CN-122020116-A - Security management system and method for enterprise

Abstract

The invention discloses a safety management method for enterprises, and belongs to the technical field of enterprise safety management. The method comprises the steps of S1, multi-source data acquisition, S2, standardized preprocessing, namely obtaining a structured and modelable standardized data set through data cleaning, heterogeneous data standardization and labeling. The data utilization is full and standardized, namely, the scattered heterogeneous data are integrated through multi-source data acquisition and standardized preprocessing, the problems that the data quality is low and centralized analysis is difficult to realize in the prior art are solved, and the basic information, the association rule and the time sequence trend in the data are deeply mined by a three-level vertical feature extraction system, so that the maximum utilization of the data value is realized. The risk prediction is accurate, the transition from 'passive treatment' to 'active prevention' is realized based on a depth feature trained CNN-LSTM-Attention model, and the occurrence probability of safety accidents is effectively reduced.

Inventors

• ZHAN XUDONG

Assignees

• 珠海爱浦京软件股份有限公司

Dates

Publication Date

20260512

Application Date

20260121

Claims (8)

1. 1. The safety management method for the enterprise is characterized by comprising the following steps of: S1, multi-source data acquisition, namely acquiring multi-source historical data of the enterprise safety hidden danger in the whole life cycle; s2, standardized preprocessing, namely obtaining a structured and modelable standardized data set through data cleaning, heterogeneous data standardization and labeling; S3, depth feature extraction, namely performing depth feature extraction based on standardized data, extracting static and flow basic features to form first-stage features, mining association rules and time sequence evolution features based on the first-stage features to form second-stage features, and extracting depth semantics and long-term trend features based on the second-stage features to form third-stage features; s4, constructing a mixed model, namely constructing a safety management mixed model comprising a risk level prediction sub-model and a processing flow optimization sub-model; s5, carrying out staged training, namely adopting a 'pre-training-fine tuning-verification' staged training strategy, and combining regularization and super-parameter optimization to obtain a safety management model with the performance reaching the standard; and S6, deeply integrating the trained safety management model with an enterprise safety management system based on NET 6, vue 3, mySQL and Elsa workflow engines, covering the full processes of hidden danger input, distribution, processing, acceptance checking and archiving, and outputting risk assessment results, a process optimization scheme and dynamic tracking suggestions in real time through the model to realize enterprise safety intelligent management.
2. 2. The method for enterprise security management according to claim 1, wherein in the step S1, the multi-source historical data comprise core service data, associated support data and environment context data, the core service data comprise hidden danger full life cycle circulation data and hidden danger attribute data, the associated support data comprise organization architecture data, personnel role data and flow configuration data, the environment context data comprise equipment operation data, environment monitoring data and time dimension data, the hidden danger full life cycle data comprise input information, distribution records, processing logs, check and acceptance results and archiving information, the hidden danger attribute data comprise titles, detailed descriptions, occurrence areas, design equipment and hidden danger types, the organization architecture data comprise levels and post responsibilities, the personnel role data comprise authorities and operation histories of system administrators, approval authorities, recording personnel, inspection and acceptance personnel and processing personnel, the flow configuration data comprise approval rules, node setting and timeout threshold values, the equipment operation data comprise equipment types, operation duration and maintenance records, the environment monitoring data comprise humiture, dust concentration and gas concentration, the time dimension data comprise production season marks and season marks.
3. 3. The method for enterprise safety management according to claim 1, wherein in the step S2, data missing is characterized in that a missing value judging rule is adopted, a critical field missing rate is not less than a missing rate threshold value and is directly removed, a K neighbor algorithm is adopted for filling the critical field missing rate < missing rate threshold value, a unified time field format is matched through a time format regular, duplicate records are removed based on a 'hidden danger number + occurrence area + hidden danger type' combination key, and abnormal values of numerical value fields such as processing time length, influence range and the like are identified and removed through an isolated forest algorithm; The heterogeneous data standardization comprises the steps of adopting a differential coding strategy to classified data, adopting independent thermal coding to disordered classified data of hidden danger types, departments and roles, adopting label coding to ordered classified data of region levels and risk levels, converting time class data into Unix timestamp format, deriving derivative characteristics including a production period and a period of occurrence days from last similar hidden danger, adopting BERT pre-training model to segment text class data including hidden danger description and processing remarks, removing words and word vectors, adopting Z-Score standardization to numerical class data including processing duration and equipment operation duration, and eliminating dimension influence; Labeling, namely, setting a three-level risk label labeling rule based on relevant regulations, wherein the label rule comprises the steps of high risk, possibility of casualties, major property loss or production stopping for more than 24 hours, medium risk, possibility of slight property loss or production stopping for 2-24 hours, low risk, no property loss and no influence on production, independent labeling by more than 2 safety management specialists, and determining a disambiguation sample through collective evaluation, and labeling a processing efficiency label and a repeated occurrence label, wherein the processing efficiency label comprises high efficiency, general efficiency and low efficiency, and the repeated occurrence label comprises yes and no.
