H_∞ Control for ICPS with Hybrid-Triggered Mechanism Encountering Stealthy DoS Jamming Attacks

Abstract

In recent years, with the upgrading of the attack technology, stealthy DoS jamming attacks have become the primary factor to threaten the security of Industrial Cyber-Physical Systems (ICPS). Considering the complex industrial scenarios of ICPS, which are influenced by a variety of external and internal interference, a $H_{\infty }$ controller designing problem is studied in this paper for an ICPS which deploys a hybrid-triggered mechanism (HTM) in the wireless channel encountering stealthy DoS jamming attacks. By employing a compensation mechanism which is employed in the controller to mitigate the impacts of attacks, external disturbance, limited channel capacity, wireless channel noise, we establish a closed-loop system and prove the closed-loop system is mean square exponentially stable and can achieve the desired $H_{\infty }$ disturbance rejection level theoretically. Finally, simulation examples are used to demonstrate effectiveness of the proposed $H_{\infty }$ controller.

1. Introduction

Recently, the traditional “air-gap” Industrial Control System (ICS) has been deeply integrated with advanced information technology (IT) and communication technology (CT) under the trend of Industry 4.0 [1], and then the Industrial Cyber-Physical System (ICPS) [2,3,4,5] was proposed and can be employed in many crucial infrastructures, such as smart grids [6], transportation systems [7], smart buildings [8], etc. However, almost all the ICPSs are facing serious security issues due to the lack of consideration of effective security guaranteeing mechanisms when engineers design and deploy an ICS [9]. In the past decade, many security events of ICPS occurred in nuclear facility, petroleum industry, and subway system, which resulted in huge economic loss and great social instability [10,11,12]. After analyzing the intrusion processes of these malicious security events, researchers found that these attackers not only have a comprehensive information of the system, but also have the ability to bypass intrusion detection systems and launch stealthy attacks [13,14]. Obviously, the ICPSs are at a distinct disadvantage from the defender’s point of view.

As a research hotspot, recently, security issues in different control scenarios have been studied [15], and malicious attacks have been categorized into Denial-of-Service (DoS) jamming attacks, false data injection attacks, replay attacks, wormhole attacks, etc. [16,17,18,19,20]. Due to the integration of more shared and general CTs in ICPSs, DoS jamming attacks, which aim to interference communication quality, can be considered as the most reachable attacks [21,22,23,24]. Foroush et al. [25] established a periodic attack strategy for a DoS jammer in which partial information has been detected, and then studied a resilience controller design problem for a remote wireless control scenario. However, the assumption of partial information of the jammer has been detected, which is conservative from the view of stealthy attacks in ICPS security analysis and research [26,27,28]. To maximize the effect of the attacks on the system performance, Zhang et al. studied the optimal attack strategy where a DoS jammer has constrained energy in a general wireless networked control scenario [29]. Ding et al. proposed a model by using the relationship among SER (Symbol Error Rate), SNR (Signal to Noise Ratio), and SINR (Signal to Interference plus Noise Ratio) in a communication channel based on the wireless communication technology, and studied the optimal attack scheduling of an energy constrained DoS jammer by establishing a two-player game in a multi-channel remote state estimation [30]. However, as a premeditated and supported attacker, the limitation of energy or other cost may not be the most important factors to be considered. Ding et al. studied an event-based security control for a discrete-time unified framework by defining a concept of working subcycle networked control system encountering randomly DoS jamming attacks [31]. However, as a purposeful and conscious individual compared with external disturbance, these kinds of attack strategies, which use random variables, cannot fully describe the jammer’s intention [32]. In Ref. [33], a unified framework of the attack strategy for a DoS jammer is discussed, and a $H_{\infty }$ controller design problem for a control system subject to DoS jamming attacks is studied without any known information of the DoS jammers’ attack strategy.

Besides, as a system deployed in complex industrial scenarios, ICPS also faces interference factors from inside and outside [34,35,36,37]. These non-negligible factors, like external disturbance, limited channel capacity and channel noise, can result in random dropout of packet in the network and ultimately affect the stability of the whole system [38,39]. In the previous studies, a variable which follows the Bernoulli distribution was used to described random packet dropouts caused by external disturbance or channel fading, and some effective algorithms were deployed to increase the transmission efficiency. For example, in Ref. [40], a hybrid-driven communication scheme is proposed and a controller design method is investigated for networked control systems with time delay. In Ref. [41], an event-triggered scheme and a quantiser are deployed in an array of discrete time-varying systems, and a distributed state estimation problem is studied. However, these studies have not considered the security requirements of networked systems, which is an urgent problem to be solved. Therefore, as a fundamental problem in the industrial scenarios, the $H_{\infty }$ controller design for an ICPS with traditional internal and external interference encountering stealthy DoS jamming attacks needs to be addressed. Then, in Ref. [42], we studied the $H_{\infty }$ control for an ICPS with event-triggered mechanism (ETM) encountering reactive DoS jamming attacks. However, consider that the hybrid-triggered mechanism (HTM) has more advantages than the ETM in utilizing network resources, and a smart attacker can use the characteristics of HTM to achieve more stealthy attacks, the $H_{\infty }$ control problem for an ICPS with HTM needs to be further investigated.

To sum up, due to the constraints of the current wireless communication technology and the increasingly complex industrial scenarios, ICPS not only faces a variety of external and internal interference, but also faces severe security issues caused by stealthy malicious attacks. In this paper, therefore, we consider that an ICPS, which deployed a HTM to improve the network bandwidth utilization, is intruded by a stealthy DoS jammer, where the DoS jammer keeps sensing the wireless channel and cleverly uses a reactive attack strategy to ensure its stealthiness based on the communication traffic. Then, based on the relationship among SER, SNR, and SINR, the impacts of stealthy DoS jamming attacks, external disturbance, limited channel capacity, and channel noise are described in a unified framework, and a compensation mechanism is employed in the controller to mitigate the impact of stealthy attacks due to the ICPS does not know the jammer’s attack strategy. Finally, simulation examples are given to show the effectiveness of the proposed $H_{\infty }$ control method. The main contributions of this paper can be summarized as follows.

• For a smart DoS jammer, it can use the trigger characteristics of HTM, which is an effective communication mechanism, to launch attacks on the premise of ensuring its stealth, and finally destroy the stable operation of the ICPS. Therefore, we studied the $H_{\infty }$ controller design problem for an ICPS with HTM to solve the stable operation of the ICPS encountering stealthy DoS jamming attacks.
• Unlike the existing studies that consider energy limitation of the attacker, we focus on attack purpose and stealthiness, and consider that the attacker keeps sensing the wireless channel traffic and cleverly uses a reactive attack strategy to achieve its purpose and ensure its stealthiness.
• We consider both of the stealthy DoS jamming attacks, external disturbance, limited channel capacity, wireless channel noise, and use the SER of wireless channel in a unified framework to describe the channel’s communication quality.

