Adaptive Resilient Neural Control of Uncertain Time-Delay Nonlinear CPSs with Full-State Constraints under Deception Attacks

This paper focuses on the adaptive control problem of a class of uncertain time-delay nonlinear cyber-physical systems (CPSs) with both unknown time-varying deception attacks and full-state constraints. Since the sensors are disturbed by external deception attacks making the system state variables unknown, this paper first establishes a new backstepping control strategy based on compromised variables and uses dynamic surface techniques to solve the disadvantages of the huge computational effort of the backstepping technique, and then establishes attack compensators to mitigate the impact of unknown attack signals on the control performance. Second, the barrier Lyapunov function (BLF) is introduced to restrict the state variables. In addition, the unknown nonlinear terms of the system are approximated using radial basis function (RBF) neural networks, and the Lyapunov–Krasovskii function (LKF) is introduced to eliminate the influence of the unknown time-delay terms. Finally, an adaptive resilient controller is designed to ensure that the system state variables converge and satisfy the predefined state constraints, all signals of the closed-loop system are semi-globally uniformly ultimately bounded under the premise that the error variables converge to an adjustable neighborhood of origin. The numerical simulation experiments verify the validity of the theoretical results.


Introduction
The fundamental factor behind the advancement of theoretical approaches is the need in engineering practice. Since nonlinear systems make up the majority of systems in real engineering and cannot be approximated by utilizing linear approaches, stability analysis, and control design for unknown nonlinear systems have recently received a lot of interest from academics across the globe [1][2][3][4]. For nonlinear systems with strict feedback, the backstepping control technique was proposed in [5][6][7][8], which laid the groundwork for resolving nonlinear systems' control issues. The dynamic surface approach was introduced in [9] to improve the backstepping control strategy and address the problem of "complexity explosion". This considerably increased the backstepping technique's range of applications. The design of the system controller is greatly complicated by the presence of unknown nonlinear functions in the nonlinear system. Many studies and tests have demonstrated that the dynamic surface backstepping control method, which is based on the approximation technique, is effective in solving the adaptive control problem of unknown nonlinear systems [10][11][12][13][14][15][16][17][18][19]. The more advanced approaches now available for the system's unknown nonlinear variables use neural network approximation techniques [10,13,14,16,17] and fuzzy approximation techniques [15,18,19]. With the development of theoretical research, adaptive tracking control in multiple input multiple outputs (MIMO) systems has been

•
The adaptive control problem of nonlinear systems with full-state constraints and unknown deception attacks is investigated for the first time based on the studies in [24,38], and BLF is introduced for state constraints so that the system can satisfy full-state constraints as well as remain stable under external deception attacks. • A novel adaptive resilient recursive control approach based on state variables compromised by deception attack signals is employed for unknown time-varying deception attacks. An attack compensator is created during the recursive process to handle the effects of the unknown deception attacks on the controller design.
This paper's general organization can be broken down into six sections. The research foundation and the problem this paper is addressing are introduced in this segment, which is the study's opening section. The system's mathematical model, together with any underlying presumptions and lemmas, is introduced in Section 2. Section 3 introduces the techniques utilized in the controller's following recursive design. The controller's recursive design process and the system's stability analysis are both covered in Section 4. To confirm that the theory is feasible, Section 5 conducts two simulation tests. The entire paper is concluded in Section 6.

