c}_{i,r}^s{s}_{i,r}^{s2}+s_{i,r}^s{s}_{i,m+1}^s\hfill \\ \hfill & +\sum _{r=2}^m{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,r}^{s\top }{\widehat{\gamma }}_{i,r}^s+{\displaystyle \frac{1}{2}}\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{s2}+{\overline{\mathrm{\Delta }}}_{i,m}^s.\hfill \end{array}$$

(40)

where the function ${\overline{\mathrm{\Delta }}}_{i,m}^s={\overline{\mathrm{\Delta }}}_{i,m-1}^s+{\displaystyle \frac{1}{2}}{\overline{D}}_{i,m}^{s2}$.

Accordingly, when the network becomes unconnected under asynchronous DoS cyber attack, where $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, the $m\mathrm{th}$-order virtual control signal is further given as

$$\begin{array}{cc}\hfill {\alpha }_{i,m}^a=& \left(c_{i,m}^a-1\right)s_{i,m}^a+{\ell }_{i,m}^a\left({\widehat{y}}_i-y_i\right)+{\dot{\beta }}_{i,m}^a-{\widehat{\gamma }}_{i,m}^{a\top }{\varphi }_{i,m}^a\left({\tau }_{i,m}^a\right)-Q_{i,m}^a\hfill \end{array}$$

(41)

Then, defining ${\overline{\mathrm{\Delta }}}_{i,m}^a={\overline{\mathrm{\Delta }}}_{i,m-1}^a+{\displaystyle \frac{1}{2}}{\overline{D}}_{i,m}^{a2}$ and using (39) and (41) leads to

$$\begin{array}{cc}\hfill {\dot{V}}_{i,m}^a\le & {\kappa }_{U,i}{\omega }_i^{a\top }{\omega }_i^a+{\parallel P_{U,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{a\top }{\tilde{\gamma }}_{i,m}^a+\sum _{r=0}^m{\displaystyle \frac{k_{i,r}^a}{r_{i,r}^a}}{\tilde{\gamma }}_{i,r}^{a\top }{\widehat{\gamma }}_{i,r}^a\hfill \\ \hfill & +{\displaystyle \frac{{\epsilon }_{i,m+1}^{a2}}{2}}-\sum _{r=2}^m\left({\displaystyle \frac{1}{q_{i,r}^a}}-{\displaystyle \frac{1}{2}}\right){\epsilon }_{i,r}^{a2}\sum _{r=1}^m{c}_{i,r}^a{s}_{i,r}^{a2}+s_{i,r}{s}_{i,m+1}^a\hfill \\ \hfill & +\sum _{r=2}^m{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,r}^{a\top }{\widehat{\gamma }}_{i,r}^a+{\displaystyle \frac{1}{2}}\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{a2}+{\overline{\mathrm{\Delta }}}_{i,m}^a\hfill \end{array}$$

(42)

Step $n_i$: Similarly, when the network remains connected under DoS cyber attack, where $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$, the $n_i\mathrm{th}$ candidate Lyapunov function is chosen as $V_{i,n_i}^s=V_{i,n_i-1}^s+{\displaystyle \frac{1}{2}}{s}_{i,n_i}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,n_i}^{s2}+{\displaystyle \frac{1}{2r_{i,n_i}^s}}{\tilde{\gamma }}_{i,n_i}^{s\top }{\tilde{\gamma }}_{i,n_i}^s$, with $r_{i,n_i}^s$ being a positive design parameter. Using Young’s inequality, it holds that $s_{i,n_i}^s{\tilde{\gamma }}_{i,n_i}^{s\top }{\varphi }_{i,n_i}^s\left({\tau }_{i,n_i}^s\right)\le {\displaystyle \frac{1}{2}}{s}_{i,n_i}^{s2}+{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,n_i}^{s\top }{\tilde{\gamma }}_{i,n_i}^s$ and $D_{i,n_i}^s{\epsilon }_{i,n_i}^s\le {\displaystyle \frac{1}{2}}{\overline{D}}_{i,n_i}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,n_i}^{s2}$, which implies

$$\begin{array}{cc}\hfill {\dot{V}}_{i,n_i}^s\le & {\dot{V}}_{i,n_i-1}^s+{\displaystyle \frac{1}{2}}{s}_{i,n_i}^{s2}+{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,n_i}^{s\top }{\tilde{\gamma }}_{i,n_i}^s+{\displaystyle \frac{1}{2}}{\overline{D}}_{i,n_i}^{s2}+{\displaystyle \frac{1}{2}}{\epsilon }_{i,n_i}^{s2}-{\displaystyle \frac{1}{q_{i,n_i}^s}}{\epsilon }_{i,n_i}^{s2}\hfill \\ \hfill & +s_{i,n_i}^s\left(u_i^s+{\widehat{\gamma }}_{i,n_i}^{s\top }{\varphi }_{i,n_i}^s\left({\tau }_{i,n_i}^s\right)-{\ell }_{i,n_i}^s\left({\widehat{y}}_i-y_i\right)-{\dot{\beta }}_{i,n_i}^s\right)\hfill \\ \hfill & -{\displaystyle \frac{1}{r_{i,n_i}^s}}{\tilde{\gamma }}_{i,n_i}^{s\top }\left({\dot{\widehat{\gamma }}}_{i,n_i}^s-r_{i,n_i}^s{s}_{i,n_i}^s{\varphi }_{i,n_i}^s\left({\tau }_{i,n_i}^s\right)\right).\hfill \end{array}$$

(43)

The guaranteed performance resilient security consensus controller of the $i\mathrm{th}$ follower for the case of connectivity-sustained DoS attacks with $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$ is designed as

$$\begin{array}{cc}\hfill u_i^s=& -\left(c_{i,n_i}^s+{\displaystyle \frac{1}{2}}\right)s_{i,n_i}^s+{\ell }_{i,n_i}^s\left({\widehat{y}}_i-y_i\right)\hfill \\ \hfill & +{\dot{\beta }}_{i,n_i}^s-{\widehat{\gamma }}_{i,n_i}^{s\top }{\varphi }_{i,m}^s\left({\tau }_{i,n_i}^s\right)-s_{i,n_i-1}^s\hfill \end{array}$$

(44)

where $c_{i,n_i}^s$ is a positive design parameter.

Accordingly, the adaptive law of fuzzy parameter ${\widehat{\gamma }}_{i,n_i}^s$ is given as

$$\begin{array}{c}\hfill {\dot{\widehat{\gamma }}}_{i,n_i}^s=r_{i,n_i}^s{s}_{i,1}^s{\varphi }_{i,n_i}^s\left({\tau }_{i,n_i}^s\right)-{\sigma }_{i,n_i}^s{\widehat{\gamma }}_{i,n_i}^s\end{array}$$

(45)

where ${\sigma }_{i,n_i}^s$ is a positive design parameter.

Substituting (44) and (45) into (43), we have

$$\begin{array}{cc}\hfill {\dot{V}}_{i,n_i}^s\le & -{\kappa }_{S,i}{\omega }_i^{s\top }{\omega }_i^s+{\parallel P_{S,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s+\sum _{r=0}^{n_i}{\displaystyle \frac{{\sigma }_{i,r}^s}{r_{i,r}^s}}{\tilde{\gamma }}_{i,r}^{s\top }{\widehat{\gamma }}_{i,r}^s\hfill \\ \hfill & -\sum _{r=2}^{n_i}\left({\displaystyle \frac{1}{q_{i,r}^s}}-{\displaystyle \frac{1}{2}}\right){\epsilon }_{i,r}^{s2}-\sum _{r=1}^{n_i}{c}_{i,r}^s{s}_{i,r}^{s2}+\sum _{r=2}^{n_i}{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,r}^{s\top }{\widehat{\gamma }}_{i,r}^s\hfill \\ \hfill & +{\overline{\mathrm{\Delta }}}_{i,n_i}^s+{\displaystyle \frac{1}{2}}\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{s2}\hfill \end{array}$$

(46)

where the function ${\overline{\mathrm{\Delta }}}_{i,n_i}^s={\overline{\mathrm{\Delta }}}_{i,n_i-1}^s+{\displaystyle \frac{1}{2}}{\overline{D}}_{i,n_i}^{s2}$.

