What technology area does this patent fall under?

Primary CPC classification G06F21/565. Mapped technology areas include Physics.

When was this patent published?

Publication date Thu Feb 06 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Device operation anomaly identification and reporting system

US2020042373A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2020042373-A1
Application number	US-201816053385-A
Country	US
Kind code	A1
Filing date	Aug 2, 2018
Priority date	Aug 2, 2018
Publication date	Feb 6, 2020
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A device operation anomaly identification and reporting system includes device that generates an operating metric data stream. A management system is coupled to the device and receives and analyzes the operating metric data stream. The management system identifies peaks present in the operating metric data stream, and determines a peak height and a peak area for each of the peaks. The management system then clusters the peaks into height clusters based on their heights, and clusters the peaks into area clusters based on their areas. The management system then defines an operating periodicity for the device based on the height clusters and area clusters, and when the management system detects an operating anomaly in the device using the operating periodicity defined for the device, it generates and transmits an operating anomaly alert that reports the operating anomaly in the device.

First claim

Opening claim text (preview).

What is claimed is: 1 . A device operation anomaly identification and reporting system, comprising: a device that is configured to operate and, in response, generate an operating metric data stream; and a management system that is coupled to the device, wherein the management system is configured to: receive, from the device, the operating metric data stream; analyze the operating metric data stream over a time period; identify a plurality of peaks present in the operating metric data stream during the time period; determine, for each of the plurality of peaks, a peak height and a peak area; cluster the plurality of peaks into a plurality of height clusters based on the peak height determined for each of the plurality of peaks; cluster the plurality of peaks into a plurality of area clusters based on the peak area determined for each of the plurality of peaks; define an operating periodicity for the device based on the plurality of height clusters and the plurality of area clusters; detect an operating anomaly in the device using the operating periodicity defined for the device; and generate and transmit an operating anomaly alert that reports the operating anomaly in the device. 2 . The system of claim 1 , wherein the management system is configured to: determine, for the plurality of peaks present in the operating metric data stream during the time period, a peak baseline, wherein the peak height the peak area for each of the plurality of peaks is determined using the peak baseline. 3 . The system of claim 1 , wherein the identification of each of the plurality of peaks in the operating metric data stream during the time period includes: identifying a Gaussian-like distribution in the operating metric data stream; and identifying the peak of the Gaussian-like distribution in the operating metric data stream. 4 . The system of claim 1 , wherein the identification of each of the plurality of peaks in the operating metric data stream during the time period includes: identifying a peak beginning in the operating metric data stream; identifying a peak ending in the operating metric data stream; and identifying the peak in the operating metric data stream as at least one of a maximum or a midpoint between the peak beginning and the peak ending. 5 . The system of claim 1 , wherein the defining the operating periodicity for the device based on the plurality of height clusters includes: clustering time distances between each of the plurality of peaks within each of the plurality of height clusters. 6 . The system of claim 1 , wherein the defining the operating periodicity for the device based on the plurality of area clusters includes: clustering time distances between each of the plurality of peaks within each of the plurality of area clusters. 7 . An Information Handling System (IHS), comprising: a processing system; and a memory system that is coupled to the processing system and that includes instructions that, when executed by the processing system, cause the processing system to provide a device operation anomaly identification and reporting engine that is configured to: receive, from a device, an operating metric data stream that is generated by the device during operation of the device; analyze the operating metric data stream over a time period; identify a plurality of peaks present in the operating metric data stream during the time period; determine, for each of the plurality of peaks, a peak height and a peak area; cluster the plurality of peaks into a plurality of height clusters based on the peak height determined for each of the plurality of peaks; cluster the plurality of peaks into a plurality of area clusters based on the peak area determined for each of the plurality of peaks; define an operating periodicity for the device based on the plurality of height clusters and the plurality of area clusters; detect an operating anomaly in the device using the operating periodicity defined for the device; and generate and transmit an operating anomaly alert that reports the operating anomaly in the device. 8 . The IHS of claim 7 , wherein the device operation anomaly identification and reporting engine is configured to: determine, for the plurality of peaks present in the operating metric data stream during the time period, a peak baseline, wherein the peak height the peak area for each of the plurality of peaks is determined using the peak baseline. 9 . The IHS of claim 7 , wherein the identification of each of the plurality of peaks in the operating metric data stream during the time period includes: identifying a Gaussian-like distribution in the operating metric data stream; and identifying the peak of the Gaussian-like distribution in the operating metric data stream. 10 . The IHS of claim 7 , wherein the identification of each of the plurality of peaks in the operating metric data stream during the time period includes: identifying a peak beginning in the operating metric data stream; identifying a peak ending in the operating metric data stream; and identifying the peak in the operating metric data stream as at least one of a maximum and a midpoint between the peak beginning and the peak ending. 11 . The IHS of claim 7 , wherein the defining the operating periodicity for the device based on the plurality of height clusters includes: clustering time distances between each of the plurality of peaks within each of the plurality of height clusters. 12 . The IHS of claim 7 , wherein the defining the operating periodicity for the device based on the plurality of area clusters includes: clustering time distances between each of the plurality of peaks within each of the plurality of area clusters. 13 . The IHS of claim 7 , wherein the defining the operating periodicity for the device includes: defining, for each of a plurality of times, an expected value of the operating metric, a positive deviation from the expected value of the operating metric, and a negative deviation of the expected value of the operating metric, and wherein the detecting the operating anomaly in the device includes: detecting, at a particular time included in the plurality of times, that an observed operating metric value is outside of the positive deviation from the expected value of the operating metric and the negative deviation of the expected value of the operating metric. 14 . A method for device operation anomaly identification and reporting: receiving, by a management system from a device, an operating metric data stream that is generated by the device during operation of the device; analyzing, by the management system, the operating metric data stream over a time period; identifying, by the management system, a plurality of peaks present in the operating metric data stream during the time period; determining, by the management system for each of the plurality of peaks, a peak height and a peak area; clustering, by the management system, the plurality of peaks into a plurality of height clusters based on the peak height determined for each of the plurality of peaks; clustering, by the management system, the plurality of peaks into a plurality of area clusters based on the peak area determined for each of the plurality of peaks; defining, by the management system, an operating periodicity for the device based on the plurality of height clusters and the plurality of area clusters; detecting, by the management system, an operating anomaly in the device using the operating periodicity defined for the device; and generating and transmitting, by the manag

Assignees

Dell Products Lp

Inventors

Przestrzelski Piotr

Classifications

G06F21/565Primary
by checking file integrity · CPC title
G06F21/56
Computer malware detection or handling, e.g. anti-virus arrangements · CPC title
G06F11/0769
Readable error formats, e.g. cross-platform generic formats, human understandable formats · CPC title
G06F11/079Primary
Root cause analysis, i.e. error or fault diagnosis (in a hardware test environment G06F11/22; in a software test environment G06F11/36) · CPC title
G06F11/0751
Error or fault detection not based on redundancy (power supply failures G06F1/30; network fault management H04L41/06) · CPC title

Patent family

Related publications grouped by family.

View patent family 69228695

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2020042373A1 cover?: A device operation anomaly identification and reporting system includes device that generates an operating metric data stream. A management system is coupled to the device and receives and analyzes the operating metric data stream. The management system identifies peaks present in the operating metric data stream, and determines a peak height and a peak area for each of the peaks. The managemen…
Who is the assignee on this patent?: Dell Products Lp
What technology area does this patent fall under?: Primary CPC classification G06F21/565. Mapped technology areas include Physics.
When was this patent published?: Publication date Thu Feb 06 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).