公开(公告)号：US20210120031A1

公开(公告)日：2021-04-22

申请号：US16654319

申请日：2019-10-16

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Mustafa Tekin Dokucu ,  Subhrajit Roychowdhury ,  Olugbenga Anubi ,  Masoud Abbaszadeh ,  Justin Varkey John

IPC: H04L29/06 ,  G06N20/00 ,  G01R19/00

Abstract: An industrial asset may have monitoring nodes that generate current monitoring node values. An abnormality detection computer may determine that an abnormal monitoring node is currently being attacked or experiencing fault. A dynamic, resilient estimator constructs, using normal monitoring node values, a latent feature space (of lower dimensionality as compared to a temporal space) associated with latent features. The system also constructs, using normal monitoring node values, functions to project values into the latent feature space. Responsive to an indication that a node is currently being attacked or experiencing fault, the system may compute optimal values of the latent features to minimize a reconstruction error of the nodes not currently being attacked or experiencing a fault. The optimal values may then be projected back into the temporal space to provide estimated values and the current monitoring node values from the abnormal monitoring node are replaced with the estimated values.

公开(公告)号：US10594712B2

公开(公告)日：2020-03-17

申请号：US15484282

申请日：2017-04-11

Applicant: General Electric Company

Inventor： Lalit Keshav Mestha ,  Justin Varkey John ,  Weizhong Yan ,  David Joseph Hartman

IPC: G06F21/00 ,  H04L29/06 ,  G06N20/00 ,  G06N20/10 ,  G06N3/04 ,  G06N3/08 ,  G06N7/00

Abstract: A threat detection model creation computer receives normal monitoring node values and abnormal monitoring node values. At least some received monitoring node values may be processed with a deep learning model to determine parameters of the deep learning model (e.g., a weight matrix and affine terms). The parameters of the deep learning model and received monitoring node values may then be used to compute feature vectors. The feature vectors may be spatial along a plurality of monitoring nodes. At least one decision boundary for a threat detection model may be automatically calculated based on the computed feature vectors, and the system may output the decision boundary separating a normal state from an abnormal state for that monitoring node. The decision boundary may also be obtained by combining feature vectors from multiple nodes. The decision boundary may then be used to detect normal and abnormal operation of an industrial asset.

公开(公告)号：US10397257B2

公开(公告)日：2019-08-27

申请号：US15371723

申请日：2016-12-07

Applicant: General Electric Company

Inventor： Daniel Francis Holzhauer ,  Cody Joe Bushey ,  Lalit Keshav Mestha ,  Masoud Abbaszadeh ,  Justin Varkey John

IPC: H04L29/06 ,  H04L12/26 ,  H04L29/08 ,  H04L12/24

Abstract: According to some embodiments, streams of monitoring node signal values may be received over time that represent a current operation of an industrial asset control system. A current operating mode of the industrial asset control system may be received and used to determine a current operating mode group from a set of potential operating mode groups. For each stream of monitoring node signal values, a current monitoring node feature vector may be determined. Based on the current operating mode group, an appropriate decision boundary may be selected for each monitoring node, the appropriate decision boundary separating a normal state from an abnormal state for that monitoring node in the current operating mode. Each generated current monitoring node feature vector may be compared with the selected corresponding appropriate decision boundary, and a threat alert signal may be automatically transmitted based on results of said comparisons.

公开(公告)号：US20150058947A1

公开(公告)日：2015-02-26

申请号：US13974099

申请日：2013-08-23

Applicant: General Electric Company

Inventor： Justin Varkey John ,  Robert William Grubbs

IPC: H04W12/06

CPC classification number: H04W12/06 ,  G05B19/0425 ,  G05B19/418 ,  G05B2219/23067 ,  G05B2219/36133 ,  G06F2221/2141 ,  H04L63/0209 ,  H04L63/062 ,  H04L63/104 ,  H04L63/108 ,  H04L67/12 ,  H04W4/021 ,  H04W12/04

Abstract: One aspect of the invention is a system for mobile device authentication. The system includes a public-facing server configured to interface with a mobile device. The system also includes a secure server configured to interface with the public-facing server and an authorization station. The authorization station includes processing circuitry configured to establish authorization limits for the mobile device and generate an authentication key associated with the authorization limits. The processing circuitry is further configured to provide the authentication key and an identifier of the mobile device to the secure server, and generate an authorization code including an encoded version of the authentication key and an address of the public-facing server. The processing circuitry is also configured to provide the authorization code to the mobile device to establish authentication for the mobile device to receive data from a control system network as constrained by the authorization limits.

