Secure Control of Networked Inverted Pendulum Visual Servo System With Adverse Effects of Image Computation

When visual image information is transmitted via communication networks, it easily suffers from image attacks, leading to system performance degradation or even crashes. This brief investigates the secure control of a networked inverted pendulum visual servo system (NIPVSS) with adverse effects of image computation. First, the image security limitation of the traditional NIPVSS is revealed, where its stability will be destroyed by eavesdropping-based image attacks. Then, a new NIPVSS with the fast scaled-selective image encryption (F2SIE) algorithm is proposed, which not only meets real-time requirement by reducing computational complexity, but also improve security by reducing the probability of valuable information being compromised by eavesdropping-based image attacks. Second, adverse effects of the F2SIE algorithm and image attacks are analyzed, which will produce extra computational delay and errors. Then, a closed-loop uncertain time-delay model of new NIPVSS is established, and a robust controller is designed to guarantee system asymptotic stability. Finally, the experimental results of the new NIPVSS demonstrate the feasibility and effectiveness of the proposed method.


I. INTRODUCTION
Networked visual servo control [1] has been a class of new control system technology along with rapid development of visual sensors (e.g., camera [2] and radar [3]) and communication network.It has been gradually employed in some innovative scenarios such as autonomous vehicles, mobile robots, unmanned helicopter and intelligent manufacturing.However, it also brings some new problems (e.g., long image processing time, non-ignorable image computational error and potential image attacks), which will lead to system performance degradation or even crash.To solve these new problems, some new control methods and technologies of networked visual servo control needs to be developed, which also needs further be validated on proper experimental platforms.The traditional inverted pendulum system [4], [5] is a typical experimental platform, but it cannot directly work for validation.It must be reformed, which is reconstructed as networked inverted pendulum visual servo system (NIPVSS) [6], [7].
Communication networks are introduced into NIPVSS, where the system becomes open to the public.It will inevitably suffer from cyber attacks [8] such as false data injection attacks and denial-of-service attacks, which causes the system to be deteriorate or crash.The current research mainly focuses on non-visual information under cyber attacks.However, when visual image information is transmitted via communication networks, it suffers from eavesdropping-based image attacks such as salt and pepper attack, shearing attack, Gaussian attack.These images attacks tamper with the information after eavesdropping the images, which will further make the receiver be unable to obtain the correct and integral image information, leading to system performance degradation and even instability.Thus, how to guarantee the image security during network transmission is a critical issue.To achieve the image security, the most popular method is chaotic image encryption.For example, an image encryption method is proposed by combining dynamic DNA sequence encryption and hyper-chaotic maps [9]; A colour image encryption algorithm with higher security based on the chaotic system is proposed to ensure safe transmission of image information [10].These chaotic image encryption methods are mainly employed to encrypt non-real-time images, which do not consider real-time requirements in industrial control applications.
Image attacks will bring extra computational errors, while the image encryption methods will produce extra computational delay, further declining system performance.However, the most existing NIPVSS do not consider the image attacks and not consider computational delay or errors either [11].But there exists several studies that begin to consider the impact of errors on the inverted pendulum system (IPS).For example, the influence of pendulum angle errors on the IPS is considered [12]   the errors are taken as an energy finite disturbance and H ∞ controller is designed to suppress this disturbance [7].Besides the error problems, the delay related to the networked control system has been reported.For instance, a new controller based on sliding mode estimation is designed to handle the time delay system with different input matrices [13]; Based on a new event triggering mechanism, T-S fuzzy event triggering control is employed to support the distributed delay system [14]; Stabilization of time-delay systems under delay-dependent impulse control is studied [15].Furthermore, the image attacks (e.g., shearing attacks) are operated for the most existing NIPVSS, experimental results of Fig. 1 shows that traditional NIPVSS runs for a short time and then collapses.This is because some areas of images are cut off intentionally so that accurate system state cannot be obtained.Therefore, based on these observations, we have analysed two challenge problems that need to be addressed: 1) What is the image security limitation of the traditional NIPVSS?How to establish a new NIPVSS with image encryption to not only meet the real-time requirement but also guarantee image security?2) What are adverse effects of image information security?How to build a closed-loop model under the adverse effects and design a robust controller with strong system stability to tolerate computational errors and delays?To deal with these challenges, this paper investigates secure control of NIPVSS with adverse effects of image computation.Comparative analysis between contributions of this paper and those of existing image encryption and control methods is shown in Tab.I. Some existing advanced image encryption algorithms mainly solve security problems of still images but usually have high computational complexity, and some other existing references on NIPVSS mainly provide controller design methods and stability criteria under network and image processing computation constraints but cannot consider image attacks.In this paper, we have revealed image security limitation of traditional NIPVSS, proposed a fast image encryption algorithm to meet real-time requirement, established a new model including extra computational delay and errors produced by image encryption and image attacks, and designed a new robust controller to guarantee system stability.The main contributions of this paper include: 1) The image security limitation of traditional NIPVSS is revealed, where its stability will be destroyed by eavesdroppingbased image attacks.To overcome the limitation, a new NIPVSS with a fast scale-selective image encryption (F2SIE) algorithm is proposed, which not only meets real-time requirement by reducing computational complexity, but also improves security of new NIPVSS by reducing probability of valuable information being compromised by eavesdroppingbased image attacks.2) Adverse effects of the F2SIE algorithm and image attacks are analysed, which will produce extra computational delay and extra computational errors.A closed-loop uncertain time-delay model of the new NIPVSS is then established, and a robust controller is designed to guarantee system asymptotic stability.The remainder of this paper is organized as follows.In Section II, the image security limitation of traditional NIPVSS is firstly analysed, and new NIPVSS with an F2SIE algorithm is then proposed.In Section III, adverse effects caused by F2SIE algorithm and image attacks are analysed and thus a new closed-loop NIPVSS model is established.Furthermore, the control design of new NIPVSS with F2SIE algorithm is presented .Section IV presents experimental results.Conclusions and future work are given in Section V.

