Discrimination between Replay Attacks and Sensor Faults for Cyber-Physical Systems via Event-Triggered Communication

In this paper, a threat discrimination methodology is proposed for cyber-physical systems with eventtriggered data communication, aiming to identify sensor bias faults from two possible types of threats: replay attacks and sensor bias faults. Event-triggered adaptive estimation and backward-in-time signal processing are the main techniques used. Specifically, distinct incremental systems of the eventtriggered cyber-physical system resulting from the considered threat types are established for each threat type, and the difference between their inputs are found and utilized to discriminate the threats. An event-triggered adaptive estimator is then designed by using the event-triggered sampled data based on the system in the attack case, allowing to reconstruct the unknown increments in both the threat cases. The backward-in-time model of the incremental system in the replay attack case is proposed as the signal processor to process the reconstructions of the increments. Such a model can utilize the aforementioned input difference between the incremental systems such that its output has distinct quantitative properties in the attack case and in the fault case. The fault discrimination condition is rigorously investigated and characterizes quantitatively the class of distinguishable sensor bias faults. Finally, a numerical simulation is presented to illustrate the effectiveness of the proposed methodology.