Glossary
Account role
Set of access rights that determine the actions available to a user when connected to the application web interface. Kaspersky MLAD includes a system administrator role and custom roles.
AMQP topic
A hierarchical path to the data source used for sending messages via the AMQP protocol.
Anomaly
Any deviation in the behavior of a monitored asset that is abnormal, unexpected, and not otherwise prescribed by the industrial process.
Artifact
A sequence of numerical values (time series) generated as a result of ML model inference. An ML model can generate artifacts associated with tag values received from the monitored asset or ML model element artifacts.
Asset
A section of a hierarchical structure representing, for example, a plant, a shop, or a separate unit of a monitored asset.
Attention
A special event processor configuration intended for tracking events and patterns for specific subsets of event history, and detecting commonalities in the behavior of the monitored asset.
Connector
Service that facilitates the exchange of data with external systems.
Data sampling
A method for adjusting the training set with reference to the time scale steps in the original dataset.
Event
A set of values taken from a predetermined list of parameters and indicating what happened on a monitored asset at a given moment
Gradient boosting
Machine learning technique for classification and regression problems that builds a prediction model in the form of an ensemble of prediction models, which are typically decision trees (XGBoost).
Graphic area
A collection of tags whose data is displayed together by overlapping on a single graph in History and Monitoring sections. A graphic area can display data for one or more tags in a preset.
ICS
Abbreviation for Industrial Control System. A package of hardware and software designed to automate control of process equipment at industrial enterprises.
Incident
An identified deviation from the expected (normal) behavior of a monitored asset.
Inference
The ML model works with telemetry data to detect anomalous behavior.
Inference indicator
A set of criteria used to determine the data time intervals on which the ML model performs the inference.
Learning indicator
A set of criteria used to determine the data time intervals on which the ML model performs the training.
Markup
Tool for selecting time intervals. Markups are used to generate learning indicators and inference of the ML model. A markup may utilize two types of criteria: conditions on the behavior of specific tags (time intervals are selected where these conditions are met) and a time filter (time intervals are selected independently of tag behavior).
ML model
Algorithm based on machine learning methods tasked with analyzing the telemetry of the monitored asset and detecting anomalies.
Monitor
Source of notifications about patterns, events, or values of event parameters detected by the Event Processor according to the defined monitoring criteria. The monitoring criteria define the attention head, additional filters for event parameter values, a sliding time window, and the number of consecutive monitor activations within that window.
Monitored asset hierarchical structure
A tree-like representation of the monitored asset where the leaf nodes represent tags associated with incoming telemetry data.
MQTT topic
A hierarchical path to the data source used for sending messages via the MQTT protocol.
Notification
A message with information about an incident (or incidents), which is sent by the application via notification delivery systems (for example, via email) to the specified addresses.
Pattern
Sequence of events or other patterns identified within the stream of events from the monitored asset.
Preset
Set of tags generated by a user in arbitrary order or created automatically when an incident is registered. A set of tags in a custom preset can correspond to a certain aspect of the technological process or a section of the monitored asset.
Tag
Variable that contains the value of a specific process parameter such as temperature.
Top tag
The process parameter that had the greatest impact on incident registration.
Uniform temporal grid (UTG)
An infinite sequence of points in time separated by equal intervals, to which the stream of incoming telemetry data is converted.