Notation: ${\mathbb{R}}^n$ stands for the n-dimensional Euclidean space. The symbol $\parallel ·\parallel$ stands for Euclidean norm. ${\mathbb{Z}}^{+}$ stands for the set of positive integers. For a matrix A, ${\lambda }_{max}\left(A\right)$ (${\lambda }_{min}\left(A\right)$) stands for the largest (smallest) eigenvalue of A, $A^{\mathrm{T}}$ stands for the transposition of A, and $A>0$ ($A<0$) stands for a positive (negative) definite matrix. Let I and 0 be identity matrix and zero matrix with appropriate dimensions, respectively. $Pr[·]$ stands for the probability of a stochastic event. $\mathbb{E}\{·\}$ denotes the expectation of a stochastic variable. The symbol ∗ within a matrix represents the symmetric entries.

2. Problem Formulation

In this section, the problem of $H_{\infty }$ control for an ICPS with HTM encountering stealthy DoS jamming attacks is formulated.

2.1. Basic Structure

The basic structure of an ICPS with HTM encountering stealthy jamming attacks can be shown in Figure 1, which consists of a physical system, a time-triggered sensor, a controller, and an actuator. Specifically, states of the physical system are captured by the sensor and transmitted to the controller through a memoryless wireless channel with a HTM. Meanwhile, based on Ref. [33], a stealthy DoS jammer who keeps sensing the traffic of wireless channel and uses the reactive attack strategy to increase the probability of packet dropouts, and we assume that the ICPS does not have any intrusion detected systems and does not know any information of the DoS jammer’s attack strategy. Considering the physical system has the following form

$$\left\{\begin{array}{c}x(k+1)=Ax\left(k\right)+Bu\left(k\right)+D_1\omega \left(k\right),\hfill \\ y\left(k\right)=C_{1}x\left(k\right),\hfill \\ z\left(k\right)=C_{2}x\left(k\right)+D_2\omega \left(k\right),\hfill \end{array}\right.$$

(1)

where $x\left(k\right)\in {\mathbb{R}}^n$, $y\left(k\right)\in {\mathbb{R}}^m$, $z\left(k\right)\in {\mathbb{R}}^q$, and $\omega \left(k\right)\in {\mathbb{R}}^q$ stand for the system state, measured output, controlled output, and external disturbance input belonging to $l_2[0,\infty )$, respectively. A, B, $C_1$, $C_2$, $D_1$, and $D_2$ are known real matrices with appropriate dimensions. Consider the wireless channel has independent Additive White Gaussian Noise (AWGN), communication quality of the wireless channel can be modeled as [43,44]

$$\begin{array}{c}\hfill SER=2q\sqrt{\xi SNR},SNR=\frac{p_s}{{\sigma }^2},\end{array}$$

(2)

where $p_s$, $\xi >0$ and ${\sigma }^2$ stand for transmission power, network parameter and AWGN power, respectively. Meanwhile, $q=1/\sqrt{2\pi }{\int }_x^{\infty }exp(-{\rho }^2/2)\mathrm{d}\rho$.

2.2. Hybrid-Triggered Mechanism

A HTM is deployed in the wireless channel to alleviate the limitation of network resources. Specifically,

Time-triggered mechanism (TTM): Consider the measured output via only the TTM which received by the controller can be described as

$$\tilde{y}\left(k\right)=y\left(k\right),$$

(3)

Event-triggered mechanism (ETM): An ETM is deployed to improve the network bandwidth utilization, and consider the event-triggered condition as

$$\begin{array}{c}\hfill \begin{array}{c}\hfill k_{s+1}=\underset{k>k_s}{min}\{k\mid {(y\left(k\right)-y\left(k_s\right))}^{\mathrm{T}}\mathsf{\Phi }(y\left(k\right)-y\left(k_s\right))\ge y{\left(k_s\right)}^{\mathrm{T}}\mathsf{\Psi }y\left(k_s\right)\},\end{array}\end{array}$$

(4)

where $\mathsf{\Phi }>0$ and $\mathsf{\Psi }>0$ stand for event-triggered matrices to be designed, ${\left\{k_s\right\}}_{s\ge 0}\subseteq {\mathbb{Z}}^{+}$ with $k_0=0$, ${\left\{k_s\right\}}_{s\ge 1}$ stand for the packet transmission instants sequence. We define

$$e_y\left(k\right)=y\left(k_s\right)-y\left(k\right),k\in [k_s,k_{s+1}),$$

(5)

then (4) can be rewritten as

$$e_y{\left(k\right)}^{\mathrm{T}}\mathsf{\Phi }{e}_y\left(k\right)\le y{\left(k_s\right)}^{\mathrm{T}}\mathsf{\Psi }y\left(k_s\right),\forall k\in [k_s,k_{s+1}).$$

(6)

Then, the measured output via only the ETM which received by the controller can be described as

$$\tilde{y}\left(k\right)=e_y\left(k\right)+y\left(k\right),$$

(7)

Therefore, we can define a Bernoulli distribution stochastic variable $\theta \left(k\right)$ to stand for the probability of triggered mechanism being selected, and by combining (3) with (7), the measured output via the HTM, which is received by the controller, can be described as

$$\tilde{y}\left(k\right)=(1-\theta \left(k\right))y\left(k\right)+\theta \left(k\right)(e_y\left(k\right)+y\left(k\right)),$$

(8)

where $Pr[\theta \left(k\right)=1]=\overline{\theta }$, $Pr[\theta \left(k\right)=0]=1-\overline{\theta }$, and the mathematical variance of $\theta \left(k\right)$ is ${\delta }^2$. The sojourn probability $\overline{\theta }$ can be obtained by the following statistical method

$$\overline{\theta }=\underset{n\to \infty }{lim}\frac{k_i}{n},k_i\in {\mathbb{Z}}^{+},n\in {\mathbb{Z}}^{+}$$

(9)

where $k_i$ is the times of $\theta \left(k\right)=1$ in the interval $[1,n]$, and we assume that $\overline{\theta }$ in the wireless channel is known.

