公开(公告)号：US20230136071A1

公开(公告)日：2023-05-04

申请号：US17514071

申请日：2021-10-29

Applicant: General Electric Company

Inventor： Scott Charles EVANS ,  Walter YUND ,  Saikat K. RAY MAJUMDER ,  Matthew Christian NIELSEN

IPC: G06K9/62 ,  G06K9/00

Abstract: Some embodiments provide a system and method comprising a memory and a processor to cause the system to: receive a first and second data distribution for a first and second variable, respectively; determine a first and second data optimum number of bins for the first and second data distribution, respectively; create a first and second model for the first and second data distribution using the first and second data optimum number of bins, respectively; apply the first model to the second data distribution to calculate a smallest descriptive size of the second data distribution given the first model; apply the second model to the first data distribution to calculate a smallest descriptive size of the first data distribution given the second model; and determine a causal direction between the first variable and the second variable based on the application of the first and second model. Numerous other aspects are provided.

公开(公告)号：US20230058974A1

公开(公告)日：2023-02-23

申请号：US17405387

申请日：2021-08-18

Applicant: General Electric Company

Inventor： Weizhong YAN ,  Matthew Christian NIELSEN ,  Aditya KUMAR

IPC: G06F21/56 ,  G06F21/57 ,  G06N20/00

Abstract: According to some embodiments, a system, method and non-transitory computer readable medium are provided comprising a memory storing processor-executable steps; and a processor to execute the processor-executable steps to cause the system to: receive a first data value of a plurality of data values from a data store, wherein the first data value is from a digital twin model of an industrial asset; determine, via a vulnerability module, whether the received at least one data value is a near boundary case or not a near boundary case; in a case it is determined the first data value is a near boundary case, generate one or more adversarial samples for the first data value; input each of the one or more adversarial samples to the digital twin model; execute the digital twin model to output a system response for each input adversarial sample; determine whether the system response to each input adversarial sample has a negative impact; in a case it is determined the system response has a negative impact for a given input adversarial sample, update a trained attack detection model with the given input adversarial sample; and generate a second decision boundary based on the updated trained attack detection model. Numerous other aspects are provided.

公开(公告)号：US20220329613A1

公开(公告)日：2022-10-13

申请号：US17228191

申请日：2021-04-12

Applicant: General Electric Company

Inventor： Masoud ABBASZADEH ,  Matthew Christian NIELSEN ,  Weizhong YAN ,  Justin Varkey JOHN

IPC: H04L29/06

Abstract: According to some embodiments, a system, method, and non-transitory computer readable medium are provided comprising a plurality of real-time monitoring nodes to receive streams of monitoring node signal values over time that represent a current operation of the cyber physical system; and a threat detection computer platform, coupled to the plurality of real-time monitoring nodes, to: receive the monitoring node signal values; compute an anomaly score; compare the anomaly score with an adaptive threshold; and detect that one of a particular monitoring node and a system is outside a decision boundary based on the comparison, and classify that particular monitoring node or system as anomalous. Numerous other aspects are provided.

公开(公告)号：US20220327204A1

公开(公告)日：2022-10-13

申请号：US17228162

申请日：2021-04-12

Applicant: General Electric Company

Inventor： Masoud ABBASZADEH ,  Weizhong YAN ,  Justin Varkey JOHN ,  Matthew Christian NIELSEN

IPC: G06F21/55 ,  G06N20/00

Abstract: According to some embodiments, a system, method and non-transitory computer readable medium are provided comprising a plurality of real-time monitoring nodes to receive streams of monitoring node signal values over time that represent a current operation of the cyber physical system; a local status determination module comprising an ensemble of local agents, the module adapted to determine an anomaly status for one or more nodes; a global status determination module comprising an ensemble of global agents, the module adapted to determine an anomaly status for the cyber physical system; a threat detection computer platform comprising a memory and a computer processor, the threat detection computer platform coupled to the plurality of real-time monitoring nodes and adapted to: receive the monitoring node signal values, generate feature vectors from the received monitoring node signal values; compare via the local status determination module the feature vectors with at least one decision boundary associated with a local abnormal detection model; compare via the global status determination module the feature vectors with at least one decision boundary associated with a global abnormal detection model; and transmit an abnormal alert signal from the local status determination module and the global status determination module based on a result of each comparison. Numerous other aspects are provided.

