Couple-Group Secure Consensus and Detection for a Kind of Heterogeneous Multi-Agent Systems With Time Delay and Cooperative-Competitive Relations Under Malicious Attacks

In this article, the couple-group secure consensus of a kind of heterogeneous multi-agent systems (HMASs) with cooperative-competitive relation and time delays has been investigated if it receives malicious attacks. Based on cooperative-competitive relation and time delays, a new couple-group secure consensus protocol is designed. By applying the graph theory, linear algebra theory, probability theory, the linear combination theory and Getschgorin theorem, several sufficient conditions have been obtained to realize the couple-group secure consensus for this system. The obtained results also show the upper limitation of input delay can be computed if the parameters of system are given. It worth pointing out the topology of HMASs is no more needed to contain a spanning tree or meet with the balance of in or out degree in the obtained results. In additional, an adaptive function is added to speed up the convergence of consensus. Combined these obtained results with T-test, a novel detection algorithm has also been designed to determine that the nodes are security or not. Some examples have been given to prove the effectiveness of these obtained results and the improved secure detection algorithm.


I. INTRODUCTION
Now, MASs has become a hot issue due to its potential applications in many areas, for instances, vehicle control [1], smart grids [2], optimal persistent monitoring [3] wireless sensor networks [4] and so on. Consensus, as the most basic issue of MASs, has been widely investigated by many researchers and a lot of meaningful achievements have been obtained [5], [6], [7], [8], [9], [10]. On the other hand, MASs The associate editor coordinating the review of this manuscript and approving it for publication was Petros Nicopolitidis . is an open system in real network. It can be easily attacked by various attacks, such as deception attacks [11], denialof-service (DoS) attacks [12] and Byzantine attacks [13], etc. Those attacks can lead the system to be instability or even it can make the states of agents out of the safe interval. Consequently, it is very important for us to study the secure consensus of MASs with malicious attacks.
Fortunately, some meaningful works have been done for the secure consensus of MASs [14], [15], [16], [17]. In [14], a secure consensus protocol has been designed for both discrete and continuous MASs with dynamic topology. On basis of SIA matrix, stability and graph theory, several valuable results have been obtained for the secure consensus of the discrete or continuous MASs if the topology contains a spanning tree. In [15], a new secure consensus scheme has also been devised for a type of discrete MASs with time delay. The secure consensus of this system can be realized only if the topology is (2f+1)-robust and the upper limitation of time delay can be computed. In [16], an improved secure consensus algorithm has been given for a class of first-order MASs. By applying the intermediate state, the complexity of the improved algorithm can be reduced. In [17], a novel control protocol has been proposed for the secure consensus of a type of nonlinear MASs with time delay. By constructing Lyapunov-Krasovskii function, some sufficient conditions have been derived for the secure consensus of this system. However, among these achievements, all agents are needed to reach a same state. In fact, in many real situations, agents of MASs will emerge different states due to internal or external influences. This phenomenon is named group consensus. In some extent, group consensus is the extension of consensus. Now, group consensus has also been widely studied by many scholars [18], [19]. In [18], a novel protocol is proposed for the group secure consensus of a kind of MASs with competitive relation. The group consensus of this system can be realized if the topology of system contains a spanning tree. In [19], the secure consensus problem has also been discussed for a type of MASs with time delay. The influence of time delay of this system can be reduced by a predictive scheme. Several sufficient conditions have been gained to obtain the secure group consensus of this kind of MASs.
