1 Introduction

Cyber-physical systems (CPSs) have been widely integrated in many application fields, such as intelligent transportation, power system, and medical device systems [1, 2, 35]. Multi-sensor fusion estimation is an information processing process that uses the observations from multiple sensors to complete the system state estimation under certain criteria. It is widely used in CPSs because of the high reliability and strong robustness [6, 7, 810]. However, due to its open connectivity, CPSs have become the target of malicious attackers. Eavesdropping attack is one of the typical network attacks [11, 12]. The security of CPSs has received a lot of attention, among which confidentiality is a basic security issue [13]. The data transmitted in channel is easily intercepted by eavesdropper over another channel. It can launch the complex attacks after analyzing a large amount of intercepted data, such as false data injection attacks [14]. Therefore, studying secure fusion estimation in presence of eavesdropper has great important theoretical and practical significance.

Encrypting messages to prevent eavesdropping has been studied from the perspective of information theory [15, 16]. The energy of sensors often comes from batteries, which limits their energy. Thus, it is difficult to exploit conventional strong encryption scheme due to the large energy demand. In recent years, secure communication problem has been studied by using physical layer information and artificial noise (AN). From the perspective of control theory, the concept of perfect encryption has been proposed. In [17], which required that the user's state estimation error is bounded, while the eavesdropper's estimation error tends to be unbounded over time. Then, an optimal confidentiality strategy against eavesdropper without feedback was given to obtain the perfect secrecy. Meanwhile, with feedback, similar results were derived in [18]. An event triggered sensor data scheduling strategy was designed to prevent eavesdropping by recurrent Markov chain in [19]. Moreover, considering the dynamic characteristics and physical layer information of the CPSs, state-secrecy codes was introduced to achieve the goal of perfect encryption for stable, unstable, and arbitrary systems in [2022]. Consider the operation cost, an optimal encryption schedule was proposed to improve system state confidentiality in [23]. Under the distributed framework, the problem of secure fusion estimation with state privacy protection was studied in [24], where perfect secrecy was achieved by injecting AN. In the framework of state component transmission, an AN design strategy based on the system parameters was developed, which makes the eavesdroppers’ fusion error covariance became worse in [25]. Then, the strategies for actively polluting local estimation components were presented to enhance the privacy level of local estimates in [26]. The finite-horizon energy-to-peak state estimation issue was considered for time-varying systems in [27], where the desired time-varying estimator parameter was designed for online computation. For a networked system with multi-rate measurements, a novel encryption-decryption scheme was proposed to protect the privacy of the system state in [28]. Under the constraint of sensor energy, the confidentiality fusion estimation against eavesdroppers algorithm was proposed in [29] by combining event triggers and artificial noise. Recently, the AN based on the channel gain matrix was introduced to maintain confidentiality for distributed fusion estimation in [30]. However, the injected AN consumed more sensor energy, which added the challenge of anti-eavesdropping strategy design.

Based on the above-analysis, we shall study the event-based confidentiality fusion estimation problem with limited sensor energy for CPSs. To save the sensor power, we do not encrypt signals, but schedule the transmission based on event triggers. In our scenario, the sensors transmitting their outputs to a user, where all transmission channels may be tapped by the eavesdroppers. Under this case, the eavesdroppers can obtain an accurate state estimation result through the fusion estimation method. From the user's perspective, in order to protect state privacy, each local sensor needs to design rules for transmitting local estimates to prevent the eavesdropper from getting the real system state through fusion estimation. This is the most important goal of this article, and the main contributions include: (1) We provide some sufficient conditions about the threshold of event triggering to achieve perfect expected secrecy. (2) The event-based distributed confidentiality fusion estimation algorithm is proposed to ensure the effective of the transmission scheduling strategy.

2 Problem formulation

2.1 System model

The system structure is shown in Fig. 1, which is described by the following physical model:

$$\begin{gathered} x(t + 1) = Ax(t) + w(t) \hfill \\ y_{i} (t) = C_{i} x(t) + v_{i} (t)\quad (i = 1,2,...,L) \hfill \\ \end{gathered}$$
(1)

where \(x(t) \in R^{n}\) is state vector with dimension n, and \(y_{i} (t) \in R^{{q_{i} }}\) is sensor observation value of the i-th sensor with dimension qi. \(w(t)\) and \(v_{i} (t)\) are Gaussian white noise with zero mean value, and the variances are \(Q\) and \(R_{i}\) respectively. L means there are L sensors to observe the system state. Assume that the matrix pair \((C_{i} ,A)\) is detectable and \((A,Q^{1/2} )\) is controllable.