II. THE TRADITIONAL AND NEW NIPVSS A. Image Security Limitation of the Traditional NIPVSS
The structure of traditional NIPVSS [7] is shown in Fig. 2, where real-time moving images of IPS captured by industrial cameras based on an event-triggered sampling strategy are sent to image processing unit to extract system state, and the acquired system state is sent to remote controller for calculating control input.Finally, the corresponding control input is sent to actuator for achieving stable control of IPS.[13]- [15] This paper 1 Image attack and image encryption. 2 Real-time requirement for image encryption. 3Computational delay from image processing. 4Computational error from image processing. 5Network-induced delay from network transmission. 6Extra computational delay from image encryption. 7Extra computational error from image attack.

Controller
Camera IPS

Trigger
Image processing ( ) In view of both communication and computational constraints in Fig. 2, an H ∞ controller u c (t) = Kx(t) is designed to achieve system stability in [7] where K is feedback gain.The closed-loop model of traditional NIPVSS is where In the above traditional NIPVSS, images may be attacked in an open network, which will lead to system performance degradation or even crash (see an example of Fig. 1).

B. The New NIPVSS with an F2SIE algorithm
To cope with the above problem of image attacks, a fast scaled-selective image encryption (F2SIE) algorithm will be proposed, which can ensure image security while meet real-time requirement.The structure of new NIPVSS with F2SIE algorithm is shown in Fig. 3.The difference between Figs. 2 and 3 lies on that the image is encrypted at the local end and the corresponding image via network transmission is decrypted at the remote end so as to guarantee image security.After decryption, the system state are obtained and then sent to controller.Furthermore, the control input is calculated in terms of system state, which is finally transmitted to actuator via network and to make IPS run stably.
The idea of F2SIE algorithm is that image is scaled and the scaled image is then encrypted by replacement and diffusion.The encryption steps are as follows: 1) Image scaling and selection: To reduce image transmission and encryption time, a bilinear difference method is employed to scale original image of IPS (e.g., 40%), maintaining continuity of the generated pixel value to ensure image smooth.
To further reduce amount of image data, Hough transform is used to determine position of pendulum and the width is set as 100 pixels to cover cart and pendulum.The final selected area is shown in Fig. 4. 2) Generation of initial values: After image scaling and selection, next task is to encrypt key areas, Bülban mapping is used to generate random numbers as follows where a and b are artificially selected parameters, respectively.The chaotic system (2) is a one-dimensional chaotic system, which can effectively reduce generation time in comparison with complex chaotic systems.Fig. 5 shows Bifurcation and Lyapunov indexes analysis of Bülban mapping when a = 0.5 and b = 2, where it can be seen that system has a large chaotic range with few or no non-chaotic window.The size of the encrypted area is P , where represent rows and columns of the encrypted area respectively.Bülban mapping operates 500 times with initial value y 0 to ensure its chaos.3) Replacement algorithm: After chaotic system parameters is set, they can be used to generate random numbers for replacement and diffusion.Bülban mapping is used to generate two real number sequences P R = {P R i } and Then, real number sequences P R and P C are converted into unsigned integer number sequences P R un corresponds to each row in P , and the pixel values of each row in P are cyclically shifted according to P R un so that P becomes P sr , i.e.,   Similarly, P C un corresponds to each column in P sr , and the pixel values of each row in P sr are cyclically shifted based on P C un so that P sr becomes P sc , i.e., An example is shown in Fig. 6. 4) Diffusion algorithm: After replacement, it is necessary to change pixel value to improve encryption.Bülban mapping is used to generate real sequence Then, K is converted into unsigned integer number sequence To improve security of encryption algorithm, the ciphertext feedback mechanism is integrated into diffusion stage, which is shown in Fig. 7, while the bidirectional ciphertext feedback mode is employed to avoid feedback effect of the first or the last pixel from one-way feedback mechanism.P sc with positive feedback is denoted as P po = {P po ij }, and P po with negative feedback is denoted as P ne = {P ne ij }.P po and P ne can be described by The whole image encryption process is summarized in Algorithm 1, while the decryption process is a reverse process of the encryption so it is omitted.