Furthermore, as the most basic situation of group consensus, couple-group consensus has also been attracted much attention by many researchers [20], [21]. In [20], based on competitive relation, a couple-group scheme has been designed for a class of MASs. The couple-group secure consensus can be achieved if the topology of MASs satisfies balance of structure. In [21], the couple-group consensus has been investigated for a kind of second-order MASs with communication delay and cooperative relation. By using linear matrix inequality, Lyapunov-Krasovskii function and stability theories, some sufficient conditions have been gained for the couple-group consensus of this system. Inspired above discussions, most of the obtained results are only related to cooperative or competitive relation [18], [20], [21]. However, cooperative and competitive relation may coexist in a lot of real systems [22], [23]. Hence, it is essential for us to investigate the secure consensus of MASs with cooperative-competitive relation [22], [23]. In [22], based on logarithmically quantized information and cooperative-competitive relation, a distributed secure consensus scheme has been designed for a class of MASs. By applying non smooth analytic techniques, several sufficient conditions have been achieved for the couple-group secure consensus of this system. In [23], two nonlinear secure consensus protocols have been constructed for a kind of MASs in cooperative-competitive networks. Several significant results have been derived for finite-time couple-group secure consensus of this system if the topology of MASs is structurally balanced.
On the other hand, various time delays almost exist in all real MASs, such as communication, processing and input time delay, and so on. In fact, communication time delay will occur when the information is swapped between any two agents. Input time delay will also be produced due to various external disturbances. No matter communication time delay or input time delay, both of them can influence the performance of the MASs, such as instability, sometimes it can even make the system malfunction. Hence, it is very important for us to consider time delay when the consensus of the MASs has been discussed [24], [25], [26]. In [24], the group consensus of HMASs with input time delay has been studied. On basis of matrix theory and frequency-domain analytical method, several meaningful results have been gained for the couple-group consensus of this system. The upper bound input time delay can be calculated if the parameters are determined. In [25], consensus of MASs with doubleintegrator dynamics and time-varying delays has been studied. By applying equivalent reduced-order system, consensus of state and velocity can be reached if the time-varying delays is satisfied some sufficient conditions. In [26], based on a neural-network-based distributed control algorithm, the couple-group consensus of nonlinear MASs with time delay has also been investigated.
Of course, as an open system in networks, MASs is vulnerable to receive malicious attacks [11], [12], [13]. Malicious attackers can send different false information to different agents. In most situations, the information is very deceptive. Those attacks can greatly affect the performance of MASs as same as time delay. Furthermore, the states of MASs cannot be kept in the safe span even if the consensus has been achieved in many actual situations. To defend the influence of these attacks, event-triggered control methods have been designed for MASs [27], [28]. In [27], a nonlinear eventtriggered secure consensus protocol has been designed to reduce the DOS attacks for a kind of MASs. In [28] and [29], both static event-triggered secure consensus protocol and algorithm have been proposed to reduce the impact of sequential scaling attacks for a class of first order MASs. Especially in [29], the secure consensus protocol has been designed to defend the Byzantine attacks for a kind of HMASs. Based on [29], an improved algorithm has been proposed in [30]. Compared with [29], the improved algorithm has better ability in reducing the complexity of computation.
Motivated by above studies and analysis, it is very meaningful for us to investigate the couple-group secure consensus of HMASs with time delays and cooperative-competitive relation if the system receives malicious attacks. There are main triple contributions in this article. Firstly, based on cooperative-competitive relation and time delay, a new secure consensus control protocol has been designed for a class of HMASs. Different from existing results, both cooperative-competitive relation and time delay are considered. Secondly, graph theory, linear algebra theory, probability theory, Getschgorin Theorem and complex frequency analytic method have been used to discuss the couple-group secure consensus of this system. Several sufficient conditions have been achieved to realize the couple-group secure consensus. Compared with the given results, the topology of this HMASs will no need to contain a spanning tree or satisfy the balance of in or out degree. Thirdly, based on the original secure consensus algorithm and T-test, an improved secure consensus algorithm has been put forward to judge the node is an attacker or not.
There are four parts in the following content of this article. In part II, problem statement is introduced. In part III, some preliminaries have been addressed. In part IV, the couplegroup of a kind of HMASs will be discussed. In part V, several numerical experiments are presented to describe the feasibility of the obtained results. Summary is drawn in part VI.