Fig. 1
figure 1

Block diagram of the system model

Full size image

In our scenario, all sensors are smart sensors with computing capability [31]. At time t, the i-th sensor observes the physical process to obtain the observation \(y_{i} (t)\). After collecting the observations until time t, the information set of the ith local estimator is given as \({\text{Y}}_{i} (t)=y_{i} (1), \ldots ,y_{i} (t)\) with \({\text{Y}}_{i} ( - 1) = \emptyset\). Further, define

$$\left\{ \begin{array}{l} \hat{x}_{i}^{ - } (t) \triangleq {\text{E}}[x(t)|{\text{Y}}_{i} (t - 1)],\hat{y}_{i}^{ - } (t) \triangleq {\text{E}}[y_{i} (t)|{\text{Y}}_{i} (t - 1)] \hfill \\ e_{i}^{ - } (t) \triangleq x(t) - \hat{x}_{i}^{ - } (t),P_{i}^{ - } (t) \triangleq {\text{E}}[e_{i}^{ - } (t)e_{i}^{ - T} (t)|{\text{Y}}_{i} (t - 1)] \hfill \\ \hat{x}_{i} (t) \triangleq {\text{E}}[x(t)|{\text{Y}}_{i} (t)],e_{i} (t) \triangleq x(t) - \hat{x}_{i} (t), \hfill \\ P_{i} (t) \triangleq {\text{E}}[e_{i} (t)e_{i}^{T} (t)|{\text{Y}}_{i} (t)] \hfill \\ \end{array} \right.$$
(2)

where \({\hat{x}}_{i}^{ - } (t)\)and \({\hat{x}}_{i} (t)\) are a priori and a posteriori MMSE estimates,\(P_{i}^{ - } (t)\) and \(P_{i} (t)\) are estimation error covariance, and E[·] represents the mathematical expectation. Recall from the standard Kalman filter [32], \(\hat{x}_{i} (t)\) and \(P_{i} (t)\) can be obtained according to the local estimator (LE) of the i-th sensor:

$$\left\{ \begin{array}{l} \hat{x}_{i}^{ - } (t) = A\hat{x}_{i} (t - 1),P_{i}^{ - } (t) = AP_{i} (t - 1)A^{T} + Q \hfill \\ K_{i} (t) = P_{i}^{ - } (t)C_{i}^{T} (C_{i} P_{i}^{ - } (t)C_{i}^{T} + R_{i} )^{ - 1} \hfill \\ \hat{x}_{i} (t) = \hat{x}_{i}^{ - } (t) + K_{i} (t)\Gamma_{i} (t),P_{i} (t) = [I_{n} - K_{i} (t)C_{i} ]P_{i}^{ - } (t) \hfill \\ \end{array} \right.$$
(3)

According to literature [33], it usually takes only a few iterations for \(P_{i} (t)\) to converge exponentially to the steady-state value. Therefore, for simplicity, let \(P_{i} (0)\) be the initial error covariance of the i-th sensor, and it is equal to \(\overline{P}_{ii}\). Further, we know that \(P_{i} (t) = \overline{P}_{ii}\) for all times t.

After obtaining the LE \(\hat{x}_{i} (t)\), the i-th sensor decides whether to transmit it to the fusion center (FC). We introduce the binary variable \(\alpha_{i} (t)\) to model the decision process. \(\alpha_{i} (t) = 1\) indicates that the LE \({\hat{x}}_{i} (t)\) is sent by the i-th sensor, otherwise it will not send. The channels between the sensors and the FC are not reliable, which may lead to data packet loss. In addition, the packets transmitted on the channel can be intercepted on another channel by eavesdroppers. Let the binary variable \(\beta_{i} (t) = 1\) and 0 denote whether the i-th LE is intercepted by the eavesdropper or not. Let the binary variable \(\gamma_{i} (t) = 1\) and 0 denote whether the i-th LE is successfully received by the user or not.