Problem Formulation
Consider the following mathematical model of an unknown nonlinear time-delay system under deception attacks: x n (t) = u + f n (x n (t)) + h n (x n (t − τ n (t))) + ϕ a (t, x n (t)) x j (t) = x j (t) + ϕ j,s (t, x j (t)) y(t) = x 1 (t) (1) Entropy 2023, 25, 900 4 of 28 where i = 1, 2, . . . , n − 1 represents the number of subsystems the system has and j = 1, 2, . . . , n represents the total number of sensors it has, x j (t) = [x j (t), x j (t), . . . , x j (t)] ∈ Ω j is the actual state variable while y(t) = x 1 (t) ∈ Ω is taken to be the system's output, x j (t − τ j (t)) = [x 1 (t − τ 1 (t)), x 2 (t − τ 2 (t)), . . . , x j (t − τ j (t))] ∈ Ω j is the state variable with an unknown time-delay τ j (t), u ∈ Ω is the actual control input. f j (x j (t)) : Ω j → Ω is an unknown nonlinear continuous function, h j (x j (t − τ j (t))) : Ω j → Ω is an unknown nonlinear continuous function that has an unknown time-delay, ϕ a (t, x n (t)) : Ω n → Ω is an actuator deception attack, ϕ j,s (t, x j (t)) is a sensor deception attack, etc. These two types of attacks' functions are all unknown time-varying continuous. As well, the compromised variable of the system variable x j (t) following the occurrence of the unknown deception attack is defined as x j (t), and Assumption 1 elaborates on its specific mathematical expression.

Remark 1.
To ensure the reliability of the system model, refer to [24], the initial state of the system state variable x n (t 0 ) = (t 0 ), −m ≤ t 0 ≤ 0 is specified in this paper. For the unknown time-delay τ j (t) mentioned in the system Equation (1), there is 0 < τ j ≤ m j < ∞ and 0 < . τ j ≤ m j,d < ∞, so m can be defined as m = max m 1 , m 2 , m j , . . . , m n . To guarantee the stability of the system and the model of universal adaptation, this definition describes the beginning moment of the system state and the boundedness of the unknown time-delay term.

Remark 2.
The nonlinear functions f j (x j (t)) and h j (x j (t − τ j (t))) reflect the nonlinearity and uncertainties of the system shown in (1). Note that since the unknown nonlinear terms of the system need to be approximated by the RBF neural network, it is required that the functions f j (x j (t)) and h j (x j (t − τ j (t))) are bounded. Of course, if there are unbounded terms in the dynamic equations of the system (1), then the system must be unstable, and it is meaningless to discuss the control method any further. Remark 3. System (1) represents a class of nonlinear systems with unknown time-delay terms and unknown nonlinear terms. Each of its sensors suffers from an unknown deception attack, and the actuators of the system suffer from the same type of attack. The actual systems mentioned in [23], such as robotic systems and recycling chemical reactors, and networked control systems, as well as electrical networks in [44], may suffer from external malicious attacks in their communication networks, so the problem can be described by the differential equations of the system (1).

Control Objective:
The central issue of this study is the adaptive resilient control problem for a class of time-delay nonlinear systems with full-state constraints under unknown deception attacks. The established controller makes the system stable, and the state variables satisfy the predetermined constraint limits. In addition, all of the system's closed-loop signals are uniformly ultimately bounded, and the stability error converges to an adjustable neighborhood of the origin. Assumption 1 [24,45]. It is clear from the system's features that the sensor and actuator attack signals are reliant on the system's state variables. Define the sensor attack signal ϕ j,s (t, x j (t)) = δ j (t)x j (t), j = 1, 2, . . . , n and actuator attack signal ϕ a,s (t, x n (t)) = φ a (t)q(x n (t)), where δ j (t) and φ a (t) are unknown time-varying signals and q(x n (t)) : Ω n → Ω is an unknown continuous nonlinear function. On this basis, both the unknown time-varying attack signals δ j (t) and φ a (t) are bounded, i.e., δ j (t) < δ j , . δ j (t) < δ j,d , and |φ a (t)| < φ a , where δ j , δ j,d and φ a are unknown constants.

Remark 4.
For the two aforementioned assumptions, the following two explanations are provided.

•
The model cited in [24,45] is based on Assumption 1, and it is significant to note that the unknown deception attack is introduced into a nonlinear system to cause damage. So, the attack signal must be controllable by the attacker for the attack to have the intended destructive effect. The main prerequisite for a controllable signal is that the signal is bounded because it is generally known that an infinite signal cannot be controlled. As a result, we reasonably assume that the attack signals δ j (t) and φ a (t) are bounded.