II. PROBLEM STATEMENT
In this part, the couple-group secure consensus of the following HMASs (1) and (2) will be discussed.
In order to investigate the couple-group secure consensus of HMASs (1) and (2), we first give the definition of malicious attack as following formula (3).
x aq (κ) = F a (x aq (κ)), a ∈ υ a , q ∈ a (3) x aq (k) denotes the false information of state which is sent from node a to node q. v a represents the attack node set, a represents the neighbor set of node a, F a is an arbitrary function.
On the other hand, attacks are stochastic, so we can suppose the attack obeys the following probability distribution as formula (4).
From equation (4), we know that if F a (k) = 1, then node a is an attack node. If F a (k) = 0, then the node q cannot send false information to its neighbors.

III. PRELIMINARIES
In this part, graph theory, some definitions and lemmas will be introduced. They will be used in later discussion.

A. GRAPH THEORY
A directed graph G = (V , E, A) with n nodes can be applied to denote the communication network of HMASs (1) and (2). Let V = {ν 1 , ν 2 , ν 3 , . . . , ν n } represent the vertex set and ν i denotes the ith agent. Let E ⊆ V × V represent the edge set. A = (σ pq ) ∈ R N ×N is the weighted adjacent matrix. σ pq ̸ = 0 if and only if (ν q , ν p ) ∈ E. If σ pq > 0, then v q and v p is cooperative; If σ pq < 0, then v q and v p is competitive. There is no self-loop and parallel line in G. L = D−A is the Laplacian matrix of G. D is the degree matrix and it is a diagonal matrix. The diagonal elements of D are defined as d p = q∈ p σ pq . p is the neighbor set of vertex v p in V .

B. DEFINITIONS AND LEMMAS
In this part, several basic definitions and lemmas will be presented. Definition 1 (F-Local Model [30]): The multi-agent systems is called F-local model, if there are at most F attacks to each agent p in its neighbors.
Commonly, the state values of agents should belong to a safe interval. In definition 2, the following maximum and minimum functions can be used to describe the lower and upper limitation of the safe interval.
Definition 2: For normal agents, the maximum and minimum values of the states are defined as follows: υ is a set which is composed of normal agents. Obviously, χ(0) and χ(0) are the maximum and minimum values of initial states. Definition 3: The couple-group secure consensus of HMASs (1) and (2) can be realized if the following two conditions (a) and (b) are satisfied: where denote ''and,'' υ = ζ 1 ∪ ζ 2 and ζ 1 ∩ ζ 2 = , is the empty set. Lemma 1 [31]: Let Z = [ z 1 , z 2 , . . . , z n ], z p ∈ R and L ∈ R n×n is a Laplacian matrix of directed graph G. Then, the following four conditions are equivalent.
(a) All of the eigenvalues of L have positive real parts except a simple zero eigenvalue; (b) Lz = 0 implies that z 1 = z 2 = · · · = z n ; (c) The couple-group consensus can be reached asymptotically if the systemż = −Lz is stable at origin; (d) The directed graph G possesses a directed spanning tree.
In part IV-A and IV-B, some sufficient conditions of couple-group secure consensus and an improved secure consensus algorithm will be introduced for HMASs (1) and (2), respectively.

