DoS-attack-dependent event-triggered control for networked control systems under stochastic DoS attacks

Abstract

This paper addresses the problem of event-triggered control for networked control systems (NCSs) under stochastic denial-of-service (DoS) attacks. A Markov DoS attack model with uncertain probabilities is proposed to describe the impact of the current DoS attack occurrence on the subsequent step while considering the randomness and uncertainty of attack probabilities. Moreover, a DoS-attack-dependent event-triggered mechanism (DADETM) is designed dependent on the occurrence of DoS attacks to avoid ineffective triggering behavior during DoS attacks active period. The DADETM is only triggered during the DoS attacks sleep period, thereby saving communication resources. Subsequently, the controller under DADETM is designed and sufficient conditions ensuring asymptotic mean-square stability of the closed-loop system are derived by utilizing the piecewise Lyapunov functions (PLFs). Finally, the effectiveness of the proposed method is demonstrated through simulations of a networked double-sided linear switched reluctance machine (DLSRM) system.

Keywords

DoS attacks Markov chain event-triggered control networked control systems uncertain probabilities

Introduction

With the advancement of network communication and computer technologies, networked control systems (NCSs) have become a prominent research focus in the field of industrial control (Shaukat et al., 2018). Due to the advantages of ease of maintenance, and efficient information transmission, NCSs have been widely applied in many practical areas in recent years, such as smart grids, automotive manufacturing, and military systems (Dong and Kim, 2014; Zhuang et al., 2025). However, the complex network structures and numerous control devices have also introduced significant challenges, such as security threats (Wang et al., 2019; Zhang and Zheng, 2018) and limited network transmission resources (Li and Chen, 2019). These challenges may not only degrade the performance of NCSs but also result in system instability.

Network attack is a critical factor compromising network security, constituting one of the most significant challenges faced by NCSs (Shen et al., 2019). Generally, network attacks can be categorized into deception attacks (Ding et al., 2018b; Ge et al., 2019; Pasqualetti et al., 2013) and denial-of-service (DoS) attacks (Lu and Yang, 2018; Qu and Zhao, 2023; Zhang and Feng, 2021; Zhang et al., 2020). Deception attacks operate by injecting false data, thereby compromising the accuracy of the data. DoS attacks compromise network functionality by flooding the communication channel with redundant data, effectively blocking the transmission of normal data packets. Due to the simplicity of the required conditions and the high destructive potential, DoS attacks have become one of the most threatening types of network attacks. To facilitate the study of security control issues under DoS attacks, current research employs various methods to describe the occurrence of DoS attacks. In Wang and Feng (2023), the occurrence of DoS attacks is modeled using Bernoulli variables. In De Persis and Tesi (2015), the attack situation is described using the frequency and dwell time of DoS attack sequences. However, the aforementioned mathematical models lack consideration of the impact of the current state of DoS attacks on future occurrences. Befekadu et al. (2015) employ a fully known probabilistic Markov model to describe the random interference of DoS attacks on data packets within the system. However, due to the unpredictability and complexity of DoS attacks, it is infeasible to fully track the occurrence of each attack step. To address this issue, this paper proposes a probabilistic uncertain Markov model to characterize the occurrence patterns of DoS attacks.

On the contrary, to save communication resources, the event-triggered mechanism has been proposed in Tabuada (2007). Unlike traditional systems transmitting data at fixed intervals, event-triggered mechanism determines the instant of information transmission based on desired objectives. This strategy allows signal transmission only when certain predefined event-triggered conditions are met, which significantly reduces the amount of transmitted data and thus saves communication resources (Ding et al., 2016, 2018c; Han and Lian, 2022; Li et al., 2019). Currently, there has been a significant amount of researches focused on determining suitable event-triggered conditions (Wang et al., 2025). For instance, Yang et al. (2020) establishes an event-triggered condition by determining whether the relative sampling error exceeds a designed threshold, while Liu et al. (2024) introduces an adaptive threshold combined with a weighted average of previous triggering instants to determine the occurrence of triggering events. However, most of these event-triggered conditions focus on the considering system, neglecting the impact of DoS attacks. Consequently, the typical event-triggered control approaches are no longer fully effective under such attacks, and event-triggered mechanism needs to be redesigned to address the challenge of DoS attacks.

Some studies have explored the design of event-triggered mechanisms for NCSs under DoS attacks. A resilient event-triggered communication scheme is proposed in Ni et al. (2024) and Peng et al. (2017), which allows for a certain level of packet loss caused by DoS attacks. Considering the characteristics of DoS attacks, Zhang et al. (2024) introduces a switching-like event-triggered mechanism (SETM) that adjusts the triggering conditions based on the occurrence of DoS attacks, thereby enhancing communication efficiency while ensuring system stability. However, in the above studies, the triggering signals emitted from the event generator cannot be transmitted normally through the communication channel due to the disruption caused by DoS attacks, rendering the “active” state of the event generator to be ineffective for the system. This phenomenon may result in waste of communication resources.

Based on the above discussions, this paper investigates the issue of event-triggered control for NCSs under DoS attacks. A DoS-attack-dependent event-triggered mechanism (DADETM) is established for NCSs to ensure the stability of the system under stochastic DoS attacks and to reduce the waste of communication resources. The main contributions of this paper are as follows:

A Markov model with uncertain transition probabilities is introduced to model stochastic DoS attacks, which does not require precise knowledge of the attack occurrence probabilities. Moreover, a new DADETM is proposed by taking into account the characteristics of DoS attacks, which is only triggered during the DoS attacks sleep period, reducing the waste of communication resources under DoS attacks active period. The event generator adjusts its operating mode based on acknowledgment character (ACK) signals generated by detecting the occurrence of DoS attacks.

A piecewise Lyapunov function (PLF) is constructed based on the characteristics of stochastic DoS attacks modeled by a Markov chain, and sufficient conditions are established to ensure the asymptotic mean-square stability (AMSS) of the system, while the controller under DADETM is designed.

