Building risk analysis system with dynamic modification of asset-threat weights

US 10,559,180 B2
Filed: 09/26/2018
Issued: 02/11/2020
Est. Priority Date: 09/27/2017
Status: Active Grant

First Claim

Patent Images

1. A building management system comprising:

one or more computer-readable storage media having;

a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of a plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and

instructions stored thereon that, when executed by one or more processors, cause the one or more processors to;

receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;

identify a particular vulnerability of the data structure based on the particular threat type and the particular asset;

determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset;

receive, via a user interface, an update to the particular vulnerability associated with the particular asset and the particular threat type;

update the data structure with the update to the particular vulnerability;

generate, for the particular asset, a list of threat types that the particular asset is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect a risk score of the particular asset;

cause the user interface to display the list;

receive, via the user interface, an update to the list, the update to the list comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk score of the particular asset is affected by the one or more new threat types; and

update the plurality of vulnerabilities of the data structure based on the update to the list by adding one or more vulnerabilities based on the indication to add the one or more new threat types of the list.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A building management system includes one or more computer-readable storage media having a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities and instructions. The instructions cause one or more processors to receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets, identify a particular vulnerability of the data structure based on the particular threat type and the particular asset, and determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.

73 Citations

View as Search Results

26 Claims

1. A building management system comprising:
- one or more computer-readable storage media having;
  
  a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of a plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
  
  instructions stored thereon that, when executed by one or more processors, cause the one or more processors to;
  
  receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;
  
  identify a particular vulnerability of the data structure based on the particular threat type and the particular asset;
  
  determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset;
  
  receive, via a user interface, an update to the particular vulnerability associated with the particular asset and the particular threat type;
  
  update the data structure with the update to the particular vulnerability;
  
  generate, for the particular asset, a list of threat types that the particular asset is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect a risk score of the particular asset;
  
  cause the user interface to display the list;
  
  receive, via the user interface, an update to the list, the update to the list comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk score of the particular asset is affected by the one or more new threat types; and
  
  update the plurality of vulnerabilities of the data structure based on the update to the list by adding one or more vulnerabilities based on the indication to add the one or more new threat types of the list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The building management system of claim 1, wherein each of the plurality of vulnerabilities comprise a binary indication of whether the plurality of assets are affected by the plurality of threat types.
  - 3. The building management system of claim 1, wherein each of the plurality of vulnerabilities is a numeric value indicating an amount that the plurality of assets are affected by each of the plurality of threat types, wherein the numeric value is between zero and one.
  - 4. The building management system of claim 1, wherein the data structure is a matrix comprising a first dimension and a second dimension, wherein the plurality of assets are associated with the first dimension and the plurality of threat types are associated with the second dimension.
  - 5. The building management system of claim 1, wherein the instructions cause the one or more processors to:
    - provide a data structure retrieve endpoint, wherein the data structure retrieve endpoint is configured to provide the data structure to a requesting device; and
      
      provide a data structure update endpoint, wherein the data structure update endpoint is configured to update the vulnerabilities of the data structure based on updates received from the requesting device.
  - 6. The building management system of claim 1, wherein the instructions cause the one or more processors to:
    - generate a second list indicating identifiers of each of the plurality of assets;
      
      cause the user interface to display the second list indicating the identifiers of each of the plurality of assets;
      
      receive a selection of the particular asset from the second list indicating the identifiers of each of the plurality of assets; and
      
      update the plurality of vulnerabilities of the data structure in response to receiving the selection of the particular asset.
  - 7. The building management system of claim 1, wherein the instructions cause the one or more processors to:
    - receive an indication of a set of assets of the plurality of assets, the set of assets associated with a particular asset category;
      
      generate, for the set of assets, a second list of threat types that the set of assets is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect risk scores of the set of assets;
      
      cause the user interface to display the second list;
      
      receive, via the user interface, an update to the second list, the update comprising an indication to add one or more second new threat types, wherein the data structure does not indicate that the risk scores of the set of assets are affected by the one or more second new threat types; and
      
      update the plurality of vulnerabilities of the data structure based on the update by adding second vulnerabilities based on the indication to add the one or more second new threat types.
  - 8. The building management system of claim 7, wherein the instructions cause the one or more processors to:
    - generate a third list indicating a plurality of asset categories;
      
      cause the user interface to display the third list indicating the plurality of asset categories;
      
      receive a selection of the particular asset category from the third list indicating the plurality of asset categories; and
      
      update the plurality of vulnerabilities of the data structure in response to receiving the selection of the particular asset category.