The new NIPVSS with F2SIE algorithm has been proposed, which not only improves security of new NIPVSS by reducing probability of valuable information being compromised by eavesdropping-based image attacks, but also meets real-time requirement by reducing computational complexity.Therefore, the challenge 1 is solved.Generate two real chaotic sequences P R un and P C un using ( 3) and ( 4); 5: Generate real chaotic sequences K un using (7); 6: Cyclic shift these pixels in row i of C 1 to right with step size P R sr ij using (5); 8: end for 9: Denote the row shift results as C 2 ; 10: Cyclic shift these pixels in column i of C 2 to down with step size P C sc i using (6); 12: end for 13: Denote the column shift results as C 3 ; 14: Positive feedback diffusion using (8); 15: Reverse feedback diffusion using (9); 16: Denote the diffuse results as C; 17: Update the cycle count r ← r + 1; 18: end while Remark 1: The F2SIE algorithm is used to improve security of new NIPVSS against eavesdropping-based image attacks.Take shearing attack as an example.When F2SIE algorithm is not used, shearing attacks can shear valuable information (e.g., a part of the pendulum) from the eavesdropped unencrypted image with probability 1, so that pendulum angle cannot be obtained and NIPVSS will lose its stability.When there exists F2SIE algorithm, valuable information is uniformly distributed in image [16] (see an example in Fig. 8).For simplicity, consider a case where image is with N i ∈ Z + pixels and the sheared area is with N s ∈ Z + pixels.In this case, the probability that the sheared area of the eavesdropped encrypted image contains all valuable information (e.g., a part of pendulum) is 1/C Ns Ni due to uniformly distributed characteristics of the encrypted image, where C is combination number.Even if N i is small (e.g., N i = 100), when shearing rate is small (e.g., 4% that is N s = 0.04 × N i = 4), the probability 1/C Ns Ni is very small (1/C Ns Ni = 2.6034 × 10 −7 ).Therefore, the decrypted image under shearing attacks with small shearing rates will have small error with the unencrypted image.It has been verified in real-world experiments of Section IV that cart position and pendulum angle can be obtained with small errors under eavesdropping-based image attacks and the proposed controller hereinafter can be used to stabilize new NIPVSS.
Remark 2: Compared with existing advanced image encryption methods (e.g., [17], [18]) with high computational complexity, F2SIE algorithm is with low computational complexity.Specifically, for encryption of an iterations of floating point numbers multiplication, while [17] and [18] need O(3M N ) and O(2M N ) iterations.Moreover, in real-world experiments, it is verified that for encryption and decryption of an 100 × 480 image, F2SIE algorithm consumes 0.014s, while [17] and [18] consume 0.021s and 0.019s.Therefore, existing advanced image encryption methods in [17], [18] cannot meet real-time requirement of new NIPVSS (i.e., they cannot work in new NIPVSS), but F2SIE algorithm can meet high real-time requirement of new NIPVSS.Remark 3: In real-world industrial applications, the (private or public) key used for encryption and decryption can be fixed [19] or random [20], however random key is more difficult to be decrypted and thus provides better security than fixed key.Furthermore, the usage of random private key in F2SIE algorithm requires that encryption and decryption device keep synchronization, which can be implemented by key synchronization algorithm [21].The detailed process of key synchronization algorithm is as follows: The key used in F2SIE algorithm is firstly from chaotic sequences.Then, when initial value and parameters in (2) are the same, encryption and decryption device can generate two identical chaotic sequences.Next, according to the agreed choosing order (e.g., choosing from the 100-th number in chaotic sequence), encryption and decryption device can keep same key from the same chaotic sequences.Therefore, the synchronization of random ley can be guaranteed.
Remark 4: When images are severely compromised by image attacks (e.g., shearing attacks with big shearing rates) in new NIPVSS, some new techniques such as authentication [22] and signature [23] need to be adopted to prevent from information leakage.In the worst case after the above techniques are invalid, attack detection and data compensation [24] can be used to improve system security.