When the network connectivity is disrupted by asynchronous DoS cyber attacks, where $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, the resilient security consensus controller is formulated as

$$\begin{array}{cc}\hfill u_i^a=& \left(c_{i,n_i}^a-{\displaystyle \frac{1}{2}}\right)s_{i,n_i}^a+{\ell }_{i,n_i}^a\left({\widehat{y}}_i-y_i\right)\hfill \\ \hfill & +{\dot{\beta }}_{i,n_i}^a-{\widehat{\gamma }}_{i,n_i}^{a\top }{\varphi }_{i,m}^a\left({\tau }_{i,n_i}^a\right)-s_{i,n_i-1}^a.\hfill \end{array}$$

(47)

Similarly, by executing (45) and (47), we can obtain the following Lyapunov derivative inequality for the case of $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$:

$$\begin{array}{cc}\hfill {\dot{V}}_{i,n_i}^a\le & {\kappa }_{U,i}{\omega }_i^{a\top }{\omega }_i^a+{\parallel P_{U,i}\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{a\top }{\tilde{\gamma }}_{i,m}^a+\sum _{r=0}^{n_i}{\displaystyle \frac{{\sigma }_{i,r}^a}{r_{i,r}^a}}{\tilde{\gamma }}_{i,r}^{a\top }{\widehat{\gamma }}_{i,r}^a\hfill \\ \hfill & -\sum _{r=2}^{n_i}\left({\displaystyle \frac{1}{q_{i,r}^a}}-{\displaystyle \frac{1}{2}}\right){\epsilon }_{i,r}^{a2}+\sum _{r=1}^{n_i}{c}_{i,r}^a{s}_{i,r}^{a2}+\sum _{r=2}^{n_i}{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,r}^{a\top }{\widehat{\gamma }}_{i,r}^a\hfill \\ \hfill & +{\overline{\mathrm{\Delta }}}_{i,n_i}^a+{\displaystyle \frac{1}{2}}\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2{\omega }_{q,2}^{a2}\hfill \end{array}$$

(48)

where the function ${\overline{\mathrm{\Delta }}}_{i,n_i}^a={\overline{\mathrm{\Delta }}}_{i,n_i-1}^a+{\displaystyle \frac{1}{2}}{\overline{D}}_{i,n_i}^{a2}$.

Remark 3.

It should be emphasized that $V_{i,1}$ is actually a barrier Lyapunov function due to the presence of the term ${\displaystyle \frac{1}{2}}{s}_{i,1}^2$ coupled with the performance-constrained consensus tracking error $s_{i,1}$. From (18), it holds that ${\displaystyle \frac{1}{2}}{s}_{i,1}^2={\overline{\xi }}_i^2\left(t\right)/2\left(1-{\overline{\xi }}_i^2\left(t\right)\right)$, which implies the transformed performance function ${\xi }_i\left(t\right)$ must be bounded by $-1/{\vartheta }_i\left(t\right)<{\xi }_i\left(e_i\right)<1/{\vartheta }_i\left(t\right)$, given that ${\overline{\xi }}_i\left(t\right)={\vartheta }_i\left(t\right){\xi }_i\left(e_i\right)$. Then, according to the equivalent transformation, we can derive that the performance function satisfies $-{\zeta }_i\left(t\right)<e_i<{\zeta }_i\left(t\right)$. Thus, the constructed Lyapunov candidate is a barrier Lyapunov function. Additionally, the barrier Lyapunov function is switched with the real-time attack pattern: when $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$, $V_{i,1}=V_{i,1}^s$, and when $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, $V_{i,1}=V_{i,1}^u$.

4. Network Resilient Stability Analysis

Theorem 1.

For NCSs (1) under the directed network topology graph $\mathcal{G}$, if the system evolution is driven by the fuzzy state observer (9), the attack pattern oriented resilient security consensus controllers (44) and (47), and the fuzzy parameter adaptive laws (25), (30), and (40), and there exist symmetric positive-definite matrices $P_{S,i}>0$, $P_{U,i}>0$, $i=1,\dots ,N$ such that the following inequalities hold:

$$\begin{array}{cc}\hfill P_{S,i}<\mu P_{U,i}& ,P_{U,i}<\mu S_{U,i}\hfill \end{array}$$

(49)

$$\begin{array}{cc}\hfill s\left(1-{\displaystyle \frac{1}{T_U}}\right)& >{\displaystyle \frac{a}{{\tau }_U}}+{\displaystyle \frac{ln\mu }{{\tau }_U}}\hfill \end{array}$$

(50)

$$\begin{array}{cc}\hfill \left[\begin{array}{ccc}{k}_i^s{Q}_{S,i}& *& *\\ P_{S,i}& -I& *\\ A_{i,s}^{\top }& 0& -I\end{array}\right]<0,& \left[\begin{array}{ccc}-k^a{Q}_{U,i}& *& *\\ P_{U,i}& -I& *\\ A_{i,a}^{\top }& 0& -I\end{array}\right]<0\hfill \end{array}$$

(51)

where $\mu =max\{(\left[{\lambda }_{max}\left(P_{U,i}\right)\right]/\left[{\lambda }_{min}\left(P_{S,i}\right)\right]),(\left[{\lambda }_{max}\left(P_{S,i}\right)\right]/\left[{\lambda }_{min}\left(P_{U,i}\right)\right])\}$, with ${\lambda }_{max}(·)$ and ${\lambda }_{min}(·)$ being the maximum and minimum eigenvalues of a matrix, then the following control objectives can be achieved in spite of asynchronous DoS cyber attacks:

(1) 

All the closed-loop control signals of the NCSs (1) are bounded;

(2) 

The consensus tracking error $e_i$ is always guaranteed to be limited in a prescribed performance bound in spite of asynchronous DoS cyber attacks, i.e., $-{\zeta }_i\left(t\right)<e_i<{\zeta }_i\left(t\right)$;

(3) 

The consensus tracking error $e_i$ eventually converges to a small constant domain within a predetermined settling time $T_p$, i.e., $-{\displaystyle \frac{{\rho }_i\sqrt{{\eta }_i}}{\sqrt{1-{\rho }_i^2}}}<e_i<{\displaystyle \frac{{\rho }_i\sqrt{{\eta }_i}}{\sqrt{1-{\rho }_i^2}}}$, when $t\ge T_p$.

Proof. 

Firstly, by using the Schur complement Lemma [15], we can derive that condition (51) is equivalent to the fuzzy adaptive observer gain conditions. Then, consider the composite Lyapunov function as

$$\begin{array}{c}\hfill V\left(t\right)=\sum _{i=1}^N{V}_{i,n_i}\left(t\right).\end{array}$$

(52)

When $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$, from (46), it is deduced that

$$\begin{array}{cc}\hfill {\dot{V}}^s\left(t\right)\le & \sum _{i=1}^N\left(\parallel P_{S,i}{\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s+\sum _{m=0}^{n_i}{\displaystyle \frac{{\sigma }_{i,m}^s}{r_{i,m}^s}}{\tilde{\gamma }}_{i,m}^{s\top }{\widehat{\gamma }}_{i,m}^s+\sum _{m=2}^{n_i}{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,m}^{s\top }{\widehat{\gamma }}_{i,m}^s\right)\hfill \\ \hfill & -\sum _{i=1}^N\left({\kappa }_{S,i}-{\displaystyle \frac{1}{2}}\sum _{q\in {\mathcal{N}}_{i,s}}{\left({\displaystyle \frac{a_{iq}}{d_i+b_i}}\right)}^2\right){∥{\omega }_i^s∥}^2+\sum _{i=1}^N{\overline{\mathrm{\Delta }}}_{i,n_i}^s\hfill \\ \hfill & -\sum _{i=1}^N\left(\sum _{m=2}^{n_i}\left({\displaystyle \frac{1}{q_{i,m}^s}}-{\displaystyle \frac{1}{2}}\right){\epsilon }_{i,m}^{s2}+\sum _{m=1}^{n_i}{c}_{i,m}^s{s}_{i,m}^{s2}\right).\hfill \end{array}$$

(53)

We choose the observer gain parameter ${\ell }_{i,m}$ such that ${\kappa }_{S,i}-{\displaystyle \frac{1}{2}}{\sum }_{j\in {\mathcal{N}}_{i,s}}{(a_{ij}/\left(d_i+b_i\right))}^2>0$. Then, by using ${\widehat{\gamma }}_{i,m}^s={\widehat{\gamma }}_{i,m}^s-{\tilde{\gamma }}_{i,m}^s$ and Young’s inequality, we have ${\sigma }_{i,m}^s/r_{i,m}^s{\tilde{\gamma }}_{i,m}^{s\top }{\widehat{\gamma }}_{i,m}^s\le {\sigma }_{i,m}^s/2r_{i,m}^s({\gamma }_{i,m}^{s\top }{\gamma }_{i,m}^s-{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s)$, which implies

$$\begin{array}{cc}\hfill & \parallel P_{S,i}{\parallel }^2\sum _{m=1}^{n_i}{\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s+\sum _{m=0}^{n_i}{\displaystyle \frac{{\sigma }_{i,m}^s}{r_{i,m}^s}}+\sum _{m=2}^{n_i}{\displaystyle \frac{1}{2}}{\tilde{\gamma }}_{i,m}^{s\top }{\widehat{\gamma }}_{i,m}^s\hfill \\ \hfill & \le \sum _{m=0}^{n_i}\left({\displaystyle \frac{{\sigma }_{i,m}^s}{2r_{i,m}^s}}{\gamma }_{i,m}^{s\top }{\gamma }_{i,m}^s-\left({\displaystyle \frac{{\sigma }_{i,m}^s}{2r_{i,m}^s}}-{\mathrm{\Phi }}_{i,m}^s\right){\tilde{\gamma }}_{i,m}^{s\top }{\tilde{\gamma }}_{i,m}^s\right)\hfill \end{array}$$

