A sliding mode observer approach for attack detection and estimation in Autonomous Vehicle Platoons using event triggered communication

Delft University of Technology

A sliding mode observer approach for attack detection and estimation in Autonomous

Vehicle Platoons using event triggered communication

Keijzer, Twan; Ferrari, Riccardo M.G. DOI

10.1109/CDC40024.2019.9029315

Publication date 2019

Document Version Final published version Published in

Proceedings 2019 IEEE 58th Conference on Decision and Control (CDC 2019)

Citation (APA)

Keijzer, T., & Ferrari, R. M. G. (2019). A sliding mode observer approach for attack detection and estimation in Autonomous Vehicle Platoons using event triggered communication. In Proceedings 2019 IEEE 58th Conference on Decision and Control (CDC 2019) (pp. 5742-5747). IEEE .

https://doi.org/10.1109/CDC40024.2019.9029315 Important note

To cite this publication, please use the final published version (if applicable). Please check the document version above.

Copyright

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons. Takedown policy

Please contact us and provide details if you believe this document breaches copyrights. We will remove access to the work immediately and investigate your claim.

This work is downloaded from Delft University of Technology.

Green Open Access added to TU Delft Institutional Repository

'You share, we take care!' - Taverne project

https://www.openaccess.nl/en/you-share-we-take-care

Otherwise as indicated in the copyright section: the publisher

is the copyright holder of this work and the author uses the

Dutch legislation to make this work public.

A Sliding Mode Observer Approach for Attack Detection and Estimation in

Autonomous Vehicle Platoons using Event Triggered Communication

Twan Keijzer

Delft Centre for Systems and Control

Delft University of Technology

t.keijzer@tudelft.nl

Riccardo M.G. Ferrari

Delft Centre for Systems and Control

Delft University of Technology

r.ferrari@tudelft.nl

Abstract— Platoons of autonomous vehicles are being inves-tigated as a way to increase road capacity and fuel efficiency. Cooperative Adaptive Cruise Control (CACC) is one approach to controlling platoons longitudinal dynamics, which requires wireless communication between vehicles. In the present paper we use a sliding mode observer to detect and estimate cyber-attacks threatening such wireless communication. In particular we prove stability of the observer and robustness of the de-tection threshold in the case of event-triggered communication, following a realistic Vehicle-to-Vehicle network protocol.

I. INTRODUCTION

Autonomous vehicle platoons and Cooperative Adaptive Cruise Control (CACC) are topics that received significant attention by researchers in recent years [1]–[6]. CACC is a longitudinal cooperative control technique that allows platoons, or strings, of autonomous vehicles to coordinate themselves. The goal is to have vehicles in the platoon trav-elling closer together than human drivers, or non-cooperative control approaches like Adaptive Cruise Control, can. Ben-efits of this lower inter-vehicle spacing include better fuel efficiency and road utilization. Vehicles in a CACC platoon measure relative position and velocity of the preceding vehicle, and also communicate (see figure 1) in order to attain string stability, which is an important property resulting in dampening of velocity changes down the platoon [6].

Wireless communication i i+1 i-1 v vi v d i-1 i+1 i+1 di di-1 radar

Fig. 1. CACC equipped string of vehicles. The V2V communication is implemented wirelessly, and is subjected to a class of cyber attacks.

The reliance of CACC platoons on inter-vehicle wireless communications, be it periodic or event-triggered [7]–[9], may expose them to the same kind of threats as other networked control systems or Cyber-Physical Systems (CPS), such as Denial of Service (DoS), routing, replay and stealthy data injection attacks (see [10], [11]). Indeed, vulnerabilities of Vehicle-to-Vehicle (V2V) networks to cyber attacks have been investigated in [12]–[15]. While CACC can provide limited robustness to network induced effects such as random packet losses (see [16], [17]), the case of a malicious attacker targeting the (V2V) network should be addressed by dedicated detection and fault-tolerant control methods.

While the case of faults in autonomous vehicles forma-tions was addressed in [18] and [19] with an observer-based approach, few works dealt with cyber-attacks. [20] considered the problem of designing a model based observer

for detecting DoS attacks, which were characterised as an equivalent time delay in the communication network.

In this paper we are going to extend some preliminary results presented by the authors in [21], where a Sliding-Mode Observer (SMO) was introduced for estimating false data injection attacks. The contribution of the paper is twofold: we prove the stability of the SMO under event-triggered communication and less restrictive assumptions on measurement uncertainties, and we introduce robust adaptive attack detection thresholds for such a scenario. In particular, we will assume the vehicle platoon is using a realistic event-triggered communication protocol based on the current ETSI-ITS G5 V2V communication standard [22], [23].

The use of sliding mode observers for fault detection was pioneered by [24] and developed further by [25], [26], amongst others. By monitoring the so-called equivalent out-put injection(EOI), this method allows to estimate actuator and sensor faults or, as in [21] and the present case, a false data injection attack. Previous results considered continuous communication, and did not derive an adaptive detection threshold guaranteed to be robust against uncertainties or communication-induced effects. The literature on fault detec-tion for event-triggered systems, instead, includes works such as [27]–[29], which are concerned with the simultaneous de-sign of the triggering condition and the fault detector, while [30] addressed the case of asynchronous communication and packet loss for fault detection of networked control systems. While several works considered the case of event-triggered sliding mode control, such as [31]–[34], the present approach would be, to the best of the authors knowledge, the first contribution considering sliding mode observers for fault, or cyber-attack detection and estimation in systems where event–triggered communication is present.

The remainder of the paper is organized as follows. Section II introduces event-triggered CACC for a vehicle platoon and describes the attack and its effect on the platoon. Section III presents the sliding mode observer and character-izes its stability, and section IV presents the attack detection threshold and provides theoretical results on its robustness. Section V provides preliminary results on attack estimation. In sections VI and VII, respectively, the simulation results, and conclusion and future work are presented.

A. Notation

Throughout the paper, a notation such as xi will denote a

variable x pertaining to the i–th vehicle, while xi,(j) will

denote the j–th component of the vector xi.

2019 IEEE 58th Conference on Decision and Control (CDC) Palais des Congrès et des Expositions Nice Acropolis Nice, France, December 11-13, 2019

978-1-7281-1398-2/19/$31.00 ©2019 IEEE 5742

II. PROBLEMFORMULATION

A. Error Dynamics of a Platoon using CACC

In the present paper we will use the CACC formulation in [6] and its extension to event triggered communication introduced in [8], while the event-triggering condition will follow [22], [23]. We will consider a string of m ∈ N homogeneous vehicles (see Figure 1), each modeled as

" ˙pi(t) ˙vi(t) ˙ai(t) # = " _v i(t) ai(t) 1 τ(ui(t) − ai(t)) # , (1)

where pi(t), vi(t), ai(t) and ui(t) ∈ R are the position,

velocity, acceleration and the input of the i-th vehicle, re-spectively; furthermore, τ represents the engine’s dynamics. Each vehicle is assumed to measure its own local output yi ,

[pivi ai]>+ ξi and, with its front radar, the relative output

yi,i−1 , [di∆vi]>+ ηi, where di(t) , (pi−1(t)−pi(t)−L)

is the inter-vehicle distance, L is the length of each vehicle, ∆vi , vi−1− vi is the relative velocity and ξi and ηi are

the measurement uncertainties affecting the vehicle sensors. Assumption 1: For each i–th vehicle, the measurement uncertainties ξi and ηi are unknown but they are upper

bounded by known quantities ¯ξi and ¯ηi, i.e. |ξi,(j)(t)| ≤

¯

ξi,(j)(t) and |ηi,(j)(t)| ≤ ¯ηi,(j)(t) for all j, and all t.

The objective of the i–th vehicle is to keep a desired inter-vehicle distance dr,i using a constant time headway policy

dr,i(t) = ri+ hvi(t) , (2)

while making the relative velocity ∆vitend to zero in steady

state. in eq. (2) riand h are the desired distance at stand still,

and the time headway between the vehicles respectively. [6] Let us introduce the position error ei(t) , di(t) − dr,i(t)

and its time derivative ˙ei(t) = ∆vi− hai(t). In [6], a CACC

control law is initially proposed in ideal conditions, as the solution to the following equation

˙ ui(t) =

1

h[−ui(t) + (kpei(t) + kd˙ei(t)) + ui−1(t)] . (3) As can be seen from Eq. (3), the local control law depends on measured quantities, such as the relative position and velocity, which will be corrupted by noise. Furthermore, the control law depends on the intended acceleration of the preceding vehicle, ui−1(t), which shall be received through

a wireless V2V communication network.

In this paper the presence of measurement uncertainties and non-ideal communication are explicitly incorporated in the control law giving

˙ ui(t) = 1 h h −ui(t) +  kpeˆi(t) + kdˆ˙ei(t)  + ˜ui−1(t) i , (4)

where ˆei, ei+ ηi,(1)− hξi,(2), ˆ˙ei, ˙ei+ ηi,(2)− hξi,(3), and

˜

ui−1(t) = ui−1(t) + ∆ui−1(t) is the last received value of

ui−1(t). ∆ui−1will be further defined in subsection II-B.