2.3. Stealthy DoS Jamming Attacks

A stealthy DoS jammer who uses reactive attack strategy keeps sensing the traffic of wireless channel and changes attack modes autonomously according to whether a packet is transmitting in the wireless channel [33]. Denoting $\alpha \left(k\right)\in \{0,1\}$ stands for different periods, the nth working subcycle of the DoS jammer, which consists of the start time $T\left(n\right)$, the duration of attack period $ta\left(n\right)$, and the duration of silent period $ts\left(n\right)$, can be described as

$$\begin{array}{c}\hfill \alpha \left(k\right)=\left\{\begin{array}{c}1,k\in \left[T\right(n),T(n)+ta(n)-1],\hfill \\ 0,k\in \left[T\right(n)+ta(n),T(n)+ta(n)+ts(n)-1],\hfill \end{array}\right.\end{array}$$

(10)

where $\alpha \left(k\right)=1$ and $\alpha \left(k\right)=0$ stand for the attack period and the silent period, respectively. Combining (2), the inherent packet dropouts caused by limited capacity of wireless channel and channel noise are considered in the silent periods, and in the attack periods, the DoS jammer uses attack power $p_a$ on the wireless channel to increase the probability of packet dropouts. Then, we have

$$\begin{array}{c}\hfill SER=2q\sqrt{\xi SINR},SINR=\frac{p_s}{p_a+{\sigma }^2}.\end{array}$$

(11)

Combining with (10) and (11), SER for the wireless channel can be described in a unified framework as

$$\begin{array}{c}\hfill \begin{array}{c}\hfill SER=2q\sqrt{\xi \frac{p_s}{\alpha \left(k\right)p_a+{\sigma }^2}}=\left\{\begin{array}{c}2q\sqrt{\xi SNR},\alpha \left(k\right)=0,\hfill \\ 2q\sqrt{\xi SINR},\alpha \left(k\right)=1.\hfill \end{array}\right.\end{array}\end{array}$$

(12)

2.4. Closed-Loop System

Let $\overline{y}\left(k\right)$ stand for received measurement of the controller, and let mutually independent Bernoulli stochastic variable $\beta \left(\alpha \right(k),k)$ indicate whether a packet is successfully received or not by the controller, we have

$$\beta (\alpha \left(k\right),k)=\left\{\begin{array}{c}1,successfully,\hfill \\ 0,otherwise.\hfill \end{array}\right.$$

(13)

Then, combining with (11), (12), and (13), we have

$$\left\{\begin{array}{c}Pr[\beta (\alpha \left(k\right),k)=1]=1-SER=\overline{\beta },\hfill \\ Pr[\beta (\alpha \left(k\right),k)=0]=SER=1-\overline{\beta },\hfill \end{array}\right.$$

(14)

where $\overline{\beta }\in [0,1)$ is a known constant.

Due to the deployment of HTM, it is difficult for the controller to know whether the packet is dropped or just not transmitted. Additionally, the ICPS dose not know the attack strategy of the DoS jammer due to it lack of intrusion detection systems. Thus, an compensation mechanism which employs the latest transmitted quantized measurement is established in the controller to decrease the impact of packet dropouts. Specifically, if the packet is received by the controller, we use $\overline{y}\left(k\right)=\tilde{y}\left(k\right)$. Otherwise, the previous packet $\overline{y}(k-1)$ will be used. Therefore, combining with (13), we have

$$\begin{array}{c}\hfill \begin{array}{c}\hfill \overline{y}\left(k\right)=\beta (\alpha \left(k\right),k)[(1-\theta \left(k\right))y\left(k\right)+\theta \left(k\right)(e_y\left(k\right)+y\left(k\right))]+(1-\beta (\alpha \left(k\right),k))\overline{y}(k-1).\end{array}\end{array}$$

(15)

To achieve the control objective, we consider an observer-based controller as

$$\begin{array}{c}Observer:\hfill \\ \left\{\begin{array}{c}\widehat{x}(k+1)=A\widehat{x}\left(k\right)+Bu\left(k\right)+L(\overline{y}\left(k\right)-\widehat{\overline{y}}\left(k\right)),\hfill \\ \widehat{\overline{y}}\left(k\right)=\beta (\alpha \left(k\right),k)\widehat{y}\left(k\right)+(1-\beta (\alpha \left(k\right),k))\overline{y}(k-1),\hfill \end{array}\right.\hfill \end{array}$$

(16)

$$\begin{array}{c}\hfill Controller:u\left(k\right)=K\widehat{x}\left(k\right),\end{array}$$

(17)

where ${\widehat{\overline{y}}}_k$ is the observer output, L is the observer gain matrix, and K is the controller gain matrix. We denote the estimation error as

$$e\left(k\right)=x\left(k\right)-\widehat{x}\left(k\right).$$

(18)

Then, a closed-loop system for the ICPS with HTM encountering stealthy DoS jamming attacks can be described as

$$\left\{\begin{array}{cc}x(k+1)=\hfill & (A+BK)x\left(k\right)-BKe\left(k\right)+D_1\omega \left(k\right),\hfill \\ e(k+1)=\hfill & (A-\overline{\beta }L{C}_1)e\left(k\right)-(\beta (\alpha \left(k\right),k)-\overline{\beta })L{C}_1)e\left(k\right)-\overline{\beta }(\theta \left(k\right)-\overline{\theta })L{e}_y\left(k\right)\hfill \\ \hfill & -\overline{\beta }\overline{\theta }L{e}_y\left(k\right)-(\beta (\alpha \left(k\right),k)-\overline{\beta })(\theta \left(k\right)-\overline{\theta })L{e}_y\left(k\right)-\overline{\theta }(\beta (\alpha \left(k\right),k)-\overline{\beta })L\hfill \\ \hfill & \times e_y\left(k\right)+D_1\omega \left(k\right).\hfill \end{array}\right.$$

(19)

Assumption 1.

The matrix B is of full column rank.

As the closed-loop system (19) is a stochastic parameter system, the following Definition is needed.

Definition 1.

Consider the ICPS with HTM encountering stealthy DoS jamming attacks. Let $\eta \left(k\right)={\left[\begin{array}{cc}x{\left(k\right)}^{\mathrm{T}}& e{\left(k\right)}^{\mathrm{T}}\end{array}\right]}^{\mathrm{T}}$. The closed-loop system (19) satisfies exponentially mean-square stable with $\omega \left(k\right)=0$, if there exist constants $ϵ>0$ and $\tau \in (0,1)$ such that

$$\begin{array}{c}\hfill {\mathbb{E}\{\parallel \eta \left(k\right)\parallel }^2\}\le ϵ{\tau }^k{\mathbb{E}\{\parallel \eta \left(0\right)\parallel }^2\},\end{array}$$

(20)

where $\forall \eta \left(0\right)\in {\mathbb{R}}^n$, $k\in {\mathbb{Z}}^{+}$.

By the Definition 1, the objective of this paper is to design a controller to guarantee the closed-loop system (19) which satisfies the following requirements simultaneously.

(1)

The closed-loop system (19) with $\omega \left(k\right)=0$ is exponentially mean-square stable;

(2)

Given a scalar $\gamma >0$. For all nonzero $\omega \left(k\right)$, under the zero-initial condition, the controlled input $z\left(k\right)$ satisfies

$$\sum _{k=0}^{\infty }{\mathbb{E}\{\parallel z\left(k\right)\parallel }^2\}<{\gamma }^2\sum _{k=0}^{\infty }{\mathbb{E}\{\parallel \omega \left(k\right)\parallel }^2\},$$

(21)

3. Main Results

In this section, proof process of the $H_{\infty }$ control is discussed. First, the required Lemmas are listed.

