-
公开(公告)号:US11740618B2
公开(公告)日:2023-08-29
申请号:US17239054
申请日:2021-04-23
CPC分类号: G05B23/024 , G05B23/027 , G05B23/0221 , G06N3/045 , G06N3/08
摘要: An industrial asset may have monitoring nodes that generate current monitoring node values representing a current operation of the industrial asset. An abnormality detection computer may detect when a monitoring node is currently being attacked or experiencing a fault based on a current feature vector, calculated in accordance with current monitoring node values, and a detection model that includes a decision boundary. A model updater (e.g., a continuous learning model updater) may determine an update time-frame (e.g., short-term, mid-term, long-term, etc.) associated with the system based on trigger occurrence detection (e.g., associated with a time-based trigger, a performance-based trigger, an event-based trigger, etc.). The model updater may then update the detection model in accordance with the determined update time-frame (and, in some embodiments, continuous learning).
-
公开(公告)号:US11544426B2
公开(公告)日:2023-01-03
申请号:US16601732
申请日:2019-10-15
发明人: Honggang Wang , Weizhong Yan , Kaveri Mahapatra
IPC分类号: G06F30/20 , G06F30/18 , G06F7/58 , H02J3/00 , G06N7/00 , G06F119/06 , G06F113/04 , G06F111/10 , G06F111/02 , G06Q50/06 , G06F17/14
摘要: A system for enhanced sequential power system model calibration is provided. The system is programmed to store a model of a device. The model includes a plurality of parameters. The system is also programmed to receive a plurality of events associated with the device, receive a first set of calibration values for the plurality of parameters, generate a plurality of sets of calibration values for the plurality of parameters, for each of the plurality of sets of calibration values, analyze a first event of the plurality of events using a corresponding set of calibration values to generate a plurality of updated sets of calibration values, analyze the plurality of updated sets of calibration values to determine a current updated set of calibration values, and update the model to include the current updated set of calibration values.
-
公开(公告)号:US10452845B2
公开(公告)日:2019-10-22
申请号:US15453544
申请日:2017-03-08
发明人: Lalit Keshav Mestha , Santosh Sambamoorthy Veda , Masoud Abbaszadeh , Chaitanya Ashok Baone , Weizhong Yan , Saikat Ray Majumder , Sumit Bose , Annartia Giani , Olugbenga Anubi
摘要: According to some embodiments, a plurality of heterogeneous data source nodes may each generate a series of current data source node values over time that represent a current operation of an electric power grid. A real-time threat detection computer, coupled to the plurality of heterogeneous data source nodes, may receive the series of current data source node values and generate a set of current feature vectors. The threat detection computer may then access an abnormal state detection model having at least one decision boundary created offline using at least one of normal and abnormal feature vectors. The abnormal state detection model may be executed, and a threat alert signal may be transmitted if appropriate based on the set of current feature vectors and the at least one decision boundary.
-
4.发明授权Computer-implemented methods and systems for determining fleet conditions and operational management thereof 有权用于确定船队状况和运行管理的计算机实现的方法和系统公开(公告)号:US09552567B2
公开(公告)日:2017-01-24
申请号:US13728378
申请日:2012-12-27
发明人: Naresh Sundaram Iyer , Anil Varma , James Kenneth Aragones , Weizhong Yan , Piero Patrone Bonissone , Feng Xue
CPC分类号: G06N5/04 , G06N99/005 , G06Q10/0631 , G06Q10/087 , G07C5/008
摘要: A method for determining fleet conditions and operational management thereof, performed by a central system includes receiving fleet data from at least one distributed data repository. The fleet data is substantially representative of information associated with a fleet of physical assets. The method also includes processing the received fleet data for the fleet using at least one process of a plurality of processes. The plurality of processes assess the received fleet data into processed fleet data. The method additionally includes determining a fleet condition status using the processed fleet data and the at least one process of the plurality of processes. The method further includes generating a fleet response. The fleet response is substantially representative of a next operational step for the fleet of physical assets. The method also includes transmitting the fleet response to at least one of a plurality of fleet response recipients.
