BUILDING RISK ANALYSIS SYSTEM WITH DYNAMIC MODIFICATION OF ASSET-THREAT WEIGHTS

US 20190096212A1
Filed: 09/26/2018
Published: 03/28/2019
Est. Priority Date: 09/27/2017
Status: Active Grant

First Claim

Patent Images

1. A building management system comprising:

one or more computer-readable storage media having;

a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and

instructions stored thereon that, when executed by one or more processors, cause the one or more processors to;

receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;

identify a particular vulnerability of the data structure based on the particular threat type and the particular asset; and

determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A building management system includes one or more computer-readable storage media having a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities and instructions. The instructions cause one or more processors to receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets, identify a particular vulnerability of the data structure based on the particular threat type and the particular asset, and determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.

16 Citations

View as Search Results

20 Claims

1. A building management system comprising:
- one or more computer-readable storage media having;
  
  a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
  
  instructions stored thereon that, when executed by one or more processors, cause the one or more processors to;
  
  receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;
  
  identify a particular vulnerability of the data structure based on the particular threat type and the particular asset; and
  
  determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The building management system of claim 1, wherein each of the plurality of vulnerabilities comprise a binary indication of whether the plurality of assets are affected by the plurality of threat types.
  - 3. The building management system of claim 1, wherein each of the plurality of vulnerabilities is a numeric value indicating an amount that the plurality of assets are affected by each of the plurality of threat types, wherein the numeric value is between zero and one.
  - 4. The building management system of claim 1, wherein the data structure is a matrix comprising a first dimension and a second dimension, wherein the plurality of assets are associated with the first dimension and the plurality of threat types are associated with the second dimension.
  - 5. The building management system of claim 1, wherein the instructions cause the one or more processors to:
    - provide a data structure retrieve endpoint, wherein the data structure retrieve endpoint is configured to provide the data structure to a requesting device; and
      
      provide a data structure update endpoint, wherein the data structure update endpoint is configured to update the vulnerabilities of the data structure based on updates received from the requesting device.
  - 6. The building management system of claim 1, wherein the instructions cause the one or more processors to:
    - receive, via a user interface, an update to a vulnerability associated with the particular asset and the particular threat type; and
      
      update the data structure with the received update to the vulnerability.
  - 7. The building management system of claim 6, wherein the instructions cause the one or more processors to:
    - generate, for the particular asset, a list of threat types that the particular asset is vulnerable based on the data structure, wherein the list of threat types are threat types that affect the risk score of the particular asset;
      
      cause the user interface to display the list;
      
      receive, via the user interface, an update to the list, the update comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk score of the particular asset is affected by the one or more new threat types; and
      
      update the plurality of vulnerabilities of the data structure based on the received update by adding or removing vulnerabilities based on the indication to add the one or more new threat types or remove the one or more threat types of the list.
  - 8. The building management system of claim 7, wherein the instructions cause the one or more processors to:
    - generate a list indicating identifiers of each of the plurality of assets;
      
      cause the user interface to display the list indicating the identifiers of each of the plurality of assets;
      
      receive a selection of the particular asset from the list indicating the identifiers of each of the plurality of assets; and
      
      update the plurality of vulnerabilities of the data structure in response to receiving the selection of the particular asset.
  - 9. The building management system of claim 6, wherein the instructions cause the one or more processors to:
    - receive an indication of a set of assets of the plurality of assets, the set of assets associated with a particular asset category;
      
      generate, for the set of assets, a list of threat types that the set of assets is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect risk scores of the set of assets;
      
      cause the user interface to display the list;
      
      receive, via the user interface, an update to the list, the update comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk scores of the set of assets are affected by the one or more new threat types; and
      
      update the plurality of vulnerabilities of the data structure based on the received update by adding or removing vulnerabilities based on the indication to add the one or more new threat types or remove the one or more threat types of the list.
  - 10. The building management system of claim 9, wherein the instructions cause the one or more processors to:
    - generate a list indicating a plurality of asset categories;
      
      cause the user interface to display the list indicating the plurality of asset categories;
      
      receive a selection of the particular asset category from the list indicating the plurality of asset categories; and
      
      update the plurality of vulnerabilities of the data structure in response to receiving the selection of the particular asset category.

