公开(公告)号：US12141052B2

公开(公告)日：2024-11-12

申请号：US18321545

申请日：2023-05-22

Applicant: General Electric Company

Inventor： Hema K Achanta ,  Masoud Abbaszadeh ,  Weizhong Yan ,  Mustafa Tekin Dokucu

IPC: G06F11/36 ,  G06F11/263 ,  G06F18/213 ,  G06F18/214 ,  G06F18/24 ,  G06N3/08 ,  G06V10/82 ,  H04L9/40 ,  H04L41/16 ,  H04L43/12 ,  H04W12/128 ,  G06N3/04

Abstract: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a cyber-physical system having a plurality of monitoring nodes comprising: a normal space data source storing, for each of the plurality of monitoring nodes, a series of normal monitoring node values over time that represent normal operation of the cyber-physical system; a situational awareness module including an abnormal data generation platform, wherein the abnormal data generation platform is operative to generate abnormal data to represent abnormal operation of the cyber-physical system using values in the normal space data source and a generative model; a memory for storing program instructions; and a situational awareness processor, coupled to the memory, and in communication with the situational awareness module and operative to execute the program instructions to: receive a data signal, wherein the received data signal is an aggregation of data signals received from one or more of the plurality of monitoring nodes, wherein the data signal includes at least one real-time stream of data source signal values that represent a current operation of the cyber-physical system; determine, via a trained classifier, whether the received data signal is a normal signal or an abnormal signal, wherein the trained classifier is trained with the generated abnormal data and normal data; localize an origin of an anomaly when it is determined the received data signal is the abnormal signal; receive the determination and localization at a resilient estimator module; execute the resilient estimator module to generate a state estimation for the cyber-physical system. Numerous other aspects are provided.

公开(公告)号：US11880464B2

公开(公告)日：2024-01-23

申请号：US17405387

申请日：2021-08-18

Applicant: General Electric Company

Inventor： Weizhong Yan ,  Matthew Christian Nielsen ,  Aditya Kumar

IPC: G06F11/00 ,  G06F21/56 ,  G06N20/00 ,  G06F21/57 ,  G06N3/045

CPC classification number: G06F21/566 ,  G06F21/577 ,  G06N3/045 ,  G06N20/00 ,  G06F2221/034

Abstract: According to some embodiments, a system, method and non-transitory computer readable medium are provided comprising a memory storing processor-executable steps; and a processor to execute the processor-executable steps to cause the system to: receive a first data value of a plurality of data values from a data store, wherein the first data value is from a digital twin model of an industrial asset; determine, via a vulnerability module, whether the received at least one data value is a near boundary case or not a near boundary case; in a case it is determined the first data value is a near boundary case, generate one or more adversarial samples for the first data value; input each of the one or more adversarial samples to the digital twin model; execute the digital twin model to output a system response for each input adversarial sample; determine whether the system response to each input adversarial sample has a negative impact; in a case it is determined the system response has a negative impact for a given input adversarial sample, update a trained attack detection model with the given input adversarial sample; and generate a second decision boundary based on the updated trained attack detection model. Numerous other aspects are provided.

公开(公告)号：US11693763B2

公开(公告)日：2023-07-04

申请号：US16525807

申请日：2019-07-30

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Hema K Achanta ,  Masoud Abbaszadeh ,  Weizhong Yan ,  Mustafa Tekin Dokucu

IPC: G06F11/36 ,  H04L9/40 ,  H04L41/16 ,  G06N3/08 ,  G06F18/24 ,  G06F18/214 ,  H04L43/12 ,  G06V10/82 ,  G06F11/263 ,  H04W12/128 ,  G06N3/04

CPC classification number: G06F11/3684 ,  G06F11/263 ,  G06F18/214 ,  G06F18/24 ,  G06N3/08 ,  G06V10/82 ,  H04L41/16 ,  H04L43/12 ,  H04L63/1441 ,  H04W12/128 ,  G06N3/0418

Abstract: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a cyber-physical system having a plurality of monitoring nodes comprising: a normal space data source storing, for each of the plurality of monitoring nodes, a series of normal monitoring node values over time that represent normal operation of the cyber-physical system; a situational awareness module including an abnormal data generation platform, wherein the abnormal data generation platform is operative to generate abnormal data to represent abnormal operation of the cyber-physical system using values in the normal space data source and a generative model; a memory for storing program instructions; and a situational awareness processor, coupled to the memory, and in communication with the situational awareness module and operative to execute the program instructions to: receive a data signal, wherein the received data signal is an aggregation of data signals received from one or more of the plurality of monitoring nodes, wherein the data signal includes at least one real-time stream of data source signal values that represent a current operation of the cyber-physical system; determine, via a trained classifier, whether the received data signal is a normal signal or an abnormal signal, wherein the trained classifier is trained with the generated abnormal data and normal data; localize an origin of an anomaly when it is determined the received data signal is the abnormal signal; receive the determination and localization at a resilient estimator module; execute the resilient estimator module to generate a state estimation for the cyber-physical system. Numerous other aspects are provided.

