This is my presentation slides at the American Control Conference (ACC), at May 2023, in San Diego. This was one of the talks in an invited session on "Resiliency and Privacy Throughout Networked Cyber-Physical Systems", that we co-organized and co-chaired during ACC 2023. I this invited sessions, great scholars presented their work on the intersection of resilient estimation, control and learning, as well as designing privacy-preserving mechanisms in multi-agent cyber-physical systems. In my presentation, I discussed our progress on designing distributed interval-valued input and state observers for multi-agent LTI systems that are subject to bounded noise, as well as adversarial unknown inputs on both sensors and actuators. We introduced the notion of min-max consensus as a counterpart to average consensus in bounded-error settings. Moreover, we developed structural conditions for the stability of the proposed observers for different classes of dynamics and networks.

1. Distributed Resilient Interval Observers for
Bounded-Error LTI Systems Subject to False Data
Injection Attacks
Mohammad Khajenejad, Scott Brown, and Sonia Martı́nez
Mechanical and Aerospace Engineering Department
University of California San Diego
mkhajenejad@eng.ucsd.edu
American Control Conference (ACC), June 2, 2023
1

2. 2
Introduction Observer design Stability Performance
Motivation
safety is especially critical in large
networked CPS
input reconstruction and state
estimation are important for fault
detection and attack mitigation
don’t always know distributions of
disturbances
Motivating question
Can we simultaneously estimate sets of states and inputs to identify and possibly
mitigate abnormal behavior?
Our contribution
Distributed interval observer design handling unknown adversarial inputs

3. 2
Introduction Observer design Stability Performance
Motivation
safety is especially critical in large
networked CPS
input reconstruction and state
estimation are important for fault
detection and attack mitigation
don’t always know distributions of
disturbances
Motivating question
Can we simultaneously estimate sets of states and inputs to identify and possibly
mitigate abnormal behavior?
Our contribution
Distributed interval observer design handling unknown adversarial inputs

4. 2
Introduction Observer design Stability Performance
Motivation
safety is especially critical in large
networked CPS
input reconstruction and state
estimation are important for fault
detection and attack mitigation
don’t always know distributions of
disturbances
Motivating question
Can we simultaneously estimate sets of states and inputs to identify and possibly
mitigate abnormal behavior?
Our contribution
Distributed interval observer design handling unknown adversarial inputs

5. 3
Introduction Observer design Stability Performance
Problem formulation
Target system, x ∈ Rn
xk+1 = Axk + Bwk + Gdk
wk ∈ [w, w], dk ∈ Rp
dk is unknown and arbitrary
Sensor network, i ∈ V = {1, . . . , N}
yi
k = Ci
xk + Di
vi
k + Hi
dk
vi
k ∈ [vi
, vi
]

6. 3
Introduction Observer design Stability Performance
Problem formulation
Target system, x ∈ Rn
xk+1 = Axk + Bwk + Gdk
wk ∈ [w, w], dk ∈ Rp
dk is unknown and arbitrary
Sensor network, i ∈ V = {1, . . . , N}
yi
k = Ci
xk + Di
vi
k + Hi
dk
vi
k ∈ [vi
, vi
]

7. 4
Introduction Observer design Stability Performance
Problem formulation (cont.)
Objective: distributed interval observer
a distributed system that generates xi
k , xi
k , di
k , and d
i
k such that
xi
k ≤ xk ≤ xi
k and di
k ≤ dk ≤ d
i
k ∀i ∈ V, k ≥ 0 (framer property)
the framers are uniformly bounded (stability)

8. 5
Introduction Observer design Stability Performance
Dealing with the unknown input
under some mild technical assumptions, we
1 Decompose the outputs into components
zi
1, affected by unknown input
zi
2, not affected by unknown input
2 Eliminate the input using feedback
Final reduced form
x+ = Āi
x + S̄i
zi
1 + T̄i
zi
2,+ + B̄i
w̃i
d = Āi
d x + S̄i
d zi
1 + T̄i
d zi
2,+ + Fi
w̃

9. 5
Introduction Observer design Stability Performance
Dealing with the unknown input
under some mild technical assumptions, we
1 Decompose the outputs into components
zi
1, affected by unknown input
zi
2, not affected by unknown input
2 Eliminate the input using feedback
Final reduced form
x+ = Āi
x + S̄i
zi
1 + T̄i
zi
2,+ + B̄i
w̃i
d = Āi
d x + S̄i
d zi
1 + T̄i
d zi
2,+ + Fi
w̃