IV. THE COUPLE-GROUP SECURE OF HMASs (1) AND (2)
In this part, the couple-group of a kind of HMASs (1) and (2) will be discussed.
A. SOME SUFFICIENT CONDITIONS FOR THE COUPLE-GROUP SECURE CONSENSUS OF HMASs (1) AND (2) Based on cooperative-competitive relation, time delay and literature [13], [31], [32], a new couple-group secure consensus protocol of HMASs (1) and (2) is devised as formula (8) and (9). and where sgn(∂) is a sign function, it is defined as follows.
In equation (8) and (9), ω p (k) is the self-adaptive controller of agent p. τ pq is the communication time delay between agent p and q. t p is the input time delay of agent p. The agents of Dp are the neighbors of agent p, they locate in different group and any two of them are competitive. The agents of Sp are the neighbors of p, they locate in same group and any two of them are cooperative. ℓ 1 , ℓ 2 , γ , ℏ 1 and ℏ 2 are the weighted parameters. ℓ 1 , ℓ 2 , γ , γ + ℏ 1 and ℓ 2 + ℏ 2 are all positive numbers.
The adjacency matrix A of HMASs (1) and (2) can be written as following form (11).
λ 22 denotes the adjacency matrix of the second-order agent. λ 11 denotes the adjacency matrix of the first-order agents. λ 21 is the adjacency matrix between the second-order and the first-order and the second-order agents. Hence, the Laplacian matrix L of HMASs (1) and (2) can be written as following form (12).
In the Laplacian matrix L, L 22 = D 22 − λ 22 and L 11 = D 11 − λ 11 indicate the corresponding Laplacian matrices of the second-order and first-order agents, respectively, Remark: In secure consensus protocol (8) and (9), time delays, cooperative-competitive relation and heterogeneous are all considered, which make our model more related to real situations. Self-adaptive controller is also introduced to make the controller be more flexible.
Theorem 1: If the input delay and the weights ι p , d p and d ′ p satisfy the following inequalities then the couple-group consensus of the HMASs (1) and (2) can be realized. Here, d p = q∈ p σ pq , p ∈ υ 2 and Proof: Substituting consensus protocols (8) and (9) to HMASs (1) and (2), and using Z transforms, we have According to equation (15), we have Similarly, equation (16) can also be rewritten as following form (18).
According to equation (20), we also have Similarly, combining with equation (14) and (18), we have Based on equation (22), one has From (21) and (23), we have the following form (24), as shown at the bottom of the next page, for HMASs (1) and (2). In order to describe the matrix form for equation (24), we define and On basis of equation (25), we have the following form (26): then the equation (26) can be rewritten as formula (27).
and (28), as show at the bottom of the next page. Therefore, the characteristic equation of system (28) can be written as Since zero is the unique simple eigenvalue of ⌢ L, then Z = 1 is the unique simple root of equation (28).
Let Z = e jϖ (∀ϖ ∈ R), on basis of the generalized Nyquist criterion, (−1, j0) is not located in the internal area of the Nyquist curve of G(e jϖ ) if and only if the roots of formula (29) are lied inside the unit circle in the complex plane, then the couple-group consensus of HMASs (1) and (2) can be realized.
By applying Gerschgorin disc theorem, we have When p ∈ v 2 , In this situation, the center of the disk (31) can be represented as follows.
Let ϖ p1 be the first intersection point of D p (e jϖ p1 ) on the real axis. According to equation (32), we have VOLUME 11, 2023 If the point (−r, j0), (r ≥ 1) is not contained in the disc area, we have Applying Euler formula to (34), we have (35), as shown at the bottom of the next page. After some calculations, the inequality (35) can be rewritten as inequality (36).
If r ≥ 1, then the following two inequalities can be true.
Similarly, let ϖ p2 be the first intersection point of D p (e jϖ ) on the real axis. On basis of equation (44), we have Applying Euler formula to (46), after some calculations, we have If r ≥ 1, then we have the following inequalities (48) and (49).
Remark: From Theorem 1, the upper limitation of input delay can be computed if the parameters of system are given and they satisfy the sufficient condition in Theorem 1. In addition, based on the obtained result, the topology of HMASs is no more needed to contain a spanning tree or meet with the balance of in or out degree, which has extended the existing results [13], [15], [17].
From equation (59) and (61), the states of second-order and first-order agents can be updated which are only related to the states of their neighbors. Moreover, according to Definition 1, there are at most F attack nodes among neighbors, and the states of attack nodes are usually not kept in the safe interval. On the other hand, because the state values of attack nodes are not kept in the safe interval, they will be removed by using secure consensus algorithm. Hence, attack node states will not influence the state values of normal agents. Since the sum of each row in matrix [ ζ 1 , ζ 2 ] and I − T (ℓ 2 + ℏ 2 )L 1 (θ ) is 1, and the state F judgement (σ pq ) = σ pq , |σ pq | > 0 and X p, is the convex combination of initial state, then state is also kept in the safe interval [χ(0), Hence, we have χ (k) ≤ max(χ(θ − 1), χ(θ − 2)). Similarly, we define M (θ) = max(χ (θ), χ(θ − 1)) and m(k) = min(χ(θ), χ(θ − 1)), then we have Based on (63) and (64), it is not difficult for us to find that M (k) is non-increasing and the m(k) is non-decreasing. Therefore, we have X p (k) ∈ [χ(0), χ(0)] for each p ∈ v.This is to say, for any p, the state value can be kept in the safe interval.
Remark: According to Theorem 2, the current state of normal node can be determined by the states of its neighbors and its own previous state. In other words, the current state of normal agent is the linear combination of its neighbors and its own previous state. In this case, the current state of normal agent can be kept in safe interval only if the states of its neighbors and its previous state can be kept in safe interval.
Remark: Based on Theorem 1 and Theorem 2, the couple-group consensus and security of HMASs (4) and (5) can be realized if the sufficient conditions are satisfied. Based on Theorem 1 and Theorem 2, we can easily gain the following Corollary 1.
Corollary 1: If the sampling period T , control parameter (γ + ℏ 1 ) and the input time delay l p satisfy the following inequalities (65) and (66).
then the couple-group secure consensus of HMASs (1) and (2) can be realized. The result is obviously from Theorem 1 and Theorem 2, and the proof is omitted.