•
Similar to what was said in [24], the reason we introduced the compromised variable x j (t) is that the impact of unknown deception attacks prevents us from measuring the actual state variable. We should define a variable first, that is, j = 1 + δ j (t).
Because if j = 0, it also makes x j (t) = j x j (t) = 0, which prevents us from using the compromised variable x j (t) as intended, so Assumption 2 specifies that i > 0.
Lemma 2 [47]. Lemma 1 states that nonlinear functions with unknown time-delay terms are handled using the separation method described in [46], that is where µ j,m (·) is an unknown and continuous function.
Definition 1 [24]. The system stability discussed in this paper refers to the semi-global uniformly ultimately bounded. The definitions are as follows: β exists in an adjustable neighborhood of the origin with β ∈ (0, b), where b > 0 is an adjusted constant. There also exists a time constant N, related to β and c, i.e., N = N(β, c), where c > 0 is also an adjusted constant. There is: x n (t 0 ) ≤ β, ∀t ≥ t 0 + N, where t 0 is the initial time from Remark 1 and x n (t 0 ) = sup −m≤o≤0 x n (t 0 + o) .

RBF Neural Network Approximate Technique
Since RBF neural networks can approximate any nonlinear function with arbitrary accuracy, and they have global approximation capability with fast learning and convergence, RBF neural networks are used in this paper to approximate the unknown nonlinear function in system (1). As mentioned in [47], if the approximation error is given as ε > 0, for any nonlinear continuous function Q(Z) on a compact set Ξ Z ∈ Ω q , there exists an RBF neural network that approximates Q(Z), i.e., where ω * stands for the ideal weight vector of the neural network, which can be defined as ω * := arg min . N is the number of neurons and ε(Z) is the approximation error. S(Z) is the RBF neural network's activation function vector and S(Z) = [s 1 (Z), s 2 (Z), . . . , s N (Z)] ∈ Ω N is precisely a Gaussian function which are listed as where i = [ i1 , i2 , . . . , iq ] ∈ Ω q , i = 1, 2, . . . , N is the center of the receptive field; i is the width of the Gaussian function.
Assumption 3 [48]. There exists an unknown constant W > 0 that ensures that the RBF neural network weights are bounded W < W.
Lemma 3 [48]. The RBF neural network's activation function is a bounded Gaussian function, that is S(Z) ≤ S.

Full-State Constraints: Barrier Lyapunov Function
In [49], to ensure that the constraints on the system state variables are not violated, the BLF based on the error surface is proposed: where log(·) stands for the natural logarithm, e is the error surface, and k b > 0 is the constraint constant. The function value of this function will converge to infinity when the error gets close to the constraint k b , guaranteeing that the state constraints are not broken.
In the future backstepping recursive design process, this function will be employed as a component of the Lyapunov function to create the Lyapunov function for each subsystem.
Lemma 4 [41]. For any positive real number k b and the variable θ ∈ Ω satisfying the condition that |θ| < k b , the following inequality holds: where p is a positive constant.

Establishment of the Controller
In this section, a recursive design strategy based on RBF neural networks for the controller of system (1) will be developed so that all variables of the closed-loop system converge, while ensuring the full-state constraints of the system. Inspired by the novel backstepping recursive control strategy in [24], the error surface based on the compromised variables is firstly established, followed by the recursive design of the system controller, and finally, the stability of the system is tested.
Using the Backstepping recursive control design method as a framework, we decompose (1) into n first-order systems and construct Lyapunov functions for each first-order system to obtain the specific form of the virtual controller and to ensure the stability of each first-order system. With the previous n − 1 virtual controller forms, we can derive the specific form of the actual controller of the system in the n-th step. In this process, in order to make the form of the virtual controller simple and to keep the system stable, we need to choose the specific form of the appropriate attack compensator and the RBF neural network weight adaptive law. Eventually, the following conclusions were obtained: .ω .ω .δ where j = 2, 3, . . . , n and k i > 0, l i > 0, k i > 0, σ i > 0, a i > 0, π i > 0 are design constants with i = 1, 2, 3, . . . , n. γ j = x j −δ j z j is an intermediate variable which can avoid using e j in design of controller. z j is the output signal of filter.δ j is attack compensator to mitigate the effect of deception attacks and is the actual controller of the system, (10) is the weight adaptive law of the RBF neural network in Step 1, (11) is the adaptive law of RBF neural network weights for Step 2 to Step n, and (12) is the attack compensators from Step 2 to Step n. The origin of all the formulas and parameters will be derived in the next two sections.