III. ADVERSE EFFECTS ANALYSIS AND ROBUST CONTROLLER DESIGN A. Adverse Effects of F2SIE Algorithm and Image Attacks
The above has designed a new NIPVSS with F2SIE algorithm to guarantee image security.However, this will bring some adverse effects, i.e., extra computational times from F2SI2 algorithm and extra computational errors from image attacks.It will degrade system performance or even drive system collapse.E.g., Fig. 9 shows experimental results of new NIPVSS with F2SIE algorithm under the H ∞ controller in [7], where new NIPVSS is unstable after the images have been encrypted and decrypted.Hence, these adverse effects must be analysed.
1) Extra Computational Times from F2SIE Algorithm: There already exist [7].After F2SIE algorithm is introduced, its consumed time cannot be ignored, which cause system unstable as shown in Fig. 9. Therefore, two extra computational times (i.e., image encryption time η en k and image decryption time η de k ) are to be analysed as follows.Due to introduction of encryption and decryption, NIPVSS will inevitably consume computational time.To determine encryption and decryption time, 2000 images are encrypted and decrypted respectively.According to Fig. 10, the upper and lower bounds of image encryption and decryption are η en k ∈ [η en , ηen ], η en = 0.004s, ηen = 0.007s (10) From the above experimental statistical results, their upper and lower bounds are    attack and salt and pepper attack is almost zero, and only 0.001s with increase of attack intensity; ∆η k of Gaussian attack is generally 0.001s.Therefore, ∆η k is treated as a constant, i.e., ∆η k = ∆η = 0.001s.Although injection time of these attacks is short, it must be considered when designing a robust controller.
2) Extra Computational Errors from Image Attacks: The F2SIE algorithm brings extra computational delay, but does not cause extra computational errors.This is because encryption process is completely opposite to decryption process so that image can be decrypted with zero errors.However, it has been analysed in [7] that environmental noise will cause computational errors.Moreover, attacks on the encrypted images will produce extra computational errors.These computational errors will destroy system stability, which is well illustrated in Fig. 1.
The computational errors from environmental noise and image attacks need be converted into form of parameter uncertainty, where conversion process is as follows.The computational errors are treated as disturbance [7], H ∞ disturbance attenuation level γ is employed to evaluate computational errors.However, to analyze how much computational errors system can tolerate, it is modeled as model uncertainty where ∆ 1 , ∆ 2 are parameter uncertainty of cart position and pendulum angle caused by environmental & background noise; B w ω(t) = [err 1 ; err 2 ; err 3 ; err 4 ], err i (i = 1, 2, 3, 4) are relative error of states.Since cart fluctuates at equilibrium point, cart velocity and angular velocity change rapidly.So, uncertainty of cart and angular velocity are not considered.According to (12), it follows that Next, relative error of each state is shown in Fig. 11, and range of ∆ 1 and The above analysis does not take into account uncertainties caused by cyber attacks, they can be regarded as extra uncertainties ∆ 1,a and ∆ 2,a , and added into ∆ 1 and ∆ 2 respectively.The final conversion result is where ,a | .Remark 7: When no attack, both ∆ 1,a and ∆ 2,a are zero.When the encrypted images are attacked, ∆ 1,a and ∆ 2,a from image attacks are added into ∆ 1 and ∆ 2 from environmental noise, leading to system performance decrease or even crash.1

