公开(公告)号：US11411983B2

公开(公告)日：2022-08-09

申请号：US16654319

申请日：2019-10-16

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Mustafa Tekin Dokucu ,  Subhrajit Roychowdhury ,  Olugbenga Anubi ,  Masoud Abbaszadeh ,  Justin Varkey John

IPC: H04L12/26 ,  H04L9/40 ,  G01R19/00 ,  G06N20/00

Abstract: An industrial asset may have monitoring nodes that generate current monitoring node values. An abnormality detection computer may determine that an abnormal monitoring node is currently being attacked or experiencing fault. A dynamic, resilient estimator constructs, using normal monitoring node values, a latent feature space (of lower dimensionality as compared to a temporal space) associated with latent features. The system also constructs, using normal monitoring node values, functions to project values into the latent feature space. Responsive to an indication that a node is currently being attacked or experiencing fault, the system may compute optimal values of the latent features to minimize a reconstruction error of the nodes not currently being attacked or experiencing a fault. The optimal values may then be projected back into the temporal space to provide estimated values and the current monitoring node values from the abnormal monitoring node are replaced with the estimated values.

公开(公告)号：US20210211455A1

公开(公告)日：2021-07-08

申请号：US16734499

申请日：2020-01-06

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Honggang Wang ,  Masoud Abbaszadeh ,  Mustafa Tekin Dokucu

IPC: H04L29/06

Abstract: A procedure for neutralizing an attack on a control system of an industrial asset includes detecting an anomaly in a first sensor node associated with a first unit operating in a first operational mode, and receiving time series data associated with the first sensor node. A subset of the time series data is provided to each of a plurality of virtual sensor models A first virtual sensor model is selected from among a plurality of virtual sensor models based upon the subset of the time series data received by each of the plurality of virtual sensor models. A first confidence level of the first virtual sensor is determined. Responsive to determining that the first confidence level is below a first confidence level threshold, the first unit is transferred to a second operational mode using sensor readings associated with a second sensor node of a second unit of the industrial asset.

公开(公告)号：US20160169585A1

公开(公告)日：2016-06-16

申请号：US14907324

申请日：2013-07-25

Applicant: General Electric Company

Inventor： Aditya Kumar ,  Brett R. Ellis ,  Zhaoyang Wan ,  Claudia C. Pierce ,  Mustafa Tekin Dokucu ,  Dongrui Wu ,  Sangeeta Balram

IPC: F28C1/04 ,  G05B23/02 ,  G05B13/04

CPC classification number: F28C1/04 ,  F28F27/003 ,  F28F2200/00 ,  G05B13/048 ,  G05B23/0243

Abstract: A cooling tower simulation system may receive a measurement from a cooling tower sensor and generate a predicted Noutput of a cooling tower system based on a model of the cooling tower system. The simulation system may generate an estimated output using an extended Kalman filter with the measurement and the predicted output as inputs, wherein the estimated output represents a characteristic of the cooling tower system.

Abstract translation: 冷却塔模拟系统可以从冷却塔传感器接收测量值，并根据冷却塔系统的型号生成预测的冷却塔系统的Noutput。 仿真系统可以使用扩展卡尔曼滤波器生成估计输出，其中测量和预测输出作为输入，其中估计的输出表示冷却塔系统的特性。

公开(公告)号：US12180939B2

公开(公告)日：2024-12-31

申请号：US17698040

申请日：2022-03-18

Applicant: General Electric Company

Inventor： Kalpesh Singal ,  Mustafa Tekin Dokucu ,  Fernando Javier D'Amato ,  Georgios Boutselis

IPC: F03D7/04 ,  F03D7/02

Abstract: A method for providing backup control for a supervisory controller of at least one wind turbine includes observing, via a learning-based backup controller of the at least one wind turbine, at least one operating parameter of the supervisory controller under normal operation. The method also includes learning, via the learning-based backup controller, one or more control actions of the at least one wind turbine based on the operating parameter(s). Further, the method includes receiving, via the learning-based backup controller, an indication that the supervisory controller is unavailable to continue the normal operation. Upon receipt of the indication, the method includes controlling, via the learning-based backup controller, the wind turbine(s) using the learned one or more control actions until the supervisory controller becomes available again. Moreover, the control action(s) defines a delta that one or more setpoints of the wind turbine(s) should be adjusted by to achieve a desired outcome.

