Search

US-20260129098-A1 - SYSTEM AND METHOD OF DETERMINING ASSET CONTEXT EQUIVALENCE

US20260129098A1US 20260129098 A1US20260129098 A1US 20260129098A1US-20260129098-A1

Abstract

A system and a method of determining asset context equivalence are described. The method includes collecting a first information related to an asset operating in an enterprise. The first information is collected from a first monitoring service running at a network level, and the first information includes tags assigned at network levels traversed by the first information. A Key Performance Indicator (KPI) value of the first monitoring service is determined using the first information. Upon deviation in KPI value, the asset associated with the first information is traced using the tags assigned at the network levels. A second monitoring service associated with the asset is identified, a second information is collected from the second monitoring service and used for performing a root cause analysis, to determine a cause of the deviation. An action related to the asset is taken to remediate the cause of the deviation in the KPI value.

Inventors

  • Arnab Bhattacharjee
  • Srikant Srinivasan
  • Nikhil Bansal
  • Vishnu Vardhana Reddy Potham

Assignees

  • HONEYWELL INTERNATIONAL INC.

Dates

Publication Date
20260507
Application Date
20241107

Claims (20)

  1. 1 . A method, comprising: collecting, from a first monitoring service running at one of a plurality of network levels, a first information related to an asset of a plurality of assets operating in an enterprise, wherein the first information includes at least one tag assigned at each of the plurality of network levels traversed by the first information for reaching the first monitoring service from the asset; determining a Key Performance Indicator (KPI) value of the first monitoring service, using the first information; determining a deviation in the KPI value of the first monitoring service upon comparison with a threshold KPI value; tracing the asset associated with the first information resulting in the deviation in the KPI value, wherein the asset is traced using the at least one tag assigned at each of the plurality of network levels; identifying a second monitoring service associated with the asset, to determine asset equivalence between the first monitoring service and the second monitoring service, wherein the second monitoring service runs at one of the plurality of network levels; collecting, from the second monitoring service, a second information related to the asset; performing a root cause analysis, by processing the second information, to determine a cause of the deviation in the KPI value; and taking an action related to the asset to remediate the cause of the deviation in the KPI value.
  2. 2 . The method as claimed in claim 1 , wherein the plurality of assets include machineries and sensors operating in the enterprise.
  3. 3 . The method as claimed in claim 1 , wherein the KPI value is determined by combining values of different operational parameters included in the first information.
  4. 4 . The method as claimed in claim 1 , wherein the threshold KPI value is user defined.
  5. 5 . The method as claimed in claim 1 , wherein the threshold KPI value is set based on historical performance of the first monitoring service.
  6. 6 . The method as claimed in claim 1 , wherein the at least one tag assigned at each of the plurality of network levels include timestamps and asset identifiers.
  7. 7 . The method as claimed in claim 1 , wherein the action related to the asset includes segmentation, notification and communication, service restart or device reboot, configuration changes, patch management, resource optimization, backup and restore, and monitoring and prevention.
  8. 8 . The method as claimed in claim 1 , wherein the at least one tag assigned at each of the plurality of network levels are stored in a sequentially linked manner.
  9. 9 . The method as claimed in claim 1 , wherein the first monitoring service and the second monitoring service are configured to operate at different network levels.
  10. 10 . The method as claimed in claim 1 , wherein the second monitoring service utilizes the second information associated with another asset operating in the enterprise.
  11. 11 . A system comprising: a processor; and a memory coupled with the memory, wherein the memory stores program instructions configured to: collect, from a first monitoring service running at one of a plurality of network levels, a first information related to an asset of a plurality of assets operating in an enterprise, wherein the first information includes at least one tag assigned at each of the plurality of network levels traversed by the first information for reaching the first monitoring service from the asset; determine a Key Performance Indicator (KPI) value of the first monitoring service, using the first information; determine a deviation in the KPI value of the first monitoring service upon comparison with a threshold KPI value; trace the asset associated with the first information resulting in the deviation in the KPI value, wherein the asset is traced using the at least one tag assigned at each of the plurality of network levels; identify a second monitoring service associated with the asset, to determine asset equivalence between the first monitoring service and the second monitoring service, wherein the second monitoring service runs at one of the plurality of network levels; collect, from the second monitoring service, a second information related to the asset; perform a root cause analysis, by processing the second information, to determine a cause of the deviation in the KPI value; and take an action related to the asset to remediate the cause of the deviation in the KPI value.
  12. 12 . The system as claimed in claim 11 , wherein the plurality of assets include machineries and sensors operating in the enterprise.
  13. 13 . The system as claimed in claim 11 , wherein the KPI value is determined by combining values of different operational parameters included in the first information.
  14. 14 . The system as claimed in claim 11 , wherein the threshold KPI value is user defined or is set based on historical performance of the first monitoring service.
  15. 15 . The system as claimed in claim 11 , wherein the at least one tag assigned at each of the plurality of network levels include timestamps and asset identifiers.
  16. 16 . The system as claimed in claim 11 , wherein the action related to the asset includes segmentation, notification and communication, service restart or device reboot, configuration changes, patch management, resource optimization, backup and restore, and monitoring and prevention
  17. 17 . The system as claimed in claim 11 , wherein the at least one tag assigned at each of the plurality of network levels are stored in a sequentially linked manner.
  18. 18 . The system as claimed in claim 11 , wherein the first monitoring service and the second monitoring service are configured to operate at different network levels.
  19. 19 . The system as claimed in claim 11 , wherein the second monitoring service utilizes the second information associated with another asset operating in the enterprise.
  20. 20 . A non-transitory computer-readable storage medium comprising computer program code for execution by one or more processors of an apparatus, the computer program code configured to, when executed by the one or more processors, cause the apparatus to: collect, from a first monitoring service running at one of a plurality of network levels, a first information related to an asset of a plurality of assets operating in an enterprise, wherein the first information includes at least one tag assigned at each of the plurality of network levels traversed by the first information for reaching the first monitoring service from the asset; determine a Key Performance Indicator (KPI) value of the first monitoring service, using the first information; determine a deviation in the KPI value of the first monitoring service upon comparison with a threshold KPI value; trace the asset associated with the first information resulting in the deviation in the KPI value, wherein the asset is traced using the at least one tag assigned at each of the plurality of network levels; identify a second monitoring service associated with the asset, to determine asset equivalence between the first monitoring service and the second monitoring service, wherein the second monitoring service runs at one of the plurality of network levels; collect, from the second monitoring service, a second information related to the asset; perform a root cause analysis, by processing the second information, to determine a cause of the deviation in the KPI value; and take an action related to the asset to remediate the cause of the deviation in the KPI value.