In the FC, in order to obtain accurate state estimation, user and eavesdropper use the weighted matrix fusion method to obtain the final state estimation based on the received LE. To avoid symbol misuse, the fusion estimation of the user’s FC is taken as an example to illustrate how to implement the weighted matrix fusion algorithm. Let \(h\) and \(h^{k}\) be functions. In specific, \(h(X) \triangleq AXA^{T} + Q\) and \(h^{k} (X) \triangleq \underbrace {h \circ h \circ \cdots \circ h}_{{\quad \quad k\;{\text{times}}}}(X)\). According to [34, 35], if \(k_{1} \le k_{2}\),\(k_{1} ,k_{2} \in Z^{ + }\), then \(\overline{P}_{ii} < h^{{k_{1} }} (\overline{P}_{ii} ) \le h^{{k_{2} }} (\overline{P}_{ii} )\).

In the user’s FC, the LE of the i-th sensor cannot be successfully received in two cases by. One is that the i-th sensor does not send LE to the FC, in which case \(\alpha_{i} (t) = 0\). The second is that the i-th LE is sent, but packet loss occurs in the channel with \(\gamma_{i} (t) = 0\). In this case, it needs to perform a one-step prediction compensation on the local estimate. Therefore, the final LE \(\hat{x}_{i}^{u} (t)\) and covariance \(P_{ii}^{u} (t)\) is computed as

$$(\hat{x}_{i}^{u} (t),P_{ii}^{u} (t)) = \left\{ {\begin{array}{*{20}l} {(\hat{x}_{i} (t),\overline{P}_{ii} ),} \hfill & {if\;\alpha_{i} (t)\gamma_{i} (t) = 1} \hfill \\ {(A\hat{x}_{i}^{u} (t - 1),h(P_{ii}^{u} (t - 1))),} \hfill & {otherwise} \hfill \\ \end{array} } \right.$$
(4)

Further, the distributed matrix-weighted fusion filter \(\hat{x}_{{}}^{u} (t)\) can be obtained by4

$$\hat{x}^{u} (t) = \sum\limits_{i = 1}^{L} {W_{i} (t)\hat{x}_{i}^{u} (t)}$$
(5)

where,

$$\sum\limits_{i = 1}^{L} {W_{i} (t) = I_{n} }$$
(6)

Then, define \(\Xi (t) \triangleq \left[ {\begin{array}{*{20}l} {P_{11}^{u} (t) \ldots P_{1L}^{u} (t)} \hfill \\ {\;\quad \vdots \quad \quad \quad \vdots } \hfill \\ {P_{L1}^{u} (t) \ldots P_{LL}^{u} (t)} \hfill \\ \end{array} } \right]\), where \(P_{ij}^{u} (t)\) (i ≠ j) is cross-covariance matrix between any two LEs, which is calculated by:

$$P_{ij}^{u} (t) = [I_{n} - K_{i} (t)C_{i} ][AP_{ij}^{u} (t - 1)A^{T} + Q][I_{n} - K_{j} (t)C_{j} ]^{T}$$
(7)

It usually takes only a few iterations for \(P_{ij}^{u} (t)\) to converge exponentially to the steady-state value [36]. For simplicity, we represent the initial error cross-covariance matrix as \(P_{ij} (0)\) for the i-th sensor, and it is equal to \(\overline{P}_{ij}\). Then, it can be concluded that \(P_{ij}^{u} (t) = \overline{P}_{ij}\) for all times t, and the initial of \(\Xi (0)\) is \(\left[ \begin{gathered} \overline{P}_{11} \ldots \;\overline{P}_{1L} \hfill \\ \;\; \vdots \;\;\;\;\;\quad \vdots \hfill \\ \overline{P}_{L1} \ldots \overline{P}_{LL} \hfill \\ \end{gathered} \right]\).

