Patent Application
20220335340
This disclosure relates generally to monitoring data and, more particularly, to systems, apparatus, articles of manufacture, and methods for data usage monitoring to identify and mitigate ethical divergence.
Data management systems gather data and/or otherwise monitor many different complex activities and processes. The consumption of data for a specific activity, tool, or task can be intensive and in many situations is performed by artificial intelligence (AI) and machine learning (ML) agents within an edge network. Such AI/ML agents perform various analytics efforts on consumed data. It is difficult to determine the reasons behind data consumption by AI/ML agents. Thus, it is complicated to determine whether such data consumption by AI/ML agents are for ethical or unethical purposes.
The figures are not to scale. In general, the same reference numbers will be used throughout the drawing(s) and accompanying written description to refer to the same or like parts.
As used herein, connection references (e.g., attached, coupled, connected, and joined) may include intermediate members between the elements referenced by the connection reference and/or relative movement between those elements unless otherwise indicated. As such, connection references do not necessarily infer that two elements are directly connected and/or in fixed relation to each other. As used herein, stating that any part is in “contact” with another part is defined to mean that there is no intermediate part between the two parts.
Unless specifically stated otherwise, descriptors such as “first,” “second,” “third,” etc., are used herein without imputing or otherwise indicating any meaning of priority, physical order, arrangement in a list, and/or ordering in any way, but are merely used as labels and/or arbitrary names to distinguish elements for ease of understanding the disclosed examples. In some examples, the descriptor “first” may be used to refer to an element in the detailed description, while the same element may be referred to in a claim with a different descriptor such as “second” or “third.” In such instances, it should be understood that such descriptors are used merely for identifying those elements distinctly that might, for example, otherwise share a same name.
As used herein “substantially real time” refers to occurrence in a near instantaneous manner recognizing there may be real world delays for computing time, transmission, etc. Thus, unless otherwise specified, “substantially real time” refers to real time+/−1 second. As used herein, the phrase “in communication,” including variations thereof, encompasses direct communication and/or indirect communication through one or more intermediary components, and does not require direct physical (e.g., wired) communication and/or constant communication, but rather additionally includes selective communication at periodic intervals, scheduled intervals, aperiodic intervals, and/or one-time events.
As used herein, “processor circuitry” is defined to include (i) one or more special purpose electrical circuits structured to perform specific operation(s) and including one or more semiconductor-based logic devices (e.g., electrical hardware implemented by one or more transistors), and/or (ii) one or more general purpose semiconductor-based electrical circuits programmed with instructions to perform specific operations and including one or more semiconductor-based logic devices (e.g., electrical hardware implemented by one or more transistors). Examples of processor circuitry include programmed microprocessors, Field Programmable Gate Arrays (FPGAs) that may instantiate instructions, Central Processor Units (CPUs), Graphics Processor Units (GPUs), Digital Signal Processors (DSPs), XPUs, or microcontrollers and integrated circuits such as Application Specific Integrated Circuits (ASICs). For example, an XPU may be implemented by a heterogeneous computing system including multiple types of processor circuitry (e.g., one or more FPGAs, one or more CPUs, one or more GPUs, one or more DSPs, etc., and/or a combination thereof) and application programming interface(s) (API(s)) that may assign computing task(s) to whichever one(s) of the multiple types of the processing circuitry is/are best suited to execute the computing task(s).
Network environments today have many different complex activities and processes, and the gathering of sufficient and relevant data to verify that a specific activity, tool, or task is performing as expected (or identifying a problem with the activity, tool, or task) can be intensive. As edge analytics efforts increase, the amount of data being utilized grows as well. In many situations, computer systems/devices/nodes use artificial intelligence (AI) and machine learning (ML) to process such large volumes of data. Although AI/ML provides huge value, efficiency, and productivity to data processing and analytics, few systems adequately consider the invasive nature of AI in data analytics. AI analysis of data cause a number of concerns in the areas of privacy, security, etc. Because of the way machine learning models operate, there is little traceability into how the insights from AI algorithms trigger decisions. For example, are surveillance solutions used exclusively to serve legitimate security purposes, or do they also identify and track gender, race, spoken languages and other sensitive topics? Even more problematic, AI implementations in the wrong hands can have a malicious purpose behind their monitoring activities. For example, in a healthcare environment, while AI could be used to inform people of disease tendencies in individuals based on genetic histories, environmental factors, etc., it could also be used to track human genetic traits to manipulate healthcare coverages and rates, which leads to ethical dilemmas.
Existing solutions to qualify AI operations focus primarily on accuracy and errors in perception. For example, failing to detect a red traffic light is a detection miss by an AI algorithm designed to detect such objects and states. For example, failing to trigger a functional control in a robot arm when facing unusual data for which the AI algorithm was not trained is a training issue resulting from not providing a broad enough global training data set. Such qualifications do not measure or detect usage context for good or bad purposes.
Examples disclosed herein include systems, apparatus, articles of manufacture, and methods for data usage monitoring to identify and mitigate ethical divergence in a data stream. For example, a machine learning model is implemented to monitor AI systems to determine the relevancy versus irrelevancy of AI application usage. For example, data usage and metadata usage may be tracked with a focus on the type of data being monitored and the context of the monitoring. For example, a process to determine whether AI applications that consume data are consuming it ethically is provided. Ethical data consumption means consuming data for a valid purpose. In some examples, the context of the data usage can be used to determine similar usages to other legitimate consumers of the data. Thus, examples disclosed herein describe a process to monitor data usage to discern good/ethical usage of data versus bad/unethical usage of the data. In some examples, the process to monitor data usage includes monitoring the specific data usage in question and also monitoring other nominal/baseline data usage of similar data sourced from similar or the same data source(s). In some examples, comparing a pattern of the data usage in question to nominal/baseline patterns of similar data usages may lead to a convergence of the compared patterns or a divergence of the compared patterns instantly or over time. Thus, if nominal/baseline patterns constitute ethical usages of data, a diverging data usage pattern to the nominal/baseline patterns may indicate an ethical divergence condition of the data stream, an ethical divergence condition of the data in the data stream, and/or an ethical divergence condition of the usage/consumption of the data/data stream by the data/data stream consumer (e.g., an artificial intelligence (AI) application node). In some examples, an ethical divergence condition may be also referred to as a deviation condition, an anomaly condition, a divergence condition, an anomalistic condition, an abnormality condition, a differentiation condition, or a discrepancy condition, among others. Additionally, in some examples, if the data usage is identified as bad/unethical, appropriate actions to mitigate such unethical usage are triggered. Thus, examples disclosed herein effectuate the identification and mitigation of an ethical divergence condition (e.g. a deviation condition) in a data stream.
In some examples, data is consumed by one or more nodes in an edge environment based on a stream of data (e.g., data stream) streamed from a data source (e.g., a source node of the data) to a consumer of the data (e.g., a consumer node of the data). A node means a computing device or other entity that has some amount of computer logic with capabilities to request data on a network and consume the requested data, such as a desktop computer, laptop, mobile phone, server, workstation, or embedded computer in any type of environment (e.g., autonomous vehicle, industrial system, central office, or any other type of edge device). In some examples, the consumption or attempted consumption of any such data stream may be measured for ethical usage. In some examples, in an edge environment that enables nodes to communicate with each other over one or more networks (e.g., one or more wired networks and/or one or more wireless networks, etc.), the communication may be in the form of network traffic. In some examples, such network traffic may include many concurrent data streams that are transferring data between many nodes.
In some examples, a measure of the ethical usage of a data stream (e.g., an amount of data within the data stream) can be based on at least one of a characteristic of the data stream or a characteristic of an AI application node that is consuming or attempting to consume the data stream. The term “data stream,” as used herein, means a movement of data of any type and in any amount from one location to another location across one or more networks. The example data stream may include data packets constructed in any known protocol that allows a data payload of any size to be transmitted between nodes/devices on networks. Thus, in some examples, a data stream may include one or more data packets of data. In some examples, data streams may transfer data over time (e.g., a series of data packets may be sent from a node A to a node B). In some examples, the AI application node is considered a data consumption node and includes some form of AI/ML application, running on the node, performing, instructing, or causing the attempts at consumption of the data stream (or portions thereof). The term “AI application node” herein is used to describe such a node.
In examples described herein, the data stream characteristic (e.g., to be measured for ethical usage), can be based on at least one of a content type of a data stream, a sensitive attribute of a data stream, a security level of a data stream, or a source location of a source node sourcing the data stream, among other possible characteristics. In some examples, a content type of the data stream may include classifying the content within the data stream as image data, audio data, textual data, telemetry data (e.g., sensor data, etc.), or any other type of data, or a combination of two or more types of such data. In some examples, a sensitive attribute of the data stream may include data that provides/describes sensitive topics, such as identification information of individuals (e.g., human resources data such as a home address, a social security number, etc.), health information of individuals (e.g., height, weight, body mass index, blood pressure, temperature, heart rate, blood cell counts, etc.), classification of individuals based on race, gender, or other or any other type of classification, information about financial statements, governmental records, confidential records, or one or more other sensitive attributes. In some examples, a security level of a data stream may include a level of known confidentiality based on content type, sensitive attributes, etc., such as confidential data, restricted data, top secret data, etc. In some examples, a source location of a source node sourcing the data stream may be described by an Internet Protocol (IP) address, a physical address, a room number, a building number, a floor number, an elevation, a global positioning system (GPS) set of coordinates, or another type of address that corresponds to a virtual or geographic location that may change how data is viewed. For example, a virtual source location IP address from a bank may cause heightened ethical scrutiny for a data stream with financial data. For example, a geographical source location at a military facility may cause heighted ethical scrutiny for image data. For example, a geographical source location in a recording studio may cause heighted ethical scrutiny for audio data.
In some examples, data in a data stream may allow layering characteristics, which can be utilized to filter data or modify data during a mitigation stage. For example, image data may relate to visual map data that has multiple layers (and therefore, potentially multiple filters) such as a first/highest map layer that shows only boundaries and roads, a next map layer may include buildings, a next map layer may include names of roads and buildings, a next map layer may add satellite imagery as an overlay but only with a pixel granularity that allows for detecting/discerning objects that are greater than 100 feet across, the next several map layers may tighten the focus to allow object detection at smaller granularities but certain classified objects within the visual map data may be blurred out or blacked out for privacy purposes, and a final map layer may reveal the blurred/blacked out areas. Each of these visual map layers may be associated with a filter at a node (e.g., a super node) for filtering out consumption requests or filtering in data monitoring of such data/data streams.
In some examples, the content type of a data stream, a sensitive attribute of a data stream, a security level of a data stream, a source location of a source node sourcing the data stream, etc., may be described as such characteristics within the data stream. For example, flags associated with such characteristics may be in the headers of data packets within the data stream. In some examples, data within the data stream may be tagged with metadata describing such characteristics. In some examples, data analysis logic within one or more nodes with access to the data stream may determine such data stream characteristics (e.g., characteristics regarding the content type of a data stream, a sensitive attribute of a data stream, a security level of a data stream, a source location of a data stream, etc.) by analyzing the data in the data stream (e.g., analyzing a data payload within one or more data packets in the data stream).
In examples described herein, the AI application node characteristic (e.g., to be measured for ethical usage), can be based on at least one of a service type attribute of the AI application node, a usage context of a data stream by the AI application node, or any one or more other AI application node characteristics. For example, a service type attribute may include a usage model of the AI application or service being performed by the AI application node. Examples of usage models of the AI application node include smart shelves in retail stores, monitoring high-risk intersections in cities, automated identification of individuals in airports or secure government buildings, predictive maintenance of equipment in factories, automated health screening of individuals, among a myriad of other service types of usage models. Thus, in some examples, the AI application node is classified as having one or more service types by labeling it as such with the service type attribute. In some examples, a voluntary labeling of the service type attribute is provided by the AI application node to other nodes within the edge environment as a way to declare itself and its services to peers, consumers, and administrators in the edge environment. In some examples, data analysis logic within one or more nodes with access to the AI application node may monitor the activity of the AI application node to either verify the voluntary labeling of the service type attribute is accurate or to provide an analyzed labeling of the AI application node's service type attribute if no such attribute was volunteered. In some examples, the usage context of the data stream may include characteristic information such as the monitoring of products consumption status for smart shelves in retail stores, the monitoring of the density of vehicles and pedestrians cross high-risk intersections in cities, identifying persons traveling or security records clearance for the automated identification of individuals in airports or secure government buildings, the continuous check of machines' health by a factory management system for the predictive maintenance of equipment in factories, or the fast-checking of a pre-visit medical visit for automated health screening of individuals, among other usage contexts. In some examples, the AI application node volunteers its usage context of the data stream. In some examples, data analysis logic within one or more nodes with access to the AI application node may monitor the activity of the AI application node to either verify the usage context of the data stream by the AI application node or to provide an analyzed labeling of the AI application node's usage context of the data stream if none was volunteered.
Example proactive data management and analytics systems and/or adaptive data management (ADM) techniques disclosed herein may monitor network traffic (e.g., content, context, usage frequencies, time used, etc.) across different nodes, and then highlight or otherwise identify the AI application node(s) consuming or attempting to consume data streams within the network traffic. For example, management may refer to causing a result to occur to achieve a desired goal, target, or objective. In some examples, management may be implemented by information in any form that may be ingested, processed, interpreted and/or otherwise manipulated by processor circuitry to produce a result. The produced result may itself be data. For example, management may itself be data that is representative of an action, activity, operation, etc., to be carried out at one or more nodes.
In some examples, data management (e.g., adaptive data management, data traffic management, etc.) may refer to decision making that achieves a goal, objective, or target. In some examples, the decision making can be an output (e.g., a data output, a numerical output, a dimensionless output, etc.) of a computing task or workload. For example, the output can be data that, when generated, may affect (e.g., directly affect) a node that generated the data. In some examples, the node that generated the data may be affected by being invoked to carry out and/or execute an activity, action, operation, etc., based on the generated data. For example, a node implemented by an electronic control unit (ECU) in a vehicle may generate an output representative of a decision for the vehicle to change lanes on a highway, and the output may be generated based on vehicle data (e.g., speed data, position or location data of the vehicle, position or location data of surrounding vehicle(s), etc.) associated with the vehicle. In some examples, the node implemented by the ECU may perform data management by generating the output based on ingested data (e.g., the vehicle data) to cause (e.g., directly cause) the vehicle to carry out and/or execute an operation in connection with the vehicle.
In some examples, the output can be data that, when generated, may affect (e.g., indirectly affect) a different node than the node that generated the output. For example, a first node performing data management may generate an output (e.g., a decision, a determination, etc.) based on ingested data and transmit the output to a second node to cause the second node to be affected. In some examples, the second node may be affected by being invoked to carry out and/or execute an activity, action, operation, etc., based on the received output.