(54)

where the coefficient ${\mathrm{\Phi }}_{i,m}^s$ is determined by ${\mathrm{\Phi }}_{i,m}^s=0$ for $m=0$, ${\mathrm{\Phi }}_{i,m}^s={∥P_{S,i}∥}^2$ for $m=1$, and ${\mathrm{\Phi }}_{i,m}^s={∥P_{S,i}∥}^2+1/2$ for $m\ge 2$. In the following, we will present the selection principle of control parameters and derive the Lyapunov stability condition.

We define $s=({\kappa }_{S,i}-{\displaystyle \frac{1}{2}}{\sum }_{j\in {\mathcal{N}}_{i,s}}{({\displaystyle \frac{a_{ij}}{d_i+b_i}})}^2)/\lambda (P_{S,i})$. Then, the design parameters $q_{i,m}^s$, $c_{i,m}^s$, $r_{i,m}^s$, and ${\sigma }_{i,m}^s$ for $i\in {\mathbb{N}}_{1:N}$ and $m\in {\mathbb{N}}_{1:n_i}$ are chosen by

$$\begin{array}{c}\hfill \left\{\begin{array}{c}1-{\displaystyle \frac{2}{q_{i,m}^s}}<-s\hfill \\ -2c_{i,m}^s<-s\hfill \\ 2r_{i,m}^s{\mathrm{\Phi }}_{i,m}^s-{\sigma }_{i,m}^s<-s.\hfill \end{array}\right.\end{array}$$

(55)

Substituting (54) and (55) into (53) yields

$$\begin{array}{c}\hfill {\dot{V}}^s\left(t\right)\le -s{V}^s\left(t\right)+q_s\end{array}$$

(56)

where $q_s={\sum }_{i=1}^N({\overline{\mathrm{\Delta }}}_{i,n_i}^s+{\sum }_{m=0}^{n_i}{\displaystyle \frac{{\sigma }_{i,m}^s}{2r_{i,m}^s}}{\gamma }_{i,m}^{s\top }{\gamma }_{i,m}^s)$.

Similarly, when the network connectivity is broken, where $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, we define $a=({\kappa }_{U,i}+{\displaystyle \frac{1}{2}}{\sum }_{j\in {\mathcal{N}}_{i,s}}{({\displaystyle \frac{a_{ij}}{d_i+b_i}})}^2)/\lambda (P_{U,i})$, and for $i=1,\dots ,N$, $j=1,\dots ,n_i$. Then, the design parameters $q_{i,m}^a$, $c_{i,m}^a$, $r_{i,m}^a$, and ${\sigma }_{i,m}^a$ for $i\in {\mathbb{N}}_{1:N}$ and $m\in {\mathbb{N}}_{1:n_i}$ are chosen by

$$\begin{array}{c}\hfill \left\{\begin{array}{c}1-{\displaystyle \frac{2}{q_{i,m}^a}}<a\hfill \\ -2c_{i,m}^a<a\hfill \\ 2r_{i,m}^a{\mathrm{\Phi }}_{i,m}^a-{\sigma }_{i,m}^a<a.\hfill \end{array}\right.\end{array}$$

(57)

Furthermore, by selecting the coefficient ${\mathrm{\Phi }}_{i,m}^a$ to satisfy ${\mathrm{\Phi }}_{i,m}^a=0$ for $m=0$, ${\mathrm{\Phi }}_{i,m}^a={∥P_{U,i}∥}^2$ for $m=1$, and ${\mathrm{\Phi }}_{i,m}^a={∥P_{U,i}∥}^2+1/2$ for $m\ge 2$, one has

$$\begin{array}{c}\hfill {\dot{V}}^a\left(t\right)\le a{V}^a\left(t\right)+q_a\end{array}$$

(58)

where $q_a={\sum }_{i=1}^N({\overline{\mathrm{\Delta }}}_{i,n_i}^a+{\sum }_{m=0}^{n_i}{\displaystyle \frac{k_{i,m}}{2r_{i,m}}}{\gamma }_{i,m}^T{\gamma }_{i,m})$. From the perspective of Lyapunov stability,  (56) implies that the system is convergent when the network topology remains connected under asynchronous DoS cyber attack with the term $-s{V}^s\left(t\right)$, while (58) indicates that divergence of the ystem is possible under connectivity-broken DoS cyber attack with the term $a{V}^s\left(t\right)$. Next, we consider the global resilient stability of the system.

Combining (56) and (58), the evolution of the Lyapunov derivative $\dot{V}\left(t\right)$ can be further described as

$$\begin{array}{c}\hfill \dot{V}\left(t\right)=\left\{\begin{array}{cc}{\dot{V}}^s\left(t\right),\hfill & t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S\hfill \\ {\dot{V}}^a\left(t\right),\hfill & t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U.\hfill \end{array}\right.\end{array}$$

(59)

In the following, we will further analyze the resilient stability of the system based on (59). When an NCS (1) is subjected to a connectivity-broken asynchronous DoS cyber attacks, where $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$, it can be deduced that

$$\begin{array}{cc}\hfill V\left(t\right)& \le V\left(T_r^{b+}\right)e^{{\sigma }_r\left(t-T_r^b\right)}+\left(q_s+q_a\right){\int }_{T_r^b}^t{e}^{{\sigma }_r(t-\tau )}d\tau \hfill \\ \hfill & \le \mu V\left(T_r^{b-}\right)e^{{\sigma }_r\left(t-T_r^b\right)}+\left(q_s+q_a\right){\int }_{T_r^{\prime }}^t{e}^{{\sigma }_r(t-\tau )}d\tau \hfill \end{array}$$

(60)

where $[T_r^b,T_r^e)$ is the $r\mathrm{th}$ connectivity-broken interval; $T_r^{b-}$ and $T_r^{b+}$ are the left limit and right limit of $T_r^b$, respectively; and ${\sigma }_r$ is a constant associated with s or a.

For the $r\mathrm{th}$ connectivity-broken DoS cyber attack interval $[T_r^b,T_r^e)$, the following inequalities can be derived by using the recursive method:

$$\begin{array}{cc}\hfill V\left(t\right)\le & {\mu }^{n(0,t)}{e}^{{\sigma }_r\left(t-T_r^b\right)+\cdots +{\sigma }_0\left(T_1^b-0\right)}V\left(0\right)\hfill \\ \hfill & +\left(q_s+q_a\right){\int }_0^{T_1^b}{\mu }^{n\left(T_1^b,t\right)}{e}^{{\sigma }_m\left(t-T_m^b\right)+\cdots +{\sigma }_0\left(T_1^b-\tau \right)}d\tau \hfill \\ \hfill & +\left(q_s+q_a\right){\int }_{T_1^b}^{T_2^b}{\mu }^{n\left(T_2^b,t\right)}{e}^{{\sigma }_m\left(t-T_m^b\right)+\cdots +{\sigma }_0\left(T_2^b-\tau \right)}d\tau \hfill \\ \hfill & +\cdots +\left(q_s+q_a\right){\int }_{T_r^b}^t{e}^{{\sigma }_r(t-\tau )}d\tau .\hfill \end{array}$$

(61)