Under the linear minimum variance criterion, in terms of the result in [37], the optimal W1(t), W2(t),…,WL(t) in (6) can be given by:

$$[W_{1} (t), \ldots ,W_{L} (t)] = ((\Upsilon_{{}}^{s} )^{T} \Xi^{{{ - }1}} (t)\Upsilon_{{}}^{s} )^{ - 1} (\Upsilon_{{}}^{s} )^{T} \Xi^{{{ - }1}} (t)$$
(8)

where \(\Upsilon_{{}}^{s} = [I_{n} ,I_{n} , \ldots ,I_{n} ]^{T}\). Further, the fusion error covariance \(P^{u} (t) \triangleq {\text{E}}\{ (x(t) - \hat{x}^{u} (t))(x(k) - \hat{x}^{u} (t))^{T} \}.\) can be computed by:

$$P^{u} (t) = ((\Upsilon_{{}}^{s} )^{T} \Xi^{ - 1} (t)\Upsilon_{{}}^{s} )^{ - 1}$$
(9)

Remark 1

For the eavesdropper, if he is strong enough to eavesdrop on the transmission data of multiple sensors at the same time, he can use the intercepted LEs to obtain more accurate state estimation through fusion estimation method. This brings challenges to the distributed secure fusion estimation.

2.2 Problem of interest

First, we denote by pi the probability that the i-th sensor decides to send the LE to the FC. To prevent eavesdropping, the stochastic event triggering strategy is adopted for all sensors. In detail, the processor of the i-th sensor can generate a random variable \(\zeta_{i}\) at each time t. These variables obey a uniform distribution on (0, 1), i.e.,\(\zeta_{i} \sim U(0,1)\). The stochastic event triggers are given by

$$\alpha_{i} (t) = \left\{ {\begin{array}{*{20}l} {1,} \hfill & {0 < \zeta_{i} \le \eta_{i} ,} \hfill \\ {0,} \hfill & {\eta_{i} < \zeta_{i} < 1.} \hfill \\ \end{array} } \right.$$
(10)

Further, assume that each sensor always decides to send LE to the FC, i.e., \(\alpha_{i} (t) = 1\) for all time t. We model the packet drops and packet interceptions as i.i.d. over time, which are commonly used assumptions by researchers. In particular, we let \(\rho_{i}\) represent the probability that the i-th local estimate is intercepted by the eavesdropper. Similarly, \(\lambda_{i}\) denotes the probability that the i-th local estimate is received by the user. Thus, the channel model can be given as follows:

$$\left\{ \begin{gathered} \beta_{i} (t) = \left\{ {\begin{array}{*{20}l} {1,} \hfill & {{\text{with}}\;{\text{probability}}\;\rho_{i} ,} \hfill \\ {0,} \hfill & {{\text{with}}\;{\text{probability}}\;1 - \rho_{i} .} \hfill \\ \end{array} ,} \right. \hfill \\ \gamma_{i} (t) = \left\{ {\begin{array}{*{20}l} {1,} \hfill & {{\text{with}}\;{\text{probability}}\;\lambda_{i} ,} \hfill \\ {0,} \hfill & {{\text{with}}\;{\text{probability}}\;1 - \lambda_{i} .} \hfill \\ \end{array} } \right. \hfill \\ \end{gathered} \right.$$
(11)

Remark 2

In the description of physical layer security problems, knowing exactly the channel model of the eavesdropper for the user is a common assumption[38]. The channel gain can be obtained by using blind estimation, pilot-based estimation, etc. Under this case, knowing the probability \(\rho_{i}\) is less restrictive than knowing the exact eavesdropper’s channel model. In fact, \(\rho_{i}\) can be considered as the confidence level of the system designer on the ability of the eavesdropper to successfully eavesdrop data packs.

Next, the concept of perfect encryption is introduced in the following definition.

Definition 1

(Perfect Expected Secrecy) [17]. For any initial condition \(P(0)\), a secrecy mechanism achieve perfect expected secrecy if and only if both of the following condition hold:

$$\mathop{{\mathrm{lim}}}\limits_{t \to \infty } {\mathrm{Sup~Tr}}{\mathrm{\{E}}\{P^{u} (t)\} \} < \infty$$
(12)
$$\mathop{{\mathrm{lim}}}\limits_{t \to \infty } {\mathrm{Tr\{E}}\{P^{e} (t)\} \} = \infty$$
(13)

where the covariance of the state estimation error for the eavesdropper is denoted by \(P^{e} (t)\), Sup represents upper bound, and Tr denotes trace operator.