4. 4. The method for enterprise safety management according to claim 1, wherein in the step S3, first-level feature extraction is performed, based on a standardized dataset, static basic features and flow basic features are extracted by adopting a feature engineering tool kit to form basic feature vectors, wherein the static basic features comprise hidden danger type codes, region codes, department codes, hidden danger descriptor vector statistics features and related equipment codes and running state features, the hidden danger type codes adapt to various hidden danger types, the region codes support workshop-production line-equipment three-level region division, the hidden danger descriptor vector statistics features comprise word frequency, TF-IDF weight and keyword occurrence frequency, the flow basic features comprise processing flow node number, processing time length statistics features of each node, recording person/processor/receiver role codes and operation degree features, approval passing rate and acceptance one-time passing rate, and the node processing time length statistics features comprise minimum value, maximum value, median and average value; The second-level feature extraction comprises extracting association rules and time sequence features by adopting an association rule mining and time sequence analysis algorithm based on first-level basic features, wherein the association feature extraction adopts an Apriori algorithm and comprises co-occurrence probabilities of different hidden danger types in the same area, success rates of processing hidden danger of different risk grades in the same department, pearson association coefficients of average duration and acceptance rate of processing hidden danger of the same person in the same person, association strength of the hidden danger types and related equipment and degree of adaptation between the department and the person in the same person; The third-level feature extraction comprises the steps of constructing a feature extraction network based on second-level features by adopting a deep learning framework, extracting deep semantics and long-term trend feature features to form third-level features, extracting the deep semantics features by using a convolutional neural network, carrying out sequence modeling on the second-level time sequence features by 128 hidden units and dropout rates of 0.2, capturing long-term dependency and time evolution trend of hidden danger generation and processing by using the convolutional neural network, respectively carrying out convolution operation on the second-level associated features by using the pooling kernel sizes of 2×2 and1 layer of flulten layers, mining depth associated semantic information of hidden danger type-region-department-equipment, outputting the convolution features, extracting the long-term trend features by using a bidirectional long-term and short-term memory network, carrying out sequence modeling on the second-level time sequence features by using 128 hidden units and dropout rates, capturing long-term dependency and time sequence evolution trends of hidden danger generation and processing, and outputting sequence features by carrying out dimension splicing on the convolution features and the sequence features by using BatchNorm layers.
5. 5. The method for enterprise security management according to claim 1, wherein in the step S4, the security management hybrid model comprises a risk level prediction sub-model CNN-LSTM-Attention hybrid network and a process flow optimization sub-model XGBoost + LightGBM integrated model, the risk level prediction sub-model takes third-level features as input, strengthens key feature weights through an Attention mechanism, outputs hidden danger risk levels and confidence degrees, and the process flow optimization sub-model inputs third-level features and risk level prediction results and outputs optimal processor codes, optimal processing node numbers, predicted processing duration of each node, processing timeout probability and optimal approval paths.
6. 6. The method for enterprise security management as claimed in claim 5, wherein the step of training in stages in S5 comprises: Dividing the data set into a training set, a verification set and a test set according to the proportion of 7:2:1 by adopting a hierarchical sampling method; Initializing a model, namely initializing a CNN-LSTM-Attention network, adopting He normal distribution for convolutional kernel initialization, adopting orthogonal initialization for LSTM weight initialization, adopting a scaling dot product Attention mechanism for the Attention layer, initializing XGBoost parameters, and initializing LightGBM parameters; The training set is input into the model, the risk level prediction sub-model adopts a cross entropy loss function, the processing flow optimization sub-model adopts a mean square error loss function to predict the processing time length, the cross entropy loss function is adopted to predict the processing person/path, the Adam optimizer is adopted to carry out iterative training for 50 rounds, and model snapshots are output every 10 rounds; The fine tuning stage, namely adopting a grid search method and early stop system based on the verification set to prevent the model from being fitted excessively; integrating XGBoost and LightGBM output results of the process flow optimization sub-model by adopting a weighted voting method, wherein the weight is dynamically distributed based on the accuracy of the verification set, and the higher the accuracy is, the larger the weight is; And (3) performance verification, namely evaluating the performance of the risk prediction sub-model by using a test set test model and adopting the Accuracy Accuracy, the Accuracy Precision, the Recall ratio Recall and the F1 fraction, evaluating the processing duration prediction performance by adopting the average absolute error MAE and the decision coefficient R2, and judging that model training is completed when the risk prediction Accuracy, the F1 fraction, the processing duration prediction MAE and the processor matching Accuracy reach preset values.