B. Closed-Loop Uncertain Model of New NIPVSS
The adverse effects (i.e., extra computational times and extra computational errors) from F2SIE algorithm and image attacks in new NIPVSS have been analysed.Next, to design a new robust controller u c (t) = Kx(t), the closed-loop model of new NIPVSS with F2SIE algorithm under image attacks need to be established.The detailed modelling process is as follows.
The whole signal transmission process is shown in Fig. 12, which is divided into the following 9 steps: S1: The real-time images of IPS are captured at instants {t k−1 , t k , t k+1 , • • •} based on event-triggered mechanism.S2: For each captured image (e.g., at sampling instant t k ), it will takes encryption time before network transmission.Hence, the captured image is encrypted at instant t k + η en k .S3: The encrypted image is sent to remote image processing unit, which will consume time τ sc k .Hence, the encrypted image is received at instant t k + η en k + τ sc k .S4: It takes time η de k to decrypt after the encrypted image is received in remote image processing unit, so image decryption is finished at instant t k + η en k + τ sc k + η de k .S5: After image is decrypted, it takes time d k to calculate state x(t), so The event-triggered mechanism is employed in controller, it will receive x(t) at the same instant, i.e., The output signal of controller is expressed as The control signal arrive at actuator by τ ca k , i.e., ũ(t) = Kx(t k ) The actuator receives control signal and saves it in zero order holder and acts on plant till next control signal arrives at instant t k+1 + η en k+1 + τ sc k+1 + η de k+1 + d k+1 + τ ca k+1 .It means that effective time of control signal is According to the above analysis and considering image attacks which consume extra time ∆η k , the control signal is The relationship between sampling time t k and delay λ(t) and τ (t) can be re-written as where λ ⩽ λ(t) < λ and 0 ⩽ τ (t) < τ are both time-varying delays with upper and lower bounds, and Considering the above ( 16) and parameter uncertainty in (14), finally a new closed-loop NIPVSS model with parameter uncertainty and multiple time-varying delays can be established as where τ (t) ∈ [0, τ ] is network-induced delay and τ = τ ca ; λ(t) ∈ [λ, λ] is the new image-induced delay, λ = η en + ∆η + τ sc + η de + d and λ = 2η en + 2∆η + τ sc + ηde + d.Remark 8: The problem of network communication and image processing has been well handled in [7], but problem of image attacks is not involved.The image attacks can degrade system performance or even cause system crash.To cope with image attacks, new F2SIE algorithm has been designed in the above.However, F2SIE algorithm brings some new problems that the controller in [7] with F2SIE algorithm cannot keep system stable as shown in experimental results of Fig. 9.To solve these problems, a new closed-loop uncertain time-delay model (17) has been established, including that 1) extra computational delays in λ(t) caused by F2SIE algorithm running time η en k , η de k and image attacks injection time ∆η k are considered in (17), 2) extra computational errors caused by image attacks are considered, and the whole computational errors caused by environment noise and image attacks are treated as parameter uncertainty DF (t)E in (17).In comparison with time-delay model (1) in [7], the controller in [7] is invalid and a new robust controller must be designed for new model (17).

C. Robust Controller Design
As a typical networked visual servo control application scenario, new NIPVSS with F2SIE algorithm under image attacks has been established as the above closed-loop model (17), which is regarded as an uncertain time-delay system.For this system, it can be handled based on the idea of robust networked control [7], [25], [26], and a new robust controller is designed in the following Theorem 1.
Proof: First, we present the following lemmas, which forms foundation for deriving major Theorem.

and vector function
such that the following integration is well defined, then where Next, we will prove Theorem 1.An Lyapunov-Krasovskii functional is defined as where Taking derivative of V (x (t)) with respect to t and using Lemmas 1 and 2 lead to where ξ T (t) = x T (t) x T (t − λ) x T (t − λ (t)) 11) is asymptotically stable.Furthermore, we can get where Ψ 1,1 is replaced by Using Schur supplement, it can get where (24), and pre-and post-multiplying ( 24 we can convert most nonlinear variables into linear variables.Since (θX − R) R −1 (θX − R) > 0, where R = R T is a real symmetric matrix and X is an appropriate dimensions matrix, it follows that 4) .It completes the proof.
Remark 9: Adverse effects of F2SIE algorithm and image attacks have been analysed, which will produce extra computational delay and extra computational errors.According to these adverse effects, a new closed-loop uncertain time-delay model (17) of new NIPVSS is established.For (17), an error-as-parameter-uncertainty robust controller is designed by Theorem 1, which can achieve system asymptotic stability.Specially, unlike [7], new robust controller can handle the following two cases: 1) When uncertainty ranges of cart position and pendulum angle under image attacks are within 0.4 + ∆ M 1,a , 0.82 + ∆ M 2,a , the controller is robust to parameter uncertainty from computational errors, i.e., system remains stability; 2) When τ (t), λ(t) are within [0, τ ], [λ, λ], the controller is robust to these two delays partly from image encryption and decryption, i.e., system is still stable.Therefore, the challenge 2 is solved.

IV. EXPERIMENTAL RESULTS AND DISCUSSION
To verify the proposed F2SIE algorithm and robust controller, real-time control experiments are carried out, where new NIPVSS platform based on [29] is shown in Fig. 13.