Remark 3

For any initial system estimation error covariance, when the data transmitted is encrypted according to a scheduling mechanism, the trace of the user's covariance tends to be bounded in the expected sense over time, while the trace of the eavesdroppers’ tends to be unbounded. In this case, the eavesdropper's state estimation error is infinite, and the accurate information of the system state cannot be obtained. Therefore, it can be said that perfect expected encryption is achieved under this encryption mechanism.

Further, the problems we need to solve is described as follows:

  1. (1)

    For the distributed fusion estimation, the first aim of this paper is to answer “how to design event-triggered data scheduler for the sensors so that the user's estimation error is convergent, but the estimation error for the eavesdropper will be unbounded”.

  2. (2)

    From the perspective of the defender, another goal is to design the event-triggered confidentiality fusion estimation algorithm, which guarantee the effectiveness of our data scheduling method.

3 Main results

For a stable system, as long as the eavesdropper has the system model parameters, the system state can be predicted in real time without eavesdropping, and the prediction error is always bounded. Therefore, we studies the problem of confidentiality fusion estimation for unstable systems. As pointed out in the literature [17], fusion estimation to against eavesdroppers for unstable systems is more interesting than that for stable systems. Let the spectral radius of A in the unstable system (1) satisfy \(\rho (A) > 1\). We will explore some sufficient conditions under which we can obtain the distributed security fusion estimation algorithm to protect state privacy.

Theorem 1

For the unstable system (1) with channel model (11), under the encryption mechanism (10), if the trigger thresholds of all sensors satisfy:

  1. (i)

    There is an positive integer i such that

    $$\eta_{i} > \frac{1}{{\lambda_{i} }}\left( {1 - \frac{1}{{\rho (A)^{2} }}} \right)$$
    (14)
  2. (ii)

    For any positive integer i, the following inequality holds

    $$\eta_{i} < \min \left\{ {\frac{1}{{\rho_{i} }}(1 - \rho (A)^{{ - \frac{2}{L}}} ),1} \right\}$$
    (15)

Then the Perfect Expected Secrecy can be obtained.

Proof

According to the Definition 1, we need to prove that Eqs. (12) and (13) holds simultaneously under condition (14) and (15). We first prove that the Perfect Expected Secrecy condition (12) is satisfied under the condition (14). Suppose that the event trigger threshold \(\eta_{i}\) of the s0th sensor satisfies \(\eta_{i} > \frac{1}{{\lambda_{i} }}(1 - \frac{1}{{\rho (A)^{2} }})\), then we have

$$\eta_{i} \lambda_{i} > 1 - \frac{1}{{\rho (A)^{2} }}$$
(16)

In this case, the probability that the user’s FC can successfully receive the LE of the \(s_{0}\)th sensor always satisfies \(p(\alpha_{i} (t)\gamma_{i} (t) = 1) > 1 - \frac{1}{{\rho (A)^{2} }}\). Then, according to [37], the estimation error covariance of the \(s_{0}\) th sensor is bounded, i.e. \(P_{ii}^{u} (t) < \infty\). Denote \(\Upsilon_{i}^{s} = [{\mathbf{0}}, \ldots ,I_{n} , \ldots ,{\mathbf{0}}]^{T} \in R^{nL \times n}\), where, the i-th block place is an identity matrix \(I_{n}\).\({\mathbf{0}}\) represents zero matrix with dimension n. Then, we have