7. 7. The method for enterprise security management as claimed in claim 1, wherein in step S6, the model and system deep integration and full-process application specifically comprises: The interface adaptation comprises the steps of developing a standardized interface RESTful API of the model and an enterprise security management system, and supporting real-time interaction of the input and output data of the model and a system MySQL database; The hidden danger input stage comprises the steps of inputting hidden danger information by a user through a system, wherein the hidden danger information comprises titles, descriptions, areas and related equipment, automatically collecting environmental context data by the system, and inputting a safety management model in real time after standardized preprocessing in the step S1 and depth feature extraction in the step S2; The hidden danger distribution stage comprises the steps that a system reads the optimal processing node number and approval path output by a model through Elsa workflow engine, automatically composes personalized processing flow, supports node custom increase and decrease, dynamically distributes tasks to a processor account, synchronously sends notifications through three modes of system popup window, mail and short message; The hidden danger tracking stage comprises the steps that a system collects processing flow data in real time, updates characteristic data every other preset time length, inputs the characteristic data into a model, and dynamically predicts the overtime probability of processing; when the overtime probability is more than or equal to the overtime probability threshold, the system automatically sends early warning information to the approval responsible person, and recommends a resource allocation scheme, including dispatching a processor and adjusting the processing priority; The method comprises a checking and archiving stage, wherein a checking and approving specialist submits a checking and approving result through a system, the checking and approving result comprises a field photo, test data, a model, an archiving suggestion, a user click on a closing button, the system marks as closed and archives, and the data is included in a model negative sample library for subsequent iteration after the checking is passed; the report generation and decision support stage comprises the steps of generating a multi-dimensional visual report by a system based on third-level characteristics and a model output result, wherein the multi-dimensional visual report comprises a hidden danger risk distribution thermodynamic diagram, a processing efficiency optimization trend diagram and a high-risk hidden danger ranking table, wherein the hidden danger risk distribution thermodynamic diagram supports drill-down analysis according to areas, departments and hidden danger types, the processing efficiency optimization trend diagram compares processing time lengths before and after the application of the model, acceptance rate and screening conditions such as a user selection area, departments and a time range are supported, PDF/Excel format report is derived, and report data is synchronized to a management layer decision board to assist in making a safety management strategy.
8. 8. A safety management system for enterprises is characterized in that the system is used for realizing the safety management method for enterprises according to any one of claims 1-7, and comprises a multi-source data acquisition module, a data standardization preprocessing module, a depth feature extraction module, a mixed model construction and training module and a model integration and full-flow application module; The multi-source data acquisition module is used for acquiring multi-source historical data and real-time data of the enterprise safety hidden danger in the whole life cycle; The data standardization preprocessing module is used for obtaining a structured and modelable standardized data set through data cleaning, heterogeneous data standardization and labeling; the depth feature extraction module is used for performing depth feature extraction based on standardized data, extracting static and flow basic features to form first-stage features, mining association rules and time sequence evolution features based on the first-stage features to form second-stage features, and extracting depth semantics and long-term trend features based on the second-stage features to form third-stage features; The mixed model construction and training module is used for constructing a safety management mixed model comprising a risk level prediction sub-model and a processing flow optimization sub-model, adopting a 'pre-training-fine tuning-verification' staged training strategy, and combining regularization and super-parameter optimization to obtain a safety management model with the performance reaching the standard; the model integration and full-process application module is used for deeply integrating the trained safety management model with an enterprise safety management system based on NET 6, vue 3, mySQL and Elsa workflow engines, covering the full processes of hidden danger input, distribution, processing, acceptance checking and archiving, outputting risk assessment results, process optimization schemes and dynamic tracking suggestions in real time through the model, and realizing enterprise safety intelligent management.