Moreover, from the definition of the connectivity-sustained interval ${\mathrm{\Xi }}_S(\tau ,t)$ and connectivity-broken interval ${\mathrm{\Xi }}_U(\tau ,t)$, the following inequalities hold:

$$\begin{array}{cc}\hfill V\left(t\right)& \le {\mu }^{n(0,t)}{e}^{-\left[s\left|{\mathrm{\Xi }}_S(0,t)\right|-u\left|{\mathrm{\Xi }}_U(0,t)\right|\right]}V\left(0\right)\hfill \\ \hfill & +\left(q_s+q_a\right){\int }_0^t{\mu }^{n\left(\tau ,t\right)}{e}^{-\left[s\left|{\mathrm{\Xi }}_S(\tau ,t)\right|-a\left|{\mathrm{\Xi }}_U(\tau ,t)\right|\right]}d\tau \hfill \\ \hfill & \le e^{-\left[s\left|{\mathrm{\Xi }}_S(0,t)\right|-a\left|{\mathrm{\Xi }}_U(0,t)\right|-n(0,t)ln\mu \right]}V\left(0\right)\hfill \\ \hfill & +\left(q_s+q_a\right){\int }_0^t{e}^{-\left[s\left|{\mathrm{\Xi }}_S(\tau ,t)\right|-a\left|{\mathrm{\Xi }}_U(\tau ,t)\right|-n(\tau ,t)ln\mu \right]}d\tau .\hfill \end{array}$$

(62)

According to Assumption 1, one has $|{\mathrm{\Xi }}_U(\tau ,t)|\le (t-\tau )/T_U+{\rho }_U$, and $|{\mathrm{\Xi }}_s(\tau ,t)|\ge (t-\tau )(1-1/T_U)-{\rho }_U$. Moreover, Assumption 2 satisfies that $n(\tau ,t)\le (t-\tau )/{\tau }_U+{\eta }_U$. Thus, (62) can be further presented as

$$\begin{array}{cc}\hfill V(t)& \le e^{-\left[s\left|{\mathrm{\Xi }}_S(0,t)\right|-a\left|{\mathrm{\Xi }}_U(0,t)\right|-n(0,t)ln\mu \right]}V(0)\hfill \\ \hfill & +\left(q_s+q_a\right){\int }_0^t{e}^{-\left[s\left|{\mathrm{\Xi }}_S(\tau ,t)\right|-a\left|{\mathrm{\Xi }}_U(\tau ,t)\right|-n(\tau ,t)ln\mu \right]}d\tau \hfill \\ \hfill & \le e^{-\left[s\left|(t-0)(1-{\displaystyle \frac{1}{T_U}})-{\rho }_U\right|-a\left|{\displaystyle \frac{t-0}{T_U}}+{\rho }_U\right|-\left({\displaystyle \frac{t-0}{{\tau }_U}}+{\eta }_U\right)ln\mu \right]}V(0)\hfill \\ \hfill & +\left(q_s+q_a\right){\int }_0^t{e}^{-\left[s\left|(t-\tau )(1-{\displaystyle \frac{1}{T_U}})-{\rho }_U\right|-a\left|{\displaystyle \frac{t-\tau }{T_U}}+{\rho }_U\right|-\left({\displaystyle \frac{t-\tau }{{\tau }_U}}+{\eta }_U\right)ln\mu \right]}d\tau \hfill \\ \hfill & =e^{-\left[s\left(1-{\displaystyle \frac{1}{T_U}}\right)-{\displaystyle \frac{a}{{\tau }_U}}-{\displaystyle \frac{ln\mu }{{\tau }_U}}\right]t+\tilde{\delta }\left(0,t\right)}V(0)\hfill \\ \hfill & +\left(q_s+q_a\right){\int }_0^t{e}^{-\left[s\left(1-{\displaystyle \frac{1}{T_U}}\right)-{\displaystyle \frac{a}{{\tau }_U}}-{\displaystyle \frac{ln\mu }{{\tau }_U}}\right]t+\tilde{\delta }\left(\tau ,t\right)}d\tau \hfill \end{array}$$

(63)

where $\tilde{\delta }(\tau ,t)$ is given as $\tilde{\delta }(\tau ,t)=s(\tau -{\displaystyle \frac{\tau }{T_U}}+{\rho }_U)-a({\displaystyle \frac{\tau }{{\tau }_U}}+{\rho }_U)+ln\mu ({\displaystyle \frac{\tau }{{\tau }_U}}+{\eta }_U)$.

Then, according to condition (50), we have

$$\begin{array}{c}\hfill s\left(1-{\displaystyle \frac{1}{T_U}}\right)-{\displaystyle \frac{a}{{\tau }_U}}-{\displaystyle \frac{ln\mu }{{\tau }_U}}>0\end{array}$$

(64)

which implies there exists a constant $\rho >0$ such that

$$\begin{array}{cc}\hfill V\left(t\right)& \le e^{\tilde{\delta }\left(0,t\right)}{e}^{-\rho t}V\left(0\right)+\left(q_s+q_a\right)e^{\tilde{\delta }\left(\tau ,t\right)}{\int }_0^t{e}^{-\rho \left(t-\tau \right)}d\tau \hfill \\ \hfill & \le e^{\tilde{\delta }\left(0,t\right)}{e}^{-\rho t}V\left(0\right)+{\displaystyle \frac{\left(q_s+q_a\right)e^{\tilde{\delta }\left(\tau ,t\right)}}{\rho }}.\hfill \end{array}$$

(65)

It should be noted that $\tilde{\delta }(\tau ,t)$ is only related to the initial time instant $\tau$, and is unconcerned with evolution time t. Therefore, $\tilde{\delta }(\tau ,t)$ is a constant once the initial instant $\tau$ is determined. In this sense, noting the form of the composite Lyapunov function (59), inequality (65) indicates that all the closed-loop signals ${\omega }_{i,m}$, $s_{i,m}$, ${\epsilon }_{i,m}$, and ${\tilde{\gamma }}_{i,m}$ are bounded for $i=1,\dots ,N$, $m=1,\dots ,n_i$. $s_{i,1}$ is bounded, which leads to the boundedness of $e_i$, and further indicates the boundedness of $x_{i,1}$ from $e_i={\sum }_{j=1}^N{a}_{ij}(y_i-y_j^a)+b_i(y_i-y_r^a)$. Recalling the fact that the observation error ${\omega }_{i,m}=x_{i,m}-{\widehat{x}}_{i,m}$, the estimated state ${\widehat{x}}_{i,m}$ is thus bounded. Similarly, the boundedness of ${\epsilon }_{i,m}$ and ${\tilde{\gamma }}_{i,m}$ lead to the boundedness of the filter signal ${\beta }_{i,m}$ and the adaptive parameter ${\gamma }_{i,m}$. Furthermore, repeating the above steps for $m=2,\dots ,n_i$, it is concluded that all the closed-loop signals are bounded.

From the above-mentioned boundedness analysis, all the closed-loop signals remain bounded throughout the entire time horizon. Based on this, the characteristic of guaranteed performance of the proposed control method is discussed. Revisiting the definition of $s_{i,m}$ given in (18), it is shown that the performance-constrained consensus tracking error $s_{i,1}\to \pm \infty$ when ${\overline{\xi }}_i\left(t\right)\to \pm 1$. Then, noting that $s_{i,1}$ is bounded, there must exist a positive constant ${\varpi }_i$ such that $\left|{\overline{\xi }}_i\left(t\right)\right|\le {\varpi }_i<1,\forall t\ge 0$.

Recalling the definition of ${\vartheta }_i\left(t\right)$, one has

$$\begin{array}{c}\hfill -{\displaystyle \frac{1}{{\vartheta }_i\left(t\right)}}<-{\displaystyle \frac{{\varpi }_i}{{\vartheta }_i\left(t\right)}}\le {\xi }_i\left(e_i\right)<{\displaystyle \frac{{\varpi }_i}{{\vartheta }_i\left(t\right)}}<{\displaystyle \frac{1}{{\vartheta }_i\left(t\right)}}.\end{array}$$

(66)

Then, noting ${\zeta }_i\left({\xi }_i\left(e_i\right)\right)=e_i$, (66) leads to $-{\zeta }_i\left(t\right)<e_i<{\zeta }_i\left(t\right)$, which implies that

$$\begin{array}{c}\hfill -{\displaystyle \frac{\sqrt{{\eta }_i}}{\sqrt{{\vartheta }_i^2\left(t\right)-1}}}<e_i<{\displaystyle \frac{\sqrt{{\eta }_i}}{\sqrt{{\vartheta }_i^2\left(t\right)-1}}}.\end{array}$$

(67)

Furthermore, when $t\ge T_p$, ${\vartheta }_i\left(t\right)={\displaystyle \frac{1}{{\rho }_i}}$, which indicates that

$$\begin{array}{c}\hfill -{\displaystyle \frac{{\rho }_i\sqrt{{\eta }_i}}{\sqrt{1-{\rho }_i^2}}}<e_i<{\displaystyle \frac{{\rho }_i\sqrt{{\eta }_i}}{\sqrt{1-{\rho }_i^2}}},t\ge T_p.\end{array}$$

(68)

According to [31], considering Lemma 1 for $\overline{y}={[y_1,\dots ,y_N]}^{\top }$ and ${\overline{y}}_r={[y_r,\dots ,y_r]}^{\top }$, the relationship between the local synchronization error and the actual tracking error is formulated as $\parallel \overline{y}-{\overline{y}}_r\parallel \le \parallel e\parallel /{\lambda }_{min}(\mathcal{L}+\mathcal{B})$. Thus. one has $|y_i-y_r|\le \parallel e\parallel /{\lambda }_{min}(\mathcal{L}+\mathcal{B})$, with $\mathcal{L}$ and $\mathcal{B}$ being the Laplacian matrix and leader–follower communication matrix of the network graph $\mathcal{G}$, respectively. Moreover, it is known that the conservative lower bound of ${\lambda }_{min}(\mathcal{L}+\mathcal{B})$ depends on the scale of the network N. Therefore, since the local tracking error $e_i$ is guaranteed to be bounded in the specified performance bounds, it is obtained that $y_i-y_r$ converges to a predefined range. This completes the proof of Theorem 1.    □

Remark 4.