$$\begin{aligned} P^{u} (t) & = ((\Upsilon_{{}}^{s} )^{T} \Xi^{{{ - }1}} (t)\Upsilon_{{}}^{s} )^{ - 1} \\ & = {(}(\Upsilon_{{}}^{s} )^{T} \Upsilon_{i}^{s} {)}^{T} ((\Upsilon_{{}}^{s} )^{T} \Xi^{{-1}} (t)\Upsilon_{{}}^{s} )^{ - 1} {(}(\Upsilon_{{}}^{s} )^{T} \Upsilon_{i}^{s} {)} \\ & = {[(}\Xi^{{{ - }1/2}} (t)\Upsilon_{{}}^{s} )^{T} {(}\Xi^{1/2} (t)\Upsilon_{i}^{s} )]^{T} \\ & \quad \times [{(}\Xi^{{{ - }1/2}} (t)\Upsilon_{{}}^{s} )^{T} \times {(}\Xi^{ - 1/2} (t)\Upsilon_{{}}^{s} )]^{ - 1} \\ & \quad \times {[(}\Xi^{{{ - }1/2}} (t)\Upsilon_{{}}^{s} )^{T} {(}\Xi^{1/2} (t)\Upsilon_{i}^{s} )] \\ & \le {(}\Xi^{1/2} (t)\Upsilon_{i}^{s} )^{T} {(}\Xi^{1/2} (t)\Upsilon_{i}^{s} ) = P_{ii}^{u} (t) < \infty \\ \end{aligned}$$
(17)

This means that as long as the LE error covariance of one sensor is bounded, the state error covariance obtained after the FC fuses all local estimates must be bounded. Therefore, the conditions (12) is satisfied.

Further, we prove that the Perfect Expected Secrecy condition (13) is satisfied under the condition (15). Let \(\Omega\) denote the event that the event triggers of all sensors are not triggered and all LEs are not successfully intercepted when the LEs are transmitted. \(\Omega^{ \bot }\) represents its complement. Further, we consider the probability of the event \(\Omega\) over the finite time N, one has

$$\begin{aligned} p_{e} (\Omega ) & = p_{e} (\alpha_{i} (t) = 0,\beta_{i} (t) = 0|\alpha_{i} (t) = 1) \\ & = \prod\limits_{i = 1}^{L} {\prod\limits_{t = 1}^{N} {(1 - p_{e} (\alpha_{i} (t) = 1) \times p_{e} (\beta_{i} (t) = 1|\alpha_{i} (t) = 1))} } \\ & = \prod\limits_{i = 1}^{L} {\prod\limits_{t = 1}^{N} {(1 - \eta_{i} \rho_{i} )} } \\ \end{aligned}$$
(18)

where \(t = 1,2, \ldots ,N,i = 1,2, \ldots ,L\).

Similar to (9), for all times N in event \(\Omega\), we have the terminal estimation error covariance for the eavesdropper \(P^{e} (N) = ((I_{{}}^{a} )^{T} (\sum^{e} (N))^{ - 1} I^{a} )^{ - 1}\). Then, according to the definition of \(\Omega\), we know that the eavesdropper cannot successfully intercept the LEs of all sensors at all times N. In this case, the eavesdropper can only perform one-step prediction instead of LE. According to (4), we have

$$\sum^{e} (N) = \left[ \begin{gathered} h^{N} (\overline{P}_{11} ) \ldots \;h^{N} (\overline{P}_{1L} ) \hfill \\ \;\; \vdots \;\;\;\;\;\quad \vdots \hfill \\ h^{N} (\overline{P}_{L1} ) \ldots h^{N} (\overline{P}_{LL} ) \hfill \\ \end{gathered} \right] \triangleq h^{N} (\sum (0))$$
(19)

where, \(h^{N} (\overline{P}_{ij} ) = A^{N} \overline{P}_{ij} (A^{T} )^{N} + \sum\limits_{s = 0}^{N - 1} {A^{s} Q(A^{T} )^{s} }\)

Taking the trace of terminal estimation error covariance \(P^{e} (N)\), one can get:

$$\begin{aligned} {\text{Tr}}\{ {\text{E}}\{ P^{e} (N)\} \} & = {\text{Tr}}\{ {\text{E}}\{ P^{e} (N)|\Omega \} \} p^{e} (\Omega ) \\ & \quad + {\text{Tr}}\{ {\text{E}}\{ P^{e} (N)|\Omega^{ \bot } \} \} p^{e} (\Omega^{ \bot } ) \\ & > {\text{Tr}}(I_{a}^{T} (\sum^{e} (N))^{ - 1} I_{a} )^{ - 1} p^{e} (\Omega ) \\ \end{aligned}$$
(20)

Then, there is an positive integer i, which makes the following equation hold:

$${\text{Tr}}\{ {\text{E}}\{ P^{e} (N)\} \} \; > \frac{1}{L}{\text{Tr}}(A^{N} \overline{P}_{ii} (A^{T} )^{N} )p^{e} (\Omega )$$
(21)