摘要翻译: 由中央系统执行的用于确定车队状况和其操作管理的方法包括从至少一个分布式数据存储库接收车队数据。 船队数据实质上代表与实体资产船队相关联的信息。 该方法还包括使用多个过程的至少一个过程处理车队接收的车队数据。 多个过程将接收到的车队数据评估为处理后的车队数据。 该方法另外包括使用处理的车队数据和多个过程中的至少一个过程来确定车队状况状态。 该方法还包括产生车队响应。 舰队反应实质上代表了有形资产队伍的下一个操作步骤。 该方法还包括将车队响应发送到多个车队响应接收者中的至少一个。
-
5.发明授权Systems and methods for remote monitoring, security, diagnostics, and prognostics 有权用于远程监控,安全,诊断和预测的系统和方法公开(公告)号:US09245116B2
公开(公告)日:2016-01-26
申请号:US13848354
申请日:2013-03-21
发明人: Scott Charles Evans , Richard Brownell Arthur , Bouchra Bouqata , Piyush Mishra , Weizhong Yan , Anil Varma
IPC分类号: G06F21/55
CPC分类号: G06F21/55
摘要: A system includes a physical analysis module, a cyber analysis module, and a determination module. The physical analysis module is configured to obtain physical diagnostic information, and to determine physical analysis information using the physical diagnostic information. The cyber analysis module is configured to obtain cyber security data of the functional system, and to determine cyber analysis information using the cyber security data. The determination module is configured to obtain the physical analysis information and the cyber analysis information, and to determine a state of the functional system using the physical analysis information and the cyber analysis information. The state determined corresponds to at least one of physical condition or cyber security threat. The determination module is also configured to identify if the state corresponds to one or more of a non-malicious condition or a malicious condition.
摘要翻译: 系统包括物理分析模块,网络分析模块和确定模块。 物理分析模块被配置为获得物理诊断信息,并且使用物理诊断信息来确定物理分析信息。 网络分析模块被配置为获取功能系统的网络安全数据,并使用网络安全数据来确定网络分析信息。 确定模块被配置为获得物理分析信息和网络分析信息,并且使用物理分析信息和网络分析信息来确定功能系统的状态。 所确定的状态对应于身体状况或网络安全威胁中的至少一种。 确定模块还被配置为识别该状态是否对应于非恶意条件或恶意条件中的一个或多个。
-
公开(公告)号:US20230385186A1
公开(公告)日:2023-11-30
申请号:US18321545
申请日:2023-05-22
IPC分类号: G06F11/36 , H04L9/40 , H04L41/16 , G06N3/08 , G06F18/24 , G06F18/214 , H04L43/12 , G06V10/82 , G06F11/263 , H04W12/128
CPC分类号: G06F11/3684 , H04L63/1441 , H04L41/16 , G06N3/08 , G06F18/24 , G06F18/214 , H04L43/12 , G06V10/82 , G06F11/263 , H04W12/128 , G06N3/0418
摘要: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a cyber-physical system having a plurality of monitoring nodes comprising: a normal space data source storing, for each of the plurality of monitoring nodes, a series of normal monitoring node values over time that represent normal operation of the cyber-physical system; a situational awareness module including an abnormal data generation platform, wherein the abnormal data generation platform is operative to generate abnormal data to represent abnormal operation of the cyber-physical system using values in the normal space data source and a generative model; a memory for storing program instructions; and a situational awareness processor, coupled to the memory, and in communication with the situational awareness module and operative to execute the program instructions to: receive a data signal, wherein the received data signal is an aggregation of data signals received from one or more of the plurality of monitoring nodes, wherein the data signal includes at least one real-time stream of data source signal values that represent a current operation of the cyber-physical system; determine, via a trained classifier, whether the received data signal is a normal signal or an abnormal signal, wherein the trained classifier is trained with the generated abnormal data and normal data; localize an origin of an anomaly when it is determined the received data signal is the abnormal signal; receive the determination and localization at a resilient estimator module; execute the resilient estimator module to generate a state estimation for the cyber-physical system. Numerous other aspects are provided.