Compared to existing distributed attack mitigation strategies, such as [32], we introduce an innovative security consensus strategy with guaranteed performance resilience (Algorithm 1). Furthermore, our research broadens the scope by incorporating unpredictable asynchronous DoS attacks, with time-varying network topology and possible multiple inoperative nodes. In this sense, the proposed scheme advances current methodologies by effectively addressing asynchronous attack challenges and providing a resilient control framework with guaranteed convergence performance.

Remark 5.

The computational complexity of the proposed control strategy can be measured from the following dimensions: (1) the complexity for state observation is $O(R·n)$, where R is the number of fuzzy rules and n is the dimension of the system states; (2) the complexity for error transformation is $O\left(m\right)$, where m is the dimension of the error system; (3) the complexity for control law design is given as $O\left(u\right)$, where u is the dimension of the control input; and (4) the complexity for solving the LMI is $O\left(p^3\right)$, where p is the dimension of the LMI, as it typically involves eigenvalue decomposition of matrices. Thus, the overall computational complexity of our method can be estimated as $O(R·n+m+u+p^3)$, which is of polynomial order complexity.

Remark 6.

Network resilience analysis: it should be emphasized that the possible divergence when ${\dot{V}}^a\left(t\right)\le a{V}^a\left(t\right)+q_a$ does not mean that the system is out of control for the followers without connectivity during the attack-active intervals. The divergence of the system is not growing at will, and the consensus tracking error can be still guaranteed to remain within the performance boundaries by appropriately selecting the control parameters satisfying the conditions, which ensures that the exponential term $s(1-1/T_U)-a/{\tau }_U-ln\mu /{\tau }_U$ remains positive. As for the global resilient stability, DoS cyber attacks result in an elevation in $V\left(t\right)$ (performance bounce). The attack strength boundary condition (50) ensures a decrease in the upper boundary of $V\left(t\right)$ (performance recovery). The Lyapunov function experiences an increase during the interval $[{\tau }_i,{\tau }_{i+1})$ for $i\in {\mathcal{P}}_U$, and a decrease for $i\in {\mathcal{P}}_S$. The constraints imposed on the strength of attacks serve to regulate the escalation of $V\left(t\right)$, ensuring that $V\left(t\right)\to 0$ over time. This is to say that the system may diverge at a specific attack interval (still within the performance boundary), but it maintains globally resilient stability across the entire time horizon. The evolution of $V\left(t\right)$ under connectivity-broken DoS attack is depicted in Figure 3.

Algorithm 1: Guaranteed performance resilient security consensus control algorithm for nonlinear NCSs under asynchronous DoS cyber attack.

1: Initialize: Network scale N; prescribed performance parameters ${\rho }_i$, $k_1$, $k_2$, ${\eta }_i$, and        $T_p$, for $i=1,2,\dots ,N$; DoS cyber attack strength parameters $T_U$, ${\rho }_U$, ${\tau }_U$, and ${\eta }_U$. 2: Estimation of unknown network states: 3: Derive ${\widehat{x}}_{i,m}$ by executing the fuzzy state observer (9); 4: Guaranteed performance resilient security consensus control: 5:  for$t=t_v$, $v\le v_T$ ($t_0=0$) 6:     Determine the network connectivity of ${\mathcal{G}}_s$ according to current DoS cyber attack pattern using depth-first search (DFS): 7:        for node $v_i$, $i=0$, $i\le N$ 8:           Visiting and mark all accessible neighbor nodes $v_j$, $j\in {\mathcal{N}}_i$; 9:              if there exists node not visited 10:                 Connectivity-broken DoS cyber attack; 11:              else if all the nodes are visited at least once 12:                 Connectivity-sustained DoS cyber attack; 13:              end if 14:              $i=i+1$, go to and repeat step 8; 15:        end for 16:     if $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_S$: 17:        Regulate the NCSs by using controller $u_i^s$ in (44); 18:     else if $t\in {\mathrm{\Xi }}_s(\tau ,t),s\in {\mathcal{P}}_U$: 19:        Regulate the NCSs by using resilient security controller $u_i^a$ in (47); 20:     end if 21:     Drive the fuzzy parameters update by adaptive law (25), (30), and (40); 22:     $v=v+1$, go to and repeat step 5; 23: end for

Remark 7.

Although the proposed method achieves a resilient security consensus for nonlinear NCSs, there are still several limitations that cannot be ignored: (1) The distributed resilient security control of NCSs, especially large scaled networks, relies on massive data transmission, which may lead to a heavy communication load; (2) various attack patterns, such as deception attacks, replay attacks, or composite attacks are not taken into account; and (3) the proposed methodology may only be applicable to other dynamics, such as switching systems or stochastic systems.

5. Simulation Results

In this section, several comparative experiments are presented to show the effectiveness and superiority of the proposed guaranteed performance resilient security consensus control scheme under asynchronous DoS cyber attacks.

5.1. Experiment I: Effectiveness Verification

This is a numerical simulation experiment aimed at verifying the effectiveness of the proposed guaranteed performance resilient security consensus control method. Consider the nonlinear NCSs depicted in Figure 4, which contains a leader (labeled 0) and four followers (labeled 1–4), which can be described as

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}\hfill {\dot{x}}_{i,1}\left(t\right)& =x_{i,2}\left(t\right)+f_{i,1}\left({\overline{x}}_{i,1}\left(t\right)\right)+d_{i,1}\left(t\right)\hfill \\ \hfill {\dot{x}}_{i,2}\left(t\right)& =u_i\left(t\right)+f_{i,2}\left({\overline{x}}_{i,2}\left(t\right)\right)+d_{i,2}\left(t\right)\hfill \\ \hfill y_i\left(t\right)& =x_{i,1}\left(t\right),i=1,2,3,4\hfill \end{array}\right.\end{array}$$

(69)

where the unknown nonlinear functions are given as $f_{i,1}\left({\overline{x}}_{i,1}\left(t\right)\right)=0.5x_{i,1}^{3}sin\left(1.5x_{i,1}\right)$ and $f_{i,2}\left({\overline{x}}_{i,2}\left(t\right)\right)=-0.6x_{i,1}{e}^{-x_{i,2}^2}+1.5x_{i,2}^3$, and $d_{i,1}\left(t\right)=e^{-0.8t}+sin\left(0.2t\right)$, $d_{i,2}\left(t\right)=cos\left(0.5t\right)$ are external time-varying disturbances. The control objective is to guarantee the prescribed transient consensus control performance of tracking errors within the predefined performance bounds under the developed resilient security control strategy in spite of asynchronous DoS cyber attacks.