Abstract translation: 本发明的一个方面是用于移动设备认证的系统。 该系统包括被配置为与移动设备接口的面向公众的服务器。 系统还包括配置为与面向公众的服务器和授权站进行接口的安全服务器。 授权站包括处理电路，其配置成为移动设备建立授权限制并生成与授权限制相关联的认证密钥。 所述处理电路还被配置为向所述安全服务器提供所述认证密钥和所述移动设备的标识符，并且生成包括所述认证密钥的编码版本和所述面向公众的服务器的地址的授权码。 所述处理电路还被配置为向所述移动设备提供所述授权码，以建立所述移动设备的认证，以便从所述授权限制所约束的控制系统网络接收数据。

公开(公告)号：US20150058796A1

公开(公告)日：2015-02-26

申请号：US13974109

申请日：2013-08-23

Applicant: General Electric Company

Inventor： Pavan Kumar Singh Thakur ,  Justin Varkey John ,  Venkatesh Mani Selvaraj

IPC: G06F3/0488 ,  G06F3/0481

CPC classification number: G06F3/0488 ,  G06F3/04817 ,  G06F3/04883

Abstract: One aspect of the invention is a system for providing navigation control for a tabletop computer system. The system includes a multi-touch display and processing circuitry coupled to the multi-touch display. The processing circuitry is configured to display a user interface on the multi-touch display and render a navigation pane on the multi-touch display. The navigation pane includes a reduced-scale copy of the user interface. The processing circuitry is also configured to detect a touch-based input at a position on the navigation pane and determine a scaled position on the user interface corresponding to the position on the navigation pane. The processing circuitry is further configured to interpret the touch-based input at the position on the navigation pane as an equivalent touch-based input at the scaled position on the user interface and trigger an event corresponding to the equivalent touch-based input at the scaled position on the user interface.

Abstract translation: 本发明的一个方面是一种用于为台式计算机系统提供导航控制的系统。 该系统包括耦合到多点触摸显示器的多点触摸显示和处理电路。 处理电路被配置为在多点触摸显示器上显示用户界面并在多点触摸显示器上呈现导航窗格。 导航窗格包含用户界面缩小的副本。 处理电路还被配置为在导航窗格上的位置处检测基于触摸的输入，并且确定对应于导航窗格上的位置的用户界面上的缩放位置。 处理电路还被配置为将导航窗格上的位置处的基于触摸的输入解释为在用户界面上的缩放位置处的等效的基于触摸的输入，并且触发与经缩放的比例的等效的基于触摸的输入相对应的事件 用户界面上的位置。

公开(公告)号：US20140203934A1

公开(公告)日：2014-07-24

申请号：US13746507

申请日：2013-01-22

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Justin Varkey John ,  Robert William Grubbs ,  Jonathan Carl Thatcher

IPC: G08B23/00

CPC classification number: G08B23/00 ,  G05B15/02 ,  G05B23/0272 ,  Y04S10/522

Abstract: A dynamic alarm system for operating a power plant is disclosed. The dynamic alarm system includes a sensor configured to generate a signal related to a measurement of an operation of the power plant. An interface displays a generated alarm to an operator and receives a dynamic rating value from the operator related to the generated alarm. A processor generates the alarm using the generated signal, compiles the rating value and alters an operation of the power plant from the compiled rating value.