The remainder of this paper is organized as follows. In section “NCSs under stochastic DoS attacks,” we describe the framework of NCSs subject to stochastic DoS attacks. In section “DADETM,” the DADETM based on the ACK detection mechanism is formulated. In section “Main results,” the main results of this paper are derived, including the derivation of sufficient conditions to ensure the AMSS of the closed-loop system under stochastic DoS attacks, as well as the corresponding controller design based on the DADETM. In section “Illustrative examples,” the effectiveness of the proposed method is demonstrated through a simulation. Finally, the conclusions are given in section “Conclusion and future work.”

Notations

In this paper, the transpose of a matrix A is denoted as $A^{T}$ . The symbol $P > 0$ indicates that matrix P is a real symmetric positive definite matrix. The notation $diag {\cdot}$ represents a block diagonal matrix, and $ℝ^{n}$ denotes the n-dimensional Euclidean space. The symbol ∗ represents the symmetric entries in a symmetric matrix. Moreover, $E {\cdot}$ denotes the mathematical expectation. For convenience, $E$ is used to represent $E {\cdot}$ , and $E {X ∣ Y}$ denotes the conditional expectation of X given $Y$ .

NCSs under stochastic DoS attacks

Considering the discrete-time system described as follows:

x (k + 1) = Ax (k) + Bu (k)

(1)

where $x (k) \in ℝ^{n}$ is the system state, $u (k) \in ℝ^{m}$ is the control input, A, B are the constant matrices.

The framework of the NCSs under stochastic DoS attacks is illustrated in Figure 1. DoS attacks can block the transmission of signals to the controller. Considering the randomness and complexity of DoS attacks, the state on the communication channel under DoS attacks is modeled as follows:

\bar{x} (k) = v (k) x (k)

(2)

where $\bar{x} (k)$ represents the state variables of the system under DoS attacks, and $v (k) \in (0, 1)$ denotes the status of the communication channel: $v (k) = 0$ indicates the presence of DoS attacks, preventing the controller from receiving the signal and $v (k) = 1$ represents the absence of DoS attacks, allowing the communication channel to transmit the signal normally.

Figure 1.

The framework of the system under stochastic DoS attacks and DADETM.

The stochastic DoS attacks are described by the stochastic process $v (k)$ , which is modeled as Markov chain in this paper. Define $ρ_{ij}$ as the probability of jumping from $v (k)$ at instant k to $v (k + 1)$ at instant $k + 1$ , then:

ρ_{ij} = \Pr {v (k + 1) = j ∣ v (k) = i}

(3)

where $ρ_{ij}$ satisfies $0 < ρ_{ij} < 1$ and $\sum_{j = 0}^{1} ρ_{ij} = 1$ , with $i, j \in (0, 1)$ . However, considering the randomness of the DoS attacks occurrence, it is unreasonable to accurately describe the occurrence of DoS attacks using constant probabilities.

Thus, it is assumed that the probability $ρ_{ij}$ is subject to uncertainty in this paper. Furthermore, the transition probability matrix is defined as follows:

\begin{matrix} P_{ij} & = [\begin{matrix} ρ_{00} & 1 - ρ_{00} \\ ρ_{10} & 1 - ρ_{10} \end{matrix}] \end{matrix}

(4)

where $ρ_{00} = α_{0} + α_{1} m_{α} (k)$ and $ρ_{10} = β_{0} + β_{1} m_{β} (k)$ , in which $α_{0}$ and $β_{0}$ represent the certain part of the transition probabilities, while $α_{1}$ and $β_{1}$ are scaling constants for the uncertainty. In addition, $m_{α} (k)$ and $m_{β} (k)$ are functions that describe the uncertainty and satisfy the following conditions:

{\underset{̲}{m}}_{α} \leq m_{α} (k) \leq {\bar{m}}_{α}, \forall k \in ℕ

(5)

{\underset{̲}{m}}_{β} \leq m_{β} (k) \leq {\bar{m}}_{β}, \forall k \in ℕ

(6)

Based on the above considerations, the controller for stochastic DoS attacks modeled by a Markov chain is designed as follows:

u (k) = K \bar{x} (k)

(7)

Then, the NCSs under stochastic DoS attacks, which are modeled as a Markov chain, are described as follows:

x (k + 1) = Ax (k) + v (k) BKx (k)

(8)

Remark 1. In this paper, a probabilistic uncertain Markov model is proposed to characterize the behavior of the stochastic DoS attacks. The model precisely describes the influence of the current state of DoS attacks on the future state, with uncertain parts of the transition probabilities $α_{1} m_{α} (k)$ and $β_{1} m_{β} (k)$ introduced to further reflect the complexity of DoS attacks. It is worth noting that if $m_{α} (k) \to 0$ and $m_{β} (k) \to 0$ , the proposed Markov model in this paper would degenerate to the models proposed in Qiu et al. (2023) and Wang et al. (2024).

DADETM

DoS attacks can block communication channels and lead to packet loss. According to Coutinho et al. (2023), the transmission of triggered signals to the controller is disrupted during the active period of DoS attacks, thereby causing ineffective triggering behavior in the system.

To avoid invalid triggering when the DoS attack is active, this paper designs the DADETM considering the characteristics of DoS attacks and aiming at mitigating the associated wastage of triggering resources. In this framework, the event-triggering behavior is activated only when DoS attacks are detected, with DoS attacks identification achieved through an ACK mechanism.

At each transmission instant, the ACK mechanism detects whether packet loss is caused by DoS attacks. The ACK signal is defined as follows:

\begin{matrix} ACK = {\begin{matrix} 1, & DoS sleep period \\ 0, & DoS active period \end{matrix} \end{matrix}

(9)

In DADETM, if ACK = 1, the DoS attack is in the sleep period, and the event generator checks whether the triggering condition is satisfied. If ACK = 0, the DoS attack is in the active period, and no triggering behavior occurs in the event generator.