公开(公告)号：US12141052B2

公开(公告)日：2024-11-12

申请号：US18321545

申请日：2023-05-22

Applicant: General Electric Company

Inventor： Hema K Achanta ,  Masoud Abbaszadeh ,  Weizhong Yan ,  Mustafa Tekin Dokucu

IPC: G06F11/36 ,  G06F11/263 ,  G06F18/213 ,  G06F18/214 ,  G06F18/24 ,  G06N3/08 ,  G06V10/82 ,  H04L9/40 ,  H04L41/16 ,  H04L43/12 ,  H04W12/128 ,  G06N3/04

Abstract: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a cyber-physical system having a plurality of monitoring nodes comprising: a normal space data source storing, for each of the plurality of monitoring nodes, a series of normal monitoring node values over time that represent normal operation of the cyber-physical system; a situational awareness module including an abnormal data generation platform, wherein the abnormal data generation platform is operative to generate abnormal data to represent abnormal operation of the cyber-physical system using values in the normal space data source and a generative model; a memory for storing program instructions; and a situational awareness processor, coupled to the memory, and in communication with the situational awareness module and operative to execute the program instructions to: receive a data signal, wherein the received data signal is an aggregation of data signals received from one or more of the plurality of monitoring nodes, wherein the data signal includes at least one real-time stream of data source signal values that represent a current operation of the cyber-physical system; determine, via a trained classifier, whether the received data signal is a normal signal or an abnormal signal, wherein the trained classifier is trained with the generated abnormal data and normal data; localize an origin of an anomaly when it is determined the received data signal is the abnormal signal; receive the determination and localization at a resilient estimator module; execute the resilient estimator module to generate a state estimation for the cyber-physical system. Numerous other aspects are provided.

公开(公告)号：US11729190B2

公开(公告)日：2023-08-15

申请号：US16666807

申请日：2019-10-29

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Subhrajit Roychowdhury ,  Masoud Abbaszadeh ,  Mustafa Tekin Dokucu

IPC: G06F21/00 ,  H04L9/40 ,  G06F18/214 ,  G06F18/21

CPC classification number: H04L63/1425 ,  G06F18/214 ,  G06F18/2185 ,  H04L63/1416 ,  H04L63/1433 ,  H04L63/1458 ,  H04L63/1466

Abstract: An industrial asset may have monitoring nodes that generate current monitoring node values. A dynamic, resilient estimator may split a temporal monitoring node space into normal and one or more abnormal subspaces associated with different kinds of attack vectors. According to some embodiments, a neutralization model is constructed and trained for each attack vector using supervised learning and the associated abnormal subspace. In other embodiments, a single model is created using out-of-range values for abnormal monitoring nodes. Responsive to an indication of a particular abnormal monitoring node or nodes, the system may automatically invoke the appropriate neutralization model to determine estimated values of the particular abnormal monitoring node or nodes (e.g., by selecting the correct model or using out-of-range values). The series of current monitoring node values from the abnormal monitoring node or nodes may then be replaced with the estimated values.

公开(公告)号：US11693763B2

公开(公告)日：2023-07-04

申请号：US16525807

申请日：2019-07-30

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Hema K Achanta ,  Masoud Abbaszadeh ,  Weizhong Yan ,  Mustafa Tekin Dokucu

IPC: G06F11/36 ,  H04L9/40 ,  H04L41/16 ,  G06N3/08 ,  G06F18/24 ,  G06F18/214 ,  H04L43/12 ,  G06V10/82 ,  G06F11/263 ,  H04W12/128 ,  G06N3/04

CPC classification number: G06F11/3684 ,  G06F11/263 ,  G06F18/214 ,  G06F18/24 ,  G06N3/08 ,  G06V10/82 ,  H04L41/16 ,  H04L43/12 ,  H04L63/1441 ,  H04W12/128 ,  G06N3/0418