Abstract translation: 公开了一种用于操作发电厂的动态报警系统。 动态报警系统包括被配置为产生与发电厂的操作的测量相关的信号的传感器。 接口向操作员显示生成的报警，并从与所生成的报警相关的操作员接收动态评级值。 处理器使用生成的信号产生报警，编译评级值并根据编译的评级值改变发电厂的运行。

公开(公告)号：US11487598B2

公开(公告)日：2022-11-01

申请号：US16574493

申请日：2019-09-18

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Masoud Abbaszadeh ,  Mustafa Tekin Dokucu ,  Justin Varkey John

IPC: G06F11/00 ,  G06F11/07 ,  H04L9/40 ,  G06F17/18 ,  G06K9/62 ,  G06N20/00

Abstract: An industrial asset may have a plurality of monitoring nodes, each monitoring node generating a series of monitoring node values over time representing current operation of the industrial asset. An abnormality detection computer may determine that an abnormal monitoring node is currently being attacked or experiencing a fault. An autonomous, resilient estimator may continuously execute an adaptive learning process to create or update virtual sensor models for that monitoring node. Responsive to an indication that a monitoring node is currently being attacked or experiencing a fault, a level of neutralization may be automatically determined. The autonomous, resilient estimator may then be dynamically reconfigured to estimate a series of virtual node values based on information from normal monitoring nodes, appropriate virtual sensor models, and the determined level of neutralization. The series of monitoring node values from the abnormal monitoring node or nodes may then be replaced with the virtual node values.

公开(公告)号：US11411983B2

公开(公告)日：2022-08-09

申请号：US16654319

申请日：2019-10-16

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Mustafa Tekin Dokucu ,  Subhrajit Roychowdhury ,  Olugbenga Anubi ,  Masoud Abbaszadeh ,  Justin Varkey John

IPC: H04L12/26 ,  H04L9/40 ,  G01R19/00 ,  G06N20/00

Abstract: An industrial asset may have monitoring nodes that generate current monitoring node values. An abnormality detection computer may determine that an abnormal monitoring node is currently being attacked or experiencing fault. A dynamic, resilient estimator constructs, using normal monitoring node values, a latent feature space (of lower dimensionality as compared to a temporal space) associated with latent features. The system also constructs, using normal monitoring node values, functions to project values into the latent feature space. Responsive to an indication that a node is currently being attacked or experiencing fault, the system may compute optimal values of the latent features to minimize a reconstruction error of the nodes not currently being attacked or experiencing a fault. The optimal values may then be projected back into the temporal space to provide estimated values and the current monitoring node values from the abnormal monitoring node are replaced with the estimated values.

公开(公告)号：US11005863B2

公开(公告)日：2021-05-11

申请号：US15179034

申请日：2016-06-10

Applicant: General Electric Company

Inventor： Cody Joe Bushey ,  Lalit Keshav Mestha ,  Daniel Francis Holzhauer ,  Justin Varkey John

IPC: H04L29/06 ,  H04W4/38 ,  H04L29/08

Abstract: In some embodiments, a plurality of real-time monitoring node signal inputs receive streams of monitoring node signal values over time that represent a current operation of the industrial asset control system. A threat detection computer platform, coupled to the plurality of real-time monitoring node signal inputs, may receive the streams of monitoring node signal values and, for each stream of monitoring node signal values, generate a current monitoring node feature vector. The threat detection computer platform may then compare each generated current monitoring node feature vector with a corresponding decision boundary for that monitoring node, the decision boundary separating a normal state from an abnormal state for that monitoring node, and localize an origin of a threat to a particular monitoring node. The threat detection computer platform may then automatically transmit a threat alert signal based on results of said comparisons along with an indication of the particular monitoring node.

公开(公告)号：US10826922B2

公开(公告)日：2020-11-03

申请号：US16679749

申请日：2019-11-11

Applicant: General Electric Company

Inventor： Lalit Keshav Mestha ,  Hema Kumari Achanta ,  Justin Varkey John ,  Cody Joe Bushey

IPC: H04L29/06 ,  G06K9/62 ,  G06F21/56 ,  G06F21/50 ,  G06F21/55 ,  G06F21/57

Abstract: In some embodiments, an industrial asset may be associated with a plurality of monitoring nodes, each monitoring node generating a series of monitoring node values over time that represent operation of the industrial asset. A threat detection computer may determine that an attacked monitoring node is currently being attacked. Responsive to this determination, a virtual sensor coupled to the plurality of monitoring nodes may estimate a series of virtual node values for the attacked monitoring node(s) based on information received from monitoring nodes that are not currently being attacked. The virtual sensor may then replace the series of monitoring node values from the attacked monitoring node(s) with the virtual node values. Note that in some embodiments, virtual node values may be estimated for a particular node even before it is determined that the node is currently being attacked.