DADETM is described as follows:

\begin{matrix} k_{s + 1} = \inf {k > k_{s} ∣ e^{T} (k) Ω e (k) \geq μ x^{T} (k) Ω x (k)} \land {ACK = 1} \end{matrix}

(10)

where $e (k) = x (k_{s}) - x (k)$ represents the relative error of states at the previous triggering instant $k_{s}$ and current instant k, $Ω > 0$ is a free weighting matrix, and $μ \in (0, 1)$ is a predefined parameter.

Remark 2. In DADETM, DoS attacks are detected via an ACK mechanism, and the ACK signal is transmitted to the event generator. As shown in Figure 2, when the DoS attacks are in the sleep period, the event generator evaluates the triggering condition in (10) and accordingly determines whether to transmit the data. In contrast, when the DoS attacks are in the active period, the event generator suspends all triggering actions to avoid the unnecessary transmissions, thereby further conserving communication resources.

Figure 2.

The data transmission instants under the DADETM.

Furthermore, after the termination of a DoS attack, the event generator still relies on the triggering instants from the previous sleep period for judgment, which introduces latency in the triggering condition. Hence, the event generator is configured to trigger once immediately after the termination of DoS attacks, allowing the controller to promptly update its data and thereby mitigating the impact of DoS attacks on the system.

Remark 3. It is worth noting that, unlike the triggering conditions proposed in Ye et al. (2023) and Tian et al. (2024), which rely solely on the relative state error (i.e. $x (k_{s}) - x (k)$ ) or change the triggering variable based on the ACK signal (i.e. the triggering variable is set to $δ_{1}$ and $θ_{1}$ when ACK $= 1$ , and to $δ_{2}$ and $θ_{2}$ when ACK $= 0$ ), the proposed DADETM activates the triggering condition based on the relative error only when the ACK mechanism detects that DoS attacks are in the sleep period. Consequently, the DADETM effectively avoids generating invalid triggering actions during the active period of DoS attacks, thereby further conserving communication resources.

The controller based on the DADETM is written as follows:

\begin{matrix} u (k) = K \bar{x} (k_{s}) \end{matrix}

(11)

Based on the above analysis, combining equations (8), (10), and (11), the closed-loop NCS model is rewritten as follows:

x (k + 1) = (A + v (k) BK) x (k) + v (k) BKe (k)

(12)

Considering whether the attack occurs or not, then, (12) can be further expressed as follows:

\begin{matrix} x (k + 1) = {\begin{matrix} Ax (k), & v (k) = 0 \\ (A + BK) x (k) + BKe (k), & v (k) = 1 \end{matrix} \end{matrix}

(13)

Definition 1. (Ye et al., 2023) The closed-loop system under DoS attacks is AMSS if:

\begin{matrix} \lim_{k \to \infty} E | | x (k) | |^{2} = 0 \end{matrix}

(14)

Lemma 1. (Gu et al., 2018) For any constant matrices M and N, the inequality

M + σ (t) N < 0

holds for all $\underset{̲}{σ} \leq σ (t) \leq \bar{σ}$ , if and only if

M + \underset{̲}{σ} N < 0, M + \bar{σ} N < 0

Main results

Theorem 1. For the given positive scalars $α_{0}, α_{1}, β_{0}, β_{1}, μ$ , $δ_{0} > 0$ , $0 < δ_{1} < 1$ , $0 < δ_{2} < 1$ , $θ \geq 1$ , the upper bounds and lower bounds of the uncertainty of the probabilities ${\bar{m}}_{α}$ ${\bar{m}}_{β}$ , ${\underset{̲}{m}}_{α}$ and ${\underset{̲}{m}}_{β}$ , the closed-loop system is asymptotically mean-square stable if there exist and positive definite matrices $X_{i}, X_{j}$ , for $i, j \in (0, 1)$ , $\tilde{Ω}$ , matrices $Y$ , such that the following conditions hold:

[\begin{matrix} - {\bar{δ}}_{0} X_{0} & \sqrt{{\bar{ρ}}_{00}} X_{0} A^{T} & \sqrt{{\bar{ρ}}_{01}} X_{0} A^{T} \\ * & - X_{0} & 0 \\ * & * & - X_{1} \end{matrix}] < 0

(15)

[\begin{matrix} - {\bar{δ}}_{0} X_{0} & \sqrt{{\underset{̲}{ρ}}_{00}} X_{0} A^{T} & \sqrt{{\underset{̲}{ρ}}_{01}} X_{0} A^{T} \\ * & - X_{0} & 0 \\ * & * & - X_{1} \end{matrix}] < 0

(16)

[\begin{matrix} - θ X_{0} & X_{0} \\ * & - X 1 \end{matrix}] \leq 0, [\begin{matrix} - θ X_{1} & X_{1} \\ * & - X_{0} \end{matrix}] \leq 0

(17)

0 < \frac{\ln {\bar{δ}}_{1} - \ln δ_{2}}{- \ln {\bar{δ}}_{0} + \ln δ_{2}} \leq \frac{1}{\bar{ζ}} - 1

(18)

\ln δ_{2} + \ln θ < 0

(19)

[\begin{matrix} Ξ_{1} & Ξ_{2}^{n} \\ * & Ξ_{3} \end{matrix}] < 0

(20)