By following similar steps as in [6] and [21], we can write the i–th vehicle error dynamics, under control law (4), as

Ei:

 ˙xei(t) = Aexei(t) + Beζi(t)

yei(t) = Cexei(t) + Deζi(t)

, (5)

where Ce= Deand the following quantities were introduced

Ae, " _{0 1 0} 0 0 1 −kp τ − kd τ − 1 τ # , Be, " _{0 0 0} 0 0 0 −kp τ − kd τ − 1 τ # Ce, _{1 0} 0 1 0 0 > , xei, "ei(t) ˙ei(t) ¨ ei(t) # , ζi, "_η i,(1)− hξi,(2) ηi,(2)− hξi,(3) ∆ui−1(t) # (6)

The stability and performance of the error dynamics Ei and

the string-stability of the platoon have been analysed in [6] and [8]. As the present paper is concerned with the design of a cyber-attack detection and estimation scheme, and not the event-triggered CACC control scheme itself, for well-posedness we will require the following

Assumption 2: Control law ui (Eq. (4)) and triggering

condition σ (Eq. (8)) are chosen such that, without cyber-attacks and when Assumption 1 holds, Ei is stable for each

vehicle i and string stability of the platoon is guaranteed. B. Attack and communication-induced effects

In this paper, following [8], [22], [23], the transmission of ui−1is assumed to be event triggered. Furthermore a

man-in-the-middle attackon the transmitted ui−1is considered. We

are not interested here in the actual implementation of the attack, for this, one can refer to [12]–[15]. For the observer, the effects of communication, ∆ui−1,C(t), and the attack,

φi(t), will be combined in ∆ui−1(t) = ∆ui−1,C(t) + φi(t).

The event-triggered communication causes a variable de-lay in the signal received by car i, defined as

τ0= 0, τl+1, inf {t ≥ τl: σ = 1} , (7)

where τl is the last transmission time, and σ is a triggering

condition based on the local measurements, yi−1, in car i−1:

σ , (t − τl≥ TH∨ (t − τl> TL∧

∃j = {1, 2} : |yi−1,(j)(τl) − yi−1,(j)(t)| ≥ ∆yL,(j))).

(8)

Here TL, TH and ∆yL ∈ R2 are user-designed parameters

that define, respectively, the minimum and maximum inter-triggering times, and the threshold for communication.

In summary, communication is triggered on changes in local measurements of car i−1 since the last communication. This is combined with a minimum and maximum inter-triggering time. The error introduced by the event-triggered communication is denoted by ∆ui−1,C(t).

III. SLIDINGMODE OBSERVER

In this section a Sliding Mode Observer (SMO) for the dynamics Ei in eq. (5) is presented. To this end, first the

change of variables z1,i=

h_x ei,(1) xei,(2) i , ζ1,i= ζi,(1) ζi,(2)  , z2,i= xei,(3), b = − 1

τ is performed in order to separate the

measured and unknown states, giving: h_z˙ 1,i ˙ z2,i i =hA11 A12 A21 A22 i h_z 1,i z2,i i +h_A 0

21ζ1,i+ b∆ui−1

i , (9) yei= z1,i+ ζ1,i. (10)

An observer design is presented, in eqs. (11) and (12), to make the states slide along y,i(t) = 0 even in the presence

of noise-, communication- and attack-induced effects.  ˆ˙z1,i ˆ˙z2,i  =hA11 A12 A21 A22 i h_ˆz 1,i ˆ z2,i i −hνi 0 i (11) 5743

νi(t) = (A11+ P )y,i(t) + Misgn(y,i(t)) (12)

Here Mi is a positive constant, and P ∈ R2×2 is a positive

definite matrix. Both are chosen to they verify the hypothesis of Theorem 1, to guarantee the SMO stability. The observer error dynamics can be written as in eqs. (13), (14).

1,i(t) = ˆz1,i(t) − z1,i(t)

2,i(t) = ˆz2,i(t) − z2,i(t)

y,i(t) = ˆz1,i(t) − (z1,i(t) + ζ1,i) = 1,i(t) − ζ1,i

(13) ˙i(t) =hA_A11 A12 21 A22 i i(t)−  νi(t)

A21ζ1,i(t) + b∆ui−1(t)

 (14)

Theorem 1: 1,i(t), under the observer dynamics in (14),

can be bounded by ¯1= ¯ζ if Mi> |A12¯2,i| +

 A11ζ¯

 . Proof: This proof will only consider the upper bound of 1,i(t), the lower bound can be proved in a similar manner. It

will be proven that if 1,i> ¯ζ, then ˙1,i< 0. This is sufficient

to prove ¯ζ ≥ 1,i∀ t. First note that 1,i> ¯ζ implies y,i> 0,

so the first row of eq. (14) can be rewritten to

˙1,i= P (ζ1,i− 1,i) + A11ζ1,i+ A122,i− Mi (15)

Substituting the condition on Mi gives

˙1,i<P (ζ1,i− 1,i) + (A11ζ1,i− |A11ζ|)¯

+ (A122,i− |A12¯2,i|) ≤ 0

(16) ¯

ζ, ¯2,iand other bounds are proven in the appendix.

In this paper, as in [24] and subsequent works on SMO-based fault estimation, the EOI, derived from νi, will be

used for estimating attacks [24]. The EOI used here will be obtained from the filter in eq. (17) [35].

νi,f il=

K

s + Kνi, (17) where K > 0 is a design constant and s is the Laplace domain complex variable.

IV. ATTACKDETECTIONTHRESHOLDS

As a novel contribution, we are introducing two pairs of robust attack detection thresholds on νi,f il, which are

guar-anteed against false alarms, even in the presence of mea-surement uncertainties and event-triggered communication. Each pair will comprise an upper and a lower bound on the values of νi,f il in non-attacked conditions. The two pairs

are termed One-Switch-Ahead (OSA) and Multiple-Switches-Ahead (MSA) thresholds, for reasons that will be apparent in next sections. For the sake of clarity, in Subsections IV-A and IV-B we will assume there is no event-triggered com-munication, i.e. ∆ui−1,C(t) = 0. The effects of its presence

on the thresholds will be illustrated in Subsection IV-C. For the sake of notation, we will assume that the SMO is initialized at time t0, and that sgn(y,i(t0)) = 1. This means

that between t0 and the next switch at t1, and all following

odd intervals [t2k t2k+1], with k ∈ N, the discontinuous

term νi and y,i(t) are positive, νi,f ilwill be increasing, and

1,i(t) will be decreasing. This is also shown in Figure 2.

Furthermore νi,f ilwill be initialised at νi,f il(t0) = 0 and we

will denote a threshold value calculated at tk by ¯νi,f il(tk).

For brevity, we will derive only the upper bound of each threshold, which is of interest in the odd time intervals, as the lower bounds and the behaviour during even time intervals can be obtained via similar reasoning.

A. One-Switch-Ahead (OSA) Threshold

Let us consider the behaviour of νi,f il during the odd

interval, [t2k t2k+1] (see Figure 2a). By introducing, in eq.

(18), the upper bound ¯ν on νi, the time domain solution to

(17) can be upper bounded during the interval as in eq. (19). ¯

ν =(A11+ P )(¯1+ ¯ζ)

+ Mi (18)

νi,f il(t) ≤ e−K(t−t2k)νi,f il(t2k) + (1 − e−K(t−t2k))¯ν (19)

Remark 1: The right-hand side of eq. (19) is an upper bound for νi,f il(t). However, it can be easily proved that

the inequality in eq. (19) will also hold in case of an attack. Therefore, it is not a valid threshold for attack detection.

Next, in eq. (19), the hypothetical maximum time between switches ¯t = max(t2k+1− t2k) can be defined as an upper

bound for t. It will be shown in the following that this bound can be exceeded in case of an attack, and therefore eq. 20 is a valid threshold for attack detection.

¯

νi,f il,OSA(t2k) = e−K¯tνi,f il(t2k) + (1 − e−K¯t)¯ν , (20)

¯

t corresponds to the longest time for which y,i = 1,i−

ζ1,i can stay positive. This is the case when 1,i decreases

from its maximum value, ¯1, to its minimum value, −¯1,

with a minimum rate ˙₁= min(| ˙1,i|). Note that, for this to

happen, ζ1,i< 1,iduring the whole time. This is visualised

in Figure 2b and results in the following expression for ¯t ¯

t = 2¯1

˙₁ (21)

The bounds, ¯1, ˙1, and ¯ζ are derived in theorem 1,

Appen-dices A and C respectively, and shown in eqs. (22)-(24).

¯ 1= ¯ζ =  ¯ηi,(1)+ h ¯ξi,(2) ¯ ηi,(2)+ h ¯ξi,(3)  (22) ˙₁= − |A12¯2,i| + Mi (23) ¯ 2,i= 2,i,0eA22t− 2A21ζ − b∆u¯ i−1 A22 (24) One can see in eq. 24 that ¯2,i depends on the attack. The

threshold is designed assuming no attack, so ∆ui−1 = 0.

Therefore, it is easy to check that if there is an attack, 2,i

can become bigger than ¯2,i (with ∆ui−1 = 0). Therefore

eq. 20 is a valid threshold for attack detection.

At t2(k+1) this threshold needs to be recalculated using a

new initial value of νi,f il(t2(k+1)), as illustrated in Figure 2.

This re-initialisation on the signal the threshold is attempting to bound leads to inconsistent detection. Even though an attack can cause detection between recalculations, it is also dependent on the noise behaviour. As before, ζ1,i < 1,i

needs to hold during ¯t for the threshold to be reached, and even though this chance is non-zero in case of an attack, in every period [t2k t2k+1] there is a large chance an attack

is not detected. Therefore in the next section a threshold is designed that is not dependent on νi,f il.

B. Multiple-Switches-Ahead (MSA) Threshold

The MSA threshold is based on the possible behaviour of νf il

over more than one switch ahead in time, after a hypothetical occurrence of the worst case behaviour considered for the OSA threshold.