9. A method for risk analysis, the method comprising:
- receiving a threat, the threat comprising a particular threat type of a plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of a plurality of assets;
  
  identifying a particular vulnerability of a data structure based on the particular threat type and the particular asset, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of the plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities;
  
  determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset;
  
  receiving, via a user interface, an update to the particular vulnerability associated with the particular asset and the particular threat type;
  
  updating the data structure with the update to the particular vulnerability;
  
  generating, for the particular asset, a list of threat types that the particular asset is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect a risk score of the particular asset;
  
  causing the user interface to display the list;
  
  receiving, via the user interface, an update to the list, the update to the list comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk score of the particular asset is affected by the one or more new threat types; and
  
  updating the plurality of vulnerabilities of the data structure based on the update to the list by adding one or more vulnerabilities based on the indication to add the one or more new threat types.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein each of the plurality of vulnerabilities comprise a binary indication of whether the plurality of assets are affected by the plurality of threat types.
  - 11. The method of claim 9, wherein determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset is further based on:
    - a vulnerability parameter associated with the particular asset;
      
      an asset cost parameter associated with the particular asset;
      
      a severity associated with the threat; and
      
      a geographic distance between the particular asset and the threat.
  - 12. The method of claim 9, wherein the data structure is a matrix comprising a first dimension and a second dimension, wherein the plurality of assets are associated with the first dimension and the plurality of threat types are associated with the second dimension.
  - 13. The method of claim 9, wherein the method further comprises:
    - providing a data structure retrieve endpoint, wherein the data structure retrieve endpoint is configured to provide the data structure to a requesting device; and
      
      providing a data structure update endpoint, wherein the data structure update endpoint is configured to update the vulnerabilities of the data structure based on updates received from the requesting device.
  - 14. The method of claim 9, further comprising:
    - generating a second list indicating identifiers of each of the plurality of assets;
      
      causing the user interface to display the second list indicating the identifiers of each of the plurality of assets;
      
      receiving a selection of the particular asset from the second list indicating the identifiers of each of the plurality of assets; and
      
      updating the plurality of vulnerabilities of the data structure in response to receiving the selection of the particular asset.
  - 15. The method of claim 9, further comprising:
    - receiving an indication of a set of assets of the plurality of assets, the set of assets associated with a particular asset category;
      
      generating, for the set of assets, a second list of threat types that the set of assets is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect risk scores of the set of assets;
      
      causing the user interface to display the second list;
      
      receiving, via the user interface, an update to the second list, the update comprising an indication to add one or more second new threat types, wherein the data structure does not indicate that the risk scores of the set of assets are affected by the one or more second new threat types; and
      
      updating the plurality of vulnerabilities of the data structure based on the update by adding second vulnerabilities based on the indication to add the one or more second new threat types.

16. A building management system comprising:
- one or more computer-readable storage media communicably coupled to one or more processors and configured to store instructions and a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of a plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
  
  the one or more processors configured to execute the instructions to;
  
  receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;
  
  identify a particular vulnerability of the data structure based on the particular threat type and the particular asset;
  
  determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset;
  
  receive, via a user interface, an update to the particular vulnerability associated with the particular asset and the particular threat type;
  
  update the data structure with the update to the particular vulnerability;
  
  generate, for the particular asset, a list of threat types that the particular asset is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect a risk score of the particular assetcause the user interface to display the listreceive, via the user interface, an update to the list, the update to the list comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk score of the particular asset is affected by the one or more new threat types; and
  
  update the plurality of vulnerabilities of the data structure based on the update by adding one or more vulnerabilities based on the indication to add the one or more new threat types.

17. A building management system comprising:
- one or more computer-readable storage media having;
  
  a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of a plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
  
  instructions stored thereon that, when executed by one or more processors, cause the one or more processors to;
  
  receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;
  
  identify a particular vulnerability of the data structure based on the particular threat type and the particular asset;
  
  determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset;
  
  receive, via a user interface, an update to the particular vulnerability associated with the particular asset and the particular threat type;
  
  update the data structure with the update to the particular vulnerability;
  
  receive an indication of a set of assets of the plurality of assets, the set of assets associated with a particular asset category;
  
  generate, for the set of assets, a list of threat types that the set of assets is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect risk scores of the set of assets;
  
  cause the user interface to display the list;
  
  receive, via the user interface, an update to the list, the update to the list comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk scores of the set of assets are affected by the one or more new threat types; and
  