A. Performance of F2SIE Algorithm
The performance of F2SIE algorithm will be analysed by six aspects and the analysis results are summarized in Tab.III.The real-time performance of encryption is firstly analysed, because only when real-time performance is satisfied, system can run stably.
1) Algorithm Running Time: Real-time performance is one of key factors for stable operation of NIPVSS, where image scaling and selection in F2SIE algorithm can reduce amount of image data.Moreover, F2SIE algorithm reduces encryption time by generating row-column-level random numbers for encryption.The second row of Tab.III shows running time of different algorithms, where it can be seen that F2SIE algorithm meets real-time requirement in comparison with [30].
2) Histogram.:The histogram of an image is a function of intensity, which describes number or frequency of pixels in image.The more the effectiveness of encryption is, the smoother the gray level histogram of image is.The histograms of original image and the encrypted image are shown in Fig. 8.It can be seen that histogram of the encrypted area has a fairly uniform distribution obviously.
3) Image sensitivity.: Usually, attackers will observe changes of the encrypted image according to a small point in image.For example, attackers discover relationship between normal image and the encrypted image by changing one pixel.This attack is called as differential attack.This attack can be avoided when the encrypted system is sensitive enough to modification of image.The sensitivity can be measured by two evaluation indicators [31], i.e., rate of change of NPCR and rate of change of the average intensity UACI.The third row of Tab.III shows comparison results and the proposed image encryption scheme can easily resist differential attacks.
4) Correlation.:We compare relevant features of plain text image with its cipher text image.Generally, plain text image has a strong correlation between adjacent pixels in horizontal, vertical and diagonal directions, but there should be no correlation between adjacent pixels in an encrypted image.To measure correlation of image, 2000 pairs of adjacent pixels are randomly selected, and correlation coefficients of these pairs are calculated.It can be seen from Fig. 14 that adjacent pixels of original image are highly correlated in horizontal, vertical and diagonal directions, while the encrypted image is distributed with little correlation.Furthermore, different correlation coefficients of the encrypted image are shown in the fourth row of Tab.III, which show that correlation coefficients of horizontal, vertical and diagonal are all close to 0, indicating that security of image is improved.
5) Information entropy.: Information entropy H reflects uncertainty of image.It is generally believed that the greater the entropy, the greater the amount of information and the less visible information.The fifth row of Tab.III shows results of information entropy and comparison with other encryption schemes.The result shows that the proposed encryption scheme has similar values.
6) Image Robustness: It is a common phenomenon that image is often subject to shearing, salt and pepper or Gaussian attacks during network transmission.For new NIPVSS, image decryption will be affected by these image attacks.Peak signalto-noise ratio (PSNR) is an objective standard [32], and generally when PSNR is lower than 20dB, image quality is poor to unacceptable and feature extraction cannot be performed.Tab.IV shows PSNR of the decrypted IPS image under these image attacks, where it can be seen that the stronger image attacks are, the lower PSRN are.But PSNR are all more than 20dB, which indicates that F2SIE algorithm has ability to keep image under these image attacks with good quality.Meanwhile, Figs. 15 (slight shearing attacks) and 16(slight salt and pepper attack) and 17(slight Gaussian attack) shows that F2SIE algorithm can recover effective information of pendulum and cart after being affected by these slight image attacks.However, when attack is added too much, the recovered image contour will gradually become blurred.
To further explore the maximum experimental value of ηen + ηde that system can tolerate when τ = 0.005s, values of ηen + ηde are set as 0.014s, 0.015s, 0.016s, 0.017s, 0.018s.Real-time curves of cart position and pendulum angle are shown in Fig. 18, where is can be seen that as ηen + ηde increases, the fluctuation of cart position and pendulum angle increases.When ηen + ηde goes to 0.017s or 0.018s, cart position and pendulum angle diverge.Hence, when τ = 0.005s, the maximum experimental value of ηen + ηde that system can tolerate is 0.016s.
2) Controller Robustness against Parameter Uncertainty: The relationship between ∆ 1 and ∆ 2 is analysed.According to Theorem 1, for the given |∆ 1 |, |∆ 2 | can be obtained while ensures closed-loop system (17) stable, where |∆ 1 | is from 0 to 0.67 and the corresponding |∆ 2 | is from 3.24 to 0. Furthermore, to analyse ∆ 1,a and ∆ 2,a caused by image attacks, we add shearing attack, salt and pepper attack and Gaussian attack in images.