5744

<latexit sha1_base64="0QvACNwo8PRIeui+CbJFFEl5zj0=">AAACnnicbVFNT9wwEPWmH9D0g48euVgsSD2hhEt7REKqeqmgpQsrbaKVM5nsWthOsB2qleUjR67tb+u/qbPkwC6MZOt53hu/sadoBDc2Sf4NohcvX73e2HwTv333/sPW9s7upalbDTiCWtR6XDCDgiscWW4FjhuNTBYCr4rr046/ukVteK1+2UWDuWQzxSsOzIbUhZ0m0+1hcpQsgz4FaQ+GpI/z6c7gLitraCUqC4IZM0mTxuaOactBoI+z1mDD4JrNcBKgYhJN7pa9enoYMiWtah2WsnSZfVzhmDRmIYuglMzOzTrXJZ/jJq2tvuSOq6a1qODBqGoFtTXtHk5LrhGsWATAQPPQK4U50wxs+J4VF8UBq0CsvMR1jtpUxseH9LHvshPQucMWmPBxnCn8DbWUTJXOZT+9D3snKgoXDn6Fz26w9C6bV1wI6g4yc9MyjQfrKhB+kub9PcGFDlPvw+DS9TE9BZfHR2nAP5LhyXE/wk2yR/bJJ5KSz+SEfCPnZESAzMg9+UP+RjT6Gn2Pzh6k0aCv+UhWIhr/B/QX0fk=</latexit> <latexit sha1_base64="S/DDsTbhtQjuUhlIVfhNXpLu9Co=">AAACnnicbVFNT9wwEPWmH9D0g48euVgsSD2hhEt7REKqeqmgpQsrbaKVM5nsWthOsB2qleUjR67tb+u/qbPkwC6MZOt53hu/sadoBDc2Sf4NohcvX73e2HwTv333/sPW9s7upalbDTiCWtR6XDCDgiscWW4FjhuNTBYCr4rr046/ukVteK1+2UWDuWQzxSsOzIbUhZ2m0+1hcpQsgz4FaQ+GpI/z6c7gLitraCUqC4IZM0mTxuaOactBoI+z1mDD4JrNcBKgYhJN7pa9enoYMiWtah2WsnSZfVzhmDRmIYuglMzOzTrXJZ/jJq2tvuSOq6a1qODBqGoFtTXtHk5LrhGsWATAQPPQK4U50wxs+J4VF8UBq0CsvMR1jtpUxseH9LHvshPQucMWmPBxnCn8DbWUTJXOZT+9D3snKgoXDn6Fz26w9C6bV1wI6g4yc9MyjQfrKhB+kub9PcGFDlPvw+DS9TE9BZfHR2nAP5LhyXE/wk2yR/bJJ5KSz+SEfCPnZESAzMg9+UP+RjT6Gn2Pzh6k0aCv+UhWIhr/B/ZP0fo=</latexit> <latexit sha1_base64="1lnloUXk2vJvKGpGZNteVyF2LmI=">AAACnnicbVHBbtQwEPWGFkpKoYUjF6vbSpyqZC9wrISEuCBaYNuVNtHKmUx2rdpOajugleUjR6702/o3dbY5dLcdydbzvDd+Y0/RCG5sktwOomdb289f7LyMd1/tvX6zf/D2wtStBhxDLWo9KZhBwRWOLbcCJ41GJguBl8XV546//I3a8Fr9sssGc8nmilccmA2pn3Y2mu0Pk5NkFfQxSHswJH2czQ4Gf7OyhlaisiCYMdM0aWzumLYcBPo4aw02DK7YHKcBKibR5G7Vq6fHIVPSqtZhKUtX2YcVjkljlrIISsnswmxyXfIpbtra6lPuuGpaiwrujapWUFvT7uG05BrBimUADDQPvVJYMM3Ahu9Zc1EcsArE2ktc56hNZXx8TB/6rjoBnTtsgQkfx5nCP1BLyVTpXPbD+7B3oqJw4eDX+OwaS++yRcWFoO4oM9ct03i0qQLhp2ne3xNc6DD1Pgwu3RzTY3AxOkkDPk+Gp6N+hDvkPTkkH0hKPpJT8pWckTEBMif/yH9yE9HoS/Qt+n4vjQZ9zTuyFtHkDviH0fs=</latexit> <latexit sha1_base64="HhO79TMKmnUP2cSubunW6Ecqkqw=">AAACnnicbVFNT9wwEPWGfkD6BeXIxeqC1BNK4NAekZCqXqrSj4WVNtHKmUx2LWwn2A7VyvKxR67lt/FvcJYc2KUj2Xqe98Zv7CkawY1NkrtBtPHs+YuXm1vxq9dv3r7b3nl/bupWA46gFrUeF8yg4ApHlluB40Yjk4XAi+LytOMvrlEbXqvfdtFgLtlM8YoDsyH1y06Pp9vD5DBZBn0K0h4MSR9n053B36ysoZWoLAhmzCRNGps7pi0HgT7OWoMNg0s2w0mAikk0uVv26ulByJS0qnVYytJl9nGFY9KYhSyCUjI7N+tcl/wfN2lt9Tl3XDWtRQUPRlUrqK1p93Baco1gxSIABpqHXinMmWZgw/esuCgOWAVi5SWuc9SmMj4+oI99l52Azh22wISP40zhH6ilZKp0Lvvpfdg7UVG4cPArfHaFpXfZvOJCULefmauWadxfV4HwkzTv7wkudJh6HwaXro/pKTg/OkwD/pEMT476EW6SPfKBfCQp+UROyFdyRkYEyIzckH/kNqLRl+hb9P1BGg36ml2yEtH4Hvq/0fw=</latexit> <latexit sha1_base64="Vgu0i+N2xMXH+dk5nTIoqXDii7A=">AAACp3icbVHBbtQwEPWmBUoKtIUjF4ttJZBQlfQCx0pcuFEQu11pHa0mzqRr1XZS2wGtLB/5Ba70t/gbnG0O3S0j2Xqe98Zv7ClbKazLsr+jZGf30eMne0/T/WfPXxwcHr2c2qYzHCe8kY2ZlWBRCo0TJ5zEWWsQVCnxsrz+1POXP9BY0ejvbtVioeBKi1pwcDHFmO4WXryntZBhcTjOTrN10IcgH8CYDHGxOBr9YlXDO4XacQnWzvOsdYUH4wSXGFLWWWyBX8MVziPUoNAWft10oCcxU9G6MXFpR9fZ+xUelLUrVUalAre021yf/B8371z9sfBCt51Dze+M6k5S19D+B2glDHInVxEANyL2SvkSDHAX/2nDRQuOdSQ2XuJ7R2NrG9ITet933Qk3hceOgwxpyjT+5I1SoCvv2bcQ4t6LytLHQ9jg2Q1WwbNlHISk/pjZmw4MHm+ruAzzvBjuiS50nId+cPn2mB6C6dlpHvHXbHx+Noxwj7wmb8hbkpMP5Jx8JhdkQjhpyW/yh9wm75IvyTSZ3UmT0VDzimxEAv8AKcbV1g==</latexit> <latexit sha1_base64="AjbS7yE6nUHQuDVsK0fLKPUd6ZE=">AAACyXicbVFdb9MwFHXD1whfHTzyYtFN4qGqkq4q7G2IFyQeGB/dJiVR5Tg3rTXHSW1nUCw/If4Av4ZX+Bf8G5wsSGvHlWwd33Ouz7VvWnGmdBD86Xk3bt66fWfnrn/v/oOHj/q7j09UWUsKM1ryUp6lRAFnAmaaaQ5nlQRSpBxO0/PXDX96AVKxUnzS6wqSgiwEyxkl2qXm/aGJ20siuUgTE4yCw+nBNBwGo0k4PZhMhuEoaMO++/jKzvuDoDvj6+CfdIC6OJ7v9r7HWUnrAoSmnCgVhUGlE0OkZpSD9eNaQUXoOVlA5KAgBajEtB1ZvO8yGc5L6ZbQuM1erTCkUGpdpE5ZEL1U21yT/B8X1Tp/mRgmqlqDoJdGec2xLnHzRzhjEqjmawcIlcz1iumSSEK1+8kNF8Eo5I7YeIlpHKXKlfX38VXfthMqEwM1Jdz6fizgMy2LgojMmPiDtW5vRGlq3MFu8PEKMmviZc44x2YvVquaSNjbVlFuozDp7nEueBDaZnDh9piug5PxKHT4/XhwNO5GuIOeomfoOQrRC3SE3qBjNEMU/UA/0S/023vrrbwv3tdLqdfrap6gjfC+/QWsY98G</latexit> <latexit sha1_base64="AjbS7yE6nUHQuDVsK0fLKPUd6ZE=">AAACyXicbVFdb9MwFHXD1whfHTzyYtFN4qGqkq4q7G2IFyQeGB/dJiVR5Tg3rTXHSW1nUCw/If4Av4ZX+Bf8G5wsSGvHlWwd33Ouz7VvWnGmdBD86Xk3bt66fWfnrn/v/oOHj/q7j09UWUsKM1ryUp6lRAFnAmaaaQ5nlQRSpBxO0/PXDX96AVKxUnzS6wqSgiwEyxkl2qXm/aGJ20siuUgTE4yCw+nBNBwGo0k4PZhMhuEoaMO++/jKzvuDoDvj6+CfdIC6OJ7v9r7HWUnrAoSmnCgVhUGlE0OkZpSD9eNaQUXoOVlA5KAgBajEtB1ZvO8yGc5L6ZbQuM1erTCkUGpdpE5ZEL1U21yT/B8X1Tp/mRgmqlqDoJdGec2xLnHzRzhjEqjmawcIlcz1iumSSEK1+8kNF8Eo5I7YeIlpHKXKlfX38VXfthMqEwM1Jdz6fizgMy2LgojMmPiDtW5vRGlq3MFu8PEKMmviZc44x2YvVquaSNjbVlFuozDp7nEueBDaZnDh9piug5PxKHT4/XhwNO5GuIOeomfoOQrRC3SE3qBjNEMU/UA/0S/023vrrbwv3tdLqdfrap6gjfC+/QWsY98G</latexit> <latexit sha1_base64="AjbS7yE6nUHQuDVsK0fLKPUd6ZE=">AAACyXicbVFdb9MwFHXD1whfHTzyYtFN4qGqkq4q7G2IFyQeGB/dJiVR5Tg3rTXHSW1nUCw/If4Av4ZX+Bf8G5wsSGvHlWwd33Ouz7VvWnGmdBD86Xk3bt66fWfnrn/v/oOHj/q7j09UWUsKM1ryUp6lRAFnAmaaaQ5nlQRSpBxO0/PXDX96AVKxUnzS6wqSgiwEyxkl2qXm/aGJ20siuUgTE4yCw+nBNBwGo0k4PZhMhuEoaMO++/jKzvuDoDvj6+CfdIC6OJ7v9r7HWUnrAoSmnCgVhUGlE0OkZpSD9eNaQUXoOVlA5KAgBajEtB1ZvO8yGc5L6ZbQuM1erTCkUGpdpE5ZEL1U21yT/B8X1Tp/mRgmqlqDoJdGec2xLnHzRzhjEqjmawcIlcz1iumSSEK1+8kNF8Eo5I7YeIlpHKXKlfX38VXfthMqEwM1Jdz6fizgMy2LgojMmPiDtW5vRGlq3MFu8PEKMmviZc44x2YvVquaSNjbVlFuozDp7nEueBDaZnDh9piug5PxKHT4/XhwNO5GuIOeomfoOQrRC3SE3qBjNEMU/UA/0S/023vrrbwv3tdLqdfrap6gjfC+/QWsY98G</latexit> <latexit sha1_base64="ZoYLLWa0UrWpEOf91voT+oNGG3Y=">AAACyXicbVHNbtQwEPaGvxL+tnDkYrGtxKFaJYvYdG9FXJAQUvnZtlISrRzvZNeq42Rtp2WxfEK8AE/DFd6Ct8FJc+huGcnWN/PNzDf2ZBVnSgfB35536/adu/d27vsPHj56/KS/+/RElbWkMKUlL+VZRhRwJmCqmeZwVkkgRcbhNDt/2/CnFyAVK8UXva4gLchCsJxRol1o1j8wSdsklossNcEwGk2Cw9cHwTAYT6IwasCraDye2A+f39hZf+D81vBNEHZggDo7nu32fiTzktYFCE05USoOg0qnhkjNKAfrJ7WCitBzsoDYQUEKUKlpJ7J430XmOC+lO0LjNnq9wpBCqXWRucyC6KXa5prg/7i41vlhapioag2CXgnlNce6xM0f4TmTQDVfO0CoZG5WTJdEEqrdT26oCEYhd8TGS0yjKFWurL+Pr+u2k1CZGqgp4db3EwGXtCwKIubGJJ+sdXeTlGXGOXaDT1YwtyZZ5oxzbPYStaqJhL3tLMptHKZdH6eCB6FtFhdur+kmOBkNQ4c/jgZHo26FO+g5eoFeohBF6Ai9Q8doiij6iX6h3+iP995beV+9b1epXq+reYY2zPv+Dwty3zA=</latexit> <latexit sha1_base64="ZoYLLWa0UrWpEOf91voT+oNGG3Y=">AAACyXicbVHNbtQwEPaGvxL+tnDkYrGtxKFaJYvYdG9FXJAQUvnZtlISrRzvZNeq42Rtp2WxfEK8AE/DFd6Ct8FJc+huGcnWN/PNzDf2ZBVnSgfB35536/adu/d27vsPHj56/KS/+/RElbWkMKUlL+VZRhRwJmCqmeZwVkkgRcbhNDt/2/CnFyAVK8UXva4gLchCsJxRol1o1j8wSdsklossNcEwGk2Cw9cHwTAYT6IwasCraDye2A+f39hZf+D81vBNEHZggDo7nu32fiTzktYFCE05USoOg0qnhkjNKAfrJ7WCitBzsoDYQUEKUKlpJ7J430XmOC+lO0LjNnq9wpBCqXWRucyC6KXa5prg/7i41vlhapioag2CXgnlNce6xM0f4TmTQDVfO0CoZG5WTJdEEqrdT26oCEYhd8TGS0yjKFWurL+Pr+u2k1CZGqgp4db3EwGXtCwKIubGJJ+sdXeTlGXGOXaDT1YwtyZZ5oxzbPYStaqJhL3tLMptHKZdH6eCB6FtFhdur+kmOBkNQ4c/jgZHo26FO+g5eoFeohBF6Ai9Q8doiij6iX6h3+iP995beV+9b1epXq+reYY2zPv+Dwty3zA=</latexit>