[\begin{matrix} Ξ_{1} & Ξ_{2}^{m} \\ * & Ξ_{3} \end{matrix}] < 0

(21)

where $Ξ_{2}^{n} = [\begin{matrix} Ξ_{1}^{n} & Ξ_{2}^{n} \\ Ξ_{3}^{n} & Ξ_{4}^{n} \end{matrix}]$ , $Ξ_{2}^{m} = [\begin{matrix} Ξ_{1}^{m} & Ξ_{2}^{m} \\ Ξ_{3}^{m} & Ξ_{4}^{m} \end{matrix}]$ , $Ξ_{1} =$ $[\begin{matrix} - {\bar{δ}}_{1} X_{1} + μ \tilde{Ω} & 0 \\ * & - \tilde{Ω} \end{matrix}]$ , $Ξ_{3} = [\begin{matrix} - X_{0} & 0 \\ * & - X_{1} \end{matrix}]$ , $Ξ_{1}^{n} = \sqrt{{\underset{̲}{ρ}}_{10}} X_{1} A^{T} + \sqrt{{\underset{̲}{ρ}}_{10}} Y B^{T}$ , $Ξ_{2}^{n} = \sqrt{{\underset{̲}{ρ}}_{11}} X_{1} A^{T} + \sqrt{{\underset{̲}{ρ}}_{11}} Y B^{T}$ , $Ξ_{3}^{n} = \sqrt{{\underset{̲}{ρ}}_{10}} Y B^{T}$ , $Ξ_{4}^{n} = \sqrt{{\underset{̲}{ρ}}_{11}} Y B^{T}$ , $Ξ_{1}^{m} = \sqrt{{\bar{ρ}}_{10}} X_{1} A^{T} + \sqrt{{\bar{ρ}}_{10}} Y B^{T}$ , $Ξ_{2}^{m} = \sqrt{{\bar{ρ}}_{11}} X_{1} A^{T}$ $+ \sqrt{{\bar{ρ}}_{11}} Y B^{T}$ , $Ξ_{3}^{m} = \sqrt{{\bar{ρ}}_{10}} Y B^{T}$ , $Ξ_{4}^{m} = \sqrt{{\underset{̲}{ρ}}_{11}} Y B^{T}$ , ${\bar{δ}}_{0} = 1 + δ_{0}$ , ${\bar{δ}}_{1} = 1 - δ_{1}$ , ${\underset{̲}{ρ}}_{01} = 1 - {\underset{̲}{ρ}}_{00}$ , ${\underset{̲}{ρ}}_{00} = α_{0} + α_{1} {\underset{̲}{m}}_{α}$ , ${\bar{ρ}}_{00} = α_{0} + α_{1} {\bar{m}}_{α}$ , ${\bar{ρ}}_{01} = 1 - {\bar{ρ}}_{00}$ , ${\underset{̲}{ρ}}_{11} = 1 - {\underset{̲}{ρ}}_{10}$ , ${\underset{̲}{ρ}}_{10} = β_{0} + β_{1} {\underset{̲}{m}}_{β}$ , ${\bar{ρ}}_{11} = 1 - {\bar{ρ}}_{10}$ , ${\bar{ρ}}_{10} = β_{0} + β_{1} {\bar{m}}_{β}$ .

Proof. The computation involved in Theorem 1 is complex and lengthy. To ensure clarity and maintain the continuity of the logical flow in the main text, the detailed proof of Theorem 1 has been provided in the Appendix A.

Remark 4. As pointed out in Ding et al. (2018a) and Ge et al. (2021), in practical engineering applications, such as embedded devices, data communication often suffers from high energy consumption and is vulnerable to DoS attacks. To address this challenge, this paper investigates a secure control strategy based on a DADETM under stochastic DoS attacks. The proposed method not only reduces bandwidth consumption but also improves system reliability against DoS interference, providing theoretical support for the reliable application of NCSs in fields such as industrial automation and intelligent manufacturing.

Illustrative examples

In this section, a networked DLSRM system is considered to thoroughly demonstrate the validity of the proposed theoretical results. The networked DLSRM system is presented in reference Qiu et al. (2016), and the coefficient matrix of the state equation for the system is as follows:

\begin{matrix} A = [\begin{matrix} 1.0004 & 0.0909 \\ 0.0085 & 0.8247 \end{matrix}], & B = [\begin{matrix} 0.0047 \\ 0.0909 \end{matrix}] \end{matrix}

For the networked DLSRM system under stochastic DoS attacks, we consider $α_{0} = 0.2$ , $α_{1} = 0.2$ , $β_{0} = 0.3$ , $β_{1} = 0.2$ , $δ_{0} = 0.1$ , $δ_{1} = 0.2$ , $δ_{2} = 0.91$ , $θ = 1.09$ , and $m_{α} (k) = 0.2 + 0.03 κ$ , $m_{β} (k) = 0.1 + 0.03 κ$ , κ is a random integer between 0 and 10. Meanwhile, it is assumed that at time $k = 0$ , the initial status of the stochastic DoS attacks is set to sleep with $v (0) = 1$ . The evolution of stochastic DoS attacks is demonstrated in Figure 3.

Figure 3.

Stochastic DoS attacks modeled as a Markov chain.

By the conditions of Theorem 1, the controller gain K and the event-triggered weighting matrix Ω can be calculated as:

\begin{matrix} K = [\begin{matrix} - 8.0240 & - 7.6241 \end{matrix}], & Ω = [\begin{matrix} 0.0057 & 0.0063 \\ 0.0063 & 0.0108 \end{matrix}] \end{matrix}

Meanwhile, the matrices $P_{0}$ and $P_{1}$ are obtained as:

\begin{matrix} P_{0} = [\begin{matrix} 0.0157 & 0.0075 \\ 0.0075 & 0.0131 \end{matrix}], & P_{1} = [\begin{matrix} 0.0230 & 0.0062 \\ 0.0062 & 0.0100 \end{matrix}] \end{matrix}

Remark 5. Once the system coefficient matrices (i.e. A, B), constant scalars (i.e. $δ_{0}$ , $δ_{1}$ , $δ_{2}$ , θ), and the upper and lower bounds of the uncertainty functions (i.e. ${\bar{m}}_{α}$ , ${\underset{̲}{m}}_{α}$ , ${\bar{m}}_{β}$ , ${\underset{̲}{m}}_{β}$ ) are obtained, the controller gain K and event-triggered weighting matrix Ω can be computed offline by solving the linear matrix inequalities (LMIs) subject to the constraints in Theorem 1. To accommodate real-time application requirements, these key parameters can also be updated online to further optimize K and Ω. However, such online adjustments may introduce nonlinear terms into the matrix inequalities, requiring practitioners to redesign the solution procedure and develop suitable iterative algorithms.