In some examples, an example ADM system as disclosed herein may process data locally at the edges/nodes where data is sourced and consumed, then send the relevant data to a server, data center, etc., for further usage. In some examples, the ADM system as disclosed herein may implement data usage monitoring to identify and mitigate ethical divergence from a nominal/baseline data usage based on at least one of a characteristic of a data stream or a characteristic of an AI application node. In some examples, the ADM system may implement a “sink node” model, schema, technique, etc., where one(s) of the nodes can have a “logical sync node” consuming the data stream (e.g., obtaining, receiving, etc.) and deciding what to do with it, whether to communicate to the external world, upload somewhere, keep locally, or do not keep at all.
In some disclosed examples, the ADM system may carry out data analysis of the consumption or attempted consumption of the data stream by a “target” AI application node to prevent or mitigate unethical usage of the data within the data stream. As used herein, the “target AI application node” refers to the AI application node being monitored for ethical divergence of data usage to distinguish it from other AI application nodes in the edge environment. In some examples, the ADM system may utilize Artificial Intelligence/Machine Learning (AI/ML) modeling techniques and/or data graph techniques to map, associate, and/or otherwise correlate relevant datasets to one another. For example, in order to determine whether consumption/usage of the data in the data stream is ethical, comparisons of the target AI application node's consumption/usage (or attempts thereof) of the data stream to (known ethical) baseline/nominal consumption/usages from other AI application nodes may be implemented through the AI/ML modeling techniques and/or data graph techniques. In some disclosed examples, the ADM system may utilize AI/ML techniques to learn data stream characteristics and/or target AI application node characteristics on captured or ingested data for an observation period of the target AI application node for improved correlation determinations. Thus, datasets including known ethical consumption of similar data streams by other AI application nodes may be compared to a data set of the observed consumption or attempted consumption by the target AI application node.
In some examples, the ADM system may evaluate (e.g., continuously evaluate) data within one or more non-target data streams to establish a baseline pattern (e.g., a nominal pattern, etc.) of one or more data streams being consumed by other AI application nodes over time. In some examples, the baseline pattern (or patterns) may be used in subsequent comparisons for anomaly or deviation detection. For example, if a traffic feed camera on a busy intersection is counting pedestrians to provide a count for traffic control considerations, nominal data patterns coming from AI application nodes consuming such a video feed in an ethical manner may simply request a count of generic human bounding boxes to provide non-personal human counts. On the other hand, if the target data stream includes identification style bounding boxes that are trained to faces for facial recognition, and therefore include personal identification information, such divergence of data patterns between the nominal/baseline data pattern and the target data stream data pattern may identify an ethical divergence of the target data stream. In some examples, the ADM system may evaluate nominal data streams over time for greater accuracy in data to show tendencies, as opposed to a single instant anomaly for use in subsequent comparisons over time for further anomaly or deviation detection. As used herein, the “target data stream” refers to a specific data stream being consumed or attempted to be consumed by the target AI application node to distinguish from one or more other data streams in the edge environment. In some examples, the target data stream is one of several target data streams being analyzed as it is being consumed or attempted to be consumed by the target AI application. In some examples, the ADM system may evaluate the target data stream over time to gather a history of consumption of the target data stream for use in the subsequent comparisons to the baseline pattern to provide the anomaly or deviation detection. For example, the ADM system may utilize the baseline pattern to determine whether an event is a periodic normalcy (e.g., a cyclic event) or an aberration that requires attention.
In some disclosed examples, the ADM system may identify one or more characteristics representative of the target data stream and/or one or more characteristics representative of the target AI application node during the training/learning phase of the AI/ML approaches as disclosed herein. In some examples, the ADM system may utilize generated graph nodes representing combinations of multiple such characteristics that provide more accurate representations of baseline patterns of nominal data streams and baseline patterns of nominal AI application nodes for comparison against patterns of the target data stream and patterns of the target AI application node.
In some disclosed examples, the ADM system may assign metadata to the target data stream to cause orchestration of edge resources to monitor and potentially modify data usage/consumption of data within the target data stream by the target AI application node. In some examples, the ADM system may assemble metadata from multiple datasets into graph node model representations to allow comparison of graph model metadata to provide correlation factors for future monitoring and baseline comparison usages.
In some disclosed examples, the ADM system may mitigate risk associated with potential unethical usage/consumption of the target data stream by naming or tagging data in order to subsequently be able to use that identifier to search for the data. In some disclosed examples, the ADM system may also mitigate risk associated with potential unethical usage/consumption of the target data stream by implementing ledger techniques such as blockchain audit trails for data within the data stream. In some disclosed examples, the ADM system may also mitigate risk associated with potential unethical usage/consumption of the target data stream by disallowing the consumption of the target data stream by the target AI application node. Examples disclosed herein may monitor the relevant versus irrelevant AI/ML through monitoring the data and metadata usage. Examples disclosed herein monitor data usage to identify good, authorized, appropriate, etc., usage vs. bad, unauthorized, inappropriate, etc., usage, as in ethical versus unethical usage. Examples disclosed herein may trigger appropriate action(s) in response to a detection such unauthorized or unethical usage.
Examples disclosed herein enable monitoring of data usage and enforcing control (e.g., lawful control) to avoid irregular usage of data that can lead to unethical AI/ML. AI/ML itself is a tool to monitor data usage and imposes control (e.g., lawful control). In some examples, AI/ML-based systems use AI/ML to learn and verify the dominant features in the data used by the AI/ML algorithm during training and inference and if the features can represent any data stream characteristic, such as a sensitive attribute (e.g., person-related, gender, origin, geographic location, language, age, etc., associated with locality that can be subject to cultural norms). In some examples, AI/ML-based systems learn by counter example through observation of normal data usage to be able to identify irregular usage. In some examples, AI/ML-based systems automatically constrain or limit data provided to nodes seen to consume sensitive attributes in the data and flag the user/nodes that repeatedly access sensitive info.
Examples disclosed herein may leverage hardware, software, and/or firmware features to learn and/or mitigate irregular data usage. For example, an ADM system as disclosed herein may include a data consumption tracker that may be hardware, software, and/or firmware component(s) that track the features consumption in data (e.g., for video data track region of interest consumption, for audio data used in natural language processing track the language, etc. and compare against sensitive feature.
Examples disclosed herein may include Digital Right Management (DRM) for sensitive features in the data. For example, requiring decryption key access to access the data, or portion(s) thereof. Meticulously defined policies may need to be in place for monitoring and supervision of data usage to avoid single point of influence. Examples disclosed herein include AI/ML algorithms to learn the data content type and learn the nominal traffic on the network and node behavior (e.g., system and data access, data transfer and modification, etc.) and detect significant, periodic, unusual changes to nominal conditions and flag alerts. In some examples, the ADM system may include and/or otherwise implement an example contextual metadata/event-chain correlation manager that generates a graph node representation of the data stream based on multiple classified topics and objects detected and/or incorporates relationships/affinity to one another. In some such examples, the contextual metadata/event-chain correlation manager may enable more comprehensive comparisons of data and data streams to identify closely correlated content which may represent patterns in detection or targets to call out as non-random.
In some examples, the same graph node representations from above may be used to auto-generate initial levels of data authorization/confidentiality by comparing to other similar graph node tags for comparison. In some examples, the same graph node representations from above may also be used to autonomously update existing confidentiality flags across an entire operation's data landscape by setting a representative representation and using this to flag and change data throughout a database or network of databases.
In some examples, the ADM system may utilize a number of types of attributes to classify data and metadata. For example, sensor inputs, times and dates, classifications of visual objects in a video feed, chains of receivership, blockchaining for security, among other attributes to support a trusted “paper trail” for data use and ownership. In some examples, the ADM system may execute AI/ML algorithms to identify groups of nodes or traces of data routing which do not include human or perhaps always includes a person(s) which helps codify the ‘clues’ leading to bad outcome from the data insights.
In some examples, the ADM system may implement AI/ML algorithms in a hierarchal way to prevent single point of influence (or bad influence) that can be caused from wrong monitoring/supervision and lead to unfair decision. In some examples, the ADM system may set policies for monitoring/supervision of data through putting key indicators for relevant versus irrelevant usage and nominal versus non-nominal data and traffic in the network. In some examples, the ADM system may condition non-nominal traffic detection based on geographical policies and also environment context (e.g., looking for person's presence is common for surveillance applications but less common for factory room only having machinery). In some examples, the ADM system may utilize results that are produced by predictive analytics or anomaly detection algorithms, such as quality data of a certain factory process against individuals or group of people. For example, the ADM system may track the productivity of all individuals on a factory floor and highlight anomalies (e.g., people moving more slowly than the average movement speed).
In some examples, the ADM system may implement a plurality of super nodes to track data stream consumption across AI application nodes through sharing of data across the plurality of super nodes such as data stream patterns of nominal and non-nominal data streams. For example, one node that builds a nominal pattern alone has a data set limited by the data the node receives, but ten nodes that have ten different data sets of data streams and can share the data patterns being built may create a consensus data pattern applicable to an entire edge network or to a larger portion of the edge network than a single node would be able to access. In some examples, the ADM system may implement a plurality of deep data inspection (DDI) nodes to track data stream consumption across AI application nodes through sharing of data across the plurality of DDI nodes. In some examples, DDI nodes have access to a plurality of machine learning models, each trained with unique feature sets. In some examples, the DDI nodes may be deployed with a machine learning model that was trained on either the same features that are present in a target data stream or with a machine learning model that was trained on a feature set with the highest number/percentage of matching features to the features present in the target data stream. In some examples, the DDI nodes may communicate with each other in a similar format to the super nodes in that they may attempt to build one or more consensus data patterns that are most relevant to the target data stream(s) (e.g., the same characteristics/features are used in a comparison between a nominal data stream and the target data stream).
Compute, memory, and storage are scarce resources, and generally decrease depending on the Edge location (e.g., fewer processing resources being available at consumer endpoint devices, than at a base station, than at a central office). However, the closer that the Edge location is to the endpoint (e.g., user equipment (UE)), the more that space and power is often constrained. Thus, Edge computing attempts to reduce the amount of resources needed for network services, through the distribution of more resources which are located closer both geographically and in network access time. In this manner, Edge computing attempts to bring the compute resources to the workload data where appropriate, or, bring the workload data to the compute resources.
The following describes aspects of an Edge cloud architecture that covers multiple potential deployments and addresses restrictions that some network operators or service providers may have in their own infrastructures. These include, variation of configurations based on the Edge location (because edges at a base station level, for instance, may have more constrained performance and capabilities in a multi-tenant scenario); configurations based on the type of compute, memory, storage, fabric, acceleration, or like resources available to Edge locations, tiers of locations, or groups of locations; the service, security, and management and orchestration capabilities; and related objectives to achieve usability and performance of end services. These deployments may accomplish processing in network layers that may be considered as “near Edge”, “close Edge”, “local Edge”, “middle Edge”, or “far Edge” layers, depending on latency, distance, and timing characteristics.
Edge computing is a developing paradigm where computing is performed at or closer to the “Edge” of a network, typically through the use of a compute platform (e.g., x86 or ARM compute hardware architecture) implemented at base stations, gateways, network routers, or other devices which are much closer to endpoint devices producing and consuming the data. For example, Edge gateway servers may be equipped with pools of memory and storage resources to perform computation in real-time for low latency use-cases (e.g., autonomous driving or video surveillance) for connected client devices. Or as an example, base stations may be augmented with compute and acceleration resources to directly process service workloads for connected user equipment, without further communicating data via backhaul networks. Or as another example, central office network management hardware may be replaced with standardized compute hardware that performs virtualized network functions and offers compute resources for the execution of services and consumer functions for connected devices. Within Edge computing networks, there may be scenarios in services which the compute resource will be “moved” to the data, as well as scenarios in which the data will be “moved” to the compute resource. Or as an example, base station compute, acceleration and network resources can provide services in order to scale to workload demands on an as needed basis by activating dormant capacity (subscription, capacity on demand) in order to manage corner cases, emergencies or to provide longevity for deployed resources over a significantly longer implemented lifecycle.
Examples of latency, resulting from network communication distance and processing time constraints, may range from less than a millisecond (ms) when among the endpoint layer 200, under 5 ms at the Edge devices layer 210, to even between 10 to 40 ms when communicating with nodes at the network access layer 220. Beyond the Edge cloud 110 are core network 230 and cloud data center 240 layers, each with increasing latency (e.g., between 50-60 ms at the core network layer 230, to 100 or more ms at the cloud data center layer). As a result, operations at a core network data center 235 or a cloud data center 245, with latencies of at least 50 to 100 ms or more, will not be able to accomplish many time-critical functions of the use cases 205. Each of these latency values are provided for purposes of illustration and contrast; it will be understood that the use of other access network mediums and technologies may further reduce the latencies. In some examples, respective portions of the network may be categorized as “close Edge”, “local Edge”, “near Edge”, “middle Edge”, or “far Edge” layers, relative to a network source and destination. For instance, from the perspective of the core network data center 235 or a cloud data center 245, a central office or content data network may be considered as being located within a “near Edge” layer (“near” to the cloud, having high latency values when communicating with the devices and endpoints of the use cases 205), whereas an access point, base station, on-premise server, or network gateway may be considered as located within a “far Edge” layer (“far” from the cloud, having low latency values when communicating with the devices and endpoints of the use cases 205). It will be understood that other categorizations of a particular network layer as constituting a “close”, “local”, “near”, “middle”, or “far” Edge may be based on latency, distance, number of network hops, or other measurable characteristics, as measured from a source in any of the network layers 200-240.
The various use cases 205 may access resources under usage pressure from incoming streams, due to multiple services utilizing the Edge cloud. To achieve results with low latency, the services executed within the Edge cloud 110 balance varying requirements in terms of: (a) Priority (throughput or latency) and Quality of Service (QoS) (e.g., traffic for an autonomous car may have higher priority than a temperature sensor in terms of response time requirement; or, a performance sensitivity/bottleneck may exist at a compute/accelerator, memory, storage, or network resource, depending on the application); (b) Reliability and Resiliency (e.g., some input streams need to be acted upon and the traffic routed with mission-critical reliability, where as some other input streams may be tolerate an occasional failure, depending on the application); and (c) Physical constraints (e.g., power, cooling and form-factor, etc.).
The end-to-end service view for these use cases involves the concept of a service-flow and is associated with a transaction. The transaction details the overall service requirement for the entity consuming the service, as well as the associated services for the resources, workloads, workflows, and business functional and business level requirements. The services executed with the “terms” described may be managed at each layer in a way to assure real time, and runtime contractual compliance for the transaction during the lifecycle of the service. When a component in the transaction is missing its agreed to Service Level Agreement (SLA), the system as a whole (components in the transaction) may provide the ability to (1) understand the impact of the SLA violation, and (2) augment other components in the system to resume overall transaction SLA, and (3) implement steps to remediate.