10. 6
Introduction Observer design Stability Performance
Observer design
[Efimov.ea.2013]
x ∈ [x, x] ⇒ A+
x − A−
x ≤ Ax ≤ A+
x − A−
x
i) Propagation and measurement update
xi,0
k+1 = (Ãi
)+
xi
k − (Ãi
)−
xi
k + z̃i
k+1
+ (L̃i
)+
w̃i
− (L̃i
)−
w̃
i
xi,0
k+1 = (Ãi
)+
xi
k − (Ãi
)−
xi
k + z̃i
k+1
+ (L̃i
)+
w̃
i
− (L̃i
)−
w̃i
where Ãi
, Ti
Āi
− Li
Ci
2 and Ti
= I − Γi
Ci
2
Ti
, Li
, Γi
: observer gains (to-be-designed)
A+
ij , max{Aij , 0}, A−
= A+
− A

11. 7
Introduction Observer design Stability Performance
Observer design
Ni : Neighbors of node i
ii) Network update (state)
xi,t
k = max
j∈Ni
xj,t−1
k xi,t
k = min
j∈Ni
xj,t−1
k
xi
k = xi,tx
k xi
k = xi,tx
k

12. 8
Introduction Observer design Stability Performance
Observer design
Recall
d = Āi
d x + S̄i
d zi
1 + T̄i
d zi
2,+ + Fi
w̃
iii) Unknown input calculation
di,0
k = (Ãi
d )+
xi
k − (Ãi
d )−
xi
k + ξi
k+1
+ (Fi
)+
w̃i
− (Fi
)−
w̃
i
d
i,0
k = (Ãi
d )+
xi
k − (Ãi
d )−
xi
k + ξi
k+1
+ (Fi
)+
w̃
i
− (Fi
)−
w̃i
iv) Network update (input)
di,t
k = max
j∈Ni
dj,t−1
k d
i,t
k = min
j∈Ni
d
j,t−1
k
di
k = di,td
k d
i
k = d
i,td
k

13. 9
Introduction Observer design Stability Performance
Necessary and Sufficient Stability Condition
Definition (Individual errors)
ei
k ,
xk − xi
k
xi
k − xk
≥ 0
Collective error system
ek+1 = Mk Âek + Mk (Wk + Vk )
Mk ∈ M ⊂ {0, 1}2Nn×2Nn
is a state dependent switching signal encoding
xi
k = max
j∈N tx
i
xj,0
k xi
k = min
j∈N tx
i
xj,0
k
Theorem
The error system is ISS ⇐⇒ ∃M∗ ∈ M such that ρ(M∗Â) 1

14. 9
Introduction Observer design Stability Performance
Necessary and Sufficient Stability Condition
Definition (Individual errors)
ei
k ,
xk − xi
k
xi
k − xk
≥ 0
Collective error system
ek+1 = Mk Âek + Mk (Wk + Vk )
Mk ∈ M ⊂ {0, 1}2Nn×2Nn
is a state dependent switching signal encoding
xi
k = max
j∈N tx
i
xj,0
k xi
k = min
j∈N tx
i
xj,0
k
Theorem
The error system is ISS ⇐⇒ ∃M∗ ∈ M such that ρ(M∗Â) 1

15. 9
Introduction Observer design Stability Performance
Necessary and Sufficient Stability Condition
Definition (Individual errors)
ei
k ,
xk − xi
k
xi
k − xk
≥ 0
Collective error system
ek+1 = Mk Âek + Mk (Wk + Vk )
Mk ∈ M ⊂ {0, 1}2Nn×2Nn
is a state dependent switching signal encoding
xi
k = max
j∈N tx
i
xj,0
k xi
k = min
j∈N tx
i
xj,0
k
Theorem
The error system is ISS ⇐⇒ ∃M∗ ∈ M such that ρ(M∗Â) 1

16. 9
Introduction Observer design Stability Performance
Necessary and Sufficient Stability Condition
Definition (Individual errors)
ei
k ,
xk − xi
k
xi
k − xk
≥ 0
Collective error system
ek+1 = Mk Âek + Mk (Wk + Vk )
Mk ∈ M ⊂ {0, 1}2Nn×2Nn
is a state dependent switching signal encoding
xi
k = max
j∈N tx
i
xj,0
k xi
k = min
j∈N tx
i
xj,0
k
Theorem
The error system is ISS ⇐⇒ ∃M∗ ∈ M such that ρ(M∗Â) 1

