In zero-trust architectures, over-the-air computation-based federated learning (AirFL) is vulnerable to Byzantine attacks due to its analog transmission mechanism. Method: This paper proposes FedSAC—a novel framework that pioneers the integration of zero-trust principles into AirFL. It introduces a historical-reputation-driven dynamic anomaly detection mechanism and an adaptive device clustering strategy. Furthermore, it is the first to apply the penalty-based concave–convex procedure (P-CCP) to AirFL weight optimization, with a rigorous proof of one-step first-order convergence under non-uniform weighting. Results: Experiments demonstrate that FedSAC achieves a 12.6% higher test accuracy and 1.8× faster convergence than state-of-the-art robust AirFL methods under diverse Byzantine attacks, significantly enhancing both the robustness and efficiency of model aggregation.

Over-the-air computation (AirComp) has emerged as an essential approach for enabling communication-efficient federated learning (FL) over wireless networks. Nonetheless, the inherent analog transmission mechanism in AirComp-based FL (AirFL) intensifies challenges posed by potential Byzantine attacks. In this paper, we propose a novel Byzantine-robust FL paradigm for over-the-air transmissions, referred to as federated learning with secure adaptive clustering (FedSAC). FedSAC aims to protect a portion of the devices from attacks through zero trust architecture (ZTA) based Byzantine identification and adaptive device clustering. By conducting a one-step convergence analysis, we theoretically characterize the convergence behavior with different device clustering mechanisms and uneven aggregation weighting factors for each device. Building upon our analytical results, we formulate a joint optimization problem for the clustering and weighting factors in each communication round. To facilitate the targeted optimization, we propose a dynamic Byzantine identification method using historical reputation based on ZTA. Furthermore, we introduce a sequential clustering method, transforming the joint optimization into a weighting optimization problem without sacrificing the optimality. To optimize the weighting, we capitalize on the penalty convex-concave procedure (P-CCP) to obtain a stationary solution. Numerical results substantiate the superiority of the proposed FedSAC over existing methods in terms of both test accuracy and convergence rate.