Thus, with these variations and service features in mind, Edge computing within the Edge cloud 110 may provide the ability to serve and respond to multiple applications of the use cases 205 (e.g., object tracking, video surveillance, connected cars, etc.) in real-time or near real-time, and meet ultra-low latency requirements for these multiple applications. These advantages enable a whole new class of applications (e.g., Virtual Network Functions (VNFs), Function as a Service (FaaS), Edge as a Service (EaaS), standard processes, etc.), which cannot leverage conventional cloud computing due to latency or other limitations.
However, with the advantages of Edge computing comes the following caveats. The devices located at the Edge are often resource constrained and therefore there is pressure on usage of Edge resources. Typically, this is addressed through the pooling of memory and storage resources for use by multiple users (tenants) and devices. The Edge may be power and cooling constrained and therefore the power usage needs to be accounted for by the applications that are consuming the most power. There may be inherent power-performance tradeoffs in these pooled memory resources, as many of them are likely to use emerging memory technologies, where more power requires greater memory bandwidth. Likewise, improved security of hardware and root of trust trusted functions are also required, because Edge locations may be unmanned and may even need permissioned access (e.g., when housed in a third-party location). Such issues are magnified in the Edge cloud 110 in a multi-tenant, multi-owner, or multi-access setting, where services and applications are requested by many users, especially as network usage dynamically fluctuates and the composition of the multiple stakeholders, use cases, and services changes.
At a more generic level, an Edge computing system may be described to encompass any number of deployments at the previously discussed layers operating in the Edge cloud 110 (network layers 200-240), which provide coordination from client and distributed computing devices. One or more Edge gateway nodes, one or more Edge aggregation nodes, and one or more core data centers may be distributed across layers of the network to provide an implementation of the Edge computing system by or on behalf of a telecommunication service provider (“telco”, or “TSP”), internet-of-things service provider, cloud service provider (CSP), enterprise entity, or any other number of entities. Various implementations and configurations of the Edge computing system may be provided dynamically, such as when orchestrated to meet service objectives.
Consistent with the examples provided herein, a client compute node may be embodied as any type of endpoint component, device, appliance, or other thing capable of communicating as a producer or consumer of data. Further, the label “node” or “device” as used in the Edge computing system does not necessarily mean that such node or device operates in a client or agent/minion/follower role; rather, any of the nodes or devices in the Edge computing system refer to individual entities, nodes, or subsystems which include discrete or connected hardware or software configurations to facilitate or use the Edge cloud 110.
As such, the Edge cloud 110 is formed from network components and functional features operated by and within Edge gateway nodes, Edge aggregation nodes, or other Edge compute nodes among network layers 210-230. The Edge cloud 110 thus may be embodied as any type of network that provides Edge computing and/or storage resources which are proximately located to radio access network (RAN) capable endpoint devices (e.g., mobile computing devices, IoT devices, smart devices, etc.), which are discussed herein. In other words, the Edge cloud 110 may be envisioned as an “Edge” which connects the endpoint devices and traditional network access points that serve as an ingress point into service provider core networks, including mobile carrier networks (e.g., Global System for Mobile Communications (GSM) networks, Long-Term Evolution (LTE) networks, 5G/6G networks, etc.), while also providing storage and/or compute capabilities. Other types and forms of network access (e.g., Wi-Fi, long-range wireless, wired networks including optical networks, etc.) may also be utilized in place of or in combination with such 3GPP carrier networks.
The network components of the Edge cloud 110 may be servers, multi-tenant servers, appliance computing devices, and/or any other type of computing devices. For example, the Edge cloud 110 may include an appliance computing device that is a self-contained electronic device including a housing, a chassis, a case, or a shell. In some circumstances, the housing may be dimensioned for portability such that it can be carried by a human and/or shipped. Example housings may include materials that form one or more exterior surfaces that partially or fully protect contents of the appliance, in which protection may include weather protection, hazardous environment protection (e.g., electromagnetic interference (EMI), vibration, extreme temperatures, etc.), and/or enable submergibility. Example housings may include power circuitry to provide power for stationary and/or portable implementations, such as alternating current (AC) power inputs, direct current (DC) power inputs, AC/DC converter(s), DC/AC converter(s), DC/DC converter(s), power regulators, transformers, charging circuitry, batteries, wired inputs, and/or wireless power inputs. Example housings and/or surfaces thereof may include or connect to mounting hardware to enable attachment to structures such as buildings, telecommunication structures (e.g., poles, antenna structures, etc.), and/or racks (e.g., server racks, blade mounts, etc.). Example housings and/or surfaces thereof may support one or more sensors (e.g., temperature sensors, vibration sensors, light sensors, acoustic sensors, capacitive sensors, proximity sensors, infrared or other visual thermal sensors, etc.). One or more such sensors may be contained in, carried by, or otherwise embedded in the surface and/or mounted to the surface of the appliance. Example housings and/or surfaces thereof may support mechanical connectivity, such as propulsion hardware (e.g., wheels, rotors such as propellers, etc.) and/or articulating hardware (e.g., robot arms, pivotable appendages, etc.). In some circumstances, the sensors may include any type of input devices such as user interface hardware (e.g., buttons, switches, dials, sliders, microphones, etc.). In some circumstances, example housings include output devices contained in, carried by, embedded therein and/or attached thereto. Output devices may include displays, touchscreens, lights, light-emitting diodes (LEDs), speakers, input/output (I/O) ports (e.g., universal serial bus (USB)), etc. In some circumstances, Edge devices are devices presented in the network for a specific purpose (e.g., a traffic light), but may have processing and/or other capacities that may be utilized for other purposes. Such Edge devices may be independent from other networked devices and may be provided with a housing having a form factor suitable for its primary purpose; yet be available for other compute tasks that do not interfere with its primary task. Edge devices include Internet of Things devices. The appliance computing device may include hardware and software components to manage local issues such as device temperature, vibration, resource utilization, updates, power issues, physical and network security, etc. Example hardware for implementing an appliance computing device is described in conjunction with
In
In the example of
It should be understood that some of the devices in 410 are multi-tenant devices where Tenant 1 may function within a tenant1 ‘slice’ while a Tenant 2 may function within a tenant2 slice (and, in further examples, additional or sub-tenants may exist; and each tenant may even be specifically entitled and transactionally tied to a specific set of features all the way day to specific hardware features). A trusted multi-tenant device may further contain a tenant specific cryptographic key such that the combination of key and slice may be considered a “root of trust” (RoT) or tenant specific RoT. A RoT may further be computed dynamically composed using a DICE (Device Identity Composition Engine) architecture such that a single DICE hardware building block may be used to construct layered trusted computing base contexts for layering of device capabilities (such as a Field Programmable Gate Array (FPGA)). The RoT may further be used for a trusted computing context to enable a “fan-out” that is useful for supporting multi-tenancy. Within a multi-tenant environment, the respective Edge nodes 422, 424 may operate as security feature enforcement points for local resources allocated to multiple tenants per node. Additionally, tenant runtime and application execution (e.g., in instances 432, 434) may serve as an enforcement point for a security feature that creates a virtual Edge abstraction of resources spanning potentially multiple physical hosting platforms. Finally, the orchestration functions 460 at an orchestration entity may operate as a security feature enforcement point for marshalling resources along tenant boundaries.
Edge computing nodes may partition resources (memory, central processing unit (CPU), graphics processing unit (GPU), interrupt controller, input/output (I/O) controller, memory controller, bus controller, etc.) where respective partitionings may contain a RoT capability and where fan-out and layering according to a DICE model may further be applied to Edge Nodes. Cloud computing nodes often use containers, FaaS engines, servlets, servers, or other computation abstraction that may be partitioned according to a DICE layering and fan-out structure to support a RoT context for each. Accordingly, the respective RoTs spanning devices 410, 422, and 440 may coordinate the establishment of a distributed trusted computing base (DTCB) such that a tenant-specific virtual trusted secure channel linking all elements end to end can be established.
Further, it will be understood that a container may have data or workload specific keys protecting its content from a previous Edge node. As part of migration of a container, a pod controller at a source Edge node may obtain a migration key from a target Edge node pod controller where the migration key is used to wrap the container-specific keys. When the container/pod is migrated to the target Edge node, the unwrapping key is exposed to the pod controller that then decrypts the wrapped keys. The keys may now be used to perform operations on container specific data. The migration functions may be gated by properly attested Edge nodes and pod managers (as described above).
In further examples, an Edge computing system is extended to provide for orchestration of multiple applications through the use of containers (a contained, deployable unit of software that provides code and needed dependencies) in a multi-owner, multi-tenant environment. A multi-tenant orchestrator may be used to perform key management, trust anchor management, and other security functions related to the provisioning and lifecycle of the trusted ‘slice’ concept in
For instance, each Edge node 422, 424 may implement the use of containers, such as with the use of a container “pod” 426, 428 providing a group of one or more containers. In a setting that uses one or more container pods, a pod controller or orchestrator is responsible for local control and orchestration of the containers in the pod. Various Edge node resources (e.g., storage, compute, services, depicted with hexagons) provided for the respective Edge slices 432, 434 are partitioned according to the needs of each container.
With the use of container pods, a pod controller oversees the partitioning and allocation of containers and resources. The pod controller receives instructions from an orchestrator (e.g., orchestrator 460) that instructs the controller on how best to partition physical resources and for what duration, such as by receiving key performance indicator (KPI) targets based on SLA contracts. The pod controller determines which container requires which resources and for how long in order to complete the workload and satisfy the SLA. The pod controller also manages container lifecycle operations such as: creating the container, provisioning it with resources and applications, coordinating intermediate results between multiple containers working on a distributed application together, dismantling containers when workload completes, and the like. Additionally, the pod controller may serve a security role that prevents assignment of resources until the right tenant authenticates or prevents provisioning of data or a workload to a container until an attestation result is satisfied.
Also, with the use of container pods, tenant boundaries can still exist but in the context of each pod of containers. If each tenant specific pod has a tenant specific pod controller, there will be a shared pod controller that consolidates resource allocation requests to avoid typical resource starvation situations. Further controls may be provided to ensure attestation and trustworthiness of the pod and pod controller. For instance, the orchestrator 460 may provision an attestation verification policy to local pod controllers that perform attestation verification. If an attestation satisfies a policy for a first tenant pod controller but not a second tenant pod controller, then the second pod could be migrated to a different Edge node that does satisfy it. Alternatively, the first pod may be allowed to execute and a different shared pod controller is installed and invoked prior to the second pod executing.
Furthermore, one or more IPUs can execute platform management, networking stack processing operations, security (crypto) operations, storage software, identity and key management, telemetry, logging, monitoring and service mesh (e.g., control how different microservices communicate with one another). The IPU can access an xPU to offload performance of various tasks. For instance, an IPU exposes XPU, storage, memory, and CPU resources and capabilities as a service that can be accessed by other microservices for function composition. This can improve performance and reduce data movement and latency. An IPU can perform capabilities such as those of a router, load balancer, firewall, TCP/reliable transport, a service mesh (e.g., proxy or API gateway), security, data-transformation, authentication, quality of service (QoS), security, telemetry measurement, event logging, initiating and managing data flows, data placement, or job scheduling of resources on an XPU, storage, memory, or CPU.
In the illustrated example of
In some examples, the IPU 500 includes a field programmable gate array (FPGA) 570 structured to receive commands from an CPU, XPU, or application via an API and perform commands/tasks on behalf of the CPU, including workload management and offload or accelerator operations. The illustrated example of
Example compute fabric circuitry 550 provides connectivity to a local host or device (e.g., server or device (e.g., xPU, memory, or storage device)). Connectivity with a local host or device or smartNIC or another IPU is, in some examples, provided using one or more of peripheral component interconnect express (PCIe), ARM AXI, Intel® QuickPath Interconnect (QPI), Intel® Ultra Path Interconnect (UPI), Intel® On-Chip System Fabric (IOSF), Omnipath, Ethernet, Compute Express Link (CXL), HyperTransport, NVLink, Advanced Microcontroller Bus Architecture (AMBA) interconnect, OpenCAPI, Gen-Z, CCIX, Infinity Fabric (IF), and so forth. Different examples of the host connectivity provide symmetric memory and caching to enable equal peering between CPU, XPU, and IPU (e.g., via CXL.cache and CXL.mem).
Example media interfacing circuitry 560 provides connectivity to a remote smartNIC or another IPU or service via a network medium or fabric. This can be provided over any type of network media (e.g., wired or wireless) and using any protocol (e.g., Ethernet, InfiniBand, Fiber channel, ATM, to name a few).
In some examples, instead of the server/CPU being the primary component managing IPU 500, IPU 500 is a root of a system (e.g., rack of servers or data center) and manages compute resources (e.g., CPU, xPU, storage, memory, other IPUs, and so forth) in the IPU 500 and outside of the IPU 500. Different operations of an IPU are described below.
In some examples, the IPU 500 performs orchestration to decide which hardware or software is to execute a workload based on available resources (e.g., services and devices) and considers service level agreements and latencies, to determine whether resources (e.g., CPU, xPU, storage, memory, etc.) are to be allocated from the local host or from a remote host or pooled resource. In examples when the IPU 500 is selected to perform a workload, secure resource managing circuitry 502 offloads work to a CPU, xPU, or other device and the IPU 500 accelerates connectivity of distributed runtimes, reduce latency, CPU and increases reliability.
In some examples, secure resource managing circuitry 502 runs a service mesh to decide what resource is to execute workload, and provide for L7 (application layer) and remote procedure call (RPC) traffic to bypass kernel altogether so that a user space application can communicate directly with the example IPU 500 (e.g., the IPU 500 and application can share a memory space). In some examples, a service mesh is a configurable, low-latency infrastructure layer designed to handle communication among application microservices using application programming interfaces (APIs) (e.g., over remote procedure calls (RPCs)). The example service mesh provides fast, reliable, and secure communication among containerized or virtualized application infrastructure services. The service mesh can provide critical capabilities including, but not limited to service discovery, load balancing, encryption, observability, traceability, authentication and authorization, and support for the circuit breaker pattern.
In some examples, infrastructure services include a composite node created by an IPU at or after a workload from an application is received. In some cases, the composite node includes access to hardware devices, software using APIs, RPCs, gRPCs, or communications protocols with instructions such as, but not limited, to iSCSI, NVMe-oF, or CXL.
In some cases, the example IPU 500 dynamically selects itself to run a given workload (e.g., microservice) within a composable infrastructure including an IPU, xPU, CPU, storage, memory, and other devices in a node.
In some examples, communications transit through media interfacing circuitry 560 of the example IPU 500 through a NIC/smartNIC (for cross node communications) or loopback back to a local service on the same host. Communications through the example media interfacing circuitry 560 of the example IPU 500 to another IPU can then use shared memory support transport between xPUs switched through the local IPUs. Use of IPU-to-IPU communication can reduce latency and jitter through ingress scheduling of messages and work processing based on service level objective (SLO).
