In this paper, a threat discrimination methodology is proposed for cyber-physical systems with event-triggered data communication, aiming to identify sensor bias faults from two possible types of threats: replay attacks and sensor bias faults. Event-triggered adaptive estimation and backward-in-time signal processing are the main techniques used. Specifically, distinct incremental systems of the event-triggered cyber-physical system resulting from the considered threat types are established for each threat type, and the difference between their inputs are found and utilized to discriminate the threats. An event-triggered adaptive estimator is then designed by using the event-triggered sampled data based on the system in the attack case, allowing to reconstruct the unknown increments in both the threat cases. The backward-in-time model of the incremental system in the replay attack case is proposed as the signal processor to process the reconstructions of the increments. Such a model can utilize the aforementioned input difference between the incremental systems such that its output has distinct quantitative properties in the attack case and in the fault case. The fault discrimination condition is rigorously investigated and characterizes quantitatively the class of distinguishable sensor bias faults. Finally, a numerical simulation is presented to illustrate the effectiveness of the proposed methodology.

在本文中，针对具有事件触发数据通信的网络物理系统提出了一种威胁识别方法，旨在从两种可能的威胁类型中识别传感器偏差故障：重放攻击和传感器偏差故障。事件触发的自适应估计和时间后向信号处理是使用的主要技术。具体来说，为每种威胁类型建立由所考虑的威胁类型产生的事件触发的网络物理系统的不同增量系统，并发现它们的输入之间的差异并利用它们来区分威胁。然后，通过使用基于攻击案例中系统的事件触发采样数据设计事件触发自适应估计器，允许重建两种威胁案例中的未知增量。提出了重放攻击情况下增量系统的时间后向模型作为信号处理器来处理增量的重构。这种模型可以利用增量系统之间的上述输入差异，使其输出在攻击情况和故障情况下具有不同的定量特性。对故障鉴别条件进行了严格研究，并定量表征了可区分传感器偏置故障的类别。最后，通过数值模拟来说明所提出方法的有效性。这种模型可以利用增量系统之间的上述输入差异，使其输出在攻击情况和故障情况下具有不同的定量特性。对故障鉴别条件进行了严格的研究，并定量地表征了可区分的传感器偏置故障的类别。最后，通过数值模拟来说明所提出方法的有效性。这种模型可以利用增量系统之间的上述输入差异，使其输出在攻击情况和故障情况下具有不同的定量特性。对故障鉴别条件进行了严格的研究，并定量地表征了可区分的传感器偏置故障的类别。最后，通过数值模拟来说明所提出方法的有效性。