公开(公告)号：US20220357729A1

公开(公告)日：2022-11-10

申请号：US17239054

申请日：2021-04-23

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Rui XU ,  Weizhong YAN ,  Masoud ABBASZADEH ,  Matthew Christian NIELSEN

IPC: G05B23/02 ,  G06N3/04 ,  G06N3/08

Abstract: An industrial asset may have monitoring nodes that generate current monitoring node values representing a current operation of the industrial asset. An abnormality detection computer may detect when a monitoring node is currently being attacked or experiencing a fault based on a current feature vector, calculated in accordance with current monitoring node values, and a detection model that includes a decision boundary. A model updater (e.g., a continuous learning model updater) may determine an update time-frame (e.g., short-term, mid-term, long-term, etc.) associated with the system based on trigger occurrence detection (e.g., associated with a time-based trigger, a performance-based trigger, an event-based trigger, etc.). The model updater may then update the detection model in accordance with the determined update time-frame (and, in some embodiments, continuous learning).

公开(公告)号：US20180054376A1

公开(公告)日：2018-02-22

申请号：US15243417

申请日：2016-08-22

Applicant: General Electric Company

Inventor： John Erik HERSHEY ,  Matthew Christian NIELSEN ,  Christopher Donald JOHNSON ,  Michael Joseph DELL'ANNO ,  Joji JOYKUTTY

IPC: H04L12/26 ,  H04L29/08 ,  H04L12/66

CPC classification number: H04L43/12 ,  G05B23/0254 ,  G05B2219/25198 ,  H04L12/66 ,  H04L43/067 ,  H04L67/1002 ,  H04L67/12 ,  H04W4/70

Abstract: Some embodiments are directed to an Internet of Things (“IoT”) associate to facilitate implementation of a digital twin of a twinned physical system. The IoT associate may include a communication port to communicate with at least one component, the at least one component comprising a sensor or an actuator associated with the twinned physical system, and a gateway to exchange information via the IoT. A computer processor and local data storage, coupled to the communication port and gateway, may receive a digital twin model from a data warehouse via the IoT. The computer processor may be programmed to, for at least a selected portion of the twinned physical system, execute the digital twin model in connection with the at least one component and operation of the twinned physical system.

公开(公告)号：US20170286572A1

公开(公告)日：2017-10-05

申请号：US15087217

申请日：2016-03-31

Applicant: General Electric Company

Inventor： John Erik HERSHEY ,  Frederick Wilson WHEELER ,  Matthew Christian NIELSEN ,  Christopher Donald JOHNSON ,  Michael Joseph DELL'ANNO ,  Joij JOYKUTTI

IPC: G06F17/50 ,  G06F17/18

CPC classification number: B64F5/60 ,  G05B23/0283

Abstract: An apparatus may implement a digital twin of a twinned physical system such that one or more sensors to sense values of one or more designated parameters of the twinned physical system. A computer processor may receive data associated with the sensors and, for at least a selected portion of the twinned physical system, monitor a condition of the selected portion of the twinned physical system and/or assess a remaining useful life of the selected portion based at least in part on the sensed values of the one or more designated parameters. A communication port may transmit information associated with a result generated by the computer processor. The one or more sensors may sense values of the one or more designated parameters, and the computer processor may perform the monitoring and/or assessing, when the twinned physical system is not operating.

公开(公告)号：US20170155253A1

公开(公告)日：2017-06-01

申请号：US15319501

申请日：2015-06-22

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Santosh Sambamoorthy VEDA ,  Robert Dean KING ,  Irene Michelle BERRY ,  Zhi ZHOU ,  Matthew Christian NIELSEN ,  Lembit SALASOO

IPC: H02J7/00 ,  H02J3/14 ,  H02J13/00 ,  H02J3/16

Abstract: A system includes a control unit having a processor and a communication interface. The communication interface is configured to communicate with one or more charging stations that are electrically coupled to receive electrical power from a power distribution grid and that are configured to selectively charge one or more energy storage devices connected to the charging stations. The processor is configured to generate first control signals for communication by the communication interface to the one or more charging stations to control transfer of reactive and/or active power from the charging stations to the power distribution grid. The control signals are generated based at least in part on a load cycle profile of one or more electric machines electrically coupled to the power distribution grid.