With the initial state of the system is $x (0) = {[2, - 2]}^{T}$ , the state trajectories $x (k)$ of the system under stochastic DoS attacks are illustrated with solid lines in Figure 4(a) and (b). It indicates that the system subject to stochastic DoS attacks can achieve mean square stability with the controller designed under DADETM.

Figure 4.

State trajectories under stochastic DoS attacks with different triggering mechanisms. (a) DADETM and TTM. (b) DADETM and SETM.

By adopting the proposed DADETM, the release intervals are shown in Figure 5, in which the triggering number is 52. It can be observed that no release instants occur during the active periods of DoS attacks, thereby reducing the number of triggering events.

Figure 5.

Release intervals under DADETM.

To further demonstrate the effectiveness of the proposed DADETM, we compare it with the time-triggered mechanism (TTM) and the SETM proposed in Peng and Sun (2020).

The TTM exchanges information over the communication network in a periodic manner. In contrast, the SETM adopts an ACK detection mechanism to dynamically adjust the triggering variable μ based on the occurrence of DoS attacks. Specifically, the triggering variable is set to $μ = μ_{1} = 0.2$ when $ACK = 1$ , and it decreases to $μ = μ_{2} = 0.00036$ when $ACK = 0$ to reduce the number of triggering events.

The state trajectories under TTM and SETM are plotted with dashed lines in Figure 4(a) and (b), respectively. As shown in Figure 6, TTM results in a triggering number of 160. For SETM, Figure 7 shows that the triggering number is 82.

Figure 6.

Release intervals under TTM.

Figure 7.

Release intervals under SETM.

From Figures 4 –7, it can be observed that the state trajectories under the three methods are nearly identical. However, compared with TTM, the DADETM significantly reduces the triggering number, resulting in a 67.5% saving in communication resources ( $\frac{160 - 52}{160} = 67.5 %$ ). Similarly, compared with SETM, the triggering number under DADETM is reduced, achieving approximately a 36.6% saving in transmission resources ( $\frac{82 - 52}{82} = 36.6 %$ ). In terms of the triggering conditions of these three methods, the main difference is that DADETM effectively avoids invalid transmissions during DoS attacks, thereby further preventing the waste of communication resources.

Furthermore, by fixing the triggering variable $μ_{2}$ of in SETM, Table 1 lists the triggering number of DADETM and SETM with varying parameter μ in DADETM and varying parameter $μ_{1}$ in SETM satisfying $μ = μ_{1}$ . It can be clearly seen that as μ varies, the number of triggering events under DADETM is consistently lower than that under SETM. It further demonstrates the advantage of the proposed DADETM.

Table 1.

Comparison of triggering numbers with triggering variable values $μ = μ_{1}$ .

Parameters $μ = μ_{1}$	0.2	0.3	0.4	0.5	0.6	0.7	0.8
Triggering number under DADETM	52	50	48	46	42	42	41
Triggering number under SETM	82	77	77	79	77	73	70

Conclusion and future work

This paper addresses the security control of NCSs under stochastic DoS attacks by utilizing DADETM. A probabilistic uncertain Markov model is employed to describe the occurrence of DoS attacks, accurately reflecting their randomness and uncertainty. Moreover, a controller is designed within the framework of the DADETM. The proposed DADETM determines triggering instants based on predefined conditions only during the sleep period of DoS attacks, while completely avoiding any triggering behavior during the active period. DADETM effectively eliminates ineffective triggering during the DoS attacks active period, thereby significantly preventing the wastage of triggering resources. Finally, the effectiveness of the proposed theory is verified by applying a DLSRM system.

There are still some issues that merit further investigation. The DADETM can be enhanced by designing an adaptive law to adjust the triggering parameter based on the characteristics of DoS attacks or variations in system states. In addition, the potential presence of false positives and false negatives in the ACK detection mechanism should be taken into account. Future work will also aim to extend the proposed method to systems with partially measurable states.

Footnotes

Appendix A

Considering the following PLF:

(22)

\begin{matrix} V (k) = {\begin{matrix} V_{0} (k), & v (k) = 0 \\ V_{1} (k), & v (k) = 1 \end{matrix} \end{matrix}

First, considering the case $v (k) = 0$ , the Lyapunov function is as follows:

(23)

V_{0} (k) = x^{T} (k) P_{0} x (k)

where $P_{0} > 0$ . The difference equation of the Lyapunov function $V_{0} (k)$ is defined as $Δ V_{0} (k) = E {V (k + 1) | x (k), i = 0} - V (k)$ .

Then:

(24)

\begin{matrix} Δ V_{0} (k) - δ_{0} V_{0} (k) \\ = & x^{T} (k + 1) \sum_{j = 0}^{1} ρ_{0 j} P_{j} x (k + 1) - {\bar{δ}}_{0} x^{T} (k) P_{0} x (k) \\ = & x^{T} (k) [A^{T} (ρ_{00} P_{0} + ρ_{01} P_{1}) A] x (k) - {\bar{δ}}_{0} x^{T} (k) P_{0} x (k) \\ = & x^{T} (k) [A^{T} Λ_{α 1} A - {\bar{δ}}_{0} P_{0} + m_{α} (k) A^{T} Λ_{α 2} A] x (k) \\ = & x^{T} (k) Θ x (k) \end{matrix}

where $Λ_{α 1} = α_{0} P_{0} + (1 - α_{0}) P_{1}$ , $Λ_{α 2}$ = $α_{1} P_{0} - α_{1} P_{1}$ . Based on Lemma 1 and (24), we first consider the case where $m_{α} (k)$ takes its upper bound ${\bar{m}}_{α}$ , in which $Θ = Θ_{1}$ , then:

