MAED: Simultaneous Mitigation, Estimation & Detection

• MAED is a unified framework that concurrently performs threat mitigation, state estimation, and attack detection to enhance resilience in complex networks.
• It employs advanced methods such as sliding-mode observers, Kalman filters, and ILP-based optimization to localize attacks and control estimation errors.
• Its real-time execution and dynamic reconfiguration effectively counter unknown disturbances and sophisticated jamming attacks in power grids, MIMO systems, and distributed networks.

Simultaneous Mitigation, Estimation, and Detection (MAED) refers to a paradigm in cyber-physical systems, wireless communications, and multi-agent networks where threat mitigation, state/channel estimation, and adversarial attack detection are carried out concurrently in real time. This unification avoids sequential or compartmentalized approaches, instead tightly coupling residual analysis, observer or detection filters, and data-driven or optimization-based recovery strategies. Recent research has formalized MAED algorithms for power grids, multi-user MIMO wireless systems, control-theoretic CPS, and distributed sensor networks, emphasizing robustness against unknown inputs, cyber-attacks, and smart jammers.

1. Core Principles of MAED

The MAED paradigm integrates three functions:

• Mitigation: Removal or isolation of attacked or corrupted measurements/observations, limiting adversarial impact.
• Estimation: Dynamic reconstruction of system state, channel, or data under uncertainty (including unknown disturbances and attacks).
• Detection: Real-time statistical or optimization-based identification of adversarial activity, typically via residual analysis or joint optimization.

In power systems, for example, MAED involves sliding-mode observers, linear residual generators, and risk-mitigation optimization via integer programming (Taha et al., 2015). In communications, it centers on spatial filtering and joint channel/data/jammer-subspace estimation (Marti et al., 2022, Marti et al., 2 Oct 2025). Control systems and multi-agent networks employ Kalman filters, χ²-based detectors, and digraph-based sensor substitution (Lakshminarayana et al., 2019, Doostmohammadian et al., 2021).

2. Mathematical Frameworks and Algorithmic Instantiations

MAED frameworks are instantiated via coupled dynamic models and optimization problems:

a) State-space models with unknown inputs and attacks (Taha et al., 2015): $\dot{x}(t) = A x(t) + B_w w(t)$

$y_q(t) = C_q x(t) + v_q(t)$

where $w(t)$ denotes unknown disturbances and $v_q(t)$ designates attack vectors.

b) Sliding-mode observers (SMO) for decoupled estimation: $$\dot{\hat{x}} = A \hat{x} + L_q (y_q - \hat{y}_q) - B_w E(y_q, \hat{y}_q)$$ Design constraints ensure error convergence and decoupling of unknown inputs via LMIs.

c) Joint optimization for wireless MAED (JED type) (Marti et al., 2022, Marti et al., 2 Oct 2025): $$\min_{\substack{P, H, S_D}}\| P (Y - H [S_T, S_D]) \|_F^2$$ where $P$ projects onto the orthogonal complement of the jammer subspace, and the decision variables $H, S_D$ encode channel and data detection.

d) Residual-based detection and mitigation:

Statistical residuals (e.g., via χ² or probabilistic thresholds) are used for attack localization, which feeds directly into the mitigation decision (Lakshminarayana et al., 2019, Doostmohammadian et al., 2021): $g_{k+1} = r_{k+1}^T \Sigma_r^{-1} r_{k+1}$ A threshold test classifies attacks and triggers mitigation.

e) Integer Linear Programming (ILP) risk mitigation (Taha et al., 2015): Binary variables $\pi_i$ decide which measurements to retain, subject to observability and threat-level constraints.

3. MAED Implementations: Protocols and Workflows

Across application domains, MAED protocols combine offline model parameter learning with online, sliding-window execution:

• Offline: Model realization (matrices $A, C_q, B_w$), observer gain design (via LMIs), and parameter storage for rapid reconfiguration (Taha et al., 2015).
• Online (real-time loop):

1. State estimator and residual generator run in parallel. 2. Residuals/threat levels are accumulated over a window. 3. Risk-mitigation optimization (ILP or joint ML) yields isolation decisions or spatial filters. 4. Observer gains and measurement matrices are dynamically switched if channel/PMU patterns change. 5. Mitigation, estimation, and detection steps repeat at each time step.

In wireless baseband ASIC, MAED is realized via spatial filtering, iterative channel/data detection, and power-method jammer subspace updates, driven by fixed or adaptive stepsizes and proximal operators (Elmiger et al., 26 Nov 2025).

In distributed multi-agent systems, the protocol involves consensus-based estimation, local residual detection, and graph-theoretic mitigation (agent substitution according to contraction or output-connectivity class) (Doostmohammadian et al., 2021).