<latexit sha1_base64="zPBvcLiC90CAwl5b93YSCnj5E68=">AAACsnicbVFNb9QwEPWGrxK+tiBOXCy2lTigKqmQ6LESF44FsW3FOlo5k8muVdvJ2k7RyvKRH8IVfhH/BmebQ3fLSLae573xG3vKVgrrsuzvKLl3/8HDR3uP0ydPnz1/Md5/eW6bzgBOoZGNuSy5RSk0Tp1wEi9bg1yVEi/Kq089f3GNxopGf3PrFgvFF1rUAriLqfn4NcPWChmhX78XgbIFrmg2H0+yo2wT9C7IBzAhQ5zN90c/WdVAp1A7kNzaWZ61rvDcOAESQ8o6iy2HK77AWYSaK7SF3/Qf6GHMVLRuTFza0U32doXnytq1KqNScbe0u1yf/B8361x9Unih286hhhujupPUNbT/DFoJg+DkOgIORsReKSy54eDil225aAFYR2LrJb53NLa2IT2kt303nYApPHbAZUhTpvEHNEpxXXnPvoYQ915Ulj4ewhbPVlgFz5a1kJL6A2ZXHTd4sKsCGWZ5MdwTXegkDyEOLt8d011wfnyUR/wlm5weDyPcI2/IW/KO5OQjOSWfyRmZEiCe/CK/yZ/kQ/I94QncSJPRUPOKbEUi/wF4V9mf</latexit> <latexit sha1_base64="pqO0qfk3Hh4VBjbwAsx6cjloZ/Q=">AAACr3icbVHBbtQwEPWGFtq0wLYcuVjdVuKAqqSqBAcOlbhwLIjtVtqkizOZdK3aTmo7wMrykd/gCr/E3+Bsc+huO5Kt53lv/MaeohHc2CT5N4iebGw+fba1He/sPn/xcri3f2HqVgOOoRa1viyYQcEVji23Ai8bjUwWAifFzceOn3xHbXitvtpFg7lk14pXHJgNqdlwP8PGcBGgW7zlnn6gyWw4So6TZdCHIO3BiPRxPtsb/MrKGlqJyoJgxkzTpLG5Y9pyEOjjrDXYMLhh1zgNUDGJJnfL5j09CpmSVrUOS1m6zN6vcEwas5BFUEpm52ad65KPcdPWVu9zx1XTWlRwZ1S1gtqadj9BS64RrFgEwEDz0CuFOdMMbPivFRfFAatArLzEdY7aVMbHR/S+77IT0LnDFpjwcZwp/AG1lEyVzmVfvA97JyoKFw5+hc9usfQum1dcCOoOM3PbMo2H6yoQfprm/T3BhY5S78Pg0vUxPQQXJ8dpwJ9PR2cn/Qi3yGtyQN6QlLwjZ+QTOSdjAuQn+U3+kL9RGk2iq+jbnTQa9DWvyEpE/D/q4Ngo</latexit> <latexit sha1_base64="zPBvcLiC90CAwl5b93YSCnj5E68=">AAACsnicbVFNb9QwEPWGrxK+tiBOXCy2lTigKqmQ6LESF44FsW3FOlo5k8muVdvJ2k7RyvKRH8IVfhH/BmebQ3fLSLae573xG3vKVgrrsuzvKLl3/8HDR3uP0ydPnz1/Md5/eW6bzgBOoZGNuSy5RSk0Tp1wEi9bg1yVEi/Kq089f3GNxopGf3PrFgvFF1rUAriLqfn4NcPWChmhX78XgbIFrmg2H0+yo2wT9C7IBzAhQ5zN90c/WdVAp1A7kNzaWZ61rvDcOAESQ8o6iy2HK77AWYSaK7SF3/Qf6GHMVLRuTFza0U32doXnytq1KqNScbe0u1yf/B8361x9Unih286hhhujupPUNbT/DFoJg+DkOgIORsReKSy54eDil225aAFYR2LrJb53NLa2IT2kt303nYApPHbAZUhTpvEHNEpxXXnPvoYQ915Ulj4ewhbPVlgFz5a1kJL6A2ZXHTd4sKsCGWZ5MdwTXegkDyEOLt8d011wfnyUR/wlm5weDyPcI2/IW/KO5OQjOSWfyRmZEiCe/CK/yZ/kQ/I94QncSJPRUPOKbEUi/wF4V9mf</latexit>

