In this paper, a threat discrimination methodology is proposed for cyber-physical systems with eventtriggered
data communication, aiming to identify sensor bias faults from two possible types of threats:
replay attacks and sensor bias faults. Event-triggered adaptive estimation and backward-in-time signal
processing are the main techniques used. Specifically, distinct incremental systems of the eventtriggered
cyber-physical system resulting from the considered threat types are established for each
threat type, and the difference between their inputs are found and utilized to discriminate the threats.
An event-triggered adaptive estimator is then designed by using the event-triggered sampled data
based on the system in the attack case, allowing to reconstruct the unknown increments in both the
threat cases. The backward-in-time model of the incremental system in the replay attack case is proposed
as the signal processor to process the reconstructions of the increments. Such a model can
utilize the aforementioned input difference between the incremental systems such that its output has
distinct quantitative properties in the attack case and in the fault case. The fault discrimination condition
is rigorously investigated and characterizes quantitatively the class of distinguishable sensor
bias faults. Finally, a numerical simulation is presented to illustrate the effectiveness of the proposed
methodology.