Influence of shearing attack on the IPS performance: Different shearing rates (1.0%, 2.0%, 4.0%, 5.0%) of shearing attacks are added, and the corresponding real-time curves of cart position and pendulum angle are shown in Fig. 19.It can be seen from Fig. 19 that when shearing rate is within 4.0%, cart position and pendulum angle tend to be stable and diverge when shearing rate exceeds 5.0%.However, when shearing rate goes to 5.0%, cart position and pendulum angle diverge rapidly.This is because information of the cut picture is seriously damaged, which leads to increase of computational error and makes system unstable.Hence, it means that the maximum shearing rate that system can withstand is 4.0%.
Values of ∆ 1,a , ∆ 2,a , ∆ 1,a , ∆ 2,a under shearing attacks with different shearing rates are shown in Table VI, where it can be   To intuitively show performance change of system under different shearing rates of shearing attack, mean and standard deviation (SD) of cart position and pendulum angle are calculated, which are illustrated in Tab.VII.It can be seen from Tab. VII that as shearing rate increase, mean and SD of cart position and pendulum angle increase; the greater the shearing rate is, the greater the influence of cart position and pendulum angle is; the performance slightly deteriorates with gradually increasing shearing rates.Tab.VII also shows that shearing attack has a significant influence on performance of IPS and an efficient image encryption algorithm is required to further improve image security.Influence of salt and pepper attack on the IPS performance Different intensity of salt and pepper attack (0.1%, 0.5%, 0.9%, 1.0% and 1.1%) are added.Real-time curves of cart position and pendulum angle are shown in Fig. 20, where it can be seen that as intensity of salt and pepper attack increases, fluctuation of curve of cart positions increases, i.e., system stability decreases.Obviously, when intensity of salt and pepper attack goes to 1.0%, cart position diverges and becomes uncontrollable.When number of salt and pepper attack goes to 1.1%, cart curve diverges very fast.
Furthermore, the lower bounds ∆ 1,a , ∆ 2,a and the upper bounds ∆ 1,a , ∆ 2,a under different intensity of salt and pepper attack are shown in Table VIII, where it can be seen that when IPS runs stably, range of ∆ 1,a is [−0.41,0.42] and ∆ 2,a is [−0.78,0.76].When IPS starts to diverge, ∆ 1,a is larger than |0.48| and ∆ 2,a is larger than |0.75|.Hence, the designed controller can be able to achieve stable control on IPS to some extent and stability performance slightly deteriorates with gradually increasing intensity of salt and pepper attack.
Furthermore, to intuitively show performance of system under different salt and pepper attack, mean and SD of cart position and pendulum angle are calculated to show change of performance.The mean of cart positions displays extent of cart deviating from initial position and that of pendulum angles displays degree of pendulum deviating from vertical direction.SD of cart positions and pendulum angles displays extent of cart and pendulum deviating from mean, i.e., fluctuation degree of cart and pendulum.Mean and SD of cart positions and pendulum angles are illustrated in Table IX.Table IX shows that as intensity of salt and pepper attack increase, mean and SD of cart position and pendulum angle are all increase, which indicates the greater the intensity of salt and pepper attack is, the greater the influence of cart position and pendulum angle is.This experimental results show that salt and pepper attack has a significant influence on performance of IPS and an efficient image encryption algorithm is required to further improve image security.
Influence of Gaussian attack on IPS performance In addition to adding salt and pepper attack and shearing attacks,  different mean µ and variance σ of Gaussian attack is also added.Real-time curves of cart positions and pendulum angles are shown in Fig. 21.However, system is unstable no matter how small the Gaussian attack is.According to analysis in Fig. 21, it can be seen that the maximum delays of image encryption and decryption in experiment is 0.016s, which means that the average maximum upper bound of image encryption or decryption is 0.008s.However, injection time of Gaussian attack is 0.001s and the actual bound of image encryption or decryption is 0.007s, so injection time of Gaussian attack is not primary reason.The primary reason is that Gaussian attack greatly affects pixel value of judging cart position, which leads to the bigger computational error.The uncertainties of cart position and pendulum angle are in Table X.Table X depicts that the smallest |∆ 1,a | and |∆ 1,a | are 0.52 and 0.88.Compared with salt and pepper attack and shear attack, the smallest |∆ 1,a | and |∆ 1,a | all exceed maximum uncertainty that system can tolerate under image attacks.Hence, these experimental results show that Gaussian attack has a large influence on performance of IPS and an efficient image encryption algorithm is urgently required to further improve image security.