<latexit sha1_base64="fC/ddDkhw2ZLDKHopf3SN/n3zII=">AAACnHicbVFBSxwxFM6OWu1UW22PBQldBU8yI4X2KNRDoRS0uKuwM0jmzRs3mGTGJGNZQo6evLY/rv+mmXUO7uqDhC/v+16+l7yiEdzYJPk3iFZW116tb7yO32xuvX23vfN+bOpWA46gFrW+LJhBwRWOLLcCLxuNTBYCL4qbbx1/cYfa8Fqd21mDuWTXilccmA2pM3u1PUwOk3nQ5yDtwZD0cXq1M7jPyhpaicqCYMZM0qSxuWPachDo46w12DC4Ydc4CVAxiSZ380493Q+Zkla1DktZOs8+rXBMGjOTRVBKZqdmmeuSL3GT1lZfc8dV01pU8GhUtYLamnbPpiXXCFbMAmCgeeiVwpRpBjZ8zoKL4oBVIBZe4jpHbSrj43361HfeCejcYQtM+DjOFP6GWkqmSueyX96HvRMVhQsHv8Bnt1h6l00rLgR1e5m5bZnGvWUVCD9J8/6e4EKHqfdhcOnymJ6D8dFhGvDZ5+HxUT/CDfKRfCIHJCVfyDH5Tk7JiABB8kD+kL/RbnQS/Yh+PkqjQV/zgSxENP4Pa4fRWg==</latexit> <latexit sha1_base64="tlfLJFPV570evhPP53uhXpKLI7Y=">AAAC0XicbVHLbtswEKTVV6q+nPbYC1EnQA+GISWCm9wC5NJj+nASQBIMilrZRChKIakGDkEgKNBT/6Bf02v7B/2bUopdxEkXIDHcmeUsuVnNmdJB8Kfn3bv/4OGjjcf+k6fPnr/ob748VlUjKUxoxSt5mhEFnAmYaKY5nNYSSJlxOMnODlv+5AtIxSrxWS9qSEsyE6xglGiXmvYjk3SXxHKWpSYYBfvj3XE4DEZRON6NomE4CrqwySVoMjXhkFk77Q9WSrxS4pXyHxigZRxNN3vfkryiTQlCU06UisOg1qkhUjPKwfpJo6Am9IzMIHZQkBJUarrOLN52mRwXlXRLaNxlb1YYUiq1KDOnLImeq9tcm/wfFze62EsNE3WjQdBro6LhWFe4/SucMwlU84UDhErmesV0TiSh2v3omotgFApHrL3EtI5SFcr62/imb9cJlamBhhJufT8RcEGrsiQiNyb5aK3bW1GWGXewa3xyDrk1ybxgnGOzlajzhkjYuq2i3MZhurzHueBB2A3uzpjuguOdUejwh2hwsLMc4QZ6jd6gtyhE79ABeo+O0ARR9AP9RL/Qb++Tt/CuvK/XUq+3rHmF1sL7/hcBhuLS</latexit> <latexit sha1_base64="45ZPFQRUU2zHIYmDyRqYWcY8H2I=">AAACrXicbVFNb9QwEPWGrxK+tnDkYrGtxAGVpEKix0pcOBbEtpXWYTVxJrtWbSe1nVaL5SP/giv8J/4NzjaH7paRbD3Pe+M39pStFNZl2d9Rcu/+g4ePdh6nT54+e/5ivPvy1Dad4TjljWzMeQkWpdA4dcJJPG8NgiolnpUXn3r+7AqNFY3+5lYtFgoWWtSCg4up+XjMSjCU/UAHc5+/E2E+nmQH2TroXZAPYEKGOJnvjn6yquGdQu24BGtneda6woNxgksMKesstsAvYIGzCDUotIVftx7ofsxUtG5MXNrRdfZ2hQdl7UqVUanALe021yf/x806Vx8VXui2c6j5jVHdSeoa2v8DrYRB7uQqAuBGxF4pX4IB7uJvbbhowbGOxMZLfO9obG1Duk9v+6474abw2HGQIU2ZxmveKAW68p59DSHuvagsfTyEDZ5dYhU8W9ZCSur3mL3swODetorLMMuL4Z7oQid56AeXb4/pLjg9PMgj/vJhcnw4jHCHvCZvyFuSk4/kmHwmJ2RKOLkiv8hv8id5n0wTlny/kSajoeYV2Yhk8Q9d7teL</latexit> <latexit sha1_base64="NjrALPOF29pAyT9IZLiKrIZMVbY=">AAACrnicbVFNb9QwEPWGrzZ8dBeOvVhsK3GAKqmQ4FiJC8dSdbeV1lE0cSZdq46T2g7VYvnIz+AKv4l/g7PNobtlJFvP8974jT1FK4WxSfJ3FD16/OTps53d+PmLl6/2xpPXc9N0muOMN7LRlwUYlELhzAor8bLVCHUh8aK4/tLzF99RG9Goc7tqMavhSolKcLAhlY8nH1gBmrIfaCF36Xvh8/E0OUrWQR+CdABTMsRpPhn9ZGXDuxqV5RKMWaRJazMH2gou0cesM9gCv4YrXASooEaTuXXvnh6GTEmrRoelLF1n71c4qI1Z1UVQ1mCXZpvrk//jFp2tPmdOqLazqPidUdVJahvafwQthUZu5SoA4FqEXilfggZuw3dtuCjBsQrExktc76hNZXx8SO/7rjvhOnPYcZA+jpnCW97UNajSOXbmfdh7UVG4cPAbPLvB0ju2rISU1B0wc9OBxoNtFZd+kWbDPcGFTlPfDy7dHtNDMD8+SgP+9nF6cjyMcIfsk7fkHUnJJ3JCvpJTMiOc3JJf5Df5EyXRPMqi/E4ajYaaN2QjouU/6mvXwg==</latexit> <latexit sha1_base64="wW/WKaFP5zRyQixxVNUYFCklPTI=">AAACqXicbVFNb9QwEPWGrzZ8tXDsxWJbCQlUJRUSHCtx4dhW3XbFJqycyaRr1R+p7YBWlo/8B67wr/g3ONscultGsvU8743f2FO1gluXZX9HyYOHjx4/2dpOnz57/uLlzu6rC6s7AzgBLbSZVsyi4AonjjuB09Ygk5XAy+r6c89ffkdjuVbnbtliKdmV4g0H5mLqW4Gt5UKruc/f8zDfGWeH2SrofZAPYEyGOJnvjn4WtYZOonIgmLWzPGtd6ZlxHASGtOgstgyu2RXOIlRMoi39qu1AD2Kmpo02cSlHV9m7FZ5Ja5eyikrJ3MJucn3yf9ysc82n0nPVdg4V3Bo1naBO0/4PaM0NghPLCBgYHnulsGCGgYs/teaiOGATibWX+N7R2MaG9IDe9V11Aqb02AETIU0LhT9AS8lU7X1xFkLce1FV+XgIa3xxg3XwxaLhQlC/X9ibjhnc31SBCLO8HO6JLnSch35w+eaY7oOLo8M84tMP4+OjYYRbZI+8IW9JTj6SY/KFnJAJAWLIL/Kb/EneJafJNPl6K01GQ81rshYJ/AOP5dbb</latexit> <latexit sha1_base64="SbLkah4PccPg6Hh0FmLp9z790Pc=">AAACt3icbVFNb9QwEPWmQEv46Lbc4GKxrcQBVUmFBL1V4sKxILattI4ix5l0rfojaztFK8tSL/wVrvB3+Dc42xy6W0ay9TxvZt6Mp2oFty7L/o6SrUePn2zvPE2fPX/xcne8t39udWcYTJkW2lxW1ILgCqaOOwGXrQEqKwEX1fXnnr+4AWO5Vt/dsoVC0ivFG86oi65y/JpU1HhSa+cJtJYLrUIoff6eh3I8yY6yleGHIB/ABA12Vu6NfsZCrJOgHBPU2lmeta7w1DjOBISUdBZayq7pFcwiVFSCLfxqiIAPo6fGjTbxKIdX3vsZnkprl7KKkZK6ud3keuf/uFnnmk+F56rtHCh2J9R0AjuN+x/BNTfAnFhGQJnhsVfM5tRQ5uK/rakozqCJxNokvlc0trEhPcT3dVedMFN46BgVIU2Jgh9MS0lV7T35FkK8+6Cq8vER1niygDp4Mm+4ENgfELvoqIGDzSgmwiwvhjpRBU/y0C8u31zTQ3B+fJRH/PXD5PR4WOEOeoPeoncoRx/RKfqCztAUMXSLfqHf6E9ykpRJk8zvQpPRkPMKrVmy+Aet4tyo</latexit>

<latexit sha1_base64="KtsaOX1t4spgA3tsUBRDsW2bS4I=">AAACvXicbVFLT9wwEPamL0hfCz32YnVB6qFCCUJqb0XqhSOtuoC0jlaOM2Et/Ah+FK0sH9tf02v7X/pv6iw5sAsj2fo838x8M566E9y6ovg3yh49fvL02dZ2/vzFy1evxzu7Z1Z7w2DKtNDmoqYWBFcwddwJuOgMUFkLOK+vvvT8+Q8wlmv13S07qCS9VLzljLrkmo8x8aoB06cH0mgXCHSWC61inIfyA4/z8aQ4KFaG74NyABM02Ol8Z/QzFWJegnJMUGtnZdG5KlDjOBMQc+ItdJRd0UuYJaioBFuF1SgR7ydPg1tt0lEOr7x3MwKV1i5lnSIldQu7yfXOh7iZd+2nKnDVeQeK3Qq1XmCncf8vuOEGmBPLBCgzPPWK2YIaylz6vTUVxRm0iVibJPSKxrY25vv4ru6qE2aqAJ5REfOcKLhhWkqqmhDItxjT3QfVdUiPuMaTa2hiIIuWC4HDHrHXnhrY24xiIs7KaqiTVPCkjP3iys013Qdnhwdlwl+PJseHwwq30Fv0Dr1HJfqIjtEJOkVTxNAv9Bv9QX+zzxlkIlO3odloyHmD1iy7+Q+MV991</latexit> <latexit sha1_base64="KtsaOX1t4spgA3tsUBRDsW2bS4I=">AAACvXicbVFLT9wwEPamL0hfCz32YnVB6qFCCUJqb0XqhSOtuoC0jlaOM2Et/Ah+FK0sH9tf02v7X/pv6iw5sAsj2fo838x8M566E9y6ovg3yh49fvL02dZ2/vzFy1evxzu7Z1Z7w2DKtNDmoqYWBFcwddwJuOgMUFkLOK+vvvT8+Q8wlmv13S07qCS9VLzljLrkmo8x8aoB06cH0mgXCHSWC61inIfyA4/z8aQ4KFaG74NyABM02Ol8Z/QzFWJegnJMUGtnZdG5KlDjOBMQc+ItdJRd0UuYJaioBFuF1SgR7ydPg1tt0lEOr7x3MwKV1i5lnSIldQu7yfXOh7iZd+2nKnDVeQeK3Qq1XmCncf8vuOEGmBPLBCgzPPWK2YIaylz6vTUVxRm0iVibJPSKxrY25vv4ru6qE2aqAJ5REfOcKLhhWkqqmhDItxjT3QfVdUiPuMaTa2hiIIuWC4HDHrHXnhrY24xiIs7KaqiTVPCkjP3iys013Qdnhwdlwl+PJseHwwq30Fv0Dr1HJfqIjtEJOkVTxNAv9Bv9QX+zzxlkIlO3odloyHmD1iy7+Q+MV991</latexit>