For example, for a request to a database application that requires a response, the example IPU 500 prioritizes its processing to minimize the stalling of the requesting application. In some examples, the IPU 500 schedules the prioritized message request issuing the event to execute a SQL query database and the example IPU constructs microservices that issue SQL queries and the queries are sent to the appropriate devices or services.
In the illustrated example of
In the illustrated example, the ADM system 600 includes the ADM console 102 to setup and/or otherwise configure portion(s) of the ADM system 600 (e.g., the data ingestion manager 606, the node manager 622, etc.). For example, the ADM console 602 may configure the metadata/data enrichment manager 640. In some examples, the ADM console 602 may implement metadata tagging (e.g., add, remove, and/or modify metadata). In some examples, the ADM console 602 may implement security policies (e.g., add, remove, and/or modify access policies of the data security manager 632. In some examples, the ADM console 602 may implement data management settings (e.g., locality, expiration date, etc., of data). In some examples, the ADM console 602 may be implemented by one or more user experience (UX) and/or user interface (UI) consoles.
In the illustrated example, the ADM system 600 includes the data ingestion manager 606 to ingest, receive, and/or otherwise obtain data from one(s) of the data sources 604. For example, the data sources 604 may be implemented by any hardware, software, and/or firmware as described herein (e.g., hardware, software, and/or firmware of an autonomous guided vehicle (AGV), a server, an IoT device, etc.). In some examples, the data ingestion manager 606 includes the pre-processing manager 608 to pre-process data obtained from the data sources 604.
In the illustrated example, the ADM system 600 includes the data query manager 610 to queue and/or and process data search requests from users and/or applications. For example, the data query handler 612 may queue and/or process the data search requests. In some such examples, the data query handler 612 may return results associated with the data search results to the requester. In some examples, the data query manager 610 utilizes the existence of metadata tables extracted from data files (e.g., media, alpha-numeric, spatial, etc.) that have been pre-generated by the example metadata/data enrichment manager 640. In some examples, the data query manager 610 may be implemented to do a search and match of topical terms to metadata tags or use weighted topics and phrases with Boolean operations to perform complex contextual matches, prioritizations, and sequence of topics mapping.
In some examples, the data query manager 610 manages multiple metadata context resulting from metadata generating engines, sub-metadata tables specific to user/applications with unique context, permissions, etc. In some examples, the data query manager 610 may scan a metadata file for primary search and recommendation of most appropriate data file links. For example, the data query manager 610 may include the metadata cluster manager 616 to scan the metadata file and/or return a number of excerpts (e.g., a user selectable number of excerpts) for final selection. In some examples, the data query manager 610 may check selections for permission level appropriateness. For example, different departments, regions, etc., of an environment may have security and access control. In some examples, the data query manager 610 may link a user/application to a returned and/or otherwise identified source file. In some examples, the data query manager 610 and a metadata database (e.g., the metadata storage 646) need not be co-resident.
In some examples, the data query manager 610 may include the query cache cluster manager 614 to execute selective caching. For example, the query cache cluster manager 614 may activate and/or otherwise enable caching for frequent topics, most recently used search terms with user selected and preferred source file links, file linkages that have a high correlation to one another (e.g., occurs frequently), etc., and/or combination(s) thereof.
In some examples, the data query manager 610 implements capacity scaling for demand volume and to serve local teams. For example, the data query manager 610 may launch additional instances of the data query manager 610 near and/or otherwise proximate to demand sources (e.g., department server or individual personal computer) that may be associated with the data sources 604.
Advantageously, in some examples, a locality of the metadata storage 646 to the data query manager 610 may reduce network traffic and latency to ensure that even if a file is unavailable, the existence of the file may be confirmed. In some examples, the data query manager 610 may effectuate synchronization with other managers of the ADM system 600 more frequently for metadata (e.g., metadata tables) of the metadata storage 646 that is/are accessed most frequently or having significant changes made (e.g., usually another feature of frequent use or recent capture). In some examples, the data query manager 610 may effectuate interactive and/or programmatic access to portion(s) of the ADM system 600.
In the illustrated example, the ADM system 600 includes the data publishing manager 618 to implement publish-subscribe messaging. For example, a subscriber (e.g., a data subscriber, a device subscriber, etc.) may coordinate with the scheduler 620 to subscribe to changes, updates, etc., of data of the metadata storage 646, the raw datastore 648, and/or one(s) of the data sources 604. In some such examples, the data publishing manager 618 may publish data of interest to the appropriate subscribers.
In the illustrated example, the ADM system 600 includes the node manager 622 to enable edge nodes to maintain lists (e.g., a friends list), a neighboring nodes list, a trusted or verified node list, etc.) on the network. In some examples, the list(s) may include(s) the preferred nodes table 624. For example, the preferred nodes table 624 may be implemented by a routing table in networking examples. In some examples, the node manager 622 may maintain the table/list/index as dynamic and/or evolving table/list/index by considering previous interactions and/or transactions between neighboring nodes. For example, the node manager 622 may control the table/list/index to rate neighboring nodes based on the context of data requested, frequency of data requested, Quality-of-Service (QoS) of past interactions, etc., and/or combination(s) thereof. In some examples, the table/list/index may exist in the distributed datastore 644, which may be quickly accessible upon a request from the data query manager 610.
In the illustrated example, the ADM system 600 includes the network plane 626 to facilitate the transmission, distribution, and/or otherwise propagation of data. In some examples, the network plane 626 may be implemented by one or more networks. For example, the network plane 626 may be implemented by the Internet. However, the network plane 626 may be implemented using any suitable wired and/or wireless network(s) including, for example, one or more data buses, one or more Local Area Networks (LANs), one or more wireless LANs, one or more cellular networks, one or more private networks, one or more public networks, one or more fiber networks, one or more satellite networks, etc., and/or combination(s) thereof. In the illustrated example, component(s) of the ADM system 600 may provide, deliver, propagate, etc., data in the ADM system 100 by the data plane 628. In the illustrated example, component(s) of the ADM system 600 may provide, deliver, propagate, etc., controls, commands, directions, instructions, etc., in the ADM system 100 by the control plane 630.
In the illustrated example, the ADM system 600 includes the data security manager 632 to control (e.g., add, remove, modify, etc.) one(s) of the access policies. For example, the data security manager 632 may control the access policies rather than the node/platform level security components or user authentication to the network. In some examples, the data security manager 632 may be accessed through the ADM console 102.
In some examples, the data security manager 632 assigns initial security/access levels to data files/streams based on user provided policy or explicit settings. In some examples, the data security manager 632 facilitates autonomous control of access policies, where content may inherit security levels from other similar files based on metadata/topics. In some examples, the data security manager 632 ensures compatible security level data match for the user/application/service level security with appropriate data levels. In some examples, the data security manager 632 defines the scope of data availability (e.g., geographic, topical, personnel, security level, etc.). In some examples, the data security manager 632 logs audits for a query log (e.g., request, copies, moves, success/fail, reason, etc.) maintained by the data query manager 610. In some examples, the data security manager 632 ensures data/metadata from high security areas are not copied/moved to lower-level security environments. In some examples, the data security manager 632 enforces top secret level access to confidential areas or non-top secret level access to unsecured servers. In some examples, the data security manager 632 monitors with the data query manager 610 the data request traffic for potential irregularities. In some examples, the data security manager 632 may implement and/or otherwise provide encryption services, keys as a service, etc., and/or combination(s) thereof.
In the illustrated example, the ADM system 600 includes the AMR 634 to monitor the data on the data plane 628 and/or in the distributed datastore 644 (e.g., when triggered to run analytics) and/or upon a gap in the existing algorithms 638 of the analytics manager 636. In some examples, the AMR 634 may interface with the resource manager 642 by an example interface 650. For example, the resource manager 642 may implement an orchestration agent that receives a request for new one(s) of the algorithms 638 to act on of data of interest. For example, if a node that was previously monitoring a video stream and now has some additional time series data, the AMR 634 can request the resource manager/orchestrator agent 642 for a new one of the algorithms 638 to update the analytics manager 636 to run insights on both modalities.
In some examples, the analytics manager 636 includes a metadata agent (e.g., a metadata agent that may be implemented by the metadata/data enrichment manager 640) that may request analytics to be executed by the AMR 634 for generating metadata from source streams/files. In some such examples, the AMR 634 may invoke one(s) of the algorithms 638 to generate the analytics. In some such examples, the analytics may be generated by an Artificial Intelligence/Machine Learning (M/ML) model (e.g., a neural network (NN)) for classification, neural natural language processing (NNLP) to parse documentation, etc., and/or combination(s) thereof.
In some examples, in the data or user domain, an application or a direct user request may request an analytics container (e.g., an analytics container that may be implemented by the analytics manager 636) with an appropriate configuration and optimizations for the requested task. In some examples, certain one(s) of the algorithms 638 or AI/ML models may be preferred over time as a function of accuracy and performance.
In some examples, the resource manager/orchestration agent 642 may orchestrate new one(s) of the algorithms 638 either from a centralized algorithm library based on example algorithm ratings, scores, etc., if available, or through a pointer to a local datastore (e.g., if available in a library) of the analytics manager 636 for faster access or the distributed datastore 644.
Artificial intelligence (AI), including machine learning (ML), deep learning (DL), and/or other artificial machine-driven logic, enables machines (e.g., computers, logic circuits, etc.) to use a model to process input data to generate an output based on patterns and/or associations previously learned by the model via a training process. For instance, one(s) of the algorithms 638 may be trained with data to recognize patterns and/or associations and follow such patterns and/or associations when processing input data such that other input(s) result in output(s) consistent with the recognized patterns and/or associations.
Many different types of machine-learning models and/or machine-learning architectures exist. In some examples, the analytics manager 636 may generate one(s) of the algorithms 638 as neural network model(s). In some examples, the resource manager/orchestration agent 642 may obtain and/or generate one(s) of the algorithms 638. Using a neural network model enables the analytics manager 636 to execute AI/ML workload(s). In general, machine-learning models/architectures that are suitable to use in the example approaches disclosed herein include recurrent neural networks. However, other types of machine learning models could additionally or alternatively be used such as supervised learning ANN models, clustering models, classification models, etc., and/or a combination thereof. Example supervised learning ANN models may include two-layer (2-layer) radial basis neural networks (RBN), learning vector quantization (LVQ) classification neural networks, etc. Example clustering models may include k-means clustering, hierarchical clustering, mean shift clustering, density-based clustering, etc. Example classification models may include logistic regression, support-vector machine or network, Naive Bayes, etc. In some examples, the analytics manager 636 may compile and/or otherwise generate one(s) of the algorithm(s) 638 as lightweight machine-learning models.
In general, implementing an ML/AI system involves two phases, a learning/training phase and an inference phase. In the learning/training phase, a training algorithm is used to train the one(s) of the algorithms 638 to operate in accordance with patterns and/or associations based on, for example, training data. In general, the one(s) of the algorithms 638 include(s) internal parameters (e.g., indices, raw data, metadata, insights, models, weights, etc.) that guide how input data is transformed into output data, such as through a series of nodes and connections within the one(s) of the algorithms 638 to transform input data into output data. Additionally, hyperparameters are used as part of the training process to control how the learning is performed (e.g., a learning rate, a number of layers to be used in the machine learning model, etc.). Hyperparameters are defined to be training parameters that are determined prior to initiating the training process.
Different types of training may be performed based on the type of ML/AI model and/or the expected output. For example, the analytics manager 636 may invoke supervised training to use inputs and corresponding expected (e.g., labeled) outputs to select parameters (e.g., by iterating over combinations of select parameters) for the one(s) of the algorithms 638 that reduce model error. As used herein, “labeling” refers to an expected output of the machine learning model (e.g., a classification, an expected output value, etc.). Alternatively, the analytics manager 636 may invoke unsupervised training (e.g., used in deep learning, a subset of machine learning, etc.) that involves inferring patterns from inputs to select parameters for the one(s) of the algorithms 638 (e.g., without the benefit of expected (e.g., labeled) outputs).
In some examples, the analytics manager 636 trains the one(s) of the algorithms 638 using unsupervised clustering of operating observables. For example, the operating observables may include data from the data sources 604, metadata in the metadata storage 646, data in the raw datastore 648, etc., and/or combination(s) thereof. However, the analytics manager 636 may additionally or alternatively use any other training algorithm such as stochastic gradient descent, Simulated Annealing, Particle Swarm Optimization, Evolution Algorithms, Genetic Algorithms, Nonlinear Conjugate Gradient, etc.
In some examples, the analytics manager 636 may train the one(s) of the algorithms 638 until the level of error is no longer reducing. In some examples, the analytics manager 636 may train the one(s) of the algorithms 638 locally on the analytics manager 636 and/or remotely at an external computing system (e.g., on external computing device(s) in communication with the resource manager/orchestration agent 642) communicatively coupled to the analytics manager 636. In some examples, the analytics manager 636 trains the one(s) of the algorithms 638 using hyperparameters that control how the learning is performed (e.g., a learning rate, a number of layers to be used in the machine learning model, etc.). In some examples, the analytics manager 636 may use hyperparameters that control model performance and training speed such as the learning rate and regularization parameter(s). The analytics manager 636 may select such hyperparameters by, for example, trial and error to reach an optimal model performance. In some examples, the analytics manager 636 Bayesian hyperparameter optimization to determine an optimal and/or otherwise improved or more efficient network architecture to avoid model overfitting and improve the overall applicability of the one(s) of the algorithms 638. Alternatively, the analytics manager 636 may use any other type of optimization. In some examples, the analytics manager 636 may perform re-training. The analytics manager 636 may execute such re-training in response to override(s) by a user of the ADM 600, a receipt of new training data, change(s) to node(s), change(s) observed and/or otherwise identified by node(s), etc.
In some examples, the analytics manager 636 facilitates the training of the one(s) of the algorithms 638 using training data. In some examples, the analytics manager 636 utilizes training data that originates from locally generated data, such as one(s) of the data from the data sources 604, metadata in the metadata storage 646, data in the raw datastore 648, etc., and/or combination(s) thereof. In some examples, the analytics manager 636 utilizes training data that originates from externally generated data, such as data from the data sources 604, data from the resource manager/orchestration agent 642, etc., and/or combination(s) thereof. In some examples where supervised training is used, the analytics manager 636 may label the training data (e.g., label training data or portion(s) thereof with appropriate metadata). Labeling is applied to the training data by a user manually or by an automated data pre-processing system. In some examples, the analytics manager 636 may pre-process the training data. In some examples, the analytics manager 636 sub-divides the training data into a first portion of data for training the one(s) of the algorithms 638, and a second portion of data for validating the one(s) of the algorithms 638.