  update the plurality of vulnerabilities of the data structure based on the update by adding one or more vulnerabilities based on the indication to add the one or more new threat types.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The building management system of claim 17, wherein each of the plurality of vulnerabilities comprise a binary indication of whether the plurality of assets are affected by the plurality of threat types.
  - 19. The building management system of claim 17, wherein each of the plurality of vulnerabilities is a numeric value indicating an amount that the plurality of assets are affected by each of the plurality of threat types, wherein the numeric value is between zero and one.
  - 20. The building management system of claim 17, wherein the data structure is a matrix comprising a first dimension and a second dimension, wherein the plurality of assets are associated with the first dimension and the plurality of threat types are associated with the second dimension.
  - 21. The building management system of claim 17, wherein the instructions cause the one or more processors to:
    - provide a data structure retrieve endpoint, wherein the data structure retrieve endpoint is configured to provide the data structure to a requesting device; and
      
      provide a data structure update endpoint, wherein the data structure update endpoint is configured to update the vulnerabilities of the data structure based on updates received from the requesting device.

22. A method for risk analysis, the method comprising:
- receiving a threat, the threat comprising a particular threat type of a plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of a plurality of assets;
  
  identifying a particular vulnerability of a data structure based on the particular threat type and the particular asset, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of the plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities;
  
  determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset;
  
  receiving, via a user interface, an update to the particular vulnerability associated with the particular asset and the particular threat type;
  
  updating the data structure with the update to the particular vulnerability;
  
  receiving an indication of a set of assets of the plurality of assets, the set of assets associated with a particular asset category;
  
  generating, for the set of assets, a list of threat types that the set of assets is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect risk scores of the set of assets;
  
  causing the user interface to display the list;
  
  receiving, via the user interface, an update to the list, the update to the list comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk scores of the set of assets are affected by the one or more new threat types; and
  
  updating the plurality of vulnerabilities of the data structure based on the update by adding one or more vulnerabilities based on the indication to add the one or more new threat types.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The method of claim 22, wherein each of the plurality of vulnerabilities comprise a binary indication of whether the plurality of assets are affected by the plurality of threat types.
  - 24. The method of claim 22, wherein determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset is further based on:
    - a vulnerability parameter associated with the particular asset;
      
      an asset cost parameter associated with the particular asset;
      
      a severity associated with the threat; and
      
      a geographic distance between the particular asset and the threat.
  - 25. The method of claim 22, wherein the data structure is a matrix comprising a first dimension and a second dimension, wherein the plurality of assets are associated with the first dimension and the plurality of threat types are associated with the second dimension.
  - 26. The method of claim 22, wherein the method further comprises:
    - providing a data structure retrieve endpoint, wherein the data structure retrieve endpoint is configured to provide the data structure to a requesting device; and
      
      providing a data structure update endpoint, wherein the data structure update endpoint is configured to update the vulnerabilities of the data structure based on updates received from the requesting device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tyco Fire & Security GmbH (Johnson Controls International plc)
Original Assignee
Johnson Controls Technology Company (Johnson Controls International plc)
Inventors
Pourmohammad, Sajjad, Park, Youngchoon
Primary Examiner(s)
Previl, Daniel

Application Number

US16/143,247
Publication Number

US 20190096212A1
Time in Patent Office

503 Days
Field of Search

340517, 340506, 340541, 340521, 34087006, 340903-907, 340915, 340990-991
US Class Current
CPC Class Codes

G06F 40/30   Semantic analysis

G06N 20/00   Machine learning

G06N 20/20   Ensemble learning

G06N 5/022   Knowledge engineering; Know...

G06N 7/01   Probabilistic graphical mod...

G06Q 10/0635   Risk analysis of enterprise...

G06Q 10/067   Enterprise or organisation ...

G06Q 50/163   Real estate management

G08B 19/00   Alarms responsive to two or...

G08B 21/02   Alarms for ensuring the saf...

G08B 21/10   responsive to calamitous ev...

G08B 21/18   Status alarms G08B21/02 tak...

G08B 21/182   Level alarms, e.g. alarms r...

G08B 23/00   Alarms responsive to unspec...

G08B 25/10   using wireless transmission...

G08B 31/00   Predictive alarm systems ch...

H04W 4/021   Services related to particu...

Building risk analysis system with dynamic modification of asset-threat weights

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

73 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

Building risk analysis system with dynamic modification of asset-threat weights

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others