<latexit sha1_base64="Owj6SUORMWDqfqE+30jvyR61CWw=">AAACoXicbVFNT9wwEPWGftD0A2iPvVgNSD2hBFUqRyQu7W2LugtSEiFnMmFdbCfYTtHK8rH3Xss/67+ps+TALh3J1vO8N35jT9UJbmya/p1EW0+ePnu+/SJ++er1m53dvbdz0/YacAataPVFxQwKrnBmuRV40WlkshJ4Xl2fDvz5T9SGt+q7XXZYSnaleMOB2ZCaFxXT1F7uJulhugr6GGQjSMgY08u9ya+ibqGXqCwIZkyepZ0tHdOWg0AfF73BjsE1u8I8QMUkmtKt2vX0IGRq2rQ6LGXpKvuwwjFpzFJWQSmZXZhNbkj+j8t72xyXjquut6jg3qjpBbUtHd5Oa64RrFgGwEDz0CuFBdMMbPihNRfFAZtArL3EDY7aNMbHB/Sh76oT0KXDHpjwcVwovIVWSqZq54oz78M+iKrKhYNf44sbrL0rFg0Xgrr9wtz0TOP+pgqEz7NyvCe40CTzPgwu2xzTYzA/OswC/vYpOTkaR7hN3pMP5CPJyGdyQr6QKZkRID/Ib/KH3EVJ9DWaRmf30mgy1rwjaxHl/wDuAtM9</latexit>

<latexit sha1_base64="37evV9NO/VACJT43DB4Bd/waSro=">AAACnnicbVFNa9wwENW6aZO6X0lz7EVkEygUgh0K7TFQCLmEph+bLKzNIo/HuyKS7EhyyiJ07LHX9Lfl31Te+JDddEDiad4bvZGmaAQ3NknuBtGTjafPNreexy9evnr9Znvn7YWpWw04glrUelwwg4IrHFluBY4bjUwWAi+Lqy8df3mD2vBa/bSLBnPJZopXHJgNqR92+mG6PUwOk2XQxyDtwZD0cT7dGfzOyhpaicqCYMZM0qSxuWPachDo46w12DC4YjOcBKiYRJO7Za+eHoRMSatah6UsXWYfVjgmjVnIIigls3OzznXJ/3GT1lafc8dV01pUcG9UtYLamnYPpyXXCFYsAmCgeeiVwpxpBjZ8z4qL4oBVIFZe4jpHbSrj4wP60HfZCejcYQtM+DjOFP6CWkqmSuey796HvRMVhQsHv8Jn11h6l80rLgR1+5m5bpnG/XUVCD9J8/6e4EKHqfdhcOn6mB6Di6PDNOBvH4fHR/0It8g7skfek5R8IsfklJyTEQEyI3/ILfkb0egkOou+3kujQV+zS1YiGv8D6j/R+A==</latexit>

<latexit sha1_base64="ilzy5njiHKmVFoYpGWUJP+8Ryps=">AAACnnicbVFNT9wwEPWmtND0C8qxF4sFqZeiBFVqj0iVEBdU+rGw0iZaOZPJroXtBNuhWlk+9tgr/W38mzpLDuzSkWw9z3vjN/YUjeDGJsndIHqy8fTZ5tbz+MXLV6/fbO+8vTB1qwFHUItajwtmUHCFI8utwHGjkclC4GVx9aXjL29QG16rn3bRYC7ZTPGKA7Mh9cNOP0y3h8lhsgz6GKQ9GJI+zqc7g99ZWUMrUVkQzJhJmjQ2d0xbDgJ9nLUGGwZXbIaTABWTaHK37NXTg5ApaVXrsJSly+zDCsekMQtZBKVkdm7WuS75P27S2upz7rhqWosK7o2qVlBb0+7htOQawYpFAAw0D71SmDPNwIbvWXFRHLAKxMpLXOeoTWV8fEAf+i47AZ07bIEJH8eZwl9QS8lU6Vz23fuwd6KicOHgV/jsGkvvsnnFhaBuPzPXLdO4v64C4Sdp3t8TXOgw9T4MLl0f02NwcXSYBvzt4/D4qB/hFnlH9sh7kpJP5JicknMyIkBm5A+5JX8jGp1EZ9HXe2k06Gt2yUpE43/ur9H6</latexit>

<latexit sha1_base64="nx27+9vZJwLv8MAEiI1RSrHfpAg=">AAACnXicbVFNT9wwEPWmX5B+AOXYQ60uSO0FJVzKEamq1ENVUcSySJsITSYT1sJxgu20Wlk+9tZr+9/6b3CWHNilI9l6nvfGb+wpWimMTZJ/o+jR4ydPn21sxs9fvHy1tb3z+tw0nUaaYCMbfVGAISkUTaywki5aTVAXkqbF9aeen/4gbUSjzuyipbyGKyUqgWBD6hQ+XG6Pk4NkGfwhSAcwZkOcXO6MfmVlg11NyqIEY2Zp0trcgbYCJfk46wy1gNdwRbMAFdRkcrds1fP9kCl51eiwlOXL7P0KB7Uxi7oIyhrs3KxzffJ/3Kyz1VHuhGo7SwrvjKpOctvw/t28FJrQykUAgFqEXjnOQQPa8DsrLkogVYFYeYnrHbWpjI/3+X3fZSeoc0cdgvRxnCn6iU1dgyqdy069D3svKgoXDn6Fz26o9C6bV0JK7vYyc9OBpr11FUo/S/PhnuDCx6n3YXDp+pgegvPDgzTg74fj46NhhBvsDXvH3rOUfWTH7As7YROGrGK/2R/2N3obfY6+Rt/upNFoqNllKxFNbwHDftF+</latexit>

<latexit sha1_base64="40ij2vOdcZK+4fPPzLCVxsk0Wmc=">AAACnXicbVFNT9wwEPWmtED6AZRjD1gsSO0FJVzgiFRV6gFVFLEs0iZCzmTCWthOsJ1WK8vH3not/63/BmfJgV0YydbzvDd+Y0/RCG5skvwfRK9WXr9ZXVuP3757/2Fjc+vjpalbDTiCWtT6qmAGBVc4stwKvGo0MlkIHBe3Xzt+/Au14bW6sLMGc8luFK84MBtS58WX681hcpDMgz4HaQ+GpI+z663Bn6ysoZWoLAhmzCRNGps7pi0HgT7OWoMNg1t2g5MAFZNocjdv1dP9kClpVeuwlKXz7NMKx6QxM1kEpWR2apa5LvkSN2ltdZw7rprWooJHo6oV1Na0ezctuUawYhYAA81DrxSmTDOw4XcWXBQHrAKx8BLXOWpTGR/v06e+805A5w5bYMLHcabwN9RSMlU6l517H/ZOVBQuHPwCn91h6V02rbgQ1O1l5q5lGveWVSD8JM37e4ILHabeh8Gly2N6Di4PD9KAfx4OT477Ea6RT2SXfCYpOSIn5Ds5IyMCpCJ/yT9yH+1E36LT6MejNBr0NdtkIaLxA8W30X8=</latexit>

Fig. 2. A graphical illustration of the OSA and MSA threshold compu-tations for the first three switching periods of the SMO. a) The EOI, the OSA and the MSA thresholds are drawn with solid lines, while the terms in eqs. (19) and (25) is drawn with dashed lines b) ¯t and t+are hypothetical

maxima calculated at t0 and t2 respectively, and t−is a measured time.

The behaviour of 1,iis that of the worst case for each time period. These

worst cases are used in calculating the thresholds.

Right before the hypothetical OSA switch at t2k+1, 1,i=

ζ1,i= − ¯ζ. At this moment there is a guaranteed switch, and

sign(y,i) = −1, ˙1,i > 0, and 1,i will increase during a

period lasting t− = t2(k+1)− t2k+1. At t2(k+1), there will

be another switch, making 1,idecreasing over a hypothetical

period t+. Figure 2b shows this behaviour for k = 0.

The MSA threshold considers the largest value that the upper bound ¯νi,f il(t2(k+1)) could attain, starting from a

previously computed upper bound ¯νi,f il(t2k), after a known

period t− and a hypothetical period t+. This is shown in eq.

(25), where ν = −(A11+ P )(¯1+ ¯ζ)

 + Mi.