Lemma 1

([45]). Let $V\left(\eta \right(k\left)\right)$ as a Lyapunov function. If there exist real scalars $\lambda \ge 0$, $\mu >0$, $\nu >0$, and $0<\phi <1$ such that

$${\mu \parallel \eta \left(k\right)\parallel }^2\le V\left(\eta \left(k\right)\right)\le \nu {\parallel \eta \left(k\right)\parallel }^2,$$

$$\mathbb{E}\left\{V\right(\eta (k+1)\left)\right|\eta \left(k\right)\}-V(\eta \left(k\right))\le \lambda -\phi V(\eta \left(k\right)),$$

then

$${\mathbb{E}\{\parallel \eta \left(k\right)\parallel }^2\}\le \frac{\nu }{\mu }{\parallel \eta \left(k\right)\parallel }^2{(1-\phi )}^k+\frac{\lambda }{\mu \phi }.$$

Lemma 2

([34]). For the matrix B of full-column rank, there always exists a singular value decomposition (SVD), such that

$$\begin{array}{c}\hfill B=U^{\mathrm{T}}\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}}=\left[\begin{array}{c}{U}_1\\ U_2\end{array}\right]\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}},\end{array}$$

(22)

where $U\in {\mathbb{R}}^{n\times n}$ and $V\in {\mathbb{R}}^{m\times m}$ are orthogonal matrices, $\mathsf{\Sigma }=diag\{{\varpi }_1,{\varpi }_2,\dots ,{\varpi }_m\}$, where ${\varpi }_i(i=1,2,\dots ,m)$ are nonzero singular values of B.

Lemma 3

([38]). For the matrix B of full-column rank, if there exist positive definite matrices $P_1\in {\mathbb{R}}^{m\times m}$, $P_2\in {\mathbb{R}}^{(n-m)\times (n-m)}$, and matrix P satisfies

$$\begin{array}{c}\hfill P=U^{\mathrm{T}}\left[\begin{array}{cc}{P}_1& 0\\ 0& P_2\end{array}\right]U=U_1^{\mathrm{T}}{P}_1{U}_1+U_2^{\mathrm{T}}{P}_2{U}_2,\end{array}$$

(23)

then there exist a nonsingular matrix $\overline{P}$, such that $PB=B\overline{P}$.

3.1. Stability Analysis

Theorem 1.

Consider the ICPS with HTM encountering stealthy DoS jamming attacks. Given the controller gain matrix K and the observer gain matrix L. The closed-loop system (19) is exponentially mean-square stable, if there exist positive definite matrices P and S satisfying (24).

$$\left[\begin{array}{cccccccc}{\Delta }_1& \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& {\Delta }_4& \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& {\Delta }_8& \ast & \ast & \ast & \ast & \ast \\ {\Delta }_2& {\Delta }_5& 0& {\Delta }_{11}& \ast & \ast & \ast & \ast \\ 0& {\Delta }_6& 0& 0& {\Delta }_{12}& \ast & \ast & \ast \\ 0& {\Delta }_7& 0& 0& 0& {\Delta }_{13}& \ast & \ast \\ {\Delta }_3& 0& {\Delta }_9& 0& 0& 0& {\Delta }_{14}& \ast \\ 0& 0& {\Delta }_{10}& 0& 0& 0& 0& {\Delta }_{15}\end{array}\right]<0,$$

(24)

where ${\Delta }_1=-P$, ${\Delta }_2=A+BK$, ${\Delta }_3=C_1$, ${\Delta }_4=-S$, ${\Delta }_5=-BK$, ${\Delta }_6=A-\overline{\beta }L{C}_1$, ${\Delta }_7=L{C}_1$, ${\Delta }_8=-\mathsf{\Phi }$, ${\Delta }_9=I$, ${\Delta }_{10}=L$, ${\Delta }_{11}=-P^{-1}$, ${\Delta }_{12}=-S^{-1}$, ${\Delta }_{13}=-{\epsilon }_1^{-1}{S}^{-1}$, ${\Delta }_{14}=-{\mathsf{\Psi }}^{-1}$, ${\Delta }_{15}=-{\overline{\beta }}^{-1}{\overline{\theta }}^{-1}{S}^{-1}$, ${\epsilon }_1=(1-\overline{\beta })\overline{\beta }$, ${\epsilon }_2=(1-\overline{\theta })\overline{\theta }$.

Proof. 

We define a Lyapunov function as

$$V\left(\eta \left(k\right)\right)=x{\left(k\right)}^{\mathrm{T}}Px\left(k\right)+e{\left(k\right)}^{\mathrm{T}}Se\left(k\right).$$

(25)

By (19), we have

$$\begin{array}{cc}\hfill & \mathbb{E}\left\{V\right(\eta (k+1)\left)\right\}-V\left(\eta \right(k\left)\right)\hfill \\ \hfill =& \mathbb{E}\{x{(k+1)}^{\mathrm{T}}Px(k+1)+e{(k+1)}^{\mathrm{T}}Se(k+1)\}-x{\left(k\right)}^{\mathrm{T}}Px\left(k\right)-e{\left(k\right)}^{\mathrm{T}}Se\left(k\right)\hfill \\ \hfill =& {\mathbb{E}\{[(A+BK)x\left(k\right)-BKe\left(k\right)]}^{\mathrm{T}}P[(A+BK)x\left(k\right)-BKe\left(k\right)]+[(A-\overline{\beta }L{C}_1)\hfill \\ \hfill & \times e\left(k\right)-(\beta (\alpha \left(k\right),k)-\overline{\beta })L{C}_1)e\left(k\right)-\overline{\beta }(\theta \left(k\right)-\overline{\theta })L{e}_y\left(k\right)-\overline{\beta }\overline{\theta }L{e}_y\left(k\right)\hfill \\ \hfill & -(\beta (\alpha \left(k\right),k)-\overline{\beta })(\theta \left(k\right)-\overline{\theta })L{e}_y\left(k\right)-\overline{\theta }(\beta (\alpha \left(k\right),k)-\overline{\beta })L{e}_y{\left(k\right)]}^{\mathrm{T}}P\hfill \\ \hfill & \times [(A-\overline{\beta }L{C}_1)e\left(k\right)-(\beta (\alpha \left(k\right),k)-\overline{\beta })L{C}_1)e\left(k\right)-\overline{\beta }(\theta \left(k\right)-\overline{\theta })L{e}_y\left(k\right)\hfill \\ \hfill & -\overline{\beta }\overline{\theta }L{e}_y\left(k\right)-(\beta (\alpha \left(k\right),k)-\overline{\beta })(\theta \left(k\right)-\overline{\theta })L{e}_y\left(k\right)-\overline{\theta }(\beta (\alpha \left(k\right),k)-\overline{\beta })L{e}_y\left(k\right)]\hfill \\ \hfill & -x{\left(k\right)}^{\mathrm{T}}Px\left(k\right)-e{\left(k\right)}^{\mathrm{T}}Se\left(k\right).\hfill \\ \hfill \end{array}$$