(25)

\begin{matrix} Θ_{1} = & A^{T} Λ_{α 1} A - {\bar{δ}}_{0} P_{0} + {\bar{m}}_{α} A^{T} Λ_{α 2} A \\ = & - {\bar{δ}}_{0} P_{0} - A^{T} \sum_{j = 0}^{1} {\bar{ρ}}_{0 j} P_{j} (- P_{j}^{- 1}) P_{j} A \end{matrix}

Similarly, when $m_{α} (k)$ takes its lower bound ${\underset{̲}{m}}_{α}$ , in which $Θ = Θ_{2}$ , then:

(26)

\begin{matrix} Θ_{2} = - (1 + δ_{0}) P_{0} - A^{T} \sum_{j = 0}^{1} {\underset{̲}{ρ}}_{0 j} P_{j} (- P_{j}^{- 1}) P_{j} A \end{matrix}

Defining $X_{0} = P_{0}^{- 1}$ and $X_{1} = P_{1}^{- 1}$ , The conditions $Θ_{1} < 0$ and $Θ_{2} < 0$ , by applying the Schur complement lemma and pre- and post-multiplying by $diag {X_{0}, X_{0}, X_{1}}$ , are equivalent to (15) and (16). Based on Lemma 1, it can be concluded that:

(27)

\begin{matrix} E V_{0} (k + 1) < E {\bar{δ}}_{0} V_{0} (k) \end{matrix}

Next, considering another case with $v (k) = 1$ , the Lyapunov function is designed as follows:

(28)

V_{1} (k) = x^{T} (k) P_{1} x (k)

where $P_{1} > 0$ . The difference equation of the Lyapunov function $V_{1} (k)$ is defined as $Δ V_{1} (k) = E {V (k + 1) | x (k), i = 1} - V (k)$ , Similarly, it follows that:

(29)

\begin{matrix} Δ V_{1} (k) + δ_{1} V_{1} (k) \\ \leq & Δ V_{1} (k) + μ x^{T} (k) Ω x (k) - e^{T} (k) Ω e (k) + δ_{1} V_{1} (k) \\ \leq & x^{T} (k + 1) \sum_{j = 0}^{1} ρ_{1 j} P_{j} x (k + 1) - {\bar{δ}}_{1} x^{T} (k) P_{1} x (k) + μ x^{T} (k) Ω x (k) \\ - e^{T} (k) Ω e (k) \\ \leq & η^{T} (k) Φ^{T} \sum_{j = 0}^{1} ρ_{1 j} P_{j} Φ η (k) - e^{T} (k) Ω e (k) - {\bar{δ}}_{1} x^{T} (k) P_{1} x (k) \\ + μ x^{T} (k) Ω x (k) \leq η^{T} (k) Γ η (k) \end{matrix}

where $Φ = [A + BK BK]$ , $η (k) = {[x^{T} (k) e^{T} (k)]}^{T}$ . To facilitate subsequent expressions, we define $A_{1} = A + BK$ and $B_{1} = BK$ . Considering that:

(30)

\begin{matrix} Π_{1} = & A_{1}^{T} [ρ_{10} P_{0} + ρ_{11} P_{1}] A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω \\ = & A_{1}^{T} Λ_{β 1} A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω + m_{β} (k) A_{1}^{T} Λ_{β 2} A_{1} \end{matrix}

where $Λ_{β 1} = β_{0} P_{0} + (1 - β_{0}) P_{1}$ , $Λ_{β 2} = β_{1} P_{0} - β_{1} P_{1}$ . Based on equation (30), it is easy to obtain that:

(31)

\begin{matrix} Γ & = [\begin{matrix} A_{1}^{T} Λ_{β 1} A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω & A_{1}^{T} Λ_{β 1} B_{1} \\ * & B_{1}^{T} Λ_{β 1} B_{1} - Ω \end{matrix}] \\ + m_{β} (k) [\begin{matrix} A_{1}^{T} Λ_{β 2} A_{1} & A_{1}^{T} Λ_{β 2} B_{1} \\ * & B_{1}^{T} Λ_{β 2} B_{1} \end{matrix}] \end{matrix}

Based on Lemma 1 and (31), we consider the case as follows.

First, considering the case where $m_{β} (k)$ takes its lower bound ${\underset{̲}{m}}_{β}$ , (30) can be further rewritten as:

(32)

\begin{matrix} A_{1}^{T} (Λ_{β 1} + {\underset{̲}{m}}_{β} Λ_{β 2}) A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω \\ = & A_{1}^{T} [(β_{0} + β_{1} {\underset{̲}{m}}_{β}) P_{0} + (1 - β_{0} - β_{1} {\underset{̲}{m}}_{β}) P_{1}] A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω \\ = & A_{1}^{T} \sum_{j = 0}^{1} {\underset{̲}{ρ}}_{1 j} P_{j} A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω \\ = & A_{1}^{T} N_{1} A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω \end{matrix}

where $N_{1} = \sum_{j = 0}^{1} {\underset{̲}{ρ}}_{1 j} P_{j}$ . With $Γ = Γ_{1}$ , then:

(33)

\begin{matrix} Γ_{1} = & [\begin{matrix} A_{1}^{T} N_{1} A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω & A_{1}^{T} N_{1} B_{1} \\ * & B_{1}^{T} N_{1} B_{1} - Ω \end{matrix}] \end{matrix}

By applying the Schur complement lemma and pre- and post-multiplying (33) by $diag {X_{1}, X_{1}, X_{0}, X_{1}}$ , $Γ_{1} < 0$ is equivalent to (20).