¯

νi,f il,M SA(t2(k+1)) = e−Kt+(e−Kt−¯νi,f il(t2k)

− (1 − e−Kt−_{)ν) + (1 − e}−Kt+_)¯ν (25)

One can see from eq. (25) that ¯νi,f il,M SA is maximal for a

big t+. This is the case if ˙1,i = ¯˙1,i during t− and ˙1,i =

− ˙1,i during t+. As t− is known, the maximum value of

1,i that can be reached in this time can be calculated as

1,i(t2k+1+ t−) = − ¯ζ + ¯˙1,it−. The maximum t+ can then

be expressed in terms of t−as in eq. (26). Here ¯˙1,iis defined

in Appendix A and stated in eq. (27).

t+= 1,i(t2k+1+ t−) − − ¯ζ ˙_1,i = ¯˙1,i ˙_1,it− (26) ¯˙1=  P ( ¯ζ + ¯1)  + |A12¯2,i| +  A11ζ¯  + Mi (27)

Finally, the threshold that is used to detect an attack is defined as in eq. (28). As both thresholds are guaranteed to have no false attack detection, the combined threshold will also guarantee this. Furthermore by taking the minimum of both thresholds, the threshold is made less conservative:

¯

νi,f il(t2k) = min(¯νi,f il,OSA(t2k), ¯νi,f il,M SA(t2k)). (28)

Theorem 2: ν¯i,f il only depends on νi,f il when it will

result in a lower threshold then if it doesn’t depend on νi,f il.

Proof: If ¯νi,f il(t2k) = ¯νi,f il,M SA(t2k) the threshold

will not be dependent on νi,f il. At every t2(k+1), except t2,

a new threshold will be calculated that is only dependent on ¯

νi,f il,M SA(t2k). At t2 no previous ¯νi,f il,M SA is available,

so ¯νi,f il,OSA(t0) is used. In general ¯νi,f il,OSA(t2k) is

de-pendent on νi,f il(t2k), however ¯νi,f il,OSA(t0) is dependent

on νi,f il(t0), which is defined to be 0. This can be done as

νi,f ilis the result of a first order filter that can be initialised.

If ¯νi,f il(t2k) = min(¯νi,f il,OSA(t2k), ¯νi,f il,M SA(t2k)),

¯

νi,f il(t2k) will be calculated based on ¯νi,f il,M SA(t2(k−1))

or a lower ¯νi,f il,OSA(t2(k−1)). Furthermore, ¯νi,f il,OSA(t2k)

will only become the threshold if it is lower then the ¯

νi,f il,M SA(t2k). These statements prove the theorem.

C. Threshold for Event Triggered Communication

In case of event triggered communication, ∆ui−1 includes

both the attack φi, and the communication-induced effect

∆uC,i−1as defined in Section II-B. Therefore, without

modi-fications, the observer may falsely detect the communication-induced effect as a cyber attack. The proposed modification to the threshold will prevent this.

The difference between an attack and the event-triggered communication error is that the first will start occurring at communication times τl, while the latter will become zero

at such times, as an updated value ui−1 is received.

Just like the attack, the communication error affects the observer through the dynamics of 2,i, and thus the threshold

through ¯2,i (derived in appendix B and stated in eq. 24).

This means that for the modified threshold, the increase in ¯

2,i due to ∆uC,i−1 should be taken into account.

The exact ∆uC,i−1 is not known, however, a worst case

scenario exists, assuming there are no local maximums in ui−1(t) between communications. This worst case is when

the maximum communication error ∆¯uC,i−1 , ˜ui−1(τl) −

˜

ui−1(τl−1) occurs constantly since the last communication.

This scenario is implemented by computing all the terms needed for the threshold, using ¯2,iwhere ∆ui−1= ∆¯uC,i−1

for every t2k in the period [τl−1 τl]. These calculations can

only be done retroactively, when a communication is received at τl. This means that at τl the OSA and MSA thresholds

need to be calculated for every t2k in the period [τl−1 τl].

V. ATTACKESTIMATE

In this section some preliminary results will be introduced toward the goal of estimating the attack term φ. The method proposed here, is based on [21]. This approach is valid only for the case without measurement uncertainty and with continuous observer dynamics. However, in the simulations of section VI it will be shown that the estimate is also accurate without these assumptions.

First note that without measurement uncertainty 1,i =

¯

1 = ¯ζ = [0 0]>, and for continuous observer dynamics

this implies ˙1,i = ¯˙1 = [0 0]>. Considering the new ideal

observer error dynamics, shown in eq. (29), a relation can be found between ∆ui−1(t) and νi. Assuming ∆ui−1(t) is

piecewise constant, the differential equation in the last row of eq. (29) can be solved to get eq. (30). Substituting this solution in the first row of eq. (29), gives eq. (31).

h ₀ ˙2,i(t) i =hA11 A12 A21 A22 i h ₀ 2,i(t) i −  νi(t) b∆ui−1(t)  (29) 2,i t→∞ = A−1₂₂b∆ui−1(t) (30)

νi(t) = A122,i(t) = A12A−122b∆ui−1(t) (31)

From this, the estimate for ∆ui−1(t) can be expressed as in

eq. (32). Here + _{indicates the pseudo inverse. Furthermore,}

as νi is a discontinuous switching term, the EOI νi,f il will

be used to estimate ∆ui−1[24].

∆ˆui−1(t) = b−1A22A+12νi,f il(t) (32)

VI. SIMULATIONRESULT

A CACC-controlled platoon of three vehicles using event triggered communication, equipped with the sliding mode observer presented in this paper, is implemented in Mat-lab/Simulink. The parameters used in the simulation are shown in tables I and II. Here the uncertainties are imple-mented as zero–mean Gaussian white noise, with standard deviations σηi and σξi. The simulation scenario considered

is shown in Figure 3. Results are shown for the same scenario with continuous communication in Figure 4 and with event triggered communication in Figure 5.

Variable Value [unit] Car τ 0.1 [−] Noise σηi 0.05 [−] σξi 0.05 [−] Network TL 0.1 [s] TH 1 [s] ∆yL,(1) 4 [m] ∆yL,(2) 0.5 [m/s] Sim. frequency 1000 [Hz] TABLE I SIMULATIONPARAMETERS Variable Value [unit] CACC kp 0.2 [−] kd 0.7 [−] h 0.7 [s] r 1.5 [m] Observer P 02×2[−] Mi 20 [−] K 2 [−] Threshold 2,i,0 10 [m/s2] ¯ ηi 2σηi [−] ¯ ξi 2σξi [−] TABLE II DESIGNPARAMETERS 0 5 10 15 20 0 1 2 3

Fig. 3. Simulation Scenario for attack on communication between car 1 and 2.

The first thing to be noticed in both cases, is the absence of false alarms. Note that the event-triggered threshold in figure 5 is only valid at triggering times, indicated with a ∗ marker.

The detection delays in these scenarios are 0.23 [s] and 0.6 [s], for the Continuous and Event triggered communica-tion respectively. This deteccommunica-tion time is scenario specific and depends on many parameters, including the attack and noise magnitudes, and the observer design parameters.

In figure 5 two peaks can be seen around 2 and 12[s]. These peaks are caused by the delay in the event triggerred communication. An acceleration is initiated by vehicle 1 at 2.01 [s], while the first communication to vehicle 2 is at 2.4 [s]. During this time there is a nonzero ∆ui−1,C, which

the observer will start to estimate.

The attack is introduced at 4.01 [s], also asynchronous with the communication, this however has no effect on the observer, as car 2 and the observer will only be affected by to the attack after it has received a communication.

Lastly, note that the threshold converges to a steady state value around ±0.35, which means that for this scenario all attacks bigger than this will be detected.

0 5 10 15 20 -1 -0.5 0 0.5 1 1.5

Fig. 4. Attack estimation by car 2, continuous communication

0 5 10 15 20 -2 -1.5 -1 -0.5 0 0.5 1 1.5

Fig. 5. Attack estimation by car 2, event-triggered communication

VII. CONCLUDING REMARKS

In this paper a cyber attack detection and estimation al-gorithm is presented for a platoon of vehicles using a Cooperative Adaptive Cruise Control(CACC) algorithm and a realistic, event-triggered Vehicle to Vehicle communication protocol based on the ETSI ITS G5 standard. A man-in-the-middleerror injection attack is considered on the transmitted intended acceleration of the preceding vehicle, ∆ui−1.

A detection and estimation approach was proposed, based on the so-called Equivalent Output Injection signal of a Sliding Mode Observer (SMO). This is combined with an adaptive threshold that is robust against false detection.

The main contribution of this paper is the design of a ro-bust attack detection threshold which incorporates the effects of sensor noise and communication errors. This is done by combining the One-Switch-Ahead and the Multiple-Switches-Ahead thresholds. A second theoretical result was provided regarding the stability of the SMO under measurement uncertainties and event-triggered communication. Finally, a preliminary result is proposed that allows to estimate the amplitude of the cyber-attack, under ideal conditions. Simu-lation results verified the expected behaviour and robustness of the proposed solution, and showed that attack estimation could be attained in practice also under non-ideal conditions. In future work, we would like to derive theoretical results on the attack estimation, which are also valid in non-ideal conditions, and extend the approach to the case of more general (non-)linear dynamical systems.

APPENDIX

A. Upper and Lower bound for ˙1,i

¯˙1,iis defined as max(| ˙1,i|) and ˙1,i= min(| ˙1,i|), they can

be constructed by substituting the upper and lower bounds of

5746

all terms, as presented in eqs. (33)-(35), into eq. (15). This gives eqs. (36) and (37) as expressions for the bounds. Only the upper bound on A11ζ1,iin eq. (35) is non-trivial and will

be proved in theorem 3.

−|P (¯1+ ¯ζ)| ≤ −P (1,i− ζ1,i) ≤ 0 (33)

− |A12¯2,i| ≤ A122,i≤ |A12¯2,i| (34)

− A11ζ¯

≤ A11ζ1,i≤ 0 (35)

˙_1,i= − |A12¯2,i| + Mi (36)

¯˙1,i= |P (¯1,i+ ¯ζ)| + |A12¯2,i| +

 A11ζ¯

+ Mi (37)

Theorem 3: Averaged over a maximum dwell time sce-nario (equations (21) and (26)), the effect of A11ζ1,i on ˙1,i

can only be negative.