公开(公告)号：US11005870B2

公开(公告)日：2021-05-11

申请号：US16201461

申请日：2018-11-27

Applicant: General Electric Company

Inventor： Weizhong Yan ,  Masoud Abbaszadeh ,  Matthew Nielsen ,  Justin Varkey John

IPC: H04L29/06

Abstract: Systems and methods may be associated with a cyber-physical system, and a blueprint repository data store may contain electronic files that represent behavior-based asset monitoring parameters for different cyber-physical system asset types. A behavior-based asset monitoring creation computer platform may receive an indication of an asset type of the cyber-physical system. The behavior-based asset monitoring creation computer platform may then search the blueprint repository data store and retrieve an electronic file representing behavior-based asset monitoring parameters for the asset type of the cyber-physical system to be monitored. The behavior-based asset monitoring creation computer platform may also receive, from the remote operator device, adjustments to the retrieved behavior-based asset monitoring parameters and automatically configure, based on the adjusted behavior-based asset monitoring parameters, at least a portion of settings for an abnormal detection model. The abnormal detection model may then be created about output to be executed by an abnormal detection platform.

公开(公告)号：US20200327205A1

公开(公告)日：2020-10-15

申请号：US16601732

申请日：2019-10-15

Applicant: General Electric Company

Inventor： Honggang Wang ,  Weizhong Yan ,  Kaveri Mahapatra

IPC: G06F17/50 ,  G06F7/58 ,  H02J3/00

Abstract: A system for enhanced sequential power system model calibration is provided. The system is programmed to store a model of a device. The model includes a plurality of parameters. The system is also programmed to receive a plurality of events associated with the device, receive a first set of calibration values for the plurality of parameters, generate a plurality of sets of calibration values for the plurality of parameters, for each of the plurality of sets of calibration values, analyze a first event of the plurality of events using a corresponding set of calibration values to generate a plurality of updated sets of calibration values, analyze the plurality of updated sets of calibration values to determine a current updated set of calibration values, and update the model to include the current updated set of calibration values.

公开(公告)号：US20180150036A1

公开(公告)日：2018-05-31

申请号：US15820963

申请日：2017-11-22

Applicant: General Electric Company

Inventor： Yunwen Xu ,  Paul Ardis ,  Rui Xu ,  Weizhong Yan

IPC: G05B13/04

CPC classification number: G05B13/041 ,  G05B13/0265 ,  G06Q10/20

Abstract: According to some embodiments, a system and method are provided to model a sparse data asset. The system comprises a processor and a non-transitory computer-readable medium comprising instructions that when executed by the processor perform a method to model a sparse data asset. Relevant data and operational data associated with the newly operational are received. A transfer model based on the relevant data and the received operational data. An input into the transfer model is received and a predication based on data associated with the received operational data and the relevant data is output.

公开(公告)号：US20150134660A1

公开(公告)日：2015-05-14

申请号：US14080096

申请日：2013-11-14

Applicant: General Electric Company

Inventor： Weizhong Yan ,  Mark Richard Gilder ,  Umang Gopalbhai Brahmakshatriya

IPC: G06F17/30

CPC classification number: G06F16/285

Abstract: A system includes identification of a first dataset comprising n data samples, identification of b data samples of the n data samples of the first dataset, wherein b is less than n, creation of a first plurality of datasets, each of the first plurality of datasets comprising m data samples, where m is greater than b, and wherein each of the m data samples of each of the first plurality of datasets is selected from the b data samples, identification of c data samples of the n data samples of the first dataset, wherein c is less than n, and wherein the c data samples are not identical to the b data samples, creation of a second plurality of datasets, each of the second plurality of datasets comprising p data samples, where p is greater than c, and wherein each of the p data samples of each of the second plurality of datasets is selected from the c data samples, identification, for each of the b data samples, of a cluster based on the first plurality of datasets, and identification, for each of the c data samples, of a cluster based on the second plurality of datasets.