Similarly, it can be derived that when $m_{β} (k)$ takes its upper bound ${\bar{m}}_{β}$ , then $N_{2} = \sum_{j = 0}^{1} {\bar{ρ}}_{1 j} P_{j}$ . With $Γ = Γ_{2}$ , one has:

(34)

\begin{matrix} Γ_{2} = & [\begin{matrix} A_{1}^{T} N_{2} A_{1} - {\bar{δ}}_{1} P_{1} + μ Ω & A_{1}^{T} N_{2} B_{1} \\ * & B_{1}^{T} N_{2} B_{1} - Ω \end{matrix}] \end{matrix}

By applying the Schur complement lemma and pre- and post-multiplying (34) by $diag {X_{1}, X_{1}, X_{0}, X_{1}}$ , it can be seen that $Γ_{2} < 0$ is equivalent to (21).

Then, based on (33), (34), and Lemma 1, it can be concluded that:

(35)

\begin{matrix} E V_{1} (k + 1) \leq E {\bar{δ}}_{1} V_{1} (k) \end{matrix}

Under condition (17), (17) is equivalent to $P_{0} \leq θ P_{1}$ and $P_{1} \leq θ P_{0}$ , and we can get:

(36)

\begin{matrix} E V_{0} (k) \leq θ E V_{1} (k), E V_{1} (k) \leq θ E V_{0} (k) \end{matrix}

First, considering the case when DoS attacks do not occur at time k, that is, let $V (k) = V_{1} (k)$ . By (27), (35), and (36), it derives that:

(37)

\begin{matrix} E V (k) & \leq {\bar{δ}}_{1} E V_{1} (k - 1) \\ ⋮ \\ \leq {\bar{δ}}_{0}^{ζ} {\bar{δ}}_{1}^{k - ζ} θ^{ϖ} V (0) \\ \leq e^{ζln {\bar{δ}}_{0} + (k - ζ) \ln {\bar{δ}}_{1} + ϖlnθ} V (0) \end{matrix}

where ζ represents the total duration of DoS attacks from time 0 to k, and ϖ represents the switching frequency of DoS attacks occurring from time 0 to k.

For the other scenario, when the attack occurs at time k, one can obtain the similar result.

Considering $\bar{ζ} = \frac{ζ}{k}$ , then:

(38)

\begin{matrix} ζ \ln {\bar{δ}}_{0} + (k - ζ) \ln {\bar{δ}}_{1} \\ = & k (\bar{ζ} \ln {\bar{δ}}_{0} + (1 - \bar{ζ}) \ln {\bar{δ}}_{1}) \end{matrix}

Based on (18), it derives that:

(39)

\begin{matrix} \bar{ζ} \ln {\bar{δ}}_{0} + (1 - \bar{ζ}) \ln {\bar{δ}}_{1} \leq \ln δ_{2} \end{matrix}

In sequel, one has:

(40)

\begin{matrix} ζln {\bar{δ}}_{0} + (k - ζ) \ln {\bar{δ}}_{1} \leq k \ln δ_{2} \end{matrix}

Considering the worst case with $\max {ϖ} = k$ , (37) can be rewritten as:

(41)

\begin{matrix} E V (k) & \leq e^{k \ln δ_{2} + ϖlnθ} V (0) \\ \leq e^{k \ln δ_{2} + k \frac{ϖ}{k} lnθ} V (0) \\ \leq {(δ_{2} θ)}^{k} V (0) \end{matrix}

Due to the fact that:

(42)

\begin{matrix} ς E ∥ x (k) ∥^{2} \leq E V (k), V (0) \leq τ ∥ x (0) ∥^{2} \end{matrix}

where $ς = \min {λ_{\min} {P_{0}}, λ_{\min} {P_{1}}}$ , $τ = \max {λ_{\max} {P_{0}},$ $λ_{\max} {P_{1}}}$ , it can be concluded that:

(43)

\begin{matrix} E ∥ x (k) ∥^{2} \leq \frac{τ}{ς} {(δ_{2} θ)}^{k} E ∥ x (0) ∥^{2} \end{matrix}

Therefore, combining (19) and Definition 1, the system (13) is AMSS, and the controller gain K and the event-triggering weighting matrix Ω can be determined as follows:

Ω = X_{1}^{- 1} \tilde{Ω} X_{1}^{- 1}, K = Y^{T} X_{1}^{- 1}

Thus, the proof is completed.

Acknowledgements

This work is supported in part by the National Natural Science Foundation of China under grant 62003124 and in part by the Natural Science Foundation of Hebei Province under grants F2024202009 and F2025202043.

Declaration of conflicting interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The authors received no financial support for the research, authorship, and/or publication of this article.

ORCID iDs

Hongchao Li

Jiao Liu

Data availability statement

Data sharing not applicable to this article as no datasets were generated or analyzed during the current study.

References

Befekadu

Gupta

Antsaklis

(2015) Risk-sensitive control under Markov modulated denial-of-service (DoS) attack strategies. IEEE Transactions on Automatic Control 60(12): 3299–3304.

Coutinho

PHS

Bessa

Pessim

PSP

, et al. (2023) A switching approach to event-triggered control systems under denial-of-service attacks. Nonlinear Analysis: Hybrid Systems 50: 101383.

De Persis

Tesi

(2015) Input-to-state stabilizing control under denial-of-service. IEEE Transactions on Automatic Control 60(11): 2930–2944.

Ding

Han

Xiang

, et al. (2018a) A survey on security control and attack detection for industrial cyber-physical systems. Neurocomputing 275: 1674–1683.

Ding

Wang

Han

, et al. (2018b) Security control for discrete-time stochastic nonlinear systems subject to deception attacks. IEEE Transactions on Systems, Man, and Cybernetics: Systems 48(5): 779–789.

Ding

Ren

Shi

(2016) Deception-based sensor scheduling for remote estimation under DoS attacks. IFAC-PapersOnLine 49(22): 169–174.

Ding

Wang

Zhang

(2018c) Event-triggered control for a class of non-linear systems: An exponential approximation method. IET Control Theory & Applications 12(10): 1491–1496.