The communication relationships between the leader and four followers are given as $\mathcal{B}=diag\{3,0,0,0\}$, and the initial network communication topology ${\mathcal{G}}_0$ is described by the following Laplacian matrix:

$$\begin{array}{c}\hfill \mathcal{A}=\left[\begin{array}{cccc}0& 0& 0& 0\\ 1& 0& 0& 0.5\\ 0& 0.6& 0& 0.8\\ 1& 0& 0& 0\end{array}\right].\end{array}$$

(70)

The output signal of the leader agent is chosen as $yr=0.5sin\left(1.5t\right)+0.5cos\left(0.5t\right)$. The simulation time horizon is set as $20\mathrm{s}$ with the sampling step length $\mathrm{\Delta }t=0.005$ s. The initial conditions of te system state are selected as: $x_{1,1}\left(0\right)=0.65$, $x_{1,2}\left(0\right)=0.2$, $x_{2,1}\left(0\right)=0.3$, $x_{2,2}\left(0\right)=0.2$, $x_{3,1}\left(0\right)=0.45$, $x_{3,2}\left(0\right)=0.2$, $x_{4,1}\left(0\right)=0.7$, $x_{4,2}\left(0\right)=0.2$, and $x_{5,1}\left(0\right)=0.2$. Moreover, the initial values of the fuzzy state observer are the same as those given for the system states. Assume that the NCS (86) is required to achieve the prescribed performance with the synchronization consensus error $|e_i\left(t\right)|\le 0.1$ within 5 s, which implies that the performance parameters are chosen as $T_p=5$ s, ${\rho }_i=0.1$, $k_1=0.7$, and $k_2=0.4$, and the guaranteed performance function is determined as

$$\begin{array}{c}\hfill {\vartheta }_i\left(t\right)=\left\{\begin{array}{cc}{\displaystyle \frac{1}{0.7{\left(\frac{5-t}{5}\right)}^{0.7}{e}^{-0.4t}+0.1}},\hfill & t<5 \mathrm{s}\hfill \\ 10,\hfill & t\ge 5 \mathrm{s}.\hfill \end{array}\right.\end{array}$$

(71)

The observer gain parameters are listed as ${\ell }_{i,1}=10$ and ${\ell }_{i,2}=5$, where $i=1,2,\dots ,5$. Assume that $Q_{S,i}=10I$, $Q_{U,i}=15I$; then, by solving the inequalities (51) using the MATLAB2024a YALIP toolbox, it is derived that

$$\begin{array}{c}\hfill P_{S,i}=\left[\begin{array}{cc}3.0& -5.0\\ -5.0& 10.6\end{array}\right],P_{U,i}=\left[\begin{array}{cc}4.5& -7.5\\ -7.5& 15.9\end{array}\right]\end{array}$$

(72)

which are obviously positive-definite, and the resilient conditions $A_{i,s}^{\top }{P}_{S,i}+P_{S,i}{A}_{i,s}<-k_i^s{Q}_{S,i}$ and $A_{i,a}^{\top }{P}_{U,i}+P_{U,i}{A}_{i,s}<k_i^a{Q}_{U,i}$ are satisfied.

As for the asynchronous DoS cyber attacks, communication interruptions in each transmission channel are random and independent. All resulted attack topology combinations are shown as Figure 3, where ${\mathcal{G}}_0$, ${\mathcal{G}}_1$, ${\mathcal{G}}_3$ are connectivity-broken, and ${\mathcal{G}}_2$ is connectivity-sustained. The attack parameters are set as $T_U=3.5$ s, ${\rho }_U=0.8$, ${\tau }_U=5$, and ${\eta }_U=2$, from which it is further calculated that $|{\overline{\mathrm{\Xi }}}_s(\tau ,t)|\le {\displaystyle \frac{t-\tau }{T_U}}+{\rho }_U=6.51$ s, and $|{\overline{n}}_s(\tau ,t)|\le {\displaystyle \frac{t-\tau }{{\tau }_U}}+{\eta }_U=6$. Based on the above attack strength conditions, the attack intervals are assumed to be ${\mathcal{G}}_0:[0\mathrm{s},4.2\mathrm{s}]\cup [5.3\mathrm{s},7.8\mathrm{s}]$, ${\mathcal{G}}_1:[8.2\mathrm{s},12.5\mathrm{s}]\cup [13.1\mathrm{s},15.5\mathrm{s}]$, ${\mathcal{G}}_2:[4.2\mathrm{s},5.3\mathrm{s}]\cup [7.8\mathrm{s},8.2\mathrm{s}]\cup [12.5\mathrm{s},13.1\mathrm{s}]\cup [15.5\mathrm{s},15.8\mathrm{s}]\cup [16.4\mathrm{s},17.2\mathrm{s}]$, and ${\mathcal{G}}_3:[15.8\mathrm{s},16.4\mathrm{s}]\cup [17.2\mathrm{s},20\mathrm{s}]$. Moreover, the resilient security consensus control parameters are listed in

Table 1. Design parameters of resilient security consensus control scheme in Experiment I.

${\mathit{c}}_{\mathit{i},1}^{\mathit{s}}$	${\mathit{c}}_{\mathit{i},1}^{\mathit{a}}$	${\mathit{c}}_{\mathit{i},2}^{\mathit{s}}$	${\mathit{c}}_{\mathit{i},2}^{\mathit{a}}$	${\mathit{r}}_{\mathit{i},0}^{\mathit{s}}$	${\mathit{r}}_{\mathit{i},0}^{\mathit{a}}$	${\mathit{r}}_{\mathit{i},1}^{\mathit{s}}$	${\mathit{r}}_{\mathit{i},1}^{\mathit{a}}$	${\mathit{r}}_{\mathit{i},2}^{\mathit{s}}$
0.5	0.3	2.2	1.6	0.8	0.5	0.7	0.7	0.4
$r_{i,2}^a$	$k_{i,0}^s$	$k_{i,0}^a$	$k_{i,1}^s$	$k_{i,1}^a$	$k_{i,2}^s$	$k_{i,2}^a$	$q_{i,1}$	$q_{i,2}$
0.2	3.5	4.5	2.5	2.7	1.4	1.8	5	5

.

In addition, the initial values of the fuzzy state observer are all chosen as zero, and the weight vector of FLSs are initialized as ${\widehat{\gamma }}_{i,m}\left(0\right)=col(\underset{50}{\underbrace{0.3\dots ,0.3}})$ for $i=1,2,\dots ,N$, $m=0,1,2$. The fuzzy membership function is selected as

$$\begin{array}{c}\hfill {\mu }_{G_i^l}\left({\omega }_i\right)=exp\left[-{\displaystyle \frac{{\left({\omega }_i+3-0.025l\right)}^2}{120}}\right].\end{array}$$

(73)

In order to more intuitively show the effectiveness of the proposed guaranteed performance control scheme, a comparison was made with the resilient security consensus control approach in [26] where the guaranteed performance is not taken into account. The simulation results are depicted in Figure 5, Figure 6, Figure 7 and Figure 8. As shown in Figure 5, the consensus tracking errors of every follower are convergent to the prescribed performance bounds under the proposed control scheme. In contrast, the consensus tracking errors may exceed the performance bounds under the method in [26] without considering the convergence performance. Thus, the effectiveness of the proposed guaranteed performance resilient security consensus control scheme is verified. Figure 6 gives the evolution of the fuzzy adaptive parameters ${\gamma }_{i,m}\left(t\right)$ of the designed adaptive law. Figure 7 shows the resilient security control input signals $u_i\left(t\right)$. The fuzzy approximation of unknown dynamics is shown in Figure 8, which illustrates the estimation ability of the FLS-based approximator, even under asynchronous DoS cyber attack.

5.2. Experiment II: Resilient Analysis

In this experiment, we are committed to illustrating the resilient convergence of NCSs under asynchronous DoS cyber attack by performing a comparison with the traditional fuzzy adaptive consensus tracking control strategy proposed in [15], where the DoS cyber attack is not taken into account.

Firstly, the system dynamics are given as (69) with $f_{i,1}\left({\overline{x}}_{i,1}\left(t\right)\right)=3.2x_{1,1}cos\left(0.3x_{1,1}\right)$, $f_{i,2}\left({\overline{x}}_{i,2}\left(t\right)\right)=-2.5cos\left(x_{1,2}\right)e^{-1.8t}-1.8x_{1,2}$, and $d_{i,1}\left(t\right)=e^{-0.2t}+cos\left(0.3t\right)$ and $d_{i,2}\left(t\right)=sin\left(0.6t\right)$. The leader–followers communication relationship $\mathcal{B}=diag\{3,0,0,0,0\}$, and the initial network communication topology ${\mathcal{G}}_0$, is the same as in Experiment I.