Abstract translation: 系统包括识别包括n个数据样本的第一数据集，识别第一数据集的n个数据样本的b个数据样本，其中b小于n，创建第一多个数据集，第一多个数据集中的每一个 包括m个数据样本，其中m大于b，并且其中第一多个数据集中的每一个的m个数据样本中的每一个从b个数据样本中选择，第一数据集的n个数据样本的c个数据样本的识别 其中c小于n，并且其中所述c个数据样本不与b个数据样本相同，创建第二多个数据集，所述第二多个数据集中的每一个包括p个数据样本，其中p大于c， 并且其中，所述第二多个数据集中的每一个的所述p个数据样本中的每一个从所述c个数据样本中选择，对于所述b个数据样本中的每一个，基于所述第一多个数据集的识别，以及对于e 基于第二多个数据集的簇的c个数据样本的ach。

公开(公告)号：US20140189702A1

公开(公告)日：2014-07-03

申请号：US13730392

申请日：2012-12-28

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Weizhong Yan ,  Anil Varma ,  Piero Patrone Bonissone ,  Naresh Sundaram Iyer ,  Feng Xue

IPC: G06F9/50

CPC classification number: G06F9/5027

Abstract: A system includes a library of algorithms, and a request module configured to receive an execution request. The system also includes a job scheduler/optimizer module configured to select algorithms from the library and to create at least one execution job based on the algorithms and the execution request. The system further includes a resource module configured to determine execution computing resources from multiple computing sources, including internal computing resources and external computing resources. The system also includes an executor module configured to transmit an execution job to the computing resources.

Abstract translation: 系统包括算法库和被配置为接收执行请求的请求模块。 该系统还包括作业调度器/优化器模块，配置为从库中选择算法，并且基于算法和执行请求创建至少一个执行作业。 该系统还包括资源模块，该资源模块被配置为从多个计算源确定执行计算资源，包括内部计算资源和外部计算资源。 该系统还包括被配置为将执行作业发送到计算资源的执行器模块。

公开(公告)号：US20140188777A1

公开(公告)日：2014-07-03

申请号：US13728572

申请日：2012-12-27

Applicant: GENERAL ELECTRIC COMPANY

Inventor： Weizhong Yan ,  Anil Varma ,  Brock Estel Osborn ,  James Kenneth Aragones ,  Piero Patrone Bonissone ,  Naresh Sundaram Iyer ,  Hai Qiu

IPC: G06N5/02

CPC classification number: G06N5/04 ,  G06F11/008

Abstract: A computer-implemented system for identifying a precursor to a failure of a particular type of component in a physical system is provided. The physical system includes sensors coupled to the physical system. The computer-implemented system includes a computing device, a database, a processor, and a memory device. The memory device includes historical data including sensor measurements. When instructions are executed by the processor, the processor receives the historical data from the memory device. The processor generates a predictive model. The predictive model uses, as inputs, sensor measurements in the historical data. The predictive model is able to differentiate between sensor measurements taken before the repair event and those taken after the repair event without a time of the repair event being an input to the predictive model. The processor designates at least one sensor measurements used as inputs to the predictive model as precursors to the failure of the component.

Abstract translation: 提供了一种用于识别物理系统中特定类型的组件的故障的前兆的计算机实现的系统。 物理系统包括耦合到物理系统的传感器。 计算机实现的系统包括计算设备，数据库，处理器和存储设备。 存储器件包括包括传感器测量的历史数据。 当处理器执行指令时，处理器从存储器件接收历史数据。 处理器生成预测模型。 预测模型使用历史数据中的传感器测量作为输入。 该预测模型能够区分在修复事件之前进行的传感器测量与在修复事件之后进行的传感器测量之间，而没有修复事件的时间是预测模型的输入。 处理器指定用作预测模型的输入的至少一个传感器测量值作为组件故障的前兆。

公开(公告)号：US12034741B2

公开(公告)日：2024-07-09

申请号：US17236638

申请日：2021-04-21

Applicant: General Electric Company

Inventor： Weizhong Yan ,  Zhaoyuan Yang ,  Masoud Abbaszadeh ,  Yuh-Shyang Wang ,  Fernando Javier D'Amato ,  Hema Kumari Achanta

IPC: H04L9/40 ,  G06N5/04 ,  G06N20/00 ,  G06F21/55

CPC classification number: H04L63/1416 ,  G06N5/04 ,  G06N20/00 ,  G06F21/55 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/20

Abstract: A method for detecting a cyberattack on a control system of a wind turbine includes providing a plurality of classification models of the control system. The method also includes receiving, via each of the plurality of classification models, a time series of operating data from one or more monitoring nodes of the wind turbine. The method further includes extracting, via the plurality of classification models, a plurality of features using the time series of operating data. Each of the plurality of features is a mathematical characterization of the time series of operating data. Moreover, the method includes generating an output from each of the plurality of classification models and determining, using a decision fusion module, a probability of the cyberattack occurring on the control system based on a combination of the outputs. Thus, the method includes implementing a control action when the probability exceeds a probability threshold.