Once training is complete, the analytics manager 636 may deploy the one(s) of the algorithms 638 for use as an executable construct that processes an input and provides an output based on the network of nodes and connections defined in the one(s) of the algorithms 638. The analytics manager 636 may store the one(s) of the algorithms 638 in the analytics manager 636. In some examples, the analytics manager 636 may invoke the interface 650 to transmit the one(s) of the algorithms 638 to one(s) of the external computing systems in communication with the resource manager/orchestration agent 642. In some such examples, in response to transmitting the one(s) of the algorithms 638 to the one(s) of the external computing systems, the one(s) of the external computing systems may execute the one(s) of the algorithms 638 to execute AI/ML workloads with at least one of improved efficiency or performance.
Once trained, the deployed one(s) of the algorithms 638 may be operated in an inference phase to process data. In the inference phase, data to be analyzed (e.g., live data) is input to the one(s) of the algorithms 638, and the one(s) of the algorithms 638 execute(s) to create an output. This inference phase can be thought of as the AI “thinking” to generate the output based on what it learned from the training (e.g., by executing the one(s) of the algorithms 638 to apply the learned patterns and/or associations to the live data). In some examples, input data undergoes pre-processing before being used as an input to the one(s) of the algorithms 638. Moreover, in some examples, the output data may undergo post-processing after it is generated by the one(s) of the algorithms 638 to transform the output into a useful result (e.g., a display of data, a detection and/or identification of an object, an instruction to be executed by a machine, etc.).
In some examples, output of the deployed one(s) of the algorithms 638 may be captured and provided as feedback. By analyzing the feedback, an accuracy of the deployed one(s) of the algorithm(s) 638 can be determined. If the feedback indicates that the accuracy of the deployed model is less than a threshold or other criterion, training of an updated model can be triggered using the feedback and an updated training data set, hyperparameters, etc., to generate an updated, deployed model.
In the illustrated example, the ADM system 600 includes the metadata/data enrichment manager 640 to schedule and/or execute metadata creation and/or post-processing routines intended to extract context and meaning from the source stream/files to enhance source files to decrease noise and/or clarify/focus subjects of interest. In some examples, the metadata/data enrichment manager 640 includes a metadata or enhancement request routine, an online metadata agent, and/or an offline metadata agent. In some examples, the metadata or enhancement request routine may be configured and/or otherwise generated to take inputs from a user or process/application to articulate the types of metadata/enhancement and determine what operations may be done in real time and what must be done offline based on complexity of the request, type of data, available processing resources, priority/urgency of the operation.
In some examples, the online metadata agent may access existing metadata or enhancement functionality within a node or launch a selected algorithm package to perform real time metadata/enhancement actions on the data stream and create a source-file linked metadata record that may be passed to the data query manager 610 for incorporation and synchronization with other authorized and/or relevant instances of the data query manager 610. In the example of source file enhancement, the original file may be archived and linked with appropriate metadata record while the modified file is returned to the requestor.
In some examples, the offline metadata agent may be implemented as the real time agent instantiated on the server/file storage that runs metadata/enhancement routines offline due to resource availability, complexity of operations, and/or lower priority setting. Subsequent behavior may be similar to the online metadata once post-processing has been completed.
In some examples, the metadata/data enrichment manager 640 evaluates metadata/enhancement requests and priority. In some examples, the metadata/data enrichment manager 640 may select appropriate operations for base metadata and enhancement operations. In some examples, the metadata/data enrichment manager 640 may invoke and/or otherwise call to the AMR 634 that heuristically may suggest proper algorithms for advanced data operations and can recommend algorithm combinations (e.g., algorithm recipes) from prior operations that may be preferred by different customers or operate best on certain hardware.
In some examples, the metadata/data enrichment manager 640 identifies real-time operations from post-processed operations and confirm with the user allowing user to modify. In some examples, the metadata/data enrichment manager 640 launch modules (e.g., AI, NNLP, analytics, statistics, etc.) to generate metadata and/or enhance existing data (e.g., hyper-resolution or false image enhancements) on local node or supporting compute platform(s). In some examples, the metadata/data enrichment manager 640 manages archiving of sources, appending metadata records to the data query manager 610 (with source links), etc. In some examples, a single instance of the metadata/data enrichment manager 640 may manage multiple metadata/enhancement operations.
In the illustrated example, the ADM system 600 includes the distributed datastore 644 to record data. For example, the distributed datastore 644 may include the metadata storage 646 to record and/or otherwise store metadata. In some examples, the distributed datastore 644 may include the raw datastore 648 to record raw and/or otherwise unprocessed data. The distributed datastore 644 may be implemented by one or more volatile memories (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM), etc.), one or more non-volatile memories (e.g., flash memory), and/or combination(s) thereof. The distributed datastore 644 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, DDR4, mobile DDR (mDDR), etc. The distributed datastore 644 may additionally or alternatively be implemented by one or more mass storage devices such as hard disk drive(s) (HDD(s)), compact disk (CD) drive(s), digital versatile disk (DVD) drive(s), solid-state disk (SSD) drive(s), etc. While in the illustrated example the distributed datastore 644 is illustrated as a single datastore, the distributed datastore 644 may be implemented by any number and/or type(s) of datastores. Furthermore, the data stored in the distributed datastore 644 may be in any data format such as, for example, binary data, comma delimited data, tab delimited data, structured query language (SQL) structures, etc.
In some examples, the metadata storage 646, the raw datastore 648, and/or, more generally, the distributed datastore 644 may implement one or more databases. The term “database” as used herein means an organized body of related data, regardless of the manner in which the data or the organized body thereof is represented. For example, the organized body of related data may be in the form of one or more of a table, a map, a grid, a packet, a datagram, a frame, a file, an e-mail, a message, a document, a report, a list or in any other form.
As used herein, data is information in any form that may be ingested, processed, interpreted and/or otherwise manipulated by processor circuitry to produce a result. The produced result may itself be data.
As used herein “threshold” is expressed as data such as a numerical value represented in any form, that may be used by processor circuitry as a reference for a comparison operation.
As used herein, a model is a set of instructions and/or data that may be ingested, processed, interpreted and/or otherwise manipulated by processor circuitry to produce a result. Often, a model is operated using input data to produce output data in accordance with one or more relationships reflected in the model. The model may be based on training data.
While an example manner of implementing the ADM system 600 is illustrated in
Flowcharts representative of example hardware logic circuitry, machine readable instructions, hardware implemented state machines, and/or any combination thereof for implementing the ADM system 600 of
The machine readable instructions described herein may be stored in one or more of a compressed format, an encrypted format, a fragmented format, a compiled format, an executable format, a packaged format, etc. Machine readable instructions as described herein may be stored as data or a data structure (e.g., as portions of instructions, code, representations of code, etc.) that may be utilized to create, manufacture, and/or produce machine executable instructions. For example, the machine readable instructions may be fragmented and stored on one or more storage devices and/or computing devices (e.g., servers) located at the same or different locations of a network or collection of networks (e.g., in the cloud, in edge devices, etc.). The machine readable instructions may require one or more of installation, modification, adaptation, updating, combining, supplementing, configuring, decryption, decompression, unpacking, distribution, reassignment, compilation, etc., in order to make them directly readable, interpretable, and/or executable by a computing device and/or other machine. For example, the machine readable instructions may be stored in multiple parts, which are individually compressed, encrypted, and/or stored on separate computing devices, wherein the parts when decrypted, decompressed, and/or combined form a set of machine executable instructions that implement one or more operations that may together form a program such as that described herein.
In another example, the machine readable instructions may be stored in a state in which they may be read by processor circuitry, but require addition of a library (e.g., a dynamic link library (DLL)), a software development kit (SDK), an application programming interface (API), etc., in order to execute the machine readable instructions on a particular computing device or other device. In another example, the machine readable instructions may need to be configured (e.g., settings stored, data input, network addresses recorded, etc.) before the machine readable instructions and/or the corresponding program(s) can be executed in whole or in part. Thus, machine readable media, as used herein, may include machine readable instructions and/or program(s) regardless of the particular format or state of the machine readable instructions and/or program(s) when stored or otherwise at rest or in transit.
The machine readable instructions described herein can be represented by any past, present, or future instruction language, scripting language, programming language, etc. For example, the machine readable instructions may be represented using any of the following languages: C, C++, Java, C#, Perl, Python, JavaScript, HyperText Markup Language (HTML), Structured Query Language (SQL), Swift, etc.
As mentioned above, the example operations of
“Including” and “comprising” (and all forms and tenses thereof) are used herein to be open ended terms. Thus, whenever a claim employs any form of “include” or “comprise” (e.g., comprises, includes, comprising, including, having, etc.) as a preamble or within a claim recitation of any kind, it is to be understood that additional elements, terms, etc., may be present without falling outside the scope of the corresponding claim or recitation. As used herein, when the phrase “at least” is used as the transition term in, for example, a preamble of a claim, it is open-ended in the same manner as the term “comprising” and “including” are open ended. The term “and/or” when used, for example, in a form such as A, B, and/or C refers to any combination or subset of A, B, C such as (1) A alone, (2) B alone, (3) C alone, (4) A with B, (5) A with C, (6) B with C, or (7) A with B and with C. As used herein in the context of describing structures, components, items, objects and/or things, the phrase “at least one of A and B” is intended to refer to implementations including any of (1) at least one A, (2) at least one B, or (3) at least one A and at least one B. Similarly, as used herein in the context of describing structures, components, items, objects and/or things, the phrase “at least one of A or B” is intended to refer to implementations including any of (1) at least one A, (2) at least one B, or (3) at least one A and at least one B. As used herein in the context of describing the performance or execution of processes, instructions, actions, activities and/or steps, the phrase “at least one of A and B” is intended to refer to implementations including any of (1) at least one A, (2) at least one B, or (3) at least one A and at least one B. Similarly, as used herein in the context of describing the performance or execution of processes, instructions, actions, activities and/or steps, the phrase “at least one of A or B” is intended to refer to implementations including any of (1) at least one A, (2) at least one B, or (3) at least one A and at least one B.
As used herein, singular references (e.g., “a”, “an”, “first”, “second”, etc.) do not exclude a plurality. The term “a” or “an” object, as used herein, refers to one or more of that object. The terms “a” (or “an”), “one or more”, and “at least one” are used interchangeably herein. Furthermore, although individually listed, a plurality of means, elements or method actions may be implemented by, e.g., the same entity or object. Additionally, although individual features may be included in different examples or claims, these may possibly be combined, and the inclusion in different examples or claims does not imply that a combination of features is not feasible and/or advantageous.
The edge network environment 800 of the illustrated example includes an example public network 806, an example private network 808, and an example edge cloud 810. In this example, the public network 806 may implement a telephone service provider (TSP) network (e.g., a Long-Term Evolution (LTE) network, a 5G network, a Telco network, etc.). For example, the public network 806 may implement the network access layer 220 of
In the illustrated example of
The edge network environment 800 of the illustrated example includes an example process control system 812, example robots (e.g., collaborative robots, robot arms, etc.) 814, a first example industrial machine (e.g., an autonomous industrial machine) 816, a second example industrial machine 818, a third example industrial machine 820, a fourth example industrial machine 822, an example predictive maintenance system 824, an example vehicle (e.g., a truck, an autonomous truck, an autonomous vehicle, etc.) 826, a first example monitoring sensor 828, a second example monitoring sensor 830, and example endpoint devices 832, 834, 836. In some examples, the process control system 812 may include one or more industrial machines such as a silo, a smokestack, a conveyor belt, a mixer, a pump, etc., and/or a combination thereof. For example, the process control system 812 may implement the business and industrial equipment 163 of
In some examples, the robots 814 may implement hydraulic and/or electromechanical robots that may be configured to execute manufacturing tasks (e.g., lifting equipment, assembling components, etc.), industrial tasks, etc. For example, the robots 814 may implement the business and industrial equipment 163 of
In some examples, the vehicle 826 may implement one of the autonomous vehicles 161 of
In this example, the endpoint devices 832, 834, 836 include a first example endpoint device 832, a second example endpoint device 834, and a third example endpoint device 836. In some examples, one(s) of the endpoint devices 832, 834, 836 may implement consumer computing devices, user equipment, etc. For example, one or more of the endpoint devices 832, 834, 836 may implement the user equipment 162 of
In the illustrated example of
In some examples, the edge gateway 802 may facilitate communication, data transfers, etc., between a source service, a source appliance, etc., of the private network 808 to a target service, a target appliance, etc., of the public network 806. For example, the edge gateway 802 may receive a data stream including one or more data packets from a source (e.g., a data source), a producer (e.g., a data producer), etc., which may be implemented by the cloud data center 130 of
In the illustrated example of
In some examples, the edge gateway 802 and/or the edge switch 804 may implement adaptive data management based on global observability at the edge, which may be implemented by the edge network environment 800 or portion(s) thereof. In some examples, the edge network environment 800 may implement a large number and/or different types of applications, such as machine vision applications implemented by the robots 814, autonomous driving applications implemented by the vehicle 826, etc. In some such examples, the data generated by the private network 808 is relatively diverse because of the vast range of data sources, such as sensors, controllers, services, and/or user input that may be processed and analyzed to identify anomalies and trends in the data. For example, the edge gateway 802 and/or the edge switch 804 may facilitate the transmission of data including sensor data or measurements, video feeds, still images, predictive maintenance alerts or control commands, robotic control commands, etc., and/or a combination thereof.
In some examples, the edge gateway 802 and/or the edge switch 804 may transfer data to components of the ADM system 600 of
In some examples, data generated by the private network 808 may be immense. In some examples, a data source, such as the process control system 812, one(s) of the robots 814, one(s) of the industrial machines 816, 818, 820, 822, the predictive maintenance system 824 (or sensor(s) thereof), the vehicle 826, the first monitoring sensor 828, the second monitoring sensor 830, the first endpoint device 832, the second endpoint device 834, and/or the third endpoint device 836, may have insufficient computing resources (e.g., one or more processors, one or more accelerators, one or more memories, one or more mass storage discs, etc.) to analyze the data generated by the data source. In some such examples, the data source may be unable to identify redundant data, less important or less significant data, etc., due to insufficient computing resources and therefore may flood the private network 808 with a significant quantity of data at relatively short intervals. Advantageously, the edge gateway 802, the edge switch 804, and/or, more generally, the ADM 600 of
In the illustrated example, the portion 900 of the ADM system 600 can implement a first example operation 902 (identified by a circle that encloses “1”), a second example operation 904 (identified by a circle that encloses “2”), a third example operation 906 (identified by a circle that encloses “3”), and a fourth example operation 908 (identified by a circle that encloses “4”). During the first operation 902, the data ingestion manager 606 may capture data from the data sources 604. The data ingestion manager 606 may pre-process the data by metadata tagging with data management settings (e.g., a locality or location of the data, expiration date, a source of the data, a type of the data, etc.). The AMR 634 may monitor the data on the network plane 626 and/or invoke the distributed datastore 644 to execute analytics using a model (e.g., an AI/ML model, a data graph model, etc.). The AMR 634 may synchronize with the resource manager/orchestration agent 642 to identify new one(s) of the algorithms 638 that may be executed and/or instantiated at a node. For example, the AMR 634 can provide metadata associated with ingested data to the resource manager/orchestration agent 642. In some examples, the resource manager/orchestration agent 642 can identify an AI/ML model that corresponds to the metadata and provide the AI/ML model to the AMR 634 for execution and/or instantiation at the node to execute a workload associated with the ingested data or data to be subsequently ingested.