B. SECURE CONSENSUS AND DETECTION ALGORITHM
In this subsection, a novel secure consensus and T-test algorithms will be proposed to determine the attack nodes.

1) SECURE CONSENSUS ALGORITHM
Based on Theorem 1, Theorem 2 and the original secure consensus algorithm [28], a novel secure consensus algorithm will be given for HMASs (1) and (2). Different from the original secure consensus algorithm, a judgement function is added to select the security nodes. The improved algorithm is composed of three mainly steps as follows.
Step 1: At time k, on basis of the state values of neighbors, the neighbors of normal agent i can be sorted in descending form (67).
Step 2: If there are at most F values larger than χ (k), then the largest F values are needed to be erased. If there are no more than F values larger than χ(k), then all these values are needed to be erased. Similarly, if there are at most F values smaller than χ(k), then the F smallest values are demanded to be erased. If there are less than F values smaller than χ(k), then all these values are needed to be erased too.
Step 3: In order to reduce the number of manipulations of original secure consensus algorithm, we introduce a judgement function as follows.
Furthermore, in step 3, the serial number of removed values is recorded in a set. When the agent is logged by x times, the communication between the node and its neighbors will be cut off. In order to avoid the states of the node which is affected by other agents, the state of the removed agent will continue to be recorded. If the state of this node is not kept in the security interval, this agent is regarded as an attacker, and the state of this node is no longer recorded. Otherwise, the communication between this node and its neighbors will be restored. Remark: From Theorem 2, it can be easily found that the states of the node will be affected by its neighbors. In order to avoid mistaking the normal node as an attack node, the state value of normal node can keep recording until the its communication with other nodes is completely cut off.

2) T-TEST DETECTION
In this part, T-test detection will be used to determine that the number x belongs to the safe interval or not. Based on above analysis, the right side of T-test will be selected to complete the detection. Firstly, some definitions and steps will be described.
Definition 4 (Arithmetic Average): If there are N numbers t 1 , t 2 , . . . , t N , then the arithmetic average of the N numbers is given as follows.  Next, the mainly five steps of T-test will be given as follows.
Step 1. According to the actual situations, the original hypothesis H 0 and alternative hypothesis H 1 will be proposed.
Step 2. Based on the characteristics of the hypothesis, the appropriate statistics of T-test will be selected.
Step 3. According to the sampling values, the statistic values will be determined.
Step 4. On account of the significance level and given statistic distribution, the corresponding critical value will be computed out.
Step 5. According to the corresponding critical value, the original hypothesis will be determined.