Combining with $\mathbb{E}\left\{{(\beta (\alpha \left(k\right),k)-\overline{\beta })}^2\right\}=(1-\overline{\beta })\overline{\beta }$, $\mathbb{E}\left\{{(\theta \left(k\right)-\overline{\theta })}^2\right\}=(1-\overline{\theta })\overline{\theta }$ and (6), we have

$$e_y{\left(k\right)}^{\mathrm{T}}\mathsf{\Phi }{e}_y\left(k\right)\le {[e_y\left(k\right)+y\left(k\right)]}^{\mathrm{T}}\mathsf{\Psi }[e_y\left(k\right)+y\left(k\right)],$$

(26)

where $\forall k\in [k_s,k_{s+1})$. Therefore,

$$\begin{array}{cc}\hfill & \mathbb{E}\left\{V\right(\eta (k+1)\left)\right\}-V\left(\eta \right(k\left)\right)\hfill \\ \hfill \le & \mathbb{E}\{x{(k+1)}^{\mathrm{T}}Px(k+1)+e{(k+1)}^{\mathrm{T}}Se(k+1)\}\hfill \\ \hfill & -x{\left(k\right)}^{\mathrm{T}}Px\left(k\right)-e{\left(k\right)}^{\mathrm{T}}Se\left(k\right)+{[e_y\left(k\right)+y\left(k\right)]}^{\mathrm{T}}\mathsf{\Psi }\hfill \\ \hfill & [e_y\left(k\right)+y\left(k\right)]-e_y{\left(k\right)}^{\mathrm{T}}\mathsf{\Phi }{e}_y\left(k\right)\hfill \\ \hfill =& \widehat{\eta }{\left(k\right)}^{\mathrm{T}}\left[\begin{array}{cc}{\mathsf{\Pi }}_1^{\mathrm{T}}{\mathsf{\Pi }}_2{\mathsf{\Pi }}_1+{\mathsf{\Pi }}_3& \ast \\ {\mathsf{\Pi }}_4& {\mathsf{\Pi }}_5\end{array}\right]\widehat{\eta }\left(k\right)\hfill \\ \hfill =& \widehat{\eta }{\left(k\right)}^{\mathrm{T}}\mathsf{\Pi }\widehat{\eta }\left(k\right),\forall k\in [k_s,k_{s+1}),\hfill \end{array}$$

where $\widehat{\eta }\left(k\right)={\left[\begin{array}{cc}\eta {\left(k\right)}^{\mathrm{T}}& e_y{\left(k\right)}^{\mathrm{T}}\end{array}\right]}^{\mathrm{T}}$, ${\mathsf{\Pi }}_2=diag\{P,S,{\epsilon }_{1}S,\mathsf{\Psi }\}$, ${\mathsf{\Pi }}_3=diag\{-P,-S\}$, ${\mathsf{\Pi }}_4=\left[\begin{array}{cc}{\mathsf{\Pi }}_{41}& {\mathsf{\Pi }}_{42}\end{array}\right]$, ${\mathsf{\Pi }}_{41}=\mathsf{\Psi }{C}_1$, ${\mathsf{\Pi }}_{42}={\epsilon }_1\overline{\theta }{L}^{\mathrm{T}}SL{C}_1-\overline{\beta }\overline{\theta }{L}^{\mathrm{T}}S(A-\overline{\beta }L{C}_1)$, ${\mathsf{\Pi }}_5=\overline{\beta }\overline{\theta }{L}^{\mathrm{T}}SL+\mathsf{\Psi }-\mathsf{\Phi }$,

${\mathsf{\Pi }}_1=\left[\begin{array}{cc}A+BK& -BK\\ 0& A-\overline{\beta }L{C}_1\\ 0& L{C}_1\\ C_1& 0\end{array}\right]$.

By Schur complement, (24) implies that $\mathsf{\Pi }<0$, and $\mathsf{\Pi }$ is a strick matrix inequality, then there exits a constant $\kappa$ such that

$$\begin{array}{c}\hfill \begin{array}{c}\hfill \mathbb{E}\left\{V\left(\eta (k+1)\right)\right\}-V\left(\eta \left(k\right)\right)\le \widehat{\eta }{\left(k\right)}^{\mathrm{T}}diag\{-\kappa I,0\}\widehat{\eta }\left(k\right)<-\kappa \eta {\left(k\right)}^{\mathrm{T}}\eta \left(k\right),\end{array}\end{array}$$

(27)

where $0<\kappa <\min \{{\lambda }_{\min }(-\mathsf{\Pi }),\vartheta \}$, $\vartheta =\max \{{\lambda }_{\max }\left(P\right),{\lambda }_{\max }\left(S\right)\}$. Then, we have

$$\begin{array}{c}\hfill \begin{array}{c}\hfill \mathbb{E}\left\{V\left(\eta (k+1)\right)\right\}-V\left(\eta \left(k\right)\right)<-\kappa \eta {\left(k\right)}^{\mathrm{T}}\eta \left(k\right)\le \frac{\kappa }{\vartheta }\eta {\left(k\right)}^{\mathrm{T}}\eta \left(k\right).\end{array}\end{array}$$

(28)

By Lemma 1, we have

$$\begin{array}{c}\hfill {\mathbb{E}\{\parallel \eta \left(k\right)\parallel }^2\}-V\left(\eta \left(k\right)\right)\le \frac{\kappa }{\vartheta }{(1-\frac{\kappa }{\vartheta })}^k{\parallel \eta \left(0\right)\parallel }^2,\end{array}$$

(29)

where $0<\frac{\kappa }{\vartheta }<1$. Therefore, the closed-loop system (19) is exponentially mean-square stable. This completes the proof. □

3.2. $H_{\infty }$ Controller Design

Theorem 2.

Consider the ICPS with HTM encountering stealthy DoS jamming attacks. The closed-loop system (19) is exponentially mean-square stable and the $H_{\infty }$ norm constraint (21) is achieved for all nonzero $\omega \left(k\right)$, if there exist positive definite matrices P and S, the controller gain matrix K and the observer gain matrix L satisfying (30).

$$\left[\begin{array}{cccccccccc}{\mathsf{\Xi }}_1& \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& {\mathsf{\Xi }}_5& \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& {\mathsf{\Xi }}_9& \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& 0& {\mathsf{\Xi }}_{12}& \ast & \ast & \ast & \ast & \ast & \ast \\ {\mathsf{\Xi }}_2& {\mathsf{\Xi }}_6& 0& {\mathsf{\Xi }}_{13}& {\mathsf{\Xi }}_{16}& \ast & \ast & \ast & \ast & \ast \\ 0& {\mathsf{\Xi }}_7& 0& {\mathsf{\Xi }}_{14}& 0& {\mathsf{\Xi }}_{17}& \ast & \ast & \ast & \ast \\ 0& {\mathsf{\Xi }}_8& 0& 0& 0& 0& {\mathsf{\Xi }}_{18}& \ast & \ast & \ast \\ {\mathsf{\Xi }}_3& 0& {\mathsf{\Xi }}_{10}& 0& 0& 0& 0& {\mathsf{\Xi }}_{19}& \ast & \ast \\ 0& 0& {\mathsf{\Xi }}_{11}& 0& 0& 0& 0& 0& {\mathsf{\Xi }}_{20}& \ast \\ {\mathsf{\Xi }}_4& 0& 0& {\mathsf{\Xi }}_{15}& 0& 0& 0& 0& 0& {\mathsf{\Xi }}_{21}\end{array}\right]<0,$$