During the second operation 904, the resource manager/orchestration agent 642 can identify criteria for global decisions (e.g., decisions, policies or policy determinations, etc., that may be applicable to a substantial or entire portion of an environment), provide guidance on the criteria, and/or execute resource management and/or orchestration of resources (e.g., hardware, software, and/or firmware resources) of the ADM system 600. In some examples, the resource manager/orchestration agent 642 can orchestrate resources and allocate different one(s) of the algorithms 638, select preferred node(s) of the preferred nodes table 624 to monitor, etc., and/or combination(s) thereof. In some examples, the resource manager/orchestration agent 642 can orchestrate a new one of the algorithms 638 to be provided from an algorithm library based on algorithm ratings, scores, etc., if available, or point to a local datastore (if available locally) for faster access.
During the third operation 906, the analytics manager 636 monitors data from the data sources 604 for further processing. For example, the analytics manager 636 can learn characteristics of a data stream and/or characteristics of an AI application node (consuming or attempting to consume the data stream) for an observation period and associate with at least one of location, action recognition, type, data, size, owner, classification tags, frequency of appearance, etc., and/or combination(s) thereof.
During the fourth operation 908, the portion 900 of the ADM system 600, and/or, more generally, the ADM system 600, can implement example data orchestration and nodes activities 910. Example activities, actions, operations, tasks, etc., can include identification and mitigation of ethical divergence of a data stream. Example activities, operations, tasks, etc., can include tagging data within the datastream with one or more metadata tags, such as injecting a hash that represents time, date, location, identification of data stream ownership, etc. into the data stream, blockchaining data within the data stream, modifying the data stream to provide only a portion of the data, obscuring data within the data stream (e.g., a sensitive portion of image data in the data stream may be blurred out), or prohibiting the consumption of the data stream by one or more AI application nodes, among other operations.
During a first operation, an example metadata manager 1002 may execute contextual analytics on a first example dataset 1004 (identified by dataset A) and a second example dataset 1006 (identified by dataset B). For example, the metadata manager 1002 may be implemented by the metadata/data enrichment manager 640 of
During a second operation, the metadata manager 1002 may generate example graph node model representations 1008 based on the contextual analytics associated with the first dataset 1004 and the second dataset 1006. The graph node model representations 1008 may include a first example graph node model representation 1010 and a second example graph node model representation 1012. For example, the first graph node model representation 1010 may correspond to the first dataset 1004 and the second graph node model representation 1012 may correspond to the second dataset 1006. In some examples, the first workflow 1000 may generate at least one graph node representation (e.g., the first graph node model representation 1010) of a target data stream based on at least one or more data points in the data stream. In some examples, the dataset A 1004 may include at least a portion of the data in a target data stream consumed or attempted to be consumed by an AI application node. The example dataset A 1004 may include one or more example data points representative of information within the target data stream. In some examples, the first workflow 1000 may generate at least one graph node representation (e.g., the second graph node model representation 1012) of a nominal data stream based on at least one or more data points in the nominal data stream. In some examples, the dataset B 1006 may include at least a portion of the data in a nominal data stream consumed by an AI application node. The example dataset B 1006 may include one or more example data points representative of information within the nominal data stream.
During a third operation, an example graph model metadata comparator 1014 may execute context and variance calculations based on at least one of the first graph node model representation 1010 or the second graph node model representation 1012. In some examples, the graph model metadata comparator 1014 may be implemented by the metadata/data enrichment manager 640. In some examples, the graph model metadata comparator 1014 may utilize the context and variance calculations to compare the first graph node model representation 1010, representative of information within the target data stream, to the second graph node model representation 1012, representative of information within a nominal data stream.
During a fourth operation, the graph model metadata comparator 1014 may generate, determine, and/or otherwise output correlation factors for the first graph node model representation 1010 and/or the second graph node model representation 1012 and/or output one or more delta scores representative of a difference between the first graph node model representation 1010 and/or the second graph node model representation 1012.
In some examples, the graph model metadata comparator 1014 may calculate a delta score of the difference between the first graph node model representation 1010 and the second graph node model representation 1012. In some examples, the graph model metadata comparator 1014 may convert the first graph node model representation 1010 and the second graph node model representation 1012 from a cluster of data points to a centroid of the cluster of data points. In some examples, the graph model metadata comparator 1014 may convert the first graph node model representation 1010 and the second graph node model representation 1012 into vector representations through a linear transformation of data points within the first graph node model representation 1010 and the second graph node model representation 1012. In some examples, the graph model metadata comparator 1014 may calculate a similarity score that utilizes a distance metric common in database queries. The example similarity score represents a distance between a vector representative of the first graph node model representation 1010 and a vector representative of the second graph node model representation 1012. In some examples, the graph model metadata comparator 1014 calculates the delta score by normalizing the similarity score to a value between 0 and 1 and subtracting that value from 1 (e.g., delta score=1−similarity score).
In some examples, the correlation factors and/or the delta scores may be stored in an index table (or other form of data representation) that may be utilized for future use. For example, the analytics manager 636 may execute the algorithms 638 based on the correlation factors and/or the delta scores. In response to determining the correlation factors and/or delta scores 1016, the first workflow 1000 of the illustrated example of
During a first operation, an example data query manager 1102 may obtain a data query from a node (e.g., a data requester). The data query manager 1102 may obtain a first example graph node model representation 1104 from a first example metadata storage 1106. The data query manager 1102 may obtain a second example graph node model representation 1108 from a second example metadata storage 1110. In some examples, the first graph node model representation 1104 may be implemented by the first graph node model representation 1010 of
During a second operation, the data query manager 1102 provides at least one of the data query, the first graph node model representation 1104, or the second graph node model representation 1108 to an example graph model metadata comparator 1112. In some examples, the graph model metadata comparator 1112 may be implemented by the metadata/data enrichment manager 640 of
During a third operation, the graph model metadata comparator 1112 may compare the at least one of the data query, the first graph node model representation 1104, or the second graph node model representation 1108 and generate value(s) based on the comparison(s). In some examples, the graph model metadata comparator 1112 may generate one or more delta scores (e.g., the generated value(s)) of the difference between the first graph node model representation 1104 and the second graph node model representation 1108. The graph model metadata comparator 1112 may provide the value(s) 1114 to the data query manager 1102. In some examples, the value(s) may be implemented by a correlation factor and/or a delta score for dynamic query operation 1116. In response to determining the correlation factor and/or the delta score for dynamic query operation, the second workflow 1100 of
In some examples, the first graph model 1202 and/or the second graph model 1204 is/are contextual data graph model(s). The first graph model 1202 includes a first example major node 1206, a first example adjacent node 1208, and a second example adjacent node 1210. The second graph model 1204 includes a second example major node 1212, a third example adjacent node 1214, a fourth example adjacent node 1216, and an example adjacent node grouping 1218. The patterns (e.g., solid, dotted, striped, hashed, etc.) of the various major nodes and adjacent nodes illustrated in
The lines connecting the major nodes 1206, 1212 to the adjacent nodes or the adjacent nodes to each other represent the strength vectors 1205, 1207 between the two nodes. In some examples, the strength vectors 1205, 1207 are of a single dimension and/or multiple dimensions and includes descriptors (e.g., keywords, similarity ratings (e.g., 1 through 5 with 1 being relatively not similar and 5 being substantially similar and/or identical, low/medium/high, etc.), characters, strings, numerical values, etc.) that represent how strongly the metadata of the raw data, ingested data, stored data, etc., match. In some examples, the length of the strength vectors 1205, 1207 shown in the illustrated example of
In some examples, the first major node 1206 and the second major node 1212 have the same metadata descriptors. In some examples, the weighting of (e.g., length of the strength vectors 1205, 1207 between) the adjacent nodes (e.g., the first adjacent node 1208, the third adjacent node 1214, etc.) provide context and associated metadata descriptors. In some examples, the provided context of the graph models 1202, 1204 are tailored to a particular department and/or discipline within a company, an organization, a group, etc. For example, the first major node 1206 and the second major node 1212 can both include metadata that describe the associated raw data as belonging to the design engineering department of a bicycle company. In some examples, the first adjacent node 1208 and the third adjacent node 1214 can both include metadata that describe the raw data as belonging to the gear design segment of the design engineering department. However, since the strength vector connecting the second major node 1212 to the third adjacent node 1214 is shorter than the strength vector connecting the first major node 1206 and the first adjacent node 1208, it can be inferred that and/or otherwise be indicative of the second graph model 1204 having a stronger association with the gear design segment of the design engineering department than does the first graph model 1202.
In some examples, the first major node 1206 and the second major node 1212 have different metadata descriptors but are connected to adjacent nodes with similar metadata. In some examples, there is an implication that the first major node 1206 and the second major node 1212 have the same contextual definition. A user and/or operator can establish the example contextual definitions prescriptively depending on the metadata associations in the graph model(s). Additionally or alternatively, the data usage monitoring circuitry 1300 can perform predictions/operations/insights on the graph models 1202, 1204 to determine the contextual definitions based on events, task, and/or objects in common among adjacent nodes. In some examples, nodes of the graph models 1202, 1204 are grouped together such as an example grouping 1218 of the second graph model 1204. Example groupings of nodes can reinforce the contextual definition(s), descriptor(s), subject area(s), etc. of the major node (e.g., the second major node 1212).
In some examples, the term “to associate” is defined as to correlate, link, couple, and/or connect two or more datasets, data points, raw data, metadata, etc., in the form of a strength vector (e.g., the strength vectors 1205, 1207) based on similarities between the two or more datasets, data points, raw data, metadata, etc. By way of example, if a first metadata set has a sufficient number of same terms (e.g., over half of the total number of terms) as a second metadata set, then the strength vector is said to associate the first metadata and the second metadata. For example, if first raw data that the first metadata describes gets copied into storage on a different node, then the strength vector that associates the first metadata and the second metadata indicates to the data usage monitoring circuitry 1300 that second raw data is also to be copied into the same storage on the same node as the first raw data.
In some examples, a dataset, data point, raw data, metadata, etc. are associated with the factors the data usage monitoring circuitry 1300 determines as inputs to executed algorithms (e.g., one(s) of the algorithms 638 of
In some examples, the term “association” refers to a correlation, linkage, coupling, and/or connection between two or more datasets, data points, raw data, metadata, etc. In some examples, a strength vector associating two adjacent nodes of a graph model can represent and/or define the association between the two adjacent nodes. In some examples, the data usage monitoring circuitry 1300 determines factor(s) (e.g., uniqueness, retention cost, cyclical event, etc.) of ingested data and/or stored data, and the factor(s) is/are associated with the ingested data and/or the stored data for which the factor(s) were determined. By way of example, if first stored data (with associated first metadata) is found to have a uniqueness relative to second stored data (e.g., 1:2 ratio or 50 percent uniqueness), then the uniqueness associated with the first stored data is written into the first metadata (along with a storage location and/or an identifier of the stored data with which the uniqueness of the first data is compared (e.g., the second stored data)).
In some examples, the ML circuitry 1306, and/or, more generally, the data usage monitoring circuitry 1300 can receive a stream of first metadata and/or first raw data and a stream of second metadata and/or second raw data to generate a first graph model (e.g., the data graph model 1066, the first graph model 1202, the second graph model 1204, etc.) and a second graph model (e.g., the data graph model 1066, the first graph model 1202, the second graph model 1204, etc.). The data usage monitoring circuitry 1300 can contextually compress the first metadata and/or the second metadata that have correlating metadata and/or raw data content. In some examples, the data usage monitoring circuitry 1300 can perform context and variance calculations on the adjacent node(s) of the first graph model and/or the second graph model (e.g., the data graph model 1066, the first graph model 1202, the second graph model 1204, etc.) to contextually compress (e.g., further reduce the number of nodes in) the graph model(s). The data usage monitoring circuitry 1300 can convert the representative graph model(s) into first index table(s). The first index table(s) of the graph model representation(s) tabulate the raw data and/or the metadata that are depicted in the graph model(s). The data usage monitoring circuitry 1300 can also generate second index table(s) including correlation factors between the first graph model and the second graph model. The data usage monitoring circuitry 1300 can use the first index table(s) and/or the second index table(s) to execute learning, predictions, insights, operations, etc. on the ingested data, stored data, raw data, metadata, etc. that retain, move, modify, and/or discard the data being analyzed.
In some examples, the data usage monitoring circuitry 1300 can be implemented by and/or otherwise included in one(s) of the endpoint data sources 160 of
In some examples, the data usage monitoring circuitry 1300 can execute and/or otherwise implement data consumption inspection logic to identify and mitigate ethical divergences of data consumption in edge environments. For example, the data usage monitoring circuitry 1300 can generate output(s) representative of determining whether an AI/ML actor (e.g., application) is using a data stream ethically or unethically. In some examples, the data usage monitoring circuitry 1300 can generate output(s) representative of baseline data patterns in nominal data streams against which to compare monitored data streams. In some examples, the data usage monitoring circuitry 1300 can generate output(s) representative of delta values between data patterns in a monitored data stream and one or more of the baseline data patterns. For example, a delta value may be a numerical value to be compared against a threshold value to determine if there is a significant enough discrepancy from a baseline data pattern to generate an ethical divergence alert. In some examples, the data usage monitoring circuitry 1300 can generate output to mitigate such ethical divergences. For example, the data usage monitoring circuitry 1300 may implement metadata tagging/tracking of data in a monitored data stream, implement a blockchain to track data in a monitored data stream, disallowing the consumption of the monitored data stream by one or more AI applications, among other mitigation efforts. In some examples, in lieu of a threshold, the data usage monitoring circuitry 1300 may implement a decision from the execution of a machine learning model in the form of one or more outputs. In some examples, the data usage monitoring circuitry 1300 may additionally provide a confidence level corresponding to the outputs (e.g., 95% confidence that there is an anomaly).