Error Surface Coordinate Transformation
This study utilizes the dynamic surface technique to enhance the backstepping technique and eliminate the issue of "complexity explosion" generated by it. As a result, the following coordinate transformation is used: where e 1 and e i , i = 2, . . . , n are the error variables, α i is the virtual controller and also the input signal of the first-order low-pass filter, z i is the output signal of the first-order low-pass filter, and ς i is the error between the input and output signals of the first-order low-pass filter. The specific form of the first-order low-pass filter is where ν i > 0 is the first-order low-pass filter's inherent constant. The error surfaces based on the compromised variables are In the latter, the controller's recursive design primarily employs (12) in place of (10).

Recursive Design Process of Controller
The recursive design steps of the adaptive resilient controller for nonlinear time-delay systems (1) with full-state constraints will be presented as follows.
The Lyapunov Function V 1 is chosen as where the Lyapunov-Krasovskii function V L,1 is where ι 1 > 0 is an unknown constant, σ 1 is a design constant and ψ 1,1 (·) is an unknown continuous nonlinear function which is same as µ 1,1 (·) defined in (5). Since this paper has the same delay problem as the one studied in [24], the same form of LKF is chosen to solve the delay problem. Substituting (16) into the time derivative of V 1 yields Calculating the first-order derivative of concerning time t and using the boundness of the time-delay term in Remark 1 to amplify the equation, we can obtain V L,1 ≤ −ι 1 V L,1 + p 1 − ψ 2 1,1 (x 1 (t − τ 1 )) and p 1 = e ι 1 m 1 1−m 1,d ψ 2 1,1 (x 1 ). Then, using Lemma 2, we have . (20) In the meanwhile, by introducing auxiliary variables η 1 = 1 +λ 2 1 ) and using x 2 = e 2 + z 2 = e 2 + α 2 + ς 2 to simplify the inequality (19), we have There exists an unknown continuous function Q 1 (Z 1 ) that can be expressed as Then, using RBFNN to approximate the unknown nonlinear function Substituting Equation (22) into inequality (21), we can obtain Entropy 2023, 25, 900 9 of 28 Next, we can design the virtual controller to ensure system stability where l 1 and k 1 are design constants. They are specified to have a positive sign, and the positive and negative coefficients are reflected in the front of this term. And with the help of Lemma 3, the inequality (23) can be reduced to the following form: where is also the input vector of RBF neutral network composed of compromised variables. The weight adaptive law of RBFNN is (11), and bringing it into (25), we can get

The i-th Step of Backstepping
Step The Lyapunov Function V i in this step is chosen as where ι j is an unknown constant and ι j > 0 and ψ i,j (·) is an unknown continuous nonlinear function which is same as µ i,j (·) defined in (5).
The first-order derivative of V L,i with respect to time t can be written as . Similarly, by using Lemma 3, one has Entropy 2023, 25, 900 10 of 28 So, the derivative of the Lyapunov function V i is is introduced in this step, and in the meanwhile, we add and subtract some auxiliary terms to help us create some desired terms and eliminate some unknown interfering terms. We can obtain where .
Then, the unknown continuous nonlinear function Q i (Z i ) can be expressed as where the input vector is Substituting the (34) into (33), we have In the next step, since the state variables x i and the actual error surface e i of the system cannot be measured, the intermediate variable γ i is introduced to replace the actual error surface. From (13) and (15), we have So, using the intermediate variable γ i = x i −δ i z i , the above equation can be transformed as e i = λ i (γ i − δ i z i ). It is the representation of the system error surface using the attack compensator. The attack compensator isδ i , which is the estimated value of the unknown deception attacks. In the course of the subsequent analysis, e i with an attack compensator is used to mitigate the impact of the unknown deception attacks on the system stability control. Then, by substituting the new equation into (35), we can obtain The virtual control law α i+1 in this step can be designed as where k i > 0, l i > 0, k i > 0 are design constants of the virtual controller.
. V i after adding the virtual controller (38) is Considering the auxiliary term − k i Using the inequality to simplify (39), one has where  (11) and (12), respectively. Substituting (11) and (12) into (40) again, we get From