V. SIMULATIONS EXAMPLES
In this part, several simulation examples will be provided to address the validity of obtained results and T-test detection algorithm.
A. EXAMPLE 1 In Fig.1, there are six agents in HMASs (1) and (2). Nodes 1, 2 and 3 are second-order agents. Nodes 4, 5 and 6 are firstorder agents. All the agents are classified into two groups C 1 and C 2 . Nodes 1,4 and 5 belong to C 1 and they are cooperative. Similarly, nodes 2, 3 and 6 belong to C 2 and they are cooperative too. However, any agents in C 1 are competitive with any agents in C 2 . The adjacency matrix A of Fig.1 is written as follows.
If σ pq ̸ = 0, then the agent p can receive the information from agent q. If σ pq > 0, then agent p and q is cooperative; If σ pq < 0, then agent p and q is cooperative.

C. EXAMPLE 3
In Fig.4, there are eight agents in HMASs (1) and (2). Nodes 1, 2 and 3 are second-order agents. Nodes 5, 6 and 7 are first-order agents. Nodes 4 and 8 are attack nodes. All the agents are classified into two groups C 1 and C 2 . Nodes 1, 5, 4 and 6 belong to C 1 , they are cooperative. Similarly, nodes 2, 3, 7 and 8 belong to C 2 , they are cooperative too. However, any agent in C 1 is competitive with any agent in C 2 . The  (1) and (2) with topology as Fig. 1 under different T and γ . adjacency matrix A of Fig. 4 is written as follows.
Therefore, the related parameters satisfy with the condition of Theorem 2. Based on Theorem 1, the superior limitation of input time delay is 0.16. The communication time delay is t pq = 0.01 and the input time delay of eight agents are given as t 1 = 0.01, t 2 = 0.041, t 3 = 0.02, t 4 = 0.02, t 5 = 0.043, t 6 = 0.032t 7 = 0.02 and t 8 = 0.02. Hence, all the input time delays are less than the superior limitation. By applying the improved secure consensus algorithm, the judgement function can be used to determine which node is attack node or not. If it is an attack node, then the communication between the attack node and its neighbors will be cut off. In this situation, the adjacency matrix A will be adjusted as this method: For each node p, p ∈ v attack , then σ pq = 0, q ∈ p and a new adjacency matrix A ′ can be obtained as follows.  (1) and (2) has been achieved on basis of the improved secure consensus algorithm. On the other hand, Fig. 5 (ii) indicates that the couple-group secure consensus of HMASs (1) and (2) cannot be reached without using improved secure consensus algorithm. D. EXAMPLE 4 In this example, some experiments will be done for HMASs (1) and (2) first. The numbers of the normal nodes which are not kept in the safe interval have been listed in Table 1.
Next, T-test will be used to detect the nodes to be normal or not. Based on the data in Table 1, it can be assumed that the state value of the agent exceeds the safe interval which is less than 40 times. Therefore, we establish the original and alternative hypothesis as follows.
Based on table 1 and equation (69) Based on the rule of T-test, we accept H 0 . Therefore, if the times of normal node is less than 40, then the agent can keep in the safe interval. Otherwise, if the times of a node is more than or equal 40, then it cannot keep in the security interval and it will be regarded as an attack node.

VI. CONCLUSION
From above analysis, the couple-group secure consensus of HMASs with time delays and competitive-cooperative relation has been discussed if it receives malicious attacks. By using graph theory, stability and complex frequency domain method, several sufficient conditions have been given for the couple-group secure consensus of this system. Moreover, an improved secure consensus algorithm has also been proposed to determine that the node is an attack or not. Some examples have been represented to address the effectiveness of the obtained results. In future, we will study the secure consensus of HMASs with switching topology or disturbance noises.

DECLARATION OF INTEREST STATEMENT
The authors declare that they have no conflicts of interest. VOLUME