V. CONCLUSION
This paper has introduced secure control of NIPVSS with adverse effect of image computation.To meet real-time and security requirements, an F2SIE algorithm was proposed.Adverse effects of image information security were analysed, and the closedloop model of NIPVSS has been established with computational errors and multiple time-varying delays.Furthermore, a robust controller was designed to tolerate computational errors and multiple time-varying delays, and system stability was examined.Experimental results confirms the effectiveness of the proposed image encryption algorithm and the controller on the NIPVSS platform.In the future, it is a challenge to further reduce image encryption algorithm time, and how to improve performance of encryption algorithm is very interesting and meaningful research venues. and

Fig. 4 .
Fig. 4. The selected area of the inverted pendulum image.

Fig. 7 .
Fig. 7. Image diffusion example.Algorithm 1 F2SIE Algorithm for NIPVSS.Input: Image P , cycle period T and initial value y 0 ; Output: The encrypted image C; 1: Scale image and select the encryption area C 1 as M × N ; 2: Set cycle count r ← 1; 3: while r < T do 4:

Fig. 9 .
Fig.9.Cart position and pendulum angle of the new NIPVSS with the F2SIE algorithm under the H∞ controller in[7].
(a) Image encryption time.(b) Image decryption time.

Fig. 10 .
Fig. 10.2000 set of image encryption and decryption times.

Fig. 11 .
Fig. 11.Relative error range of each state information.

Fig. 13 .
Fig. 13.Experimental platform of new NIPVSS fused with the proposed F2SIE algorithm and robust controller.

7
is replaced by ⌢ Ψ 1,1 = P BK while elements in other positions remain unchanged in matrix Λ, and

Fig. 14 .
Fig. 14.Correlation analysis of the original image and encrypted image: (a) (b) are horizontal direction; (c) (d) are vertical direction; (e) (f) are diagonal direction.

TABLE I COMPARATIVE
ANALYSIS BETWEEN THIS PAPER AND EXISTING REFERENCES is image processing time; τ sc k is network transmission time from sensor to controller; τ ca k is network transmission time from controller to actuator; B ω ω(t) is computational errors; A and B are constant matrices.
is system state, α(t), θ(t), α(t) and θ(t) are cart position, pendulum angle, cart and angular velocity respectively; d(t) is image-induced delay; τ (t) is network-induced delay; t k is image sampling instant; d k

TABLE II THE
VALUES OF ∆η k OF DIFFERENT IMAGE ATTACKS.Shearing rate represents shearing rate of shear attacks Intensity represents intensity of salt and pepper attack µ and σ represent mean and variance of Gaussian attack -represents injection time is almost 0s, which can be ignored 2,a , 0, 0} is the whole parameter uncertainty matrix, ∆ 1 ∈ [−0.4,0.4] and ∆ 2 ∈ [−0.82, 0.82] are parameter uncertainty of cart position and pendulum angle caused by environmental noise respectively, ∆ 1,a ∈ [∆ 1,a , ∆ 1,a ] and ∆ 2,a ∈ [∆ 2,a , ∆ 2 a ] are parameter uncertainty of cart position and pendulum angle caused by image attacks respectively;

TABLE IV THE
PSNR VALUE OF THE RECOVERED IMAGE UNDER DIFFERENT IMAGE ATTACKS.

TABLE V GIVEN
THE UPPER BOUND τ OF NETWORK-INDUCED DELAY, THE UPPER BOUND λ OF IMAGE-PROCESSING-INDUCED DELAY AND THE UPPER BOUND ηen + ηde OF IMAGE ENCRYPTION AND DECRYPTION TIME.

TABLE VI VALUES
OF ∆ 1,a , ∆ 2,a , ∆ 1,a AND ∆ 2,a UNDER DIFFERENT SHEARING RATES OF SHEARING ATTACKS.

TABLE VII MEAN
AND SD OF THE CART POSITIONS AND PENDULUM ANGLES UNDER DIFFERENT SHEARING RATES OF SHEARING ATTACK.Mean of cart position. 2 cart position.3Mean of pendulum angle.4SD of pendulum angle.seenthat when IPS runs stably, ∆ 1,a ∈ [−0.32, 0.40] and ∆ 2,a ∈ [−0.74, 0.75].When IPS starts to diverge, |∆ 1,a | is beyond 0.45 and |∆ 2,a | is beyond 1.00.Hence, the designed controller can be able to achieve stable control of NIPVSS under slight shearing attacks, but cannot prevent from severe shearing attacks.

TABLE VIII VALUES
OF ∆ 1,a , ∆ 2,a , ∆ 1,a AND ∆ 2,a UNDER DIFFERENT INTENSITIES OF SALT AND PEPPER ATTACK.

TABLE IX MEAN
AND SD OF THE CART POSITIONS AND PENDULUM ANGLES UNDER DIFFERENT INTENSITY OF SALT AND PEPPER ATTACK.Mean of cart position. 2f cart position.3Mean of pendulum angle.4SD of pendulum angle.

TABLE X VALUES
OF ∆ 1,a , ∆ 2,a , ∆ 1,a AND ∆ 2,a UNDER GAUSSIAN ATTACKS WITH DIFFERENT DISTRIBUTIONS.