(30)

where ${\mathsf{\Xi }}_1=-P$, ${\mathsf{\Xi }}_2=A+BK$, ${\mathsf{\Xi }}_3=C_1$, ${\mathsf{\Xi }}_4=C_3$, ${\mathsf{\Xi }}_5=-S$, ${\mathsf{\Xi }}_6=-BK$, ${\mathsf{\Xi }}_7=A-\overline{\beta }L{C}_1$, ${\mathsf{\Xi }}_8=L{C}_1$, ${\mathsf{\Xi }}_9=-\mathsf{\Phi }$, ${\mathsf{\Xi }}_{10}=I$, ${\mathsf{\Xi }}_{11}=L$, ${\mathsf{\Xi }}_{12}=-{\gamma }^{2}I$, ${\mathsf{\Xi }}_{13}=D_1$, ${\mathsf{\Xi }}_{14}=D_1$, ${\mathsf{\Xi }}_{15}=D_2$, ${\mathsf{\Xi }}_{16}=-P^{-1}$, ${\mathsf{\Xi }}_{17}=-S^{-1}$, ${\mathsf{\Xi }}_{18}=-{\epsilon }_1^{-1}{S}^{-1}$, ${\mathsf{\Xi }}_{19}=-{\mathsf{\Psi }}^{-1}$, ${\mathsf{\Xi }}_{20}=-{\overline{\beta }}^{-1}{\overline{\theta }}^{-1}{S}^{-1}$, ${\mathsf{\Xi }}_{21}=-I$, $C_3=\left[\begin{array}{ccc}{C}_2& 0& 0\end{array}\right]$.

Proof. 

Let $\tilde{\eta }\left(k\right)={\left[\begin{array}{cc}\widehat{\eta }{\left(k\right)}^{\mathrm{T}}& \omega {\left(k\right)}^{\mathrm{T}}\end{array}\right]}^{\mathrm{T}}$, and combine with (26). For any nonzero $\omega \left(k\right)$, we have

$$\begin{array}{cc}\hfill & \mathbb{E}\left\{V\left(\eta (k+1)\right)\right\}-\mathbb{E}\left\{V\left(\eta \left(k\right)\right)\right\}+\mathbb{E}\left\{z{\left(k\right)}^{\mathrm{T}}z\left(k\right)\right\}-{\gamma }^2\mathbb{E}\left\{\omega {\left(k\right)}^{\mathrm{T}}\omega \left(k\right)\right\}\hfill \\ \hfill \le & \mathbb{E}\left\{V\left(\eta (k+1)\right)\right\}-\mathbb{E}\left\{V\left(\eta \left(k\right)\right)\right\}+\mathbb{E}\left\{z{\left(k\right)}^{\mathrm{T}}z\left(k\right)\right\}-{\gamma }^2\mathbb{E}\left\{\omega {\left(k\right)}^{\mathrm{T}}\omega \left(k\right)\right\}\hfill \\ \hfill & +{[e_y\left(k\right)+y\left(k\right)]}^{\mathrm{T}}\mathsf{\Psi }[e_y\left(k\right)+y\left(k\right)]-e_y{\left(k\right)}^{\mathrm{T}}\mathsf{\Phi }{e}_y\left(k\right)\hfill \\ \hfill =& \mathbb{E}\left\{\tilde{\eta }{\left(k\right)}^{\mathrm{T}}\left[\begin{array}{cc}\mathsf{\Pi }+{\Lambda }_1& \ast \\ {\Lambda }_2& {\Lambda }_3\end{array}\right]\tilde{\eta }\left(k\right)\right\}\hfill \\ \hfill =& \mathbb{E}\left\{\tilde{\eta }{\left(k\right)}^{\mathrm{T}}\Lambda \tilde{\eta }\left(k\right)\right\},\hfill \end{array}$$

where ${\Lambda }_1=C_3^{\mathrm{T}}{C}_3$, ${\Lambda }_2=\left[\begin{array}{ccc}{\Lambda }_{21}& {\Lambda }_{22}& {\Lambda }_{23}\end{array}\right]$, ${\Lambda }_{21}=D_1^{\mathrm{T}}P(A+BK)+D_2^{\mathrm{T}}{C}_2$, ${\Lambda }_{22}=-D_1^{\mathrm{T}}PBK+D_1^{\mathrm{T}}S(A-\overline{\beta }L{C}_1)$, ${\Lambda }_{23}=-\overline{\beta }\overline{\theta }{D}_1^{\mathrm{T}}SL$, ${\Lambda }_3=D_1^{\mathrm{T}}P{D}_1+D_1^{\mathrm{T}}S{D}_1+D_2^{\mathrm{T}}{D}_2-{\gamma }^{2}I$.

By Schur complement, (30) implies that $\Lambda <0$, we have

$$\begin{array}{c}\hfill \begin{array}{cc}\hfill \mathbb{E}\left\{V\right(\eta (k+1)\left)\right\}& -\mathbb{E}\left\{V\left(\eta \left(k\right)\right)\right\}+\mathbb{E}\left\{z{\left(k\right)}^{\mathrm{T}}z\left(k\right)\right\}-{\gamma }^2\mathbb{E}\left\{\omega {\left(k\right)}^{\mathrm{T}}\omega \left(k\right)\right\}<0.\hfill \end{array}\end{array}$$

(31)

For $k=0\to \infty$, by summing up (31) we can obtain

$$\begin{array}{c}\hfill \begin{array}{cc}\hfill \sum _{k=0}^{\infty }{\mathbb{E}\{\parallel z\left(k\right)\parallel }^2\}<& {\gamma }^2\sum _{k=0}^{\infty }{\mathbb{E}\{\parallel \omega \left(k\right)\parallel }^2\}+\mathbb{E}\left\{V\left(\eta \left(0\right)\right)\right\}-\mathbb{E}\left\{V\left(\eta (\infty )\right)\right\}.\hfill \end{array}\end{array}$$

(32)

Due to $\eta \left(0\right)=0$ and Theorem 1, we have

$$\sum _{k=0}^{\infty }{\mathbb{E}\{\parallel z\left(k\right)\parallel }^2\}<{\gamma }^2\sum _{k=0}^{\infty }{\mathbb{E}\{\parallel \omega \left(k\right)\parallel }^2\},$$

(33)

which means the $H_{\infty }$ norm constraint (21) is achieved. This completes the proof. □

Theorem 3.