The output signal of the leader agent is chosen as $y_r\left(t\right)=2.5cos\left(1.5t\right)+1.5sin\left(0.5t\right)$. The simulation time is determined as $30 \mathrm{s}$ with a sampling step length of $\mathrm{\Delta }t=0.002$ s. The initial conditions of the system state are selected as: $x_{1,1}\left(0\right)=2.3$, $x_{1,2}\left(0\right)=2.2$, $x_{2,1}\left(0\right)=2.9$, $x_{2,2}\left(0\right)=1.2$, $x_{3,1}\left(0\right)=2.5$, $x_{3,2}\left(0\right)=3.3$, $x_{4,1}\left(0\right)=2.6$, and $x_{4,2}\left(0\right)=1.8$. The performance bounds are determined as $|e_i\left(t\right)|\le 0.5$ within 8 s, which implies that the performance parameters are chosen as $T_p=8$ s, ${\rho }_i=0.5$, $k_1=0.5$, and $k_2=0.5$, and the guaranteed performance function is determined as

$$\begin{array}{c}\hfill {\vartheta }_i\left(t\right)=\left\{\begin{array}{cc}{\displaystyle \frac{1}{0.5{\left(\frac{8-t}{8}\right)}^{0.5}{e}^{-0.5t}+0.5}},\hfill & t<8 \mathrm{s}\hfill \\ 2,\hfill & t\ge 8 \mathrm{s}.\hfill \end{array}\right.\end{array}$$

(74)

The attack parameters are set as $T_U=5.5$ s, ${\rho }_U=0.6$, ${\tau }_U=10$, and ${\eta }_U=5$, which implies that $|{\overline{\mathrm{\Xi }}}_s(\tau ,t)|\le {\displaystyle \frac{t-\tau }{T_U}}+{\rho }_U=4.24$ s, $|{\overline{n}}_s(\tau ,t)|\le {\displaystyle \frac{t-\tau }{{\tau }_U}}+{\eta }_U=8$. Based on the above attack strength conditions, the attack intervals are assumed to be: ${\mathcal{G}}_0:[0\mathrm{s},2.5\mathrm{s}]\cup [4.2\mathrm{s},7.1\mathrm{s}]\cup [8.8\mathrm{s},11.3\mathrm{s}]$, ${\mathcal{G}}_1:[12.5\mathrm{s},15.2\mathrm{s}]\cup [15.9\mathrm{s},18.3\mathrm{s}]$, ${\mathcal{G}}_2:[2.5\mathrm{s},4.2\mathrm{s}]\cup [7.1\mathrm{s},8.8\mathrm{s}]\cup [11.3\mathrm{s},12.5\mathrm{s}]\cup [15.2\mathrm{s},15.9\mathrm{s}]\cup [18.3\mathrm{s},20.6\mathrm{s}]\cup [24.1\mathrm{s},26.2\mathrm{s}]\cup [28.3\mathrm{s},28.8\mathrm{s}]$, and ${\mathcal{G}}_3:[20.6\mathrm{s},24.1\mathrm{s}]\cup [26.2\mathrm{s},28.3\mathrm{s}]$$\cup [28.8\mathrm{s},30\mathrm{s}]$. The resilient security control parameters are also selected as in Table 1. Moreover, the FLSs parameters are chosen to be the same as in Experiment 1.

The comparative simulation results are given in Figure 9 and Figure 10. As depicted in Figure 9, the consensus tracking errors are always constrained within the prescribed performance function under the proposed resilient security control scheme. Conversely, guaranteed performance convergence cannot by achieved by using the traditional adaptive consensus controller presented in [15]. Figure 10 shows the control input signals of proposed method and the approach in [15], which also illustrates the effectiveness of the designed resilient security control protocol under asynchronous DoS cyber attacks. The resilient recovery guarantees that the consensus tracking errors converge when the DoS signal is inactive.

5.3. Experiment III: Practical Application

To further verify the effectiveness of the proposed approach in practical engineering applications, a hardware-in-the-loop simulation of a multi-UAV network is conducted. The network consists of four follower UAVs (labeled 1–4) and one leader UAV (labeled 0). The resultant communication topology and UAV simulation experimental platform are depicted in Figure 11 and Figure 12. The experimental validation is carried out based on the UAVs simulation experimental platform. Using Simulink modeling and MATLAB programming, the designed resilient security control protocol is implemented. Then, the control signals are converted into C language codes that can be downloaded via Pixhawk. Pixhawk is responsible for executing the developed control algorithm and sending the generated pulsewidth modulation (PWM) signals to the real-time simulator, while the network flight situation is presented in the flight visualization modules.

The system dynamic of each UAV among the network is formulated as:

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}& {\dot{x}}_i=V_{i}cos{\theta }_{i}cos{\varphi }_i\hfill \\ & {\dot{y}}_i=V_{i}cos{\theta }_{i}sin{\varphi }_i\hfill \\ & {\dot{z}}_i=V_{i}sin{\theta }_i\hfill \\ & {\dot{V}}_i=\left(T_i-D_i\right)/m_i-gsin{\theta }_i\hfill \\ & {\dot{\theta }}_i=-{\displaystyle \frac{gcos{\theta }_i}{V_i}}+{\displaystyle \frac{a_{\theta i}}{V_i}}\hfill \\ & {\dot{\varphi }}_i={\displaystyle \frac{a_{\varphi i}}{V_{i}cos{\theta }_i}},i=1,2,\dots ,N\hfill \end{array}\right.\end{array}$$

(75)

where $p_i={\left[x_i,y_i,z_i\right]}^{\top }$ and $V_i$ are the position vector and velocity value, respectively. The control input signals are represented $a_{Ti}=\left(T_i-D_i\right)/m_i$, $a_{\varphi i}=L_{i}sin{\varphi }_i/m_i$, $a_{\theta i}=L_{i}cos{\varphi }_i/m_i$ where $T_i$, $D_i$, $L_i$ are thrust, drag force and lift, and ${\theta }_i$ and ${\varphi }_i$ are the flight path angle and heading angle. Based on the above discussions, the velocity vector is $v_i={[v_{xi},v_{yi},v_{zi}]}^{\mathrm{T}}$, where $v_{xi}=V_{i}cos{\theta }_{i}cos{\varphi }_i$, $v_{yi}=V_{i}cos{\theta }_{i}sin{\varphi }_i$, and $v_{zi}=V_{i}sin{\theta }_i$.

Then, dynamic (75) can be further expressed as

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}& {\dot{p}}_i=v_i\hfill \\ & {\dot{v}}_i=R_i{u}_i+G_{i}i=1,2,\dots ,N\hfill \end{array}\right.\end{array}$$

(76)

where the system matrix $R_i=\left[\begin{array}{ccc}cos{\varphi }_{i}cos{\theta }_i& -sin{\varphi }_i& -sin{\theta }_{i}cos{\varphi }_i\\ sin{\varphi }_{i}cos{\theta }_i& cos{\varphi }_i& -sin{\varphi }_{i}sin{\theta }_i\\ sin{\theta }_i& 0& cos{\theta }_i\end{array}\right]$, $G_i={[0,0,-g]}^{\mathrm{T}}$ and the input vector $u_i=[a_{Ti},a_{\varphi i},$ $a_{\theta i}{]}^{\mathrm{T}}$.

The communication relationships between the leader and followers are given as $\mathcal{B}=diag\{3,0,2,0\}$, and the initial network communication topology ${\mathcal{G}}_0$ is described by following Laplacian matrix: $\mathcal{A}=[0000;1000;0.80.600;0100]$. The reference flight trajectory can be derived according to following leader dynamics:

$$\begin{array}{c}\hfill \left\{\begin{array}{cc}& {\dot{x}}_r=V_{r}cos{\theta }_{r}cos{\varphi }_r\hfill \\ & {\dot{y}}_r=V_{r}cos{\theta }_{r}sin{\varphi }_r\hfill \\ & {\dot{z}}_r=V_{r}sin{\theta }_r.\hfill \end{array}\right.\end{array}$$

(77)

where the reference velocity, flight path angle, and heading angle signals of the leader are given as $V_r\left(t\right)=10 \mathrm{m}/\mathrm{s}$ when $t\le 4 \mathrm{s}$, $V_r\left(30\right)=20 \mathrm{m}/\mathrm{s}$ with the transfer function $T\left(s\right)={\displaystyle \frac{1}{17s+1}}$, ${\theta }_r\left(t\right)=0 \mathrm{rad}$ when $t\le 4 \mathrm{s}$, ${\theta }_r\left(6\right)=-\pi /6 \mathrm{rad}$ with the transfer function $T\left(s\right)={\displaystyle \frac{1}{5s+1}}$, ${\theta }_r\left(10\right)=-\pi /6 \mathrm{rad}$ with the transfer function $T\left(s\right)={\displaystyle \frac{1}{2s+1}}$, ${\theta }_r\left(30\right)=0 \mathrm{rad}$ with the transfer function $T\left(s\right)={\displaystyle \frac{1}{2s+1}}$, and ${\varphi }_r\left(t\right)=0 \mathrm{rad}$ when $0 \mathrm{s}\le \mathrm{t}\le 30 \mathrm{s}$, which implies that the formation is desired to perform a diving motion.

With regard to the formation scenario, in the initial stage before flight, the formation has not yet been established, and all UAVs can be positioned anywhere in space. As time progresses, driven by the designed resilient security control scheme, the UAVs will gradually stabilize and eventually converge to a desired formation state, i.e., the formation tracking error $e_{pi}={\sum }_{j=1}^N{a}_{ij}(p_i-p_j)+b_i(p_i-p_r)$ will converge within a small region given as $e_{pi}\le \sqrt{2\left(q_s+q_a\right)e^{\tilde{\delta }\left(\tau ,t\right)}/\rho }$ by executing the proposed consensus control algorithm.