Furthermore, according to the condition (15), we can get \(\eta_{i} \rho_{i} < 1 - \rho (A)^{{ - \frac{2}{L}}}.\) Combing (21), the following inequality can be obtained:

$$\begin{aligned} {\text{Tr}}\{ {\text{E}}\{ P^{e} (N)\} \} & > \frac{1}{L}{\text{Tr}}(\overline{P}_{i} (A^{T} )^{N} A^{N} )\prod\limits_{i = 1}^{L} {\prod\limits_{k = 1}^{N} {(1 - \eta_{i} \rho_{i} )} } \\ & > \frac{1}{{L\rho (A)^{2N} }}{\text{Tr}}(\overline{P}_{ii} (A^{T} )^{N} A^{N} ) \\ \end{aligned}$$
(22)

Therefore, it can be concluded that \({\mathrm{Tr\{E}}\{ P^{e} (N)\}\} \to \infty\) when N goes to infinity, i.e.\(\mathop {{\mathrm{lim}}}\limits_{t \to \infty} {\mathrm{Tr\{E}}\{ P^{e} (t)\}\}= \infty.\)

Remark 4

The above theorem shows that as long as the event trigger threshold of one sensor is greater than \(\frac{1}{{\lambda_{i} }}(1 - \frac{1}{{\rho (A)^{2} }})\), the user’s fusion estimation error can be guaranteed to be bounded. On this basis, if the event trigger thresholds of all sensors are controlled to satisfy the condition (15), the state estimation error for eavesdropper will tend to be unbounded. For the perspective of user, to protect the privacy of state data from leakage, the event trigger thresholds should be reduced as much as possible when the condition (14) is satisfied. In this case, the probability that the eavesdropper successfully intercepts each local estimation is small, which makes the fusion estimation performance worse. In addition, the larger the number of sensors L is, the more local estimates the eavesdropper may intercept. Then, the user needs to reduce the event trigger threshold to a greater extent to ensure confidentiality. In the special case of only a single sensor with L = 1, the result \(1 - \rho (A)^{{ - \frac{2}{L}}}\) degenerate into \(1 - \frac{1}{{\rho^{2} (A)}}\), which is consistent with the result in literature [39].

Remark 5

The proposed stochastic event triggering strategy ensures that eavesdroppers cannot obtain the true system state information by fusing data from the local sensors intercepted on unreliable channels. At the same time, the energy of local sensors is saved under the event triggering mechanisms. It is worth noting that the fusion estimation performance of the user will also decrease. This is a compromise on the fusion estimation performance for the sake of confidentiality.

We provide two sufficient conditions for event triggered security fusion estimation above. Next, we present a distributed confidentiality fusion estimation algorithm to achieve the Perfect Expected Secrecy. The specific steps are as follows (Table 1):

Table 1 Event-triggered confidentiality fusion estimation against eavesdroppers algorithm
Full size table

4 Result and discussion

Consider a scene where two sensors observe a dynamic system. The model parameters are given as follows

$$A = \left[ {\begin{array}{*{20}c} {1.2} & 1 \\ {0.3} & {1.1} \\ \end{array} } \right],\;C_{1} = [1\quad 0],\;C_{2} = [1\quad 1],\;Q = \left[ {\begin{array}{*{20}c} 1 & {0.5} \\ {0.5} & 2 \\ \end{array} } \right],\;R_{1} = 1,\;R_{1} = 2.$$

Through several iterations, the steady-state covariance matrices can be obtained as:

$$\overline{P}_{11} = \left[ {\begin{array}{*{20}c} {{0}{{.8656}}} & {{0}{{.6412}}} \\ {{0}{{.6412}}} & {{2}{{.6544}}} \\ \end{array} } \right],\;\overline{P}_{22} = \left[ {\begin{array}{*{20}c} {{1}{{.1354}}} & { - {0}{{.3315}}} \\ { - {0}{{.3315}}} & {{1}{{.1855}}} \\ \end{array} } \right],\;\overline{P}_{12} = \left[ {\begin{array}{*{20}c} {{0}{{.0080}}} & {{0}{{.0602}}} \\ { - {0}{{.9288}}} & {{1}{{.2829}}} \\ \end{array} } \right].$$