17. 10
Introduction Observer design Stability Performance
Tractable and Sufficient Stability Condition
What about detectability? ρ(A − LC) 1 ; ρ(|A − LC|) 1
Assumption 1 (Sufficient condition for stability, informal)
For every node i ∈ V and state dimension s ∈ {1, . . . , n}, there is a j ∈ Ntx
i
which, given estimates of the other elements of xk , can compute a “good”
estimate of the sth
entry of xk

18. 10
Introduction Observer design Stability Performance
Tractable and Sufficient Stability Condition
What about detectability? ρ(A − LC) 1 ; ρ(|A − LC|) 1
Assumption 1 (Sufficient condition for stability, informal)
For every node i ∈ V and state dimension s ∈ {1, . . . , n}, there is a j ∈ Ntx
i
which, given estimates of the other elements of xk , can compute a “good”
estimate of the sth
entry of xk

19. 11
Introduction Observer design Stability Performance
Designing Stabilizing Gains
each node i ∈ V solves a local linear program and examines the rows of Ei
Theorem (Stabilizing gain design)
under Assumption 1, Li
∗, Ti
∗, and Γi
∗ solving
min
Ei ,Li ,Ti ,Γi
Pn
j=1
Pn
t=1 Ei
jt
subject to −Ei
≤ Ti
Āi
− Li
Ci
2 ≤ Ei
Ti
= In − Γi
Ci
2
guarantee that the observer is ISS.
solution identifies state dimensions which the node can estimate well

20. 11
Introduction Observer design Stability Performance
Designing Stabilizing Gains
each node i ∈ V solves a local linear program and examines the rows of Ei
Theorem (Stabilizing gain design)
under Assumption 1, Li
∗, Ti
∗, and Γi
∗ solving
min
Ei ,Li ,Ti ,Γi
Pn
j=1
Pn
t=1 Ei
jt
subject to −Ei
≤ Ti
Āi
− Li
Ci
2 ≤ Ei
Ti
= In − Γi
Ci
2
guarantee that the observer is ISS.
solution identifies state dimensions which the node can estimate well

21. 12
Introduction Observer design Stability Performance
Designing for Performance
seeks to zero-out the dynamics
sensitive to noise and leads to large errors (wide intervals)
can we do better while maintaining stability?
minimize a (linear) performance criteria similar to H∞ design
Error minimizing design
min
Zi ,Li ,Ti ,Γi
k|L̃i
|(w̃
i
− w̃i
)k∞
s.t. Ti
= I − Γi
Ci
2
Pn
t=1 Zi
jt 1, ∀j ∈ Ji
−Zi
≤ Ti
Ãi
− Li
Ci
2 ≤ Zi
Ji
: states for which the node is “responsible”
relies on the previous solution to verify assumption and identify Ji

22. 12
Introduction Observer design Stability Performance
Designing for Performance
seeks to zero-out the dynamics
sensitive to noise and leads to large errors (wide intervals)
can we do better while maintaining stability?
minimize a (linear) performance criteria similar to H∞ design
Error minimizing design
min
Zi ,Li ,Ti ,Γi
k|L̃i
|(w̃
i
− w̃i
)k∞
s.t. Ti
= I − Γi
Ci
2
Pn
t=1 Zi
jt 1, ∀j ∈ Ji
−Zi
≤ Ti
Ãi
− Li
Ci
2 ≤ Zi
Ji
: states for which the node is “responsible”
relies on the previous solution to verify assumption and identify Ji

23. 13
Introduction Observer design Stability Performance
Power System Example

24. 14
Introduction Observer design Stability Performance
Conclusions Future Work
proposed a novel distributed state and input interval observer
determined stability conditions
provided tractable methods for computing stabilizing gains
optimized the performance of the observer
future work: extensions to nonlinear, switched and hybrid systems

25. 15
Introduction Observer design Stability Performance
Thank you!
Questions?

26. 16
Back-Up Slides

27. 17
Appendix: min/max consensus
We use min/max consensus to share estimates between nodes
xi,t
k = max
j∈Ni
xj,t−1
k xi,t
k = min
j∈Ni
xj,t−1
k
Simple static example of min consensus
Fast convergence compared to average consensus (finite time)
Iterations acquire information from further neighbors (Nt
i )

28. 18
Multidimensional intervals
Definition
an interval Ix , [x, x] ⊆ Rn
: the set of all x ∈ Rn
that satisfy x ≤ x ≤ x
[?, Lemma 2]
A ∈ Rp×n
, x ≤ x ≤ x ∈ Rn
A+
x − A−
x ≤ Ax ≤ A+
x − A−
x
A+
ij , max{Aij , 0}, A−
= A+
− A