Secure Cell-Free Massive MIMO ISAC Systems: Joint AP Selection and Power Allocation Against Eavesdropping

This paper investigates a cell-free massive multiple-input-multiple-output (CF-mMIMO) integrated sensing and communication (ISAC) system that addresses the critical challenge of information leakage to potential eavesdroppers located within sensing zones. A novel access point (AP) selection strategy is proposed, which partitions the distributed APs into two functional groups: communication APs (C-APs), dedicated exclusively to data transmission, and sensing APs (S-APs), responsible for target detection and eavesdropper suppression. Closed-form expressions for the achievable communication rate, eavesdropping rate, and mainlobe-to-average-sidelobe ratio (MASR) are derived to evaluate system performance. Two complementary optimization problems are formulated using the successive convex approximation (SCA): (i) maximizing user rates under security constraints and (ii) minimizing eavesdropping rates while satisfying quality of service (QoS) requirements. The proposed joint optimization framework determines the optimal AP operational modes and power allocation across communication and sensing links. Extensive numerical results validate the theoretical analysis and demonstrate significant performance gains, revealing inherent trade-offs among communication efficiency, sensing accuracy, and security. These insights offer practical guidelines for designing secure CF-mMIMO ISAC systems.