Consider the ICPS with HTM encountering stealthy DoS jamming attacks. The closed-loop system (19) is exponentially mean-square stable and the $H_{\infty }$ norm constraint (21) is achieved for all nonzero $\omega \left(k\right)$, if there exist positive definite matrices $P_1$, $P_2$ and S, real matrices X and Y satisfying (34) and (35). Furthermore, the controller gain matrix K and the observer gain matrix L can be given by (36).

$$\left[\begin{array}{cccccccccc}{\mathsf{\Omega }}_1& \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& {\mathsf{\Omega }}_5& \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& {\mathsf{\Omega }}_9& \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& 0& {\mathsf{\Omega }}_{12}& \ast & \ast & \ast & \ast & \ast & \ast \\ {\mathsf{\Omega }}_2& {\mathsf{\Omega }}_6& 0& {\mathsf{\Omega }}_{13}& {\mathsf{\Omega }}_{16}& \ast & \ast & \ast & \ast & \ast \\ 0& {\mathsf{\Omega }}_7& 0& {\mathsf{\Omega }}_{14}& 0& {\mathsf{\Omega }}_{17}& \ast & \ast & \ast & \ast \\ 0& {\mathsf{\Omega }}_8& 0& 0& 0& 0& {\mathsf{\Omega }}_{18}& \ast & \ast & \ast \\ {\mathsf{\Omega }}_3& 0& {\mathsf{\Omega }}_{10}& 0& 0& 0& 0& {\mathsf{\Omega }}_{19}& \ast & \ast \\ 0& 0& {\mathsf{\Omega }}_{11}& 0& 0& 0& 0& 0& {\mathsf{\Omega }}_{20}& \ast \\ {\mathsf{\Omega }}_4& 0& 0& {\mathsf{\Omega }}_{15}& 0& 0& 0& 0& 0& {\mathsf{\Omega }}_{21}\end{array}\right]<0,$$

(34)

where ${\mathsf{\Omega }}_1=-P$, ${\mathsf{\Omega }}_2=PA+BX$, ${\mathsf{\Omega }}_3=\mathsf{\Psi }{C}_1$, ${\mathsf{\Omega }}_4=C_3$, ${\mathsf{\Omega }}_5=-S$, ${\mathsf{\Omega }}_6=-BX$, ${\mathsf{\Omega }}_7=SA-\overline{\beta }Y{C}_1$, ${\mathsf{\Omega }}_8=Y{C}_1$, ${\mathsf{\Omega }}_9=-\mathsf{\Phi }$, ${\mathsf{\Omega }}_{10}=\mathsf{\Psi }$, ${\mathsf{\Omega }}_{11}=Y$, ${\mathsf{\Omega }}_{12}=-{\gamma }^{2}I$, ${\mathsf{\Omega }}_{13}=P{D}_1$, ${\mathsf{\Omega }}_{14}=S{D}_1$, ${\mathsf{\Omega }}_{15}=D_2$, ${\mathsf{\Omega }}_{16}=-P$, ${\mathsf{\Omega }}_{17}=-S$, ${\mathsf{\Omega }}_{18}=-{\epsilon }_1^{-1}S$, ${\mathsf{\Omega }}_{19}=-\mathsf{\Psi }$, ${\mathsf{\Omega }}_{20}=-{\overline{\beta }}^{-1}{\overline{\theta }}^{-1}S$, ${\mathsf{\Omega }}_{21}=-I$.

$$\begin{array}{c}\hfill PB=B\overline{P},\end{array}$$

(35)

$$\begin{array}{c}\hfill K=V{\mathsf{\Sigma }}^{-1}{P}_1^{-1}\mathsf{\Sigma }{V}^{\mathrm{T}}X,L=S^{-1}Y.\end{array}$$

(36)

Proof. 

Because (30) is not an LMI, we need to pre- and post-multiply both side of (30) with matrix $diag\{I,I,I,I,P,S,S,\mathsf{\Psi },S,I\}$ and obtain

$$\left[\begin{array}{cccccccccc}{\widehat{\mathsf{\Omega }}}_1& \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& {\widehat{\mathsf{\Omega }}}_5& \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& {\widehat{\mathsf{\Omega }}}_9& \ast & \ast & \ast & \ast & \ast & \ast & \ast \\ 0& 0& 0& {\widehat{\mathsf{\Omega }}}_{12}& \ast & \ast & \ast & \ast & \ast & \ast \\ {\widehat{\mathsf{\Omega }}}_2& {\widehat{\mathsf{\Omega }}}_6& 0& {\widehat{\mathsf{\Omega }}}_{13}& {\widehat{\mathsf{\Omega }}}_{16}& \ast & \ast & \ast & \ast & \ast \\ 0& {\widehat{\mathsf{\Omega }}}_7& 0& {\widehat{\mathsf{\Omega }}}_{14}& 0& {\widehat{\mathsf{\Omega }}}_{17}& \ast & \ast & \ast & \ast \\ 0& {\widehat{\mathsf{\Omega }}}_8& 0& 0& 0& 0& {\widehat{\mathsf{\Omega }}}_{18}& \ast & \ast & \ast \\ {\widehat{\mathsf{\Omega }}}_3& 0& {\widehat{\mathsf{\Omega }}}_{10}& 0& 0& 0& 0& {\widehat{\mathsf{\Omega }}}_{19}& \ast & \ast \\ 0& 0& {\widehat{\mathsf{\Omega }}}_{11}& 0& 0& 0& 0& 0& {\widehat{\mathsf{\Omega }}}_{20}& \ast \\ {\widehat{\mathsf{\Omega }}}_4& 0& 0& {\widehat{\mathsf{\Omega }}}_{15}& 0& 0& 0& 0& 0& {\widehat{\mathsf{\Omega }}}_{21}\end{array}\right]<0,$$

(37)

where ${\widehat{\mathsf{\Omega }}}_1=-P$, ${\widehat{\mathsf{\Omega }}}_2=PA+PBK$, ${\widehat{\mathsf{\Omega }}}_3=\mathsf{\Psi }{C}_1$, ${\widehat{\mathsf{\Omega }}}_4=C_3$, ${\widehat{\mathsf{\Omega }}}_5=-S$, ${\widehat{\mathsf{\Omega }}}_6=-PBK$, ${\widehat{\mathsf{\Omega }}}_7=SA-\overline{\beta }SL{C}_1$, ${\widehat{\mathsf{\Omega }}}_8=SL{C}_1$, ${\widehat{\mathsf{\Omega }}}_9=-\mathsf{\Phi }$, ${\widehat{\mathsf{\Omega }}}_{10}=\mathsf{\Psi }$, ${\widehat{\mathsf{\Omega }}}_{11}=SL$, ${\widehat{\mathsf{\Omega }}}_{12}=-{\gamma }^{2}I$, ${\widehat{\mathsf{\Omega }}}_{13}=P{D}_1$, ${\widehat{\mathsf{\Omega }}}_{14}=S{D}_1$, ${\widehat{\mathsf{\Omega }}}_{15}=D_2$, ${\widehat{\mathsf{\Omega }}}_{16}=-P$, ${\widehat{\mathsf{\Omega }}}_{17}=-S$, ${\widehat{\mathsf{\Omega }}}_{18}=-{\epsilon }_1^{-1}S$, ${\widehat{\mathsf{\Omega }}}_{19}=-\mathsf{\Psi }$, ${\widehat{\mathsf{\Omega }}}_{20}=-{\overline{\beta }}^{-1}{\overline{\theta }}^{-1}S$, ${\widehat{\mathsf{\Omega }}}_{21}=-I$.