Suppose that the probability \(\lambda_{i} \;(i = 1,2)\) of successful data reception between the user’s FC and the two local sensors are 0.7 and 0.9, respectively. Both channels are eavesdropped, and the data interception probability \(\rho_{i} \;(i = 1,2)\) are both 0.4. We can calculate the values of \(\frac{1}{{\lambda_{i} }}(1 - \frac{1}{{\rho (A)^{2} }})\;(i = 1,2)\) as 0.5080 and 0.3951 respectively, and the values \(\frac{1}{{\rho_{i} }}(1 - \rho (A)^{{ - \frac{2}{L}}} )\;(i = 1,2)\) are both 0.4932. All results are 1000 Monte Carlo simulations. To better interpret the simulation results, we define the following abbreviations: trace of error covariance (TEC), and trace of fusion error covariance (TFEC).

First, we do not set event triggers for all local sensors, and observe the fusion estimation performance for the eavesdropper and the user. In fact, this is equivalent to making the event trigger thresholds \(\eta_{i} \;(i = 1,2)\) of both sensors. The specific simulation results are shown in Figs. 2 and 3.

Fig. 2
figure 2

The TEC of final local estimates without event triggers

Full size image
Fig. 3
figure 3

The TFEC without event triggers

Full size image

Figure 2 shows the final LE error covariance curve of the eavesdropper and user’s FC, and Fig. 3 shows the trace curve of their fusion estimation error covariance. It is seen that the final LE error of the eavesdropper is much larger than that of the user. This is because the successful reception rate of the user's FC is higher than that of the eavesdropper. Notice that both the eavesdropper and the user can obtain much smaller estimation error than the final local estimation through the fusion estimation method. Therefore, the fusion estimation can greatly reduce the user's state estimation error, but at the same time, it may lead to more state privacy disclosure. Next, the anti-eavesdropping strategy based on event triggering is verified.

The stochastic event triggers are designed for two local sensors according to (10). Let the trigger thresholds combinations for two local sensors be (0.4, 0.4), (0.45, 0.9), (0.9, 0.9). The specific simulation results are shown in Figs. 4 and 5.

Fig. 4
figure 4

The TEC of final local estimate for the eavesdropper

Full size image
Fig. 5
figure 5

TFEC with different trigger thresholds

Full size image

Figure 4 shows the final local estimation curve of the eavesdropper’s FC, and Fig. 5 reflects the fusion estimation performance under different event trigger threshold combinations of two sensors. It is seen from Fig. 4 that the eavesdropper’s TEC grows unbounded when the communication rate between the sensors and the FC is low. From Fig. 5, when the trigger thresholds is selected as (0.4, 0.4), the eavesdropper’s estimation performance is poor. Its TFEC grows unbounded over time. This is because the sufficiency condition (15) is satisfied under this communication rate combination, so that the eavesdropper cannot obtain the real state information. In this case, the user's TFEC is bounded. This is because the user’s FC has a high successful rate of receiving data from the local sensors, which makes the sufficiency condition (14) satisfied. For other combinations, the conditions (14) and (15) are not satisfied at the same time. The eavesdropper can always obtain a bounded estimation error, which makes the event trigger invalid. Therefore, in order to prevent the disclosure of state privacy, the user must design smaller trigger thresholds so that the sufficiency conditions of Theorem 1 are satisfied.

5 Conclusions

This paper studied the state privacy protection of distributed fusion estimation for CPSs. The goal was to make the TFEC matrix of the eavesdropper become unbounded over time while the expected error covariance for the user remained bounded. The random event triggering strategy was adopted to maintain confidentiality. The relationship between event triggering thresholds and estimation performance in FC was established. Some sufficient conditions of trigger thresholds were derived to guarantee the Perfect Expected Secrecy. Finally, a simulation example was employed to verify the effectiveness of the proposed method. Future research topics include (1) the privacy protection for stable systems; (2) the perfect encryption strategies based on encryption and decryption, and (3) the encryption strategy design and security fusion estimation for nonlinear systems.