Description

Security management system and method for enterprise Technical Field The invention relates to the technical field of enterprise security management, in particular to a security management system and method for enterprises. Background The enterprise safety management is a core link for guaranteeing continuous and stable development of production and operation activities, and the core aim is to timely identify and effectively treat various potential safety hazards and prevent safety accidents. At present, enterprise safety management generally faces the outstanding problems that hidden danger data are stored in a plurality of systems (such as a manual record list, a device management system and an Excel table) in a scattered mode, data formats are heterogeneous and are insufficient in integrity, centralized analysis is difficult to achieve, a processing flow depends on manual experience, task allocation lacks scientific basis, an approval path is fixed and stiff, processing period is long, efficiency is low, utilization of historical data only stays on a statistical summary level, deep association rules and time-sequence trend in the data are not mined, risk prediction relies on manual judgment, accuracy is low, active prevention is difficult to achieve, and an existing digital management system focuses on electronic presentation of the flow in multiple modes and lacks deep integration with an intelligent model, so that dynamic and accurate decision support cannot be provided for whole-flow management. In the prior art, partial enterprises try to introduce data analysis tools to optimize safety management, but have obvious defects that, for example, the feature extraction is mostly single-level extraction, only basic attribute features are focused, complex association and time evolution rules of hidden danger, environment, personnel and flow cannot be captured, so that the model input feature expression capability is insufficient, the model is mostly single-function (such as only predicting risk level), the optimization capability of processing flow is lacking, closed-loop management of prediction-processing-feedback cannot be formed, the integration level of the model and a management system is low, the data interaction delay is high, and the real-time management requirement is difficult to meet. Therefore, there is a need for an enterprise security management method that can deeply integrate multi-source data, accurately extract hierarchical features, fuse multi-task models, and deeply cooperate with a management system. Disclosure of Invention The invention aims to provide a safety management system and method for enterprises, which can solve the problems of data dispersion and isomerism, lack of layering in feature extraction, low risk prediction accuracy, low efficiency of processing flow stiffness and insufficient integration of models and systems in the existing enterprise safety management. According to one aspect of the invention, the technical scheme is that the method for safety management of enterprises specifically comprises the following steps: S1, multi-source data acquisition, namely acquiring multi-source historical data of the enterprise safety hidden danger in the whole life cycle; s2, standardized preprocessing, namely obtaining a structured and modelable standardized data set through data cleaning, heterogeneous data standardization and labeling; S3, depth feature extraction, namely performing depth feature extraction based on standardized data, extracting static and flow basic features to form first-stage features, mining association rules and time sequence evolution features based on the first-stage features to form second-stage features, and extracting depth semantics and long-term trend features based on the second-stage features to form third-stage features; s4, constructing a mixed model, namely constructing a safety management mixed model comprising a risk level prediction sub-model and a processing flow optimization sub-model; s5, carrying out staged training, namely adopting a 'pre-training-fine tuning-verification' staged training strategy, and combining regularization and super-parameter optimization to obtain a safety management model with the performance reaching the standard; and S6, deeply integrating the trained safety management model with an enterprise safety management system based on NET 6, vue 3, mySQL and Elsa workflow engines, covering the full processes of hidden danger input, distribution, processing, acceptance checking and archiving, and outputting risk assessment results, a process optimization scheme and dynamic tracking suggestions in real time through the model to realize enterprise safety intelligent management. In step S1, the multi-source historical data includes core service data, associated support data and environmental context data, the core service data includes hidden danger full life cycle circulation data and hidden danger attribute data, the asso