Let $X=\overline{P}K$, $Y=SL$, and combining with (35), we have (34), which means the closed-loop system (19) is exponentially mean-square stable and the $H_{\infty }$ norm constraint (21) is satisfied. However, it should be noted that (34) has matrix equation constraint.

By Assumption 1, therefore, the column of matrices B and $PB$ are all linearly independent with $\overline{P}>0$. Hence, if (34) is satisfied, then

$$rank\left(\overline{P}\right)\ge rank\left(B\overline{P}\right)=rank\left(PB\right)\ge rank\left(B\right)=m.$$

So, we have

$$\begin{array}{c}\hfill K={\overline{P}}^{-1}X,L=P^{-1}Y.\end{array}$$

(38)

By Lemma 2 and Lemma 3, we have matrices $P_1$, $P_2$, $U_1$, and $U_2$, satisfying (22) and (23). The $\overline{P}$ can be computed by (39) from $PB=B\overline{P}$, namely

$$\begin{array}{c}\hfill PB=P{U}^{\mathrm{T}}\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}}=U^{\mathrm{T}}\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}}\overline{P}=\left[\begin{array}{c}{U}_1\\ U_2\end{array}\right]\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}}\overline{P}.\end{array}$$

(39)

Then, substituting (23) into (39), we have

$$U^{\mathrm{T}}\left[\begin{array}{cc}{P}_1& 0\\ 0& P_2\end{array}\right]\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}}=U^{\mathrm{T}}\left[\begin{array}{c}\mathsf{\Sigma }\\ 0\end{array}\right]V^{\mathrm{T}}\overline{P},$$

(40)

which implies that

$$P_1\mathsf{\Sigma }{V}^{\mathrm{T}}=\mathsf{\Sigma }{V}^{\mathrm{T}}\overline{P}.$$

(41)

Therefore, the problem of matrix equation constraint is solved by using (23). Then, by (23) and (41), we can obtain (36). This completes the proof. □

Therefore, the optimal $H_{\infty }$ control problem can be solved by

$$\underset{P_1>0,P_2>0,S>0,X,Y}{min}\gamma s.t.\left(23\right)and\left(34\right).$$

(42)

4. Numerical Simulation

In this section, numerical simulations are used to demonstrate the effectiveness of the proposed $H_{\infty }$ control method. Consider the transmission power $P_s=1.5$, the AWGN power ${\sigma }^2=1.0$, and the network parameter $\xi =3$. Then, the probability of inherent randomly packet dropouts caused by external disturbance, limited channel capacity, and channel noise can be calculated as $0.0850$. By choosing the attack power of DoS jammer $p_a=1.7500$, the probability of packet dropouts caused by attacks increases to $0.5034$.

(1) Consider an uninterruptible power system (UPS) with 1KVA. Its discrete-time model (1) can be described with 10ms at half-load operating point in the following [46]

$$A=\left[\begin{array}{ccc}0.9226& -0.6330& 0\\ 1& 0& 0\\ 0& 1& 0\end{array}\right],B=\left[\begin{array}{c}1\\ 0\\ 0\end{array}\right]$$

$$C_1=\left[\begin{array}{ccc}23.7380& 20.2870& 0\end{array}\right],C_2=\left[\begin{array}{ccc}0.1& 0& 0\end{array}\right],D_1={\left[\begin{array}{ccc}0.5& 0& 2\end{array}\right]}^{\mathrm{T}},D_2=0.1.$$

We chose the initial conditions as $x\left(0\right)={\left[\begin{array}{ccc}1& -1& 0\end{array}\right]}^{\mathrm{T}}$, $\widehat{x}\left(0\right)={\left[\begin{array}{ccc}0& 0& 0\end{array}\right]}^{\mathrm{T}}$. Let $\gamma =1$, by using the $H_{\infty }$ control method, we can obtain that

$$\mathsf{\Psi }=12.2804,\mathsf{\Phi }=3.9826,$$

$$K=\left[\begin{array}{ccc}-0.0037& -0.0035& -0.0054\end{array}\right],L={\left[\begin{array}{ccc}0.1512& 0.5958& -0.7268\end{array}\right]}^{\mathrm{T}}$$

Figure 2 shows the norm of states for the UPS encountering stealthy DoS jamming attacks, which indicates that the proposed $H_{\infty }$ control method can achieve the control objective successfully and effectively. Figure 3 shows switch times of the HTM. Figure 4 shows times of the DoS jamming attacks on the wireless channel.

(2) Consider a tunnel diode circuit in the following [47]

$$A=\left[\begin{array}{cc}0.9887& 0.9024\\ -0.0180& 0.8100\end{array}\right],B=\left[\begin{array}{c}0.0093\\ -0.0181\end{array}\right],$$

$$C_1=\left[\begin{array}{cc}1& 0\end{array}\right],C_2=\left[\begin{array}{cc}1& 0\end{array}\right],D_1={\left[\begin{array}{cc}1& 1\end{array}\right]}^{\mathrm{T}},D_2=1.$$

We chose the initial conditions as $x\left(0\right)={\left[\begin{array}{cc}0.1& -0.1\end{array}\right]}^{\mathrm{T}}$, $\widehat{x}\left(0\right)={\left[\begin{array}{cc}0& 0\end{array}\right]}^{\mathrm{T}}$. Let $\gamma =1$, by using the $H_{\infty }$ control method, we can obtain that

$$\mathsf{\Psi }=9.0342,\mathsf{\Phi }=3.3312,$$

$$K=0.1-5\times \left[\begin{array}{cc}0.2683& -0.3196\end{array}\right],L={\left[\begin{array}{cc}-5.8106& 4.6382\end{array}\right]}^{\mathrm{T}}.$$

Figure 5 shows the norm of states for the tunnel diode circuit encountering stealthy DoS jamming attacks, which indicates that the proposed $H_{\infty }$ control method can achieve the control objective successfully and effectively. Figure 6 shows switch times of the HTM. Figure 7 shows times of the DoS jamming attacks on the wireless channel.

5. Conclusions

In this paper, considering the external disturbance, limited channel capacity, and channel noise, a $H_{\infty }$ controller designing problem was studied for an ICPS with HTM encountering stealthy DoS jamming attacks. A closed-loop system was established based on a compensation mechanism, which compensates the impacts of stealthy DoS jamming attacks and inherent random packet dropouts. We proved that the closed-loop system is mean square exponentially stable and can achieve the desired $H_{\infty }$ disturbance rejection level, and simulation results shown the effectiveness of the $H_{\infty }$ control method. In the future, we will study the controller designing problem for industrial scenarios which deployed intrusion detection systems and industrial protocol enhancement methods, and the relationship between system security and operating efficiency will be further discussed.