Abstract: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a cyber-physical system having a plurality of monitoring nodes comprising: a normal space data source storing, for each of the plurality of monitoring nodes, a series of normal monitoring node values over time that represent normal operation of the cyber-physical system; a situational awareness module including an abnormal data generation platform, wherein the abnormal data generation platform is operative to generate abnormal data to represent abnormal operation of the cyber-physical system using values in the normal space data source and a generative model; a memory for storing program instructions; and a situational awareness processor, coupled to the memory, and in communication with the situational awareness module and operative to execute the program instructions to: receive a data signal, wherein the received data signal is an aggregation of data signals received from one or more of the plurality of monitoring nodes, wherein the data signal includes at least one real-time stream of data source signal values that represent a current operation of the cyber-physical system; determine, via a trained classifier, whether the received data signal is a normal signal or an abnormal signal, wherein the trained classifier is trained with the generated abnormal data and normal data; localize an origin of an anomaly when it is determined the received data signal is the abnormal signal; receive the determination and localization at a resilient estimator module; execute the resilient estimator module to generate a state estimation for the cyber-physical system. Numerous other aspects are provided.

公开(公告)号：US20220334540A1

公开(公告)日：2022-10-20

申请号：US17229934

申请日：2021-04-14

Applicant: General Electric Company

Inventor： Fernando Javier D'Amato ,  Mustafa Tekin Dokucu ,  Hema Kumari Achanta, III ,  Kalpesh Singal ,  Masoud Abbaszadeh ,  Yuh-Shyang Wang ,  Karla Kvaternik ,  Souransu Nandi ,  Georgios Boutselis

IPC: G05B15/02 ,  G06F21/55 ,  G06F9/455 ,  G06N20/00

Abstract: Systems and methods are provided for the control of an industrial asset, such as a power generating asset. Accordingly, a cyber-attack model predicts a plurality of operational impacts on the industrial asset resulting from a plurality of potential cyber-attacks. The cyber-attack model also predicts a corresponding plurality of potential mitigation responses. In operation, a cyber-attack impacting at least one component of the industrial asset is detected via the cyber-attack neutralization module and a protected operational impact of the cyber-attack is identified based on the cyber-attack model. The cyber-attack neutralization module selects at least one mitigation response of the plurality of mitigation responses based on the predicted operational impact and an operating state of the industrial asset is altered based on the selected mitigation response.

公开(公告)号：US20210182385A1

公开(公告)日：2021-06-17

申请号：US16710051

申请日：2019-12-11

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Subhrajit Roychowdhury ,  Masoud Abbaszadeh ,  Mustafa Tekin Dokucu

IPC: G06F21/55 ,  G06N3/08 ,  G06N3/04 ,  G05B13/04 ,  G05B13/02

Abstract: An industrial asset may have monitoring nodes (e.g., sensor or actuator nodes) that generate current monitoring node values. An abnormality detection and localization computer may receive the series of current monitoring node values and output an indication of at least one abnormal monitoring node that is currently being attacked or experiencing a fault. An actor-critic platform may tune a dynamic, resilient state estimator for a sensor node and output tuning parameters for a controller that improve operation of the industrial asset during the current attack or fault. The actor-critic platform may include, for example, a dynamic, resilient state estimator, an actor model, and a critic model. According to some embodiments, a value function of the critic model is updated for each action of the actor model and each action of the actor model is evaluated by the critic model to update a policy of the actor-critic platform.

公开(公告)号：US20180370827A1

公开(公告)日：2018-12-27

申请号：US16103886

申请日：2018-08-14

Applicant: General Electric Company

Inventor： Aditya Kumar ,  Anthony John Murray ,  Ruijie Shi ,  Zhaoyang Wan ,  Mustafa Tekin Dokucu ,  Vijaysai Prasad

IPC: C02F3/00 ,  G01N33/18 ,  C02F1/66 ,  C02F3/28 ,  C02F3/30 ,  C02F3/12

Abstract: A method of operating a waste water treatment plant (WWTP) having at least one of an aerobic digester (AD) and a membrane bioreactor (MBR) is described. The method of operating AD is comprised of monitoring and controlling AD in real-time using an online extended Kalman filter (EKF) having a online dynamic model of AD. The EKF uses real-time AD measured data, and online dynamic model of AD to update adapted model parameters and estimate model based inferred variables for AD, which are used for AD control by AD control system having supervisory and low-level control layers. The method of operating MBR is similar to that of AD. The supervisory control ensures the WWTP satisfying the effluent quality requirement while minimize the operation cost. A WWTP having at least one of an AD or MBR is disclosed. The method of operating a WWTP can be implemented using a computer.