Proof: In this scenario, for 1,i− ζ1,i > 0, 1,i is

monotonically decreasing from an upper bound lesser or equal to ¯ζ to the lower bound −¯ζ. As A11 is a positive

definite matrix, the effect of A111,i on ˙1,i, averaged over

the maximum dwell time scenario, will be non-positive. As ζ1,i< 1,i, the effect of A11ζ1,i on ˙1,i will be negative.

B. Upper bound for2,i

By taking the second row of eq. (14), and bounding A21(1,i− ζ1,i) <

A21(¯1+ ¯ζ)

 we obtain the differential inequality in eq. (38).

˙2,i<

A21(¯1+ ¯ζ)

+ A222,i− b∆ui−1 (38)

Using lemma 1.1.1 in [36], this gives the expression for ¯2,i

in eq. (39). Here ∆ui−1is assumed to be piecewise constant.

2,i≤ ¯2,i= 2,i,0eA22t−

 A21(¯1,i+ ¯ζ)  − b∆ui−1 A22 (39)

C. Upper bound forζ1,i

Looking at the definition of ζ1,i in equations (6) and (9),

its bound can be expressed in terms of the bounds on the individual noise terms (defined in assumption 1) as

¯ ζ = ¯ηi,(1)+ h ¯ξi,(2) ¯ ηi,(2)+ h ¯ξi,(3)  (40) REFERENCES

[1] Y. Wu, S. E. Li, Y. Zheng, and J. K. Hedrick, “Distributed sliding mode control for multi-vehicle systems with positive definite topologies,” in Conf. on Decision and Control (CDC), 2016, pp. 5213–5219. [2] H. Hu, Y. Pu, M. Chen, and C. J. Tomlin, “Plug and play distributed

model predictive control for heavy duty vehicle platooning and in-teraction with passenger vehicles,” in Conf. on Decision and Control (CDC), 2018, pp. 2803–2809.

[3] M. Chen, Q. Hu, C. Mackin, J. F. Fisac, and C. J. Tomlin, “Safe platooning of unmanned aerial vehicles via reachability,” in Conf. on Decision and Control (CDC), 2015, pp. 4695–4701.

[4] C. Somarakis, Y. Ghaedsharaf, and N. Motee, “Risk of collision in a vehicle platoon in presence of communication time delay and exogenous stochastic disturbance,” in Conf. on Decision and Control (CDC), 2018, pp. 4487–4492.

[5] G. Naus, R. Vugts, J. Ploeg, R. van de Molengraft, and M. Steinbuch, “Cooperative adaptive cruise control, design and experiments,” in American Control Conf. (ACC), 2010, pp. 6145–6150.

[6] J. Ploeg, B. T. M. Scheepers, E. van Nunen, N. v. de Wouw, and H. Nijmeijer, “Design and experimental evaluation of cooperative adaptive cruise control,” in Conf. on Intelligent Transport. Systems (ITSC), 2011, pp. 260–265.

[7] S. Linsenmayer and D. V. Dimarogonas, “Event-triggered control for vehicle platooning,” in American Control Conf. (ACC), 2015. [8] V. S. Dolk, J. Ploeg, and W. P. M. H. Heemels, “Event-Triggered

control for String-Stable vehicle platooning,” IEEE Trans. Intell. Transp. Syst., vol. 18, no. 12, pp. 3486–3500, Dec. 2017.

[9] A. V. Proskurnikov and M. M. Jr., “Lyapunov event-triggered stabi-lization with a known convergence rate,” CoRR, vol. abs/1803.08980, 2018. [Online]. Available: http://arxiv.org/abs/1803.08980

[10] A. A. C´ardenas, S. Amin, and S. S. Sastry, “Secure control: Towards survivable Cyber-Physical systems,” in First Internat. Workshop on Cyber-Physical Systems, 2008.

[11] A. Teixeira, I. Shames, H. Sandberg, and K. H. Johansson, “A secure control framework for Resource-Limited adversaries,” Automatica, vol. 51, no. 1, pp. 135–148, 2015.

[12] I. Studnia, V. Nicomette, E. Alata, Y. Deswarte, M. Kaˆaniche, and Y. Laarouchi, “Survey on security threats and protection mechanisms in embedded automotive networks,” in Conf. on Dependable Systems and Networks Workshop (DSN-W), 2013, pp. 1–12.

[13] C. Miller and C. Valasek, “A survey of remote automotive attack surfaces,” black hat USA, vol. 2014, 2014.

[14] M. Amoozadeh, A. Raghuramu, C. n. Chuah, D. Ghosal, H. M. Zhang, J. Rowe, and K. Levitt, “Security vulnerabilities of connected vehicle streams and their impact on cooperative driving,” IEEE Commun. Mag., vol. 53, no. 6, pp. 126–132, June 2015.

[15] J. Ploeg, “Cooperative vehicle automation: Safety aspects and control software architecture,” in Internat. Conf. on Softw. Architect. Work-shops (ICSAW), 2017.

[16] C. Lei, E. M. van Eenennaam, W. K. Wolterink, G. Karagiannis, G. Heijenk, and J. Ploeg, “Impact of packet loss on CACC string stability performance,” in Internat. Conf. on ITS Telecomm., 2011. [17] J. Ploeg, E. Semsar-Kazerooni, G. Lijster, N. v. de Wouw, and

H. Nijmeijer, “Graceful degradation of CACC performance subject to unreliable wireless communication,” in IEEE Conf. on Intelligent Transp. Systems (ITSC), 2013, pp. 1210–1216.

[18] N. Meskin and K. Khorasani, “Actuator fault detection and isolation for a network of unmanned vehicles,” IEEE Trans. Automat. Contr., vol. 54, no. 4, pp. 835–840, Apr. 2009.

[19] Y. Quan, W. Chen, Z. Wu, and L. Peng, “Distributed fault detection and isolation for leader–follower multi-agent systems with disturbances using observer techniques,” Nonlinear Dyn., Mar. 2018.

[20] Z. Abdollahi Biron, S. Dey, and P. Pisu, “Real-Time detection and estimation of denial of service attack in connected vehicle systems,” IEEE Trans. Intell. Transp. Syst., vol. 19, no. 12, pp. 3893–3902, 2018. [21] N. Jahanshahi and R. M. Ferrari, “Attack detection and estimation in cooperative vehicles platoons: A sliding mode observer approach,” IFAC-PapersOnLine, vol. 51, no. 23, pp. 212 – 217, 2018.

[22] N. Lyamin, A. Vinel, M. Jonsson, and B. Bellalta, “Cooperative awareness in VANETs: On ETSI EN 302 637-2 performance,” IEEE Trans. Veh. Technol., vol. 67, no. 1, pp. 17–28, Jan. 2018.

[23] European Telecommunications Standards Institute, “Intelligent trans-port systems (ITS); vehicular communications; basic set of applica-tions; part 2: Specification of cooperative awareness basic service,” ETSI, Tech. Rep. ETSI EN 302 637-2 V1.3.1, Sept. 2014.

[24] C. Edwards, S. K. Spurgeon, and R. J. Patton, “Sliding mode observers for fault detection and isolation,” Automatica, vol. 36, no. 4, pp. 541– 553, Apr. 2000.

[25] T. Floquet, J. P. Barbot, W. Perruquetti, and others, “On the robust fault detection via a sliding mode disturbance observer,” Internat. J. of Control, 2004.

[26] X.-G. Yan and C. Edwards, “Nonlinear robust fault reconstruction and estimation using a sliding mode observer,” Automatica, vol. 43, no. 9, pp. 1605–1614, 2007.

[27] J. Liu and D. Yue, “Event-based fault detection for networked systems with communication delay and nonlinear perturbation,” J. Franklin Inst., vol. 350, no. 9, pp. 2791–2807, 2013.

[28] M. A. Sid, S. Aberkane, D. Maquin, and D. Sauter, “Fault detection of event based control system,” in Mediterranean Conf. of Control and Autom. (MED), 2014, pp. 452–458.

[29] M. Davoodi, N. Meskin, and K. Khorasani, “Event-Triggered multiob-jective control and fault diagnosis: A unified framework,” IEEE Trans. Ind. Inf., vol. 13, no. 1, pp. 298–311, 2017.

[30] F. Boem, R. M. G. Ferrari, C. Keliris, T. Parisini, and M. M. Polycarpou, “A distributed networked approach for fault detection of large-scale systems,” IEEE Trans. on Automatic Control, vol. 62, no. 1, pp. 18–33, Jan. 2017.

[31] M. Cucuzzella and A. Ferrara, “Event-triggered second order sliding mode control of nonlinear uncertain systems,” in European Control Conference (ECC), 2016, pp. 295–300.

[32] G. P. Incremona and A. Ferrara, “Adaptive model-based event-triggered sliding mode control,” Int. J. Adapt Control Signal Process., vol. 30, no. 8-10, pp. 1298–1316, Aug. 2016.

[33] L. Wu, Y. Gao, J. Liu, and H. Li, “Event-triggered sliding mode control of stochastic systems via output feedback,” Automatica, vol. 82, pp. 79–92, Aug. 2017.

[34] A. K. Behera and B. Bandyopadhyay, “Robust sliding mode control: An Event-Triggering approach,” IEEE Trans. Circuits Syst. Express Briefs, vol. 64, no. 2, pp. 146–150, Feb. 2017.

[35] V. I. Utkin, Sliding Modes in Control and Optimization. Springer Science & Business Media, 1992.

[36] V. Lakshmikantham, S. Leela, and A. A. Martynyuk, Stability Analysis of Nonlinear Systems. Birkh¨auser, 2015.