The n-th
Step of Backstepping Step n: Consider the n-th error surface e n = x n − z n The Lyapunov Function V n is chosen as where δ n = δ n −δ n , σ n is a design constant. LyapunovKrasovskii function V L,n is where ι n is an unknown constant and ι n > 0 and ψ n,j (·) is an unknown continuous nonlinear function which is same as µ n,j (·) defined in (5).
Substituting (43) The first-order derivative of V L,n with respect to time t can be written as V L,n ≤ −ι n V L,n + p n − n ∑ j=1 ψ 2 n,j (x j (t − τ j )) with p n = n ∑ j=1 e ιn m j 1−m j,d ψ 2 n,j (x j ). Next, as in Step I, using Lemma 3, we obtain 1 λ n e n h n (x n (t − τ n )) + λ n e n k 2 b n − e 2 n h n (x n (t − τ n )) The auxiliary variables η n = 4λ n e n p n (k 2 bn −e 2 n ) 3c n (k 2 bn −e 2 n +λ 2 are introduced to the derivative of the Lyapunov function V n to create some ideal terms. So, we have There also exists an unknown continuous function Q n (Z n ) that can be expressed as Q n (Z n ) = f n (x n ) + φ a (t)q(x n (t)) + e n 4λ n + 3λ n e n 4(k 2 bn −e 2 n ) − λ n,d 2λ n e n + η n + M n − N n . Then the RBFNN technique can be used to approximate this unknown function where the input vector is Z n = [x n , e n−1 , e n , z n ] . Substituting the (49) Similar to the above process, denoting γ n = x n −δ n z n , and we have e n = λ n (γ n − δ n z n ). So, the derivative is At this step, we design the actual controller of the system (10) based on the form of the virtual controller (24) as well as (38) in the above steps. The weight adaptive law .ω n and attack compensator .δ n are also designed as (11) and (12), respectively. Substituting (10), (11), and (12) into (51) yields . V n ≤ γ n (−l n γ n − (2k n + k n ) 2 z 2 n γ n + χ n ) − δ n z n ( ω n S n ( Z n ) + χ n ) + 4 3 p n − 4e 2 n 3c n p n + a n ω nωn + λ n e n k 2 bn −e 2 n (−l n γ n + χ n ) + ( where χ n = ω n [S n (Z n ) − S n ( Z n )] + ε n (Z n ) and Z n = [ x n , e n−1 , e n , z n ] is also the input vector of RBF neutral network composed of compromised variables.

Stability Analysis
The previous section uses a recursive design approach to decompose the n-order system shown in (1) into n first-order systems to design their corresponding virtual controllers separately, and finally the specific form of the actual controller (10) is obtained. In this section, it will be analyzed whether the designed controller can make the whole system stable, and the conclusion is: Theorem 1. Adaptive resilient control with both unknown deception attack and full-state constraint problems is solved for the unknown time-delay nonlinear system illustrated in (1), and the designed control method consists of controllers (24), (38), and (10), weight adaptive laws (11), and attack compensators (12) to guarantee that all system variables are semi-globally uniformly ultimately bounded, while state variables satisfy the predefined constraint limits, and the error variables converge to an adjustable neighborhood of the origin.