In some examples, the data usage monitoring circuitry 1300 can be a portion or a part of a larger system, environment, or collection of hardware, software, and/or firmware that can effectuate the identification and mitigation of ethical divergences. For example, the data usage monitoring circuitry 1300 can effectuate the identification and mitigation of ethical divergences by generating output(s) that mitigate unethical data consumption directly. In some examples, the data usage monitoring circuitry 1300 can effectuate the identification and mitigation of ethical divergences by generating output(s) that, when ingested as input(s) by other hardware, software, and/or firmware, can cause the other hardware, software, and/or firmware to mitigate unethical data consumption. For example, the data usage monitoring circuitry 1300 can effectuate the identification and mitigation of ethical divergences either directly or indirectly (e.g., through other hardware, software, and/or firmware). The data usage monitoring circuitry 1300 of the illustrated example includes example interface circuitry 1302, example resource manager orchestration circuitry 1304, example machine learning (ML) circuitry 1306, example metadata manager circuitry 1308, example operation execution circuitry 1310, example algorithm manager circuitry 1312, example deep data inspection circuitry 1314, example data consumption tracker circuitry 1316, example digital rights management circuitry 1318, an example datastore 1320, and an example bus 1332. The datastore 1320 of the illustrated example includes an example policy 1322, example metadata 1324, an example data graph model 1326, an example ML model A 1328, and an example ML model B 1330.
In the illustrated example of
The data usage monitoring circuitry 1300 of the illustrated example includes the interface circuitry 1302 to receive and/or ingest data that is generated and/or otherwise produced in an environment, such as the edge network environment 800 of
In some examples, the interface circuitry 1302 ingests data from a data source, such as the data sources 604 of
In some examples, the interface circuitry 1302 tags portions of carries out metadata management by generating and managing metadata corresponding to a data stream and/or to an AI application node attempting to consume the data stream. For example, the interface circuitry 1302 can access a data stream and hash metadata tags (e.g., time, date, location, identification of a security stakeholder of the data in the data stream, etc.) into the data stream for tracking or other identification purposes. For example, hashed metadata tags may be injected into image data in a data stream. An example data stream can include image data that is made up of pixel data within each image in the stream as well as other run off data outside of the visible frames. The interface circuitry 1302 can inject hashed metadata tags/information into pixel data and/or into run off data associated with the image data.
The data usage monitoring circuitry 1300 of the illustrated example includes the resource manager orchestration circuitry 1304 to orchestrate resources in an edge environment based on data. In some examples, the resource manager orchestration circuitry 1304 can implement the resource manager/orchestration agent 642 of
In some examples, the resource manager orchestration circuitry 1304 obtains an orchestration policy indicative of at least one of a quantity or a type of workload(s) to be executed in an edge environment. For example, the policy 1322 can be an orchestration policy created, defined, and/or otherwise generated by an organization (e.g., a business entity or company, a hospital, a government or other regulatory department, a university, etc.). In some examples, the resource manager orchestration circuitry 1304 can generate the orchestration policy to include a quantity and/or type(s) of workloads to be executed by resources associated with the organization. For example, the resource manager orchestration circuitry 1304, and/or, more generally, the organization, can instantiate the edge network environment 800 to execute workloads (e.g., acceleration, compute, network, storage, etc., workloads). In some examples, the resource manager orchestration circuitry 1304, and/or, more generally, the organization, can generate the policy 1322 to be an orchestration policy that includes data, information, parameters, etc., that define type(s) of the workloads and/or an expected number of workloads to be executed during a time period (e.g., a number of workloads to be executed per hour, day, week, month, year, etc.). In some examples, the resource manager orchestration circuitry 1304, and/or, more generally, the organization, can generate the policy 1322 to determine a number and/or type of resources (e.g., hardware, software, and/or firmware resources) to execute the quantity and/or type(s) of workloads. In some examples, the resource manager orchestration circuitry 1304, and/or, more generally, the organization, can generate the policy 1322 to define quality-of-service requirements (e.g., latency, throughput, etc., requirements), regulatory requirements, service level agreements (SLAs), etc., and/or any combination(s) thereof, that is/are to be satisfied to effectively run the organization.
In some examples, the resource manager orchestration circuitry 1304 can determine that the types of workloads include acceleration workloads such as AI/ML workloads, image or video processing, AR/VR processing, etc. In some examples, the resource manager orchestration circuitry 1304 can determine that the types of workloads include compute workloads such as sensor data processing workloads, image recognition workloads, audio recognition workloads, productivity software (e.g., database, word processing, slide presentation, spreadsheet generation, etc., software), etc. In some examples, the resource manager orchestration circuitry 1304 can determine that the types of workloads include network workloads such as receiving/transmitting data in a network, virtual resource migration (e.g., moving data or applications from a first VM or container to a second VM or container, etc.). In some examples, the resource manager orchestration circuitry 1304 can determine that the types of workloads include storage workloads such as storing data in a datastore (e.g., the distributed datastore 644), a database, etc.
In some examples, the resource manager orchestration circuitry 1304 instantiates resources in an edge environment to execute workload(s) based on an orchestration policy. For example, the resource manager orchestration circuitry 1304 can allocate and/or otherwise deploy acceleration, compute, network, security, storage, etc., resources to execute workloads in the edge network environment 800. In some examples, the resource manager orchestration circuitry 1304 generates a topology associated with the resources to at least one of execute a workload or route data in the edge environment with the resources. For example, the resource manager orchestration circuitry 1304 can generate a network topology associated with a plurality of resources by creating connections (e.g., communication connections, network connections, etc.) between one(s) of the plurality of the resources to one(s) of each other.
In some examples, the resource manager orchestration circuitry 1304 identifies one or more nodes as preferred nodes in an edge environment based on a topology. For example, the resource manager orchestration circuitry 1304 can identify one or more nodes as preferred nodes in the preferred nodes table 624 of
The data usage monitoring circuitry 1300 of the illustrated example includes the ML circuitry 1306 to execute a ML model. In some examples, the ML circuitry 1306 executes the ML model A 1328 with resources (e.g., acceleration, compute, storage, network, security, etc., resources, software resources, firmware resources, etc.) to generate outputs including at least one of a first value representative of a data stream characteristic or a second value representative of an AI application node characteristic (e.g., ingested and/or stored at a node). In some examples, the ML circuitry 1306 can implement the analytics manager 636 of
In some examples, the ML circuitry 1306 executes the ML model A 1328 in a training phase or an inference phase. For example, during a training phase, the ML circuitry 1306 can obtain training data associated with an observation period. In some examples, during the training phase, the ML circuitry 1306 can execute the ML model A 1328 using the training data, including nominal network traffic data and/or nominal node behavior data, to generate outputs representative of baseline data for a data stream characteristic and/or an AI application node characteristic.
In some examples, the ML circuitry 1306 executes the ML model A 1328 in a training phase to train the machine learning model with nominal traffic (e.g., baseline network traffic) and/or nominal node behavior (e.g., baseline node behavior). In some examples, the nominal traffic is indicative of one or more nominal data streams with one or more expected data points. For example, the ML circuitry executes the ML model A 1328 in a training phase based on nominal (network) traffic ingested by the node (e.g., standard node) hosting the deployed ML model A 1328 and/or the ML model B 1330. In some examples, nominal traffic includes one or more nominal data streams to generate outputs that are indicative of values representative of a characteristic of a data stream (e.g., a nominal data stream). In some examples, the ML circuitry 1306 executes the ML model A 1328 in a training phase to train the machine learning model with one or more target data streams to be consumed by the target AI application. In some examples, the training phase to train a machine learning model with the one or more target data streams to be consumed by the target AI application takes place over a period of time to build a history of data streams sent to the target AI application node.
In some examples, the nominal node behavior is indicative of one or more expected data consumption patterns by one or more nominal nodes. In some examples, node behavior may include one or more AI application node characteristics (e.g., key indicators) that describe such behavior. For example, node behavior may include a service type attribute of the AI application node or a usage context of the application node. For example, the ML circuitry executes the ML model A 1328 in a training phase based nominal node behavior to generate outputs that are indicative of values representative of a characteristic of an AI application node (e.g., a nominal AI application node). In some examples, the ML circuitry 1306 executes the ML model A 1328 in a training phase to train the machine learning model with information indicating node behavior of the target AI application. In some examples, the training phase to train a machine learning model with information indicating node behavior of the target AI application takes place over a period of time to build a history of node behavior of the target AI application node.
In some examples, the ML circuitry 1306 executes the ML model A 1328 during a training phase for a super node. In some examples, the training phase for a super node includes a similar process to the training phase for a standard node as described above and further includes additional data streams ingested by at least one other super node. For example, the ML circuitry executes the ML model A 1328 in a training phase based a combination of nominal traffic (including one or more nominal data streams) ingested by the super node hosting the deployed ML model A 1328 as well as nominal traffic (including one or more nominal data streams) ingested by at least one other super node to generate outputs representative of a characteristic of a data stream. In some examples, nominal traffic from each super node includes one or more nominal data streams to generate outputs that are indicative of values representative of a characteristic of a data stream (e.g., a nominal data stream). In some examples, the ML circuitry executes the ML model A 1328 in a training phase based a combination of nominal traffic (including one or more nominal data streams) ingested by the super node hosting a first instantiation of the ML model A 1328 and outputs generated by the at least one other super node while executing a second instantiation of the ML model A 1328 based on nominal traffic (including one or more nominal data streams) ingested by the at least one other super node.
In some examples, the ML circuitry 1306 executes the ML model B 1330 during a training phase for a deep data inspection (DDI) node. In some examples, the algorithm manager circuitry 1312 selects a second machine learning model separate from the first machine learning model to be deployed on a DDI node. In some examples, the resource manager orchestration circuitry 1304 deploys the ML model B 1330, selected by the algorithm manager circuitry 1312, on a DDI node. In some examples, AI algorithms designated for DDI (e.g., at least one of algorithms 1-3 (638) in
In some examples, upon deployment of the DDI node, the algorithm manager circuitry 1312 selects an AI algorithm with matching features. For example, the interface circuitry 1302 may tag data within a target data stream with metadata that corresponds to one or more features (e.g., characteristics such as data stream characteristics and/or AI application node characteristics) representative of the data. In some examples, the algorithm manager circuitry 1312 may have access to a plurality of AI algorithms (e.g., algorithms 1-3 (638)), each of which may focus on a subset of an overall set of features available. Thus, in some examples, the algorithm manager circuitry 1312 may select a second algorithm used to train ML model B 1330 (as opposed to a first algorithm used to train ML model A 1328). In some examples, ML model A 1328 and ML model B 1330 are trained to different feature sets. In some examples, algorithm manager circuitry 1312 will select an ML model trained with either an algorithm that utilizes the set of features in the target data stream, or, alternatively, an algorithm that utilizes a closest feature set available to the set of features in the target data stream.
In some examples, the training phase for a DDI node includes a similar process to the training phase for a super node as described above and further includes additional data streams ingested by at least one other DDI node. For example, the ML circuitry executes the ML model B 1330 in a training phase based a combination of nominal traffic (including one or more nominal data streams) ingested by the DDI node hosting the deployed ML model B 1330 as well as nominal traffic (including one or more nominal data streams) ingested by at least one other DDI node to generate outputs representative of a characteristic of a data stream. In some examples, nominal traffic from each DDI node includes one or more nominal data streams to generate outputs that are indicative of values representative of a characteristic of a data stream (e.g., a nominal data stream). In some examples, the ML circuitry executes the ML model B 1330 in a training phase based a combination of nominal traffic (including one or more nominal data streams) ingested by the DDI node hosting a first instantiation of the ML model B 1330 and outputs generated by the at least one other DDI node while executing a second instantiation of the ML model B 1330 based on nominal traffic (including one or more nominal data streams) ingested by the at least one other super DDI.
In some examples, the ML circuitry 1306 determines to execute the ML model A 1328 during an inference phase. For example, the ML circuitry 1306 can provide ingested data, or portion(s) thereof, to the ML model A 1328 as inputs (e.g., data inputs, model inputs, etc.) to generate outputs (e.g., data outputs, model outputs, etc.), which can be decisions, determinations, insights, etc. For example, the ML circuitry 1306 can execute the ML model A 1328 with ingested data to generate an output, which can be indicative and/or otherwise representative of a decision or determination to update baseline data based on the ingested data. In some examples, the ML circuitry 1306 can determine to update portion(s) of baseline data, such as change, update, and/or otherwise adjust metadata associated with baseline data. For example, the ML circuitry 1306 can update metadata associated with baseline data by changing a first value representative of a data stream characteristic, a second value representative of an AI application characteristic, etc., that can be included in the metadata.
In some examples, the ML circuitry 1306 can tag ingested data to undergo identification and mitigation of ethical divergence in data consumption operations. For example, the ML circuitry 1306, in response to a determination not to update baseline data in view of an output of the ML model A 1328 based on ingested data, can determine to annotate, assign, and/or otherwise tag the ingested data for one or more identification and mitigation of ethical divergence in data consumption operations. In some examples, the interface circuitry 1302 add metadata to the ingested data that, in response to being added, can invoke the operation execution circuitry 1310 or the deep data inspection circuitry 1314 to process the ingested data. For example, the operation execution circuitry 1310 can prohibit (e.g., disallow) the ingested data, or portion(s) thereof, from being consumed by one or more data consumers, such as one or more AI application nodes.
In some examples, the ML circuitry 1306 determines a value representative a data stream characteristic based on at least one of training data or ingested data. For example, the ML circuitry 1306 can execute the ML model A 1328 to determine a value representative a data stream characteristic based on training data (e.g., using training data during a training phase) or inference data (e.g., using ingested data during an inference phase). In some examples, the ML circuitry 1306 can execute the ML model A 1328 with one or more inputs, such as at least one of a content type of a data stream, a sensitive attribute of a data stream, a security level of a data stream, or a source location of a data stream, among other possible data stream characteristics. In some examples, the ML circuitry 1306 can execute the ML model A 1328 with the one or more inputs to determine a value representative of the data stream characteristic.
In some examples, the ML circuitry 1306 determines a value of a characteristic of the consumer of the data (e.g., an AI application node characteristic) based on at least one of training data or ingested data. For example, the ML circuitry 1306 can execute the ML model A 1328 to determine a value representative of a characteristic of the AI application node based on training data (e.g., using training data during a training phase) or inference data (e.g., using ingested data during an inference phase). In some examples, the ML circuitry 1306 can execute the ML model A 1328 with one or more inputs, such as a service type attribute of the AI application node, a usage context of a data stream by the AI application node, or any one or more other AI application node characteristics. For example, the ML circuitry 1306 can execute the ML model A 1328 with the one or more inputs to generate an output, which can include a determination of a value representative of a characteristic of the AI application node based on the one or more inputs.
In some examples, the ML circuitry 1306 can execute the ML model A 1328 to determine a content type characteristic of data in the data stream (e.g., ingested or stored data at a node). For example, a content type of the data stream may include a characteristic classifying the content within the data stream as image data, audio data, textual data, telemetry data (e.g., sensor data, etc.), or any other type of data.