11. A method for risk analysis, the method comprising:
- receiving a threat, the threat comprising a particular threat type of a plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of a plurality of assets;
  
  identifying a particular vulnerability of a data structure based on the particular threat type and the particular asset, wherein the data structure comprises the plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of the plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
  
  determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein each of the plurality of vulnerabilities comprise a binary indication of whether the plurality of assets are affected by the plurality of threat types.
  - 13. The method of claim 11, wherein determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset is further based on:
    - a vulnerability parameter associated with the particular asset;
      
      an asset cost parameter associated with the particular asset;
      
      a severity associated with the threat; and
      
      a geographic distance between the particular asset and the threat.
  - 14. The method of claim 11, wherein the data structure is a matrix comprising a first dimension and a second dimension, wherein the plurality of assets are associated with the first dimension and the plurality of threat types are associated with the second dimension.
  - 15. The method of claim 11, wherein the method further comprises:
    - providing a data structure retrieve endpoint, wherein the data structure retrieve endpoint is configured to provide the data structure to a requesting device; and
      
      providing a data structure update endpoint, wherein the data structure update endpoint is configured to update the vulnerabilities of the data structure based on updates received from the requesting device.
  - 16. The method of claim 11, wherein further comprising:
    - receiving, via a user interface, an update to a vulnerability associated with the particular asset and the particular threat type; and
      
      updating the data structure with the received update to the vulnerability.
  - 17. The method of claim 16, further comprising:
    - generating, for the particular asset, a list of threat types that the particular asset is vulnerable based on the data structure, wherein the list of threat types are threat types that affect the risk score of the particular asset;
      
      causing the user interface to display the list;
      
      receiving, via the user interface, an update to the list, the update comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk score of the particular asset is affected by the one or more new threat types; and
      
      updating the plurality of vulnerabilities of the data structure based on the received update by adding or removing vulnerabilities based on the indication to add the one or more new threat types or remove the one or more threat types of the list.
  - 18. The method of claim 17, further comprising:
    - generating a list indicating identifiers of each of the plurality of assets;
      
      causing the user interface to display the list indicating the identifiers of each of the plurality of assets;
      
      receiving a selection of the particular asset from the list indicating the identifiers of each of the plurality of assets; and
      
      updating the plurality of vulnerabilities of the data structure in response to receiving the selection of the particular asset.
  - 19. The method of claim 16, further comprising:
    - receiving an indication of a set of assets of the plurality of assets, the set of assets associated with a particular asset category;
      
      generating, for the set of assets, a list of threat types that the set of assets is vulnerable to based on the data structure, wherein the list of threat types are threat types that affect risk scores of the set of assets;
      
      causing the user interface to display the list;
      
      receiving, via the user interface, an update to the list, the update comprising an indication to add one or more new threat types, wherein the data structure does not indicate that the risk scores of the set of assets are affected by the one or more new threat types; and
      
      updating the plurality of vulnerabilities of the data structure based on the received update by adding or removing vulnerabilities based on the indication to add the one or more new threat types or remove the one or more threat types of the list.

20. A building management system comprising:
- one or more computer-readable storage media communicably coupled to one or more processors and configured to store instructions and a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
  
  the one or more processors configured to execute the instructions to;
  
  receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;
  
  identify a particular vulnerability of the data structure based on the particular threat type and the particular asset; and
  
  determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tyco Fire & Security GmbH (Johnson Controls International plc)
Original Assignee
Johnson Controls Technology Company (Johnson Controls International plc)
Inventors
Pourmohammad, Sajjad, Park, Youngchoon

Granted Patent

US 10,559,180 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 40/30   Semantic analysis

G06N 20/00   Machine learning

G06N 20/20   Ensemble learning

G06N 5/022   Knowledge engineering; Know...

G06N 7/01   Probabilistic graphical mod...

G06Q 10/0635   Risk analysis of enterprise...

G06Q 10/067   Enterprise or organisation ...

G06Q 50/163   Real estate management

G08B 19/00   Alarms responsive to two or...

G08B 21/02   Alarms for ensuring the saf...

G08B 21/10   responsive to calamitous ev...

G08B 21/18   Status alarms G08B21/02 tak...

G08B 21/182   Level alarms, e.g. alarms r...

G08B 23/00   Alarms responsive to unspec...

G08B 25/10   using wireless transmission...

G08B 31/00   Predictive alarm systems ch...

H04W 4/021   Services related to particu...

BUILDING RISK ANALYSIS SYSTEM WITH DYNAMIC MODIFICATION OF ASSET-THREAT WEIGHTS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

BUILDING RISK ANALYSIS SYSTEM WITH DYNAMIC MODIFICATION OF ASSET-THREAT WEIGHTS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links