Dong

Kim

(2014) Experimental analysis and implementation of a multiscale wireless/wired networked control system. International Journal of Control, Automation and Systems 12: 102–110.

Han

Zhang

, et al. (2021) Dynamic event-triggered control and estimation: A survey. International Journal of Automation and Computing 18(6): 857–886.

10.

Han

Zhong

, et al. (2019) Distributed Krein space-based attack detection over sensor networks under deception attacks. Automatica 109: 108557.

11.

Yue

Tian

(2018) On designing of an adaptive event-triggered communication scheme for nonlinear networked interconnected control systems. Information Sciences 422: 257–270.

12.

Han

Lian

(2022) Event-triggered control of networked switched systems under network attacks. Transactions of the Institute of Measurement and Control 44(6): 1334–1343.

13.

Chen

(2019) Challenging research for networked control systems: A survey. Transactions of the Institute of Measurement and Control 41(9): 2400–2418.

14.

Shi

(2019) Research on secure control and communication for cyber-physical systems under cyber-attacks. Transactions of the Institute of Measurement and Control 41(12): 3421–3437.

15.

Liu

Zhou

Xiang

(2024) Adaptive event-triggered dynamic output feedback control for networked control systems under hybrid attacks. IET Control Theory & Applications 18(1): 1–13.

16.

Yang

(2018) Distributed consensus control for multi-agent systems under denial-of-service. Information Sciences 439: 95–107.

17.

Wang

Fan

, et al. (2024) Secure stabilization of networked Lur’e systems suffering from DoS attacks: a resilient memory-based event-trigger mechanism. IEEE Transactions on Information Forensics and Security 19: 4658–4669.

18.

Pasqualetti

Dörfler

Bullo

(2013) Attack detection and identification in cyber-physical systems. IEEE Transactions on Automatic Control 58(11): 2715–2729.

19.

Peng

Fei

(2017) Resilient event-triggering h_∞ load frequency control for multi-area power systems with energy-limited DoS attacks. IEEE Transactions on Power Systems 32(5): 4110–4118.

20.

Peng

Sun

(2020) Switching-like event-triggered control for networked control systems under malicious denial of service attacks. IEEE Transactions on Automatic Control 65(9): 3943–3949.

21.

Qiu

Shi

Pan

, et al. (2016) Networked h_∞ controller design for a direct-drive linear motion control system. IEEE Transactions on Industrial Electronics 63(10): 6281–6291.

22.

Qiu

Xiang

Wen

, et al. (2023) Predictive output feedback control of networked control system with Markov DoS attack and time delay. International Journal of Robust and Nonlinear Control 33(5): 3376–3395.

23.

Zhao

(2023) Event-triggered h_∞ control for switched interval type-2 fuzzy systems under denial-of-service. International Journal of Robust and Nonlinear Control 33(3): 2219–2237.

24.

Shaukat

Khan

Ali

, et al. (2018) A survey on electric vehicle transportation within smart grid system. Renewable and Sustainable Energy Reviews 81: 1329–1349.

25.

Shen

Fei

(2019) Cyber security study for power systems under denial of service attacks. Transactions of the Institute of Measurement and Control 41(6): 1600–1614.

26.

Tabuada

(2007) Event-triggered real-time scheduling of stabilizing control tasks. IEEE Transactions on Automatic Control 52(9): 1680–1685.

27.

Tian

Wang

(2024) Switching-like dynamic event-triggered load frequency control for multi-area power systems with electric vehicles under DoS attacks. Journal of the Franklin Institute 361(1): 513–525.

28.

Wang

Chen

Wang

, et al. (2019) Cooperative tracking control of multiagent systems: A heterogeneous coupling network and intermittent communication framework. IEEE Transactions on Cybernetics 49(12): 4308–4320.

29.

Wang

Feng

(2023) Dynamic event-triggered h_∞ filtering for NCSs under multiple cyber-attacks. IEEE Transactions on Systems, Man, and Cybernetics: Systems 53(8): 4705–4714.

30.

Wang

Zhang

Yang

, et al. (2024) Dynamic state estimation of distribution network under Markov DoS attack. Electronics Letters 60(18): e70023.

31.

Wang

Fan

, et al. (2025) An interval-appointed looped-functional approach for switching event-triggered systems with input saturation and its application to memory-based event-triggered control. IEEE Transactions on Control of Network Systems 12(2): 1478–1487.

32.

Yang

Wang

, et al. (2020) Observer-based event-triggered h_∞ control for asynchronous switched delay systems. Transactions of the Institute of Measurement and Control 42(12): 2254–2261.

33.

Cheng

Zhang

, et al. (2023) Event-triggered-based h_∞ control for Markov jump cyber-physical systems against denial-of-service attacks. Applied Mathematics and Computation 451: 128030.

34.

Zhang

Feng

(2021) A new switched system approach to leader-follower consensus of heterogeneous linear multiagent systems with DoS attack. IEEE Transactions on Systems, Man, and Cybernetics: Systems 51(2): 1258–1266.

35.

Zhang

Pan

, et al. (2024) Switching-like event-triggered tracking control for UAH/UGV systems under external disturbance and DoS attacks. International Journal of Robust and Nonlinear Control 34(9): 6259–6283.

36.

Zhang

Zheng

(2018) Denial-of-service power dispatch against linear quadratic control via a fading channel. IEEE Transactions on Automatic Control 63(9): 3032–3039.

37.

Zhang

Han

, et al. (2020) Resilient control design based on a sampled-data model for a class of networked control systems under denial-of-service attacks. IEEE Transactions on Cybernetics 50(8): 3616–3626.

38.

Zhuang

Zhu

Xie

, et al. (2025) Event-based h_∞ fuzzy control for implicit hybrid AVS systems embedding acceleration characteristic under random deception and DoS attacks. IEEE Transactions on Automation Science and Engineering 22: 6154–6167.