In some examples, the ML circuitry 1306 can execute the ML model A 1328 to determine a sensitive attribute characteristic of data in the data stream (e.g., ingested or stored data at a node). For example, a sensitive attribute of the data stream may include a characteristic that provides/describes sensitive topics, such as identification information of individuals (e.g., human resources data), classification of individuals based on race, gender, or other or any other type of classification, information about financial statements, governmental records, confidential records, or one or more other sensitive attributes.
In some examples, the ML circuitry 1306 can execute the ML model A 1328 to determine a security level characteristic of data in the data stream (e.g., ingested or stored data at a node). For example, a security level of a data stream may include a level of known confidentiality based on content type, sensitive attributes, etc. such as confidential data, restricted data, top secret data, etc.
In some examples, the ML circuitry 1306 can execute the ML model A 1328 to determine a source location characteristic of data in the data stream (e.g., ingested or stored data at a node). For example, a source location of a data stream may be described by an Internet Protocol (IP) address, a physical address, or another type of address that corresponds to a virtual or geographic location that may change how data is viewed. For example, a virtual source location IP address from a bank may cause heightened ethical scrutiny for a data stream with financial data. For example, a geographical source location at a military facility may cause heighted ethical scrutiny for image data. For example, a geographical source location in a recording studio may cause heighted ethical scrutiny for audio data.
In some examples, the ML circuitry 1306 can execute the ML model A 1328 to determine a service type attribute characteristic of the consumer of data (e.g., the AI application node) in the data stream (e.g., ingested or stored data at a node). For example, a service type attribute may include a usage model of the AI application or service being performed by the AI application node. Examples of usage models of the AI application node include smart shelves in retail stores, monitoring high-risk intersections in cities, automated identification of individuals in airports or secure government buildings, predictive maintenance of equipment in factories, automated health screening of individuals, among a myriad of other service types of usage models. Thus, in some examples, the AI application node is classified as having one or more service types by labeling it as such with the service type attribute.
In some examples, the ML circuitry 1306 can execute the ML model A 1328 to determine a usage context characteristic of the consumer of data (e.g., the AI application node) in the data stream (e.g., ingested or stored data at a node). For example, a usage context of the data in the data stream may include characteristic information such as the monitoring of products consumption status for smart shelves in retail stores, the monitoring of the density of vehicles and pedestrians cross high-risk intersections in cities, identifying persons traveling or security records clearance for the automated identification of individuals in airports or secure government buildings, the continuous check of machines' health by a factory management system for the predictive maintenance of equipment in factories, or the fast-checking of a pre-visit medical visit for automated health screening of individuals, among other usage contexts.
The data usage monitoring circuitry 1300 of the illustrated example includes the metadata manager circuitry 1308 to manage metadata related to a data stream. In some examples, the metadata manager circuitry 1308 may aggregate, combine, and/or otherwise merge data stored at one or more nodes by instantiating and/or generating the data graph model 1326. In some examples, the metadata manager circuitry 1308 can reduce the quantity of data by replacing portion(s) of the data itself with metadata that can be expressed by the data graph model 1326. In some examples, the metadata manager circuitry 1308 can implement the metadata/data enrichment manager 640 of
The data usage monitoring circuitry 1300 of the illustrated example includes the operation execution circuitry 1310 to cause operation(s) at node(s) of an edge environment based on data (e.g., data ingested, processed, and/or stored at one or more nodes). In some examples, the operation execution circuitry 1310 can implement the data ingestion manager 606 of
The data usage monitoring circuitry 1300 of the illustrated example includes the algorithm manager circuitry 1312 to select an AI algorithm (e.g., AI algorithms 1-3 (638 in
The data usage monitoring circuitry 1300 of the illustrated example includes the deep data inspection (DDI) circuitry 1314 to monitor data usage at a node. In some examples, the resource manager orchestration circuitry 1304 may deploy/instantiate a DDI node to effectuate identification and/or mitigation of ethical divergence of monitored data usage. In some examples, the DDI circuitry 1314 can implement the data ingestion manager 606, the data query manager 610, and/or the node manager 622 of
The data usage monitoring circuitry 1300 of the illustrated example includes data consumption tracker circuitry 1316 to track data consumption in an edge environment. In some examples, the data consumption tracker circuitry 1316 can implement the data ingestion manager 606 of
The data usage monitoring circuitry 1300 of the illustrated example includes digital rights management (DRM) circuitry 1318 to manage the digital rights of data streams. In some examples, the DRM circuitry 1318 determines a DRM policy 1322 to manage target data stream. In some examples, the DRM circuitry 1318 can implement the node manager 622 and/or the data security manager 632 of
The data usage monitoring circuitry 1300 of the illustrated example includes the datastore 1320 to record data, such as the policy 1322 the metadata 1324, the data graph model 1326, the ML model A 1328, the ML model B 1330, and/or the like. In some examples, the ML model A 1328 and/or the ML model B 1330 is each a neural network model. Additionally and/or alternatively, the ML model A 1328 and/or the ML model B 1330 may be any other type of AI/ML model. In some examples, the policy 1322 is representative of, corresponds to, and/or otherwise includes intents (or intentions), goals, objectives, targets, etc. For example, the policy 1322 can be generated by an ML model, such as the ML model A 1328 and/or the ML model B 1330, or by a user (e.g., an IT manager, an HR manager, a developer, a system architect, etc.) to carry out intentions on how data is to be ingested, stored, and/or otherwise processed to achieve reduced environment impacts. In some examples, the policy 1322 can include data (e.g., data objects, metadata, etc.) that, when analyzed by the data usage monitoring circuitry 1300, can carry out operations to effectuate, facilitate, and/or otherwise carry out identification and mitigation of the ethical divergence of a data stream in accordance with the intentions or desires of the creator of the policy 1322.
In some examples, the interface circuitry 1302 can determine that an intention of the policy 1322 includes techniques or processes to ingest data from the data sources 604 with ethical divergence (e.g., tag the ingested data with metadata to indicate that the ingested data is limited or prohibited, etc.). In some examples, the resource manager orchestration circuitry 1304 can identify an intention of the policy 1322 as representative of how the resource manager orchestration circuitry 1304 is to orchestrate and/or otherwise instantiate resources in the edge network environment 800 to achieve identification and mitigation of ethical divergence in data consumption. In some examples, the ML circuitry 1306 can provide intentions or desires of the policy 1322 as input(s) to the ML model 1326 to generate output(s), which can include actions, determinations, etc., to cause nodes in the edge network environment 800 to operate with reduced environment impact.
In some examples, the datastore 1320 can be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM), etc.) and/or a non-volatile memory (e.g., flash memory). The datastore 1320 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, DDR4, DDR5, mobile DDR (mDDR), DDR SDRAM, etc. The datastore 1320 may additionally or alternatively be implemented by one or more mass storage devices such as hard disk drive(s) (HDD(s)), compact disk (CD) drive(s), digital versatile disk (DVD) drive(s), solid-state disk (SSD) drive(s), Secure Digital (SD) card(s), CompactFlash (CF) card(s), etc. While in the illustrated example the datastore 1320 is illustrated as a single datastore, the datastore 1320 may be implemented by any number and/or type(s) of databases. Furthermore, the data stored in the datastore 1320 may be in any data format such as, for example, binary data, comma delimited data, tab delimited data, structured query language (SQL) structures, etc. In some examples, the datastore 1320 can implement one or more databases of data. The term “database” as used herein means an organized body of related data, regardless of the manner in which the data or the organized body thereof is represented. For example, the organized body of related data may be in the form of one or more of a table, a map, a grid, a packet, a datagram, a frame, a file, an e-mail, a message, a document, a report, a list or in any other form.
In some examples, the interface circuitry 1302 is instantiated by processor circuitry executing interface circuitry instructions and/or configured to perform operations such as those represented by the flowcharts of
In some examples, the apparatus includes ingesting data from a data source. For example, the means for ingesting may be implemented by interface circuitry 1302. In some examples, the interface circuitry 1302 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the means for ingesting is to ingest data from multiple ones (e.g., a plurality of ones) of data sources at one or more nodes, the multiple ones of the data sources including a data source. In some examples, the means for ingesting is to tag a portion of the data with metadata. In some examples, the means for ingesting is to query an orchestrator to identify a machine learning model as associated with metadata. In some examples, the means for ingesting is to execute the machine learning model at the one or more nodes to determine at least one of a first value of a characteristic of a data stream or a second value of a characteristic of an AI application node.
In some examples, the resource manager orchestration circuitry 1304 is instantiated by processor circuitry executing resource manager orchestration circuitry instructions and/or configured to perform operations such as those represented by the flowcharts of
In some examples, the apparatus includes means orchestrating resources in an edge environment based on data ingested from one or more data sources. For example, the means for orchestrating may be implemented by resource manager orchestration circuitry 1304. In some examples, the resource manager orchestration circuitry 1304 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the means for orchestrating is to obtain an orchestration policy indicative of at least one of a quantity or a type of workloads to be executed in an edge environment. In some examples, the means for orchestrating is to instantiate resources in the edge environment to execute a workload based on the orchestration policy, the resources including at least one of compute resources or network resources. In some examples, the means for orchestrating is to generate a topology associated with the resources to at least one of execute the workload with one or more of the compute resources or route data in the edge environment with one or more of the network resources. In some examples, the means for orchestrating is to identify one or more nodes as one or more preferred nodes in the edge environment based on the topology, the one or more preferred nodes to generate local determinations associated with the data. In some examples, the means for orchestrating is to deploy a machine learning model to the one or more nodes in response to an identification of the one or more nodes as the one or more preferred nodes.
In some examples, the ML circuitry 1306 is instantiated by processor circuitry executing ML circuitry instructions and/or configured to perform operations such as those represented by the flowcharts of
In some examples, the apparatus includes means executing a machine learning (ML) model based on data to generate outputs. In some examples, the outputs include at least one of a first value representative of a characteristic of a data stream or a second value representative of a characteristic of an AI application node. For example, the means for executing may be implemented by ML circuitry 1306. In some examples, the ML circuitry 1306 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the means for executing is to determine a first value representative of a characteristic of a data stream that includes at least one of a content type of the target data stream, a sensitive attribute of the target data stream, a security level of the target data stream, or a source location of the target data stream. The means for executing is to determine a second value representative of a characteristic of an AI application node that includes at least one of a service type attribute or a usage context.
In some examples, the metadata manager circuitry 1308 is instantiated by processor circuitry executing metadata manager circuitry instructions and/or configured to perform operations such as those represented by the flowchart of
In some examples, the apparatus includes means for generating at least one target graph node representation of the target data stream. For example, the means for generating may be implemented by metadata manager circuitry 1308. In some examples, the metadata manager circuitry 1308 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the operation execution circuitry 1310 is instantiated by processor circuitry executing operation execution circuitry instructions and/or configured to perform operations such as those represented by the flowcharts of
In some examples, the apparatus includes means for causing an operation at a node of an edge environment based on at least one of data (e.g., ingested data) or outputs (e.g., outputs from an ML model). In some examples, the data is associated with the node. For example, the means for causing may be implemented by operation execution circuitry 1310. In some examples, the operation execution circuitry 1310 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the algorithm manager circuitry 1312 is instantiated by processor circuitry executing analytics manager circuitry instructions and/or configured to perform operations such as those represented by the flowchart of
In some examples, the apparatus includes means selecting a machine learning model trained on a feature set. For example, the means for selecting may be implemented by algorithm manager circuitry 1312. In some examples, the algorithm manager circuitry 1312 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the deep data inspection circuitry 1314 is instantiated by processor circuitry executing deep data inspection circuitry instructions and/or configured to perform operations such as those represented by the flowchart of
In some examples, the apparatus includes means determining second outputs satisfy a second threshold value. For example, the means for determining may be implemented by deep data inspection circuitry 1314. In some examples, the deep data inspection circuitry 1314 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the means for determining is to determine whether ethical divergence of a target data stream occurs greater than a frequency threshold. In some examples, the means for determining is to determine whether ethical divergence of occurs at other DDI nodes greater than a frequency threshold. In some examples, the means for determining is to determine whether ethical divergence at target data stream meets a constraint.
In some examples, the data consumption tracker circuitry 1316 is instantiated by processor circuitry executing data consumption tracker circuitry instructions and/or configured to perform operations such as those represented by the flowcharts of
In some examples, the apparatus includes means for tracking data consumption. For example, the means for tracking may be implemented by data consumption tracker circuitry 1316. In some examples, the data consumption tracker circuitry 1316 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In some examples, the digital rights management circuitry 1318 is instantiated by processor circuitry executing deep data inspection circuitry instructions and/or configured to perform operations such as those represented by the flowcharts of
In some examples, the apparatus includes means managing digital rights of a target data stream. For example, the means for managing may be implemented by digital rights management circuitry 1318. In some examples, the digital rights management circuitry 1318 may be instantiated by processor circuitry such as the example processor circuitry 3012 of
In the illustrated example, the nodes 1408, 1410, and 1412 may ingest data, which may be representative of a data query (e.g., data query 1414, 1416, and 1418). The nodes 1408, 1410, and 1412 may provide the data query 1414, 1416, and 1418 to the data query manager 610 of
In the illustrated example, the analytics manager 636 may execute DDI via the DDI “A” modules 1402A, 1404A, and 1406A on the ingested data 1426, 1428, and 1430. For example, the analytics manager 636 may execute one(s) of the algorithms 638 to examine data by way of lawful inspection upon ingest and/or upon query, to the data query manager 610 to analyze the data content and decide whether the data content meets and/or otherwise satisfies the ethical data norm, matches the nominal data/traffic across other nodes or over time, and/or violates ethical data policies established by the owner(s) of the system whose ethical values have been captured as conditional statements, boundaries, or rules (built from data attributes) a priori as input to the system. In some examples, the DDI modules 1402A/B, 1404A/B, and 1406A/B across the nodes 1408, 1410, and 1412 may trigger federated learning between the nodes 1408, 1410, and 1412 through info sharing 1432 and 1434 across the nodes 1408, 1410, and 1412 and info sharing 1436 with an example central node or cloud 1438 to augment the scope of learning and designing a pattern for nominal data versus non-nominal data.
In some examples, the central node and/or cloud 1438 may be implemented by portion(s) of the ADM system 600 of
In the illustrated example of
In some examples, from a deployment perspective, DDI may function on clear data and/or encrypted data and consider several data categories to identify features in the content of data queried by an AI/ML algorithm or consumed by an AI/ML algorithm.
Example DDI functions with encrypted data may include techniques such as Homomorphic Encryption or Searchable Encryption. Example Data Categories that DDI may detect may include people specific data, data on person's presence, sensitive data in industrial environment, etc.
In some examples, the AI/ML algorithms for DDI may be trained with different set(s) of features to reflect the diverