A method for pattern mining in multiple alarm flood sequences

Lai, Shiqi; Chen, Tongwen

doi:10.1016/j.cherd.2015.06.019

Cited by 55 publications

(7 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These tools help in detecting disruption situations before they happen, and search for an alternative to reduce the damages and/or performances loss made by these unexpected events. In such context, machine learning algorithms are widely used to predict unexpected events and hence to detect performance degradation of running systems [25]. However, traditional machine learning schemes are centralized in nature i.e.…”

Section: Introductionmentioning

confidence: 99%

Fog-supported Low-latency Monitoring of System Disruptions in Industry 4.0: A Federated Learning Approach

Brik

Messaadia²,

Sahnoun³

et al. 2022

ACM Trans. Cyber-Phys. Syst.

View full text Add to dashboard Cite

Industry 4.0 is based on machine learning and advanced digital technologies, such as Industrial-Internet-of-Things (IIoT) and Cyber-Physical-Production-Systems (CPPS), to collect and process data coming from manufacturing systems. Thus, several industrial issues may be further investigated including, flows disruptions, machines’ breakdowns, quality crisis, etc. In this context, traditional machine learning techniques require the data to be stored and processed in a central entity, e.g. a cloud server. However, these techniques are not suitable for all manufacturing use cases, due to the inaccessibility of private data such as resources’ localization in real-time, which cannot be shared at the cloud level as they contain personal and sensitive information. Therefore, there is a critical need to go toward decentralized learning solutions to handle efficiently distributed private sub-datasets of manufacturing systems. In this paper, we design a new monitoring tool for system disruption related to the localization of mobile resources. Our tool may identify mobile resources (human operators) which are in unexpected locations, and hence has a high probability to disturb production planning. To do so, we use federated deep learning, as distributed learning technique, to build a prediction model of resources locations in manufacturing systems. Our prediction model is generated based on resources locations defined in the initial tasks schedule. Thus, system disruptions are detected, in real-time, when comparing predicted locations to the real ones, that is collected through the IoT network. In addition, our monitoring tool is deployed at Fog computing level which provides local data processing support with low latency. Furthermore, once a system disruption is detected, we develop a dynamic rescheduling module that assigns each task to the nearest available resource while improving the execution accuracy and reducing the execution delay. Therefore, we formulate an optimization problem of tasks rescheduling, before solving it using the meta-heuristic Tabu-search. The numerical results show the efficiency of our schemes in terms of prediction accuracy when compared to other machine learning algorithms, in addition to their ability to detect and resolve system disruption in real-time.

show abstract

Section: Introductionmentioning

confidence: 99%

Fog-supported Low-latency Monitoring of System Disruptions in Industry 4.0: A Federated Learning Approach

Brik

Messaadia²,

Sahnoun³

et al. 2022

ACM Trans. Cyber-Phys. Syst.

View full text Add to dashboard Cite

show abstract

“…Thousands of alerts in a short time require analysts to spend considerable time to conclude whether there is an occurrence of an actual intrusion or the alert is a result of excessive caution [12]. Some studies have attempted to extract alerts with pattern mining [13,14], correlation of alerts [15], flood sequence [16], etc. However, they also require supplemental setup as IDS reduces some false alerts even if it is set up appropriately.…”

Section: Introductionmentioning

confidence: 99%

Frequency-Based Representation of Massive Alerts and Combination of Indicators by Heterogeneous Intrusion Detection Systems for Anomaly Detection

Park

Choi

2022

Sensors

View full text Add to dashboard Cite

Although the application of a wide range of sensors has been generalized through the development of technology, the processing of massive alerts generated through data analysis and monitoring remains a challenge. This problem is also found in cyber security because the intrusion detection system (IDS) produces a tremendous number of alerts. Massive alerts not only significantly increase resources for analysis, but also make it difficult to analyze the overall situation of the system. In order to handle massive alerts, we propose using an indicator as a frequency-based representation. The proposed indicator is generated from categorical parameters of alerts that occur within a unit time utilizing frequency and is used for situational awareness with machine learning to detect whether there is a threat or not. The advantage of using indicators is that they can determine the situation for a period without analyzing individual alerts, which helps security experts to recognize the situation in the system and focus on targets that require in-depth analysis. In addition, the conversion from the categorical parameters which is highly related to analysis to numeric parameter allows for applying machine learning. For performance evaluation, we collect data from an HAI testbed similar to real critical infrastructure and conduct experiments using indicators and XGBoost, a classification machine learning algorithm against five famous vulnerability attacks. Consequently, we show that the proposed method can detect attacks with more than 90 percent accuracy, and the performance is enhanced using heterogeneous intrusion detection systems.

show abstract

“…In general, alarm pattern analysis can be first used to extract alarm groups from online alarm messages based on the similarity identification . Once the alarm patterns are discovered, causality analysis can be applied to recover the connections between the alarm tags in the pattern sequences and trace the root cause . Causality analysis provides an accessible manner for the alarm root-cause diagnosis as a causal network can capture process dependency and allow investigation of alarm propagation pathways .…”

Section: Introductionmentioning

confidence: 99%

Attention-Based Long Short-Term Memory Method for Alarm Root-Cause Diagnosis in Chemical Processes

Chen

Sun

et al. 2020

Ind. Eng. Chem. Res.

View full text Add to dashboard Cite

With the progressing complexity of process industries, alarm flooding has become a critical problem in alarm management. Granger causality (GC) analysis provides a pivotal role in investigating anomalous propagations and identifying alarm sources to reduce nuisance alarms. This paper proposes a novel attention-based long short-term memory (ALSTM) method for improved design of GC models to diagnose the alarm root-cause and identify the alarm propagation pathways. A novel training strategy is proposed for ALSTM-GC to enhance noise robustness and prevent overfitting. Also, a sensitivity-based method is presented to alleviate the spurious causalities caused by unobservable factors and slight indirect relationships. Compared with the traditional GC models, the main contribution of the proposed approach is 3-fold: (i) ALSTM-GC can effectively identify causality of process variables from varying and long-term delays without any prior data assumptions; (ii) with the incorporation of attention mechanism, ALSTM-GC can avoid the nested loops in causality analysis to reduce the computational complexity; (iii) ALSTM-GC can provide a more accurate and simplified network structure for late alarm traceability based on the sensitivity identification. The innovativeness of ALSTM-GC is discussed on a stochastic process based on comparative studies with different GC methods. In addition, the practicability of the proposed method is validated on a complicated case of the Tennessee Eastman process (TEP).

show abstract

A method for pattern mining in multiple alarm flood sequences

Cited by 55 publications

References 26 publications

Fog-supported Low-latency Monitoring of System Disruptions in Industry 4.0: A Federated Learning Approach

Fog-supported Low-latency Monitoring of System Disruptions in Industry 4.0: A Federated Learning Approach

Frequency-Based Representation of Massive Alerts and Combination of Indicators by Heterogeneous Intrusion Detection Systems for Anomaly Detection

Attention-Based Long Short-Term Memory Method for Alarm Root-Cause Diagnosis in Chemical Processes

Contact Info

Product

Resources

About