-
公开(公告)号:US20210088563A1
公开(公告)日:2021-03-25
申请号:US16580525
申请日:2019-09-24
发明人: Weizhong Yan , Honggang Wang
摘要: Briefly, embodiments are directed to a system, method, and article for identifying power system event signatures. Input measurement data may be received from one or more data sources relating to a power grid system. The input measurement data may comprise normal system operation measurement data and power system event measurement data. A processor may perform operations during an online application phase. During the online application phase, a feature matrix may be generated for the power system event measurement data and the at least one trained auto-associative model. The feature matrix for the power system event measurement data may be processed to determine power system event residuals. Also during the online application phase, the power system event signatures may be identified based on residual statistics for normal system operation measurement data residuals and on the power system event residuals.
-
公开(公告)号:US10956578B2
公开(公告)日:2021-03-23
申请号:US16152546
申请日:2018-10-05
发明人: Hema Achanta , Lalit Keshav Mestha , Weizhong Yan
IPC分类号: G06F21/57 , G05B19/048
摘要: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a decision manifold of a control system for an industrial asset, comprising: a detection and neutralization module including: a decision manifold having a receiver configured to receive a training dataset comprising data, wherein the decision manifold is operative to generate a first decision manifold with the received training dataset; and a detection model; a memory for storing program instructions; and a detection and neutralization processor, coupled to the memory, and in communication with the detection and neutralization module and operative to execute program instructions to: receive the first decision manifold, wherein the first decision manifold separates a normal operating space from an abnormal operating space; determine whether there are one or more inadequacies with the detection model; generate a corrected decision manifold based on the determined one or more inadequacies with the detection model; receive a projected adversary strategy; generate a resilient decision manifold based on the corrected decision manifold and received projected adversary strategy; and an output configured to output a neutralized signal to operate the industrial asset via the control system. Numerous other aspects are provided.
-
公开(公告)号:US10686806B2
公开(公告)日:2020-06-16
申请号:US15681827
申请日:2017-08-21
IPC分类号: H04L29/06
摘要: According to some embodiments, a plurality of monitoring nodes may each generate a series of current monitoring node values over time that represent a current operation of the industrial asset. A node classifier computer, coupled to the plurality of monitoring nodes, may receive the series of current monitoring node values and generate a set of current feature vectors. The node classifier computer may also access at least one multi-class classifier model having at least one decision boundary. The at least one multi-class classifier model may be executed and the system may transmit a classification result based on the set of current feature vectors and the at least one decision boundary. The classification result may indicate, for example, whether a monitoring node status is normal, attacked, or faulty.
-
公开(公告)号:US20170024649A1
公开(公告)日:2017-01-26
申请号:US14808402
申请日:2015-07-24
发明人: Weizhong Yan , Lijie YU
CPC分类号: G06N3/0454 , G05B23/0283 , G06N3/0445
摘要: Some embodiments are associated with a receipt, at a feature learning platform, of sensor data associated with normal operation of an industrial asset, the sensor data including values for a plurality of sensors over a period of time. The feature learning platform may extract a plurality of features via hierarchically deep learning, which may capture characteristics of normal operation of the industrial asset and provide the learned features to a classification modeling platform. The classification modeling platform may then create classification models utilizing the learned features, and the classification models may be executed to automatically identify a potential anomaly for an operating industrial asset.
摘要翻译: 一些实施例与在特征学习平台处的与工业资产的正常操作相关联的传感器数据的收据相关联,所述传感器数据包括一段时间内的多个传感器的值。 特征学习平台可以通过分级深度学习提取多个特征,其可以捕获工业资产的正常操作的特征并将学习的特征提供给分类建模平台。 然后,分类建模平台可以使用学习的特征来创建分类模型,并且可以执行分类模型以自动识别经营的工业资产的潜在异常。
-
-
-
-
-
-
-
-
-
搜索结果
35 条记录 (耗时 0.021 秒)