4. Performance Characteristics and Theoretical Guarantees

MAED frameworks achieve quantitatively strong error-rate, detection, and observability properties:

• Power systems: Estimation error $\|x - \hat{x}\|_2$ decays to $\approx 10^{-3}$ even under large unknown inputs; residuals sharply localize cyber-attacks, and attacked channels are isolated via ILP (Taha et al., 2015).
• Wireless MU-MIMO/SIMO: Bit error rates (BER) close to genie-aided bound, even under smart, pilot/data/sparse jamming; MAED outperforms non-joint schemes by 4–8dB SNR (Marti et al., 2022, Elmiger et al., 26 Nov 2025). Exact recovery of user data is provably guaranteed in the noise-free regime, except for impersonation/eclipsed attacks.
• Control/CPS: MAED quantifies maximum state estimation degradation for optimal attacks faced with detection and mitigation, optimizing detection thresholds for resilience (Lakshminarayana et al., 2019).
• Distributed sensor networks: Asymptotically unbiased estimation with bounded steady-state MSE; graph-based mitigation restores structural observability with polynomial complexity (Doostmohammadian et al., 2021).

A plausible implication is that joint MAED optimization counters even adaptive, stealthy adversaries—provided non-eclipsed conditions hold and detection thresholds are well tuned.

5. Complexity and Hardware Realization

MAED algorithms typically involve polynomial-time complexity:

• Wireless JED/MAED: Iterative optimization per block/frequency band, dominated by matrix products, Moore–Penrose pseudoinverse, and power-method SVD. Total complexity is $O(t_{\max}(BK(U+I)+UK^2))$ per frame (Marti et al., 2 Oct 2025).
• Distributed MAED: Consensus estimation, SCC and contraction computation, and threshold adjustment are all achievable in $O(N^3n^3)$ for $n$-state, $N$-agent networks (Doostmohammadian et al., 2021).
• ASIC realization: Spatial filtering/data detection completes in 10–13 cycles per vector, with 0.32 mm² area and 100 Mb/s throughput at 223 mW (Elmiger et al., 26 Nov 2025).

6. Extensions, Limitations, and Open Problems

MAED frameworks continue to evolve across several dimensions:

• Beyond linearization: Closed-form UI/CA estimation on nonlinear system models remains an open challenge (Taha et al., 2015).
• Probabilistic threat levels: Integrating stochastic metrics into risk-mitigation optimization may improve detection/mitigation under uncertainty.
• Dynamic observer reconfiguration: Pre-computed, polytopic, or switching-gain libraries for real-time adaptation to changing measurement patterns (Taha et al., 2015).
• Wireless/Comms: Extending MAED to multiuser MIMO settings, higher-order QAM, OFDM subcarrier implementation, and joint distributed jammer detection (Elmiger et al., 26 Nov 2025, Marti et al., 2 Oct 2025).
• Adversarial impersonation: Perfect pilot impersonation eclipses MAED’s subspace identification; randomized or encrypted pilot designs are needed (Marti et al., 2022).

7. Applications and Representative Case Studies

MAED has been demonstrated in power grid dynamic state estimation, multi-user/single-user MIMO baseband receivers, voltage control in CPS, and distributed sensor networks:

Domain	Algorithmic Building Blocks	Performance Highlights
Power grid state estimation	SMO, LMI, ILP, residual generator	Error ≈10⁻³, attack quarantining
MU-MIMO wireless	FBS, power-method, spatial filter	BER ~10⁻³, robust to smart jammers
Distributed agents	Consensus, residual test, graph mitigation	Bounded MSE, restored observability
CPS control (voltage)	KF, χ²-detector, MDP/Q-learning	Quantified optimal attack impact

These case studies validate the efficacy and generality of simultaneous mitigation, estimation, and detection as a foundation for resilient autonomous systems.

• "Risk Mitigation for Dynamic State Estimation Against Cyber Attacks and Unknown Inputs" (Taha et al., 2015)
• "Mitigating Smart Jammers in MU-MIMO via Joint Channel Estimation and Data Detection" (Marti et al., 2022)
• "A 0.32 mm² 100 Mb/s 223 mW ASIC in 22FDX for Joint Jammer Mitigation, Channel Estimation, and SIMO Data Detection" (Elmiger et al., 26 Nov 2025)
• "Performance and Resilience of Cyber-Physical Control Systems with Reactive Attack Mitigation" (Lakshminarayana et al., 2019)
• "Joint Jammer Mitigation and Data Detection" (Marti et al., 2 Oct 2025)
• "Mitigating Smart Jammers in Multi-User MIMO" (Marti et al., 2022)
• "Distributed Detection and Mitigation of Biasing Attacks over Multi-Agent Networks" (Doostmohammadian et al., 2021)