The Proof of Theorem 1
Proof. We select the total Lyapunov function V to simplify the analysis that follows.
By taking the first-order derivative of the total Lyapunov function V, we obtain It is required to add that e 1 = γ 1 for (55), and in this work, let k 1 > 0 to assure the accuracy of the calculation. Next, simplify some of the terms in (55) using Young's inequality so that it can take the desired form. They are listed as follows: On top of this, we also need to define some constants to help us further simplify the inequality (55), The following form can be obtained: The error ς j between the input signal and the output signal of the first-order low-pass filter in (14) is discussed in detail as follows. The . ς j+1 mentioned in (56) can be expressed a It is clear that the stability of the system is significantly impacted by the boundedness of . α j+1 , j = 1, 2, . . . , n − 1, and the following discussion specifically addresses . α j+1 .
In accordance with (62), we divide into three cases and take into account the magnitude (1 − e 2 j c j )p j in each case: the first case is e j ≤ √ c j , i.e., 2 (1 − e 2 j c j )p j ≥ 0. We analyze the stability of each variable step by step. First, when j = 1, |e 1 | ≤ √ c 1 is bounded, and according to (2) and Assumption 1, we can learn that e 1 , x 1 , and x 1 are bounded, which meansω 1 is bounded, making the virtual controller α 2 bounded. Second, when j = 2, |e 2 | ≤ √ c 2 is bounded, and according to Assumption 1, we can learn that e 2 is bounded; additionally, it can be deduced from the boundedness of α 2 that its filter signal z 2 is also bounded; when combined with the boundedness of z 2 , e 2 and (13) it can also be deduced that x 2 ,ω 2 , and δ 2 are also bounded, indicating that α 3 is bounded. When j = 3, according to |e 3 | ≤ √ c 3 is bounded, it can be known e 3 is bounded, according to α 3 is bounded, it can be known z 3 is bounded, and the same procedure as when j = 2, it is possible to determine that x 3 ,ω 3 ,δ 3 , and α 4 are bounded. At j = n, which is reached by repeatedly doing the aforementioned process, it is known that the closed-loop system's actual controller, u, and all of its signals are bounded.
The above inequality (63) can be expressed as . V ≤ −ρ * V + m * . Repeating the analysis steps in Case 2, we may draw the conclusion that the closed-loop system's signals all converge and that the size of the chosen parameters determines the width of the error variable's convergence domain.

•
By proving cases 1-3, the proof of Theorem 1 is finished. • Figure 1 is the block diagram of the method proposed in this paper. For a class of unknown nonlinear systems under deception attacks, we use the Backstepping technique as a framework to design a controller u based on Lyapunov stability theory that allows the system to maintain stability while its state variables satisfy a predetermined full-state constraint.
ER REVIEW 19 of 30 Figure 1. Block diagram of the method proposed in this paper.

Remark 5.
The parameters selected in the design process above are only sufficient conditions for system stability. As analyzed in Case 2 above, under the premise of ensuring system stability, appropriately increasing ρ or decreasing m will theoretically reduce the size of the error variable to a certain extent, but it does not mean that the larger the value of ρ is, the better, or the smaller the value of m is, the better, and the optimal value needs to be further determined in practice.

Remark 6.
The method designed in this paper only guarantees that the system remains stable under the condition that the constraint is satisfied, but does not consider the time for the system to reach stability. As analyzed in the above three cases, the system reaches the steady state when time t →∞ , but for a practical system device, it is obvious that the shorter the time t to reach stability, the better. This is the limitation of this paper and an urgent problem for the next research work.

Remark 7.
Anti-attack control of CPS is one of the important branches of security control, and the purpose of this article is to keep the system stable, and the system state variables satisfy the constraint limits even when the system is subject to full-state constraints and external unknown deception attacks. I believe that applying it to the control example of a bottleneck section of a highspeed trains systems studied in [34] will yield good results.

Remark 8.
The following directions can be pursued in the follow-up research process:

Remark 5.
The parameters selected in the design process above are only sufficient conditions for system stability. As analyzed in Case 2 above, under the premise of ensuring system stability, appropriately increasing ρ or decreasing m will theoretically reduce the size of the error variable to a certain extent, but it does not mean that the larger the value of ρ is, the better, or the smaller the value of m is, the better, and the optimal value needs to be further determined in practice.

Remark 6.
The method designed in this paper only guarantees that the system remains stable under the condition that the constraint is satisfied, but does not consider the time for the system to reach stability. As analyzed in the above three cases, the system reaches the steady state when time t → ∞ , but for a practical system device, it is obvious that the shorter the time t to reach stability, the better. This is the limitation of this paper and an urgent problem for the next research work.

Remark 7.
Anti-attack control of CPS is one of the important branches of security control, and the purpose of this article is to keep the system stable, and the system state variables satisfy the constraint limits even when the system is subject to full-state constraints and external unknown deception attacks. I believe that applying it to the control example of a bottleneck section of a high-speed trains systems studied in [34] will yield good results.

Remark 8.
The following directions can be pursued in the follow-up research process: • Without concentrating on the system's convergence time, the stability of the system is simply ensured in this study. The problem of finite-time adaptive resilient control of nonlinear time-delay systems with actuator failure and error data injection attacks is addressed in [50]. This finite-time resilient control method can be used in the next stage of research to accelerate the convergence speed of the system for nonlinear systems with both unknown deception attacks and full-state constraints. • Standing in the perspective of saving resources to consider, event-triggered control methods are proposed for unknown nonlinear systems in [51], but relatively little research has been done on adaptive event-triggered control for nonlinear systems with both unknown deception attacks and full-state constraints, which is a very promising research direction.

•
In this study, all sensors and actuators are presupposed to be affected by unknown deception attacks, although in real-world engineering, this is extremely uncommon and frequently only some of the actuators and sensors are exposed to unknown deception attacks. Therefore, taking into account the system's resource usage and execution efficiency, a detection and estimation method for deception attacks on the actuators of nonlinear systems is proposed in [52]. Our next step can be to develop an attack detection method based on this approach.

Simulation
In this section, two specific examples will be provided to verify the rationality and validity of the theory. The first example is a numerical example and the second example is a practical case, a chemical reactor recovery system. It should be added that the simulation examples in this article are implemented using MATLAB software, without calling any library functions or toolboxes, and the simulation experiments are completed using only script files (.m).

Remark 9.
In order to avoid uncontrollable situations, our initial values are chosen to be within the state constraints, namely, . Within the above range, the initial value can be chosen arbitrarily. Regarding other parameters, the case of setting is not unique. Since we only need to justify the theory presented in this paper, all it takes is the existence of a situation in which it holds. The specific setting of the parameters varies with the case of the dynamic equations. Figure 2 depicts the evolution of the system's state variable, as time passes, each one converges and satisfies the preset state constraints. Figure 3 shows the curves of the virtual controller and the actual controller with time, all three show the process from fluctuation to convergence. The attack compensator's changing curve is depicted in Figure 4. Figure 5 shows the system error variables' change curve, which converges with time and follows the same general pattern as the system state variables and the controller. Figure 6 depicts the first-order filter's variation curve for the controller's output variables, and Figure 7 depicts the RBF neural network's approximate variation curve. Using the control technique described above can successfully maintain the stability of the nonlinear system under unknown deception attacks and better satisfy the predefined full-state constraints, as can be shown when combined with the aforementioned simulation findings. the first-order filter's variation curve for the controller's output variables, and depicts the RBF neural network's approximate variation curve. Using the con nique described above can successfully maintain the stability of the nonlinear s der unknown deception attacks and better satisfy the predefined full-state cons can be shown when combined with the aforementioned simulation findings.

Example 2.
We introduce the chemical reactor recovery system in [44] to verify the prac plicability and theoretical correctness of the theoretical approach in this paper. As men [44], there is always some unnecessary waste in chemical reaction systems. In order to im utilization of resources, chemical reactor recycling systems were born. Their main operatio aration, separating raw materials from products which are later recycled through differe In the process of recycling, delays are inevitably generated. Moreover, during the operati

Example 2.
We introduce the chemical reactor recovery system in [44] to verify the practical applicability and theoretical correctness of the theoretical approach in this paper. As mentioned in [44], there is always some unnecessary waste in chemical reaction systems. In order to improve the utilization of resources, chemical reactor recycling systems were born. Their main operation is separation, separating raw materials from products which are later recycled through different paths. In the process of recycling, delays are inevitably generated. Moreover, during the operation of the whole device, it is also very vulnerable to external deception attacks that put the whole system in crisis.
In this paper, the problem of adaptive stability control of a class of three-stage chemical reaction cycle systems with time delays is studied. The dynamics of a three-stage chemical reaction system are shown in [44].

Example 2.
We introduce the chemical reactor recovery system in [44] to verify the practical applicability and theoretical correctness of the theoretical approach in this paper. As mentioned in [44], there is always some unnecessary waste in chemical reaction systems. In order to improve the utilization of resources, chemical reactor recycling systems were born. Their main operation is separation, separating raw materials from products which are later recycled through different paths. In the process of recycling, delays are inevitably generated. Moreover, during the operation of the whole device, it is also very vulnerable to external deception attacks that put the whole system in crisis.
In this paper, the problem of adaptive stability control of a class of three-stage chemical reaction cycle systems with time delays is studied. The dynamics of a three-stage chemical reaction system are shown in [44].

=0.5 ϒ
is the feed rate of this system, and the equilibrium point is 3 = 7  . In addition to this, 1 x and 2 x are the reactor production stream components, which are similar to the state variables of the system. If we convert (87) into the form of (1) and consider the deception attacks from outside, we will get the following one:

Example 2.
We introduce the chemical reactor recovery system in [44] to verify the practical applicability and theoretical correctness of the theoretical approach in this paper. As mentioned in [44], there is always some unnecessary waste in chemical reaction systems. In order to improve the utilization of resources, chemical reactor recycling systems were born. Their main operation is separation, separating raw materials from products which are later recycled through different paths. In the process of recycling, delays are inevitably generated. Moreover, during the operation of the whole device, it is also very vulnerable to external deception attacks that put the whole system in crisis.
In this paper, the problem of adaptive stability control of a class of three-stage chemical reaction cycle systems with time delays is studied. The dynamics of a three-stage chemical reaction system are shown in [44].

=0.5 ϒ
is the feed rate of this system, and the equilibrium point is 3 = 7  . In addition to this, 1 x and 2 x are the reactor production stream components, which are similar to the state variables of the system. If we convert (87) into the form of (1) and consider the deception attacks from outside, we will get the following one: = 0.5 is the feed rate of this system, and the equilibrium point is = 7 3 . In addition to this, x 1 and x 2 are the reactor production stream components, which are similar to the state variables of the system.
If we convert (72) into the form of (1) and consider the deception attacks from outside, we will get the following one: where j = 1, 2 are the number of sensors, the unknown nonlinear terms are f 1 ( . In addition to the system functions, we also have deception attacks of sensors as ϕ 1,s = 0.8 + cos(2t) and ϕ 2,s = 0.3 + sin(t), deception attack of actuator is ϕ a = cos(t) cos(x 2 (t))x 1 (t). The uncertainty of the system is reflected in the unknown nature of the f i (x i ), h i (x i (t − τ i )) function.

Conclusions
For an unknown nonlinear system with unknown deception attacks and constraints, an adaptive resilient control strategy based on neural networks is p In the design process, the dynamic surface technique is used to improve the back control strategy to reduce its computational complexity. The state variables of th become unmeasurable due to the impact of the unknown deception attacks, so compromised variables-based backstepping control method is used in this paper come the problem of unavailable state variables. The unknown nonlinear terms mated using RBF neural networks, and an attack compensator is built to mit Figure 11. RBF neural network approximation curve of Example 2.

Conclusions
For an unknown nonlinear system with unknown deception attacks and full-state constraints, an adaptive resilient control strategy based on neural networks is proposed. In the design process, the dynamic surface technique is used to improve the backstepping control strategy to reduce its computational complexity. The state variables of the system become unmeasurable due to the impact of the unknown deception attacks, so a novel compromised variables-based backstepping control method is used in this paper to overcome the problem of unavailable state variables. The unknown nonlinear terms are estimated using RBF neural networks, and an attack compensator is built to mitigate the impact of deception attacks. For the unknown time-delay terms, LKF is introduced to eliminate its influence on the controller design. The full-state constraint is an inevitable problem in practical engineering, so BLF is introduced to restrict the system state variables. Finally, the feasibility of the theory is confirmed by two simulation experiments. In future work, we can consider adding event-triggering techniques to achieve energy saving, or using finite-time adaptive control strategy to accelerate the convergence speed of the system, etc.