Description

TECHNICAL FIELD Present disclosure relates to performing root cause analysis, and more specifically relates to performing root cause analysis by determining asset context equivalence. BACKGROUND Within an enterprise, several assets i.e. machineries operate to perform different tasks and sensors track operation of the machineries. Sensor data is provided to different control systems responsible for running monitoring services related to the operations. The control systems run the monitoring services at different network levels. For example, Purdue model defines operation of different monitoring services at five levels. At level 0, a physical process runs. At level 1, sensors and devices operate to manipulate the physical process. At level 2, control systems operate for performing supervising, monitoring, and controlling of the physical process. At level 3, manufacturing operations systems operate for managing production workflow to produce desired products. At level 4, business logistics systems operate, and at level 5, an external support or network cloud access is provided. Different KPIs are defined and continuously monitored for tracking operational performance of the assets. In case of a deviation in a KPI value, a user may not be able to identify an anomaly associated with an asset that might have resulted in the deviation. Further, in several situations, it might not be possible to derive an inference of root cause from the data used for determining the KPI value. Thus, a method using which root cause analysis could be performed in above mentioned conditions is desired. SUMMARY OF THE INVENTION In one embodiment, a method of performing root cause analysis by determining asset context equivalence is described. The method includes collecting, from a first monitoring service running at one of a plurality of network levels, a first information related to an asset of a plurality of assets operating in an enterprise. The first information includes at least one tag assigned at each of the plurality of network levels traversed by the first information for reaching the first monitoring service from the asset. The method further includes determining a Key Performance Indicator (KPI) value of the first monitoring service, using the first information. The method further includes determining a deviation in the KPI value of the first monitoring service upon comparison with a threshold KPI value. The method further includes tracing the asset associated with the first information resulting in the deviation in the KPI value. The asset is traced using the at least one tag assigned at each of the plurality of network levels. The method further includes identifying a second monitoring service associated with the asset, to determine asset equivalence between the first monitoring service and the second monitoring service. The second monitoring service runs at one of the plurality of network levels. The method further includes collecting, from the second monitoring service, a second information related to the asset. The method further includes performing a root cause analysis, by processing the second information, to determine a cause of the deviation in the KPI value. The method further includes taking an action related to the asset to remediate the cause of the deviation in the KPI value. In an aspect, the plurality of assets include machineries and sensors operating in the enterprise. In an aspect, the KPI value is determined by combining values of different operational parameters included in the first information. In an aspect, the threshold KPI value is user defined. In an aspect, the threshold KPI value is set based on historical performance of the first monitoring service. In an aspect, the at least one tag assigned at each of the plurality of network levels include timestamps and asset identifiers. In an aspect, the at least one tag assigned at each of the plurality of network levels are stored in a sequentially linked manner. In an aspect, the first monitoring service and the second monitoring service are configured to operate at different network levels. In an aspect, the second monitoring service utilizes the second information associated with another asset operating in the enterprise. In an aspect, the action related to the asset includes segmentation, notification and communication, service restart or device reboot, configuration changes, patch management, resource optimization, backup and restore, and monitoring and prevention. In one embodiment, a system for performing root cause analysis by determining asset context equivalence is described. The system comprises a processor and a memory coupled with the memory. The memory stores program instructions configured to collect, from a first monitoring service running at one of a plurality of network levels, a first information related to an asset of a plurality of assets operating in an enterprise. The first information includes at least one tag assigned at each o