Part I: Scenario of only one inoperative UAV under attack. The initial state values of each UAV, their physical parameters, and the attack strength parameters are chosen as given in

Table 2. Initial states, physical parameters, and attack strength parameters in Experiment III.

Initial state values of the network
$V_i\left(0\right)$	${\theta }_i\left(0\right)$	${\varphi }_i\left(0\right)$	$p_{10}$	$p_{20}$	$p_{30}$	$p_{40}$
10 m/s	0 rad	0 rad	${[5\mathrm{m},5\mathrm{m},606\mathrm{m}]}^{\mathrm{T}}$	${[-36\mathrm{m},-33\mathrm{m},606\mathrm{m}]}^{\mathrm{T}}$	${[-25\mathrm{m},27\mathrm{m},596\mathrm{m}]}^{\mathrm{T}}$	${[-56\mathrm{m},-26\mathrm{m},595\mathrm{m}]}^{\mathrm{T}}$
Physical parameters of UAV system
$m_1$	$m_2$	$m_3$	$m_4$	g	$\mathrm{\Delta }t$	${\gamma }_i$
$20.64$ kg	$27.35$ kg	$25.09$ kg	$32.25$ kg	$9.8\mathrm{m}/{\mathrm{s}}^2$	$0.001$ s	3
Attack strength parameters
h	$T_U$	${\rho }_U$	${\tau }_U$	${\eta }_U$	${\overline{\mathrm{\Xi }}}_U^{min}$	${\overline{n}}_U^{min}$
0.001 s	3 s	6.2	5	2	16.2 s	8

. According to the presented attack strength parameters, we have $|{\overline{\mathrm{\Xi }}}_s(\tau ,t)|\le {\displaystyle \frac{t-\tau }{T_U}}+{\rho }_U=16.20$ s, and $|{\overline{n}}_s(\tau ,t)|\le {\displaystyle \frac{t-\tau }{{\tau }_U}}+{\eta }_U=8$. Based on the above attack strength conditions, the attack intervals are assumed to be: ${\mathcal{G}}_0$ (initial topology): $[0\mathrm{s},3.7\mathrm{s}]\cup [5.5\mathrm{s},9.2\mathrm{s}]\cup [11.4\mathrm{s},17,3\mathrm{s}]$; ${\mathcal{G}}_1$ (connectivity-sustained DoS): $[19.2\mathrm{s},24.5\mathrm{s}]\cup [25.6\mathrm{s},30\mathrm{s}]$; and ${\mathcal{G}}_2$ (connectivity-broken DoS): $[3.7\mathrm{s},5.5\mathrm{s}]\cup [9.2\mathrm{s},11.4\mathrm{s}]\cup [17.3\mathrm{s},19.2\mathrm{s}]\cup [24.5\mathrm{s},25.6\mathrm{s}]$. The resilient security control parameters are presented in

Table 3. Design parameters of resilient security consensus control scheme in Experiment III.

${\mathit{c}}_{\mathit{i},1}^{\mathit{s}}$	${\mathit{c}}_{\mathit{i},1}^{\mathit{a}}$	${\mathit{c}}_{\mathit{i},2}^{\mathit{s}}$	${\mathit{c}}_{\mathit{i},2}^{\mathit{a}}$	${\mathit{r}}_{\mathit{i},0}^{\mathit{s}}$	${\mathit{r}}_{\mathit{i},0}^{\mathit{a}}$	${\mathit{r}}_{\mathit{i},1}^{\mathit{s}}$	${\mathit{r}}_{\mathit{i},1}^{\mathit{a}}$	${\mathit{r}}_{\mathit{i},2}^{\mathit{s}}$
0.8	0.7	3.3	3.9	0.7	0.7	0.4	0.4	0.6
$r_{i,2}^a$	$k_{i,0}^s$	$k_{i,0}^a$	$k_{i,1}^s$	$k_{i,1}^a$	$k_{i,2}^s$	$k_{i,2}^a$	$q_{i,1}$	$q_{i,2}$
0.6	6.5	6.5	7.2	7.2	5.5	3.5	8	8

. As for the guaranteed performance control objective, the parameter selections relating to the performance function for the UAVs’ flight states $V_i$, ${\theta }_i$, and ${\varphi }_i$ are set as ${\eta }_{vi}=5$, $T_{p,vi}=8$ s, ${\eta }_{\theta i}=0.3$, $T_{p,\theta i}=8$ s, and ${\eta }_{\varphi i}=0.03$, $T_{p,\varphi i}=8$ s, respectively. Obviously, the network maintains connectivity under attack pattern one (${\mathcal{G}}_1$), and the connectivity is broken under attack pattern two (${\mathcal{G}}_2$), while only UAV 4 is inoperative.

The simulation results are presented in Figure 13, Figure 14, Figure 15 and Figure 16. Figure 13 depicts the formation, tracking the flight trajectories of the multi-UAV network. Figure 14 shows the evolution of flight velocities, flight path angles, and heading angles of the network, which implies that the system states can track the reference signals well in spite of asynchronous DoS attacks. Furthermore, the evolution of consensus tracking errors is given in Figure 15 where the prescribed performance bounds are never exceeded, which illustrates the effectiveness of the proposed resilient security guaranteed performance consensus tracking control scheme for multi-UAV networks. Moreover, Figure 16 depicts the curves of the control input signals of all follower UAVs.

Part II: Scenario of multiple inoperative UAVs under attack. To further verify the effectiveness of the proposed resilient security control scheme under the scenario of multiple inoperative UAVs under asynchronous DoS cyber attack, another hardware-in-the-loop simulation of a multi-UAV network is presented. The simulation platform settings, UAV system parameters, attack strength parameters, and design parameters are selected to be the same as those in part I given above. We consider the attack topology combinations of the network as (${\mathcal{G}}_0$, ${\mathcal{G}}_1$, ${\mathcal{G}}_3$), where the connectivity-broken DoS cyber attack pattern ${\mathcal{G}}_3$ contains three broken communication edges ($(1,2)$, $(2,3)$, $(3,4)$) and two inoperative UAVs (UAV 2, UAV 4). The attack intervals are assumed to be: ${\mathcal{G}}_0$ (initial topology): $[0\mathrm{s},2.5\mathrm{s}]\cup [4.2\mathrm{s},8.3\mathrm{s}]\cup [9.5\mathrm{s},15.3\mathrm{s}]$; ${\mathcal{G}}_1$ (attack pattern 1): $[17.5\mathrm{s},22.6\mathrm{s}]\cup [24.2\mathrm{s},27.8\mathrm{s}]\cup [28.3\mathrm{s},30\mathrm{s}]$; and ${\mathcal{G}}_2$ (attack pattern 3): $[2.5\mathrm{s},4.2\mathrm{s}]\cup [8.3\mathrm{s},9.5\mathrm{s}]\cup [15.3\mathrm{s},17.5\mathrm{s}]\cup [22.6\mathrm{s},24.2\mathrm{s}]\cup [27.8\mathrm{s},28.3\mathrm{s}]$. The simulation results are depicted in Figure 17. Due to the page limitation, here we only presents the curves of consensus tracking errors. As shown in Figure 17, the resilient stability of the network is achieved and the system states of all UAVs (flight velocity $V_i\left(t\right)$, flight path angle ${\theta }_i\left(t\right)$, and heading angle ${\psi }_i\left(t\right)$) are still guaranteed to fall within the prescribed performance boundaries, which illustrates the effectiveness of the proposed security control strategy considering the scenario of multiple inoperative UAVs under attack.

6. Conclusions

This paper studied the guaranteed performance resilient security consensus control of nonlinear NCSs under asynchronous DoS cyber attack. First of all, an improved guaranteed performance function is designed to constrain the system consensus errors within the prescribed performance bounds, where the restrictions on initial system values are successfully removed. It was proven that the developed resilient security control method was immune to the attack signals. The constructed fuzzy state observer can effectively estimate the unmeasurable system states, based on which a fuzzy-adaptive guaranteed performance resilient security consensus tracking controller is proposed using a Lyapunov function-based backstepping design framework. Moreover, a sufficient condition of resilient stability under asynchronous DoS cyber attack was derived. Numerical simulations and the hardware-in-the-loop simulation of multi-UAV networks have further demonstrated the validity of the proposed guaranteed performance resilient security control strategy. In the future, we will further focus on reducing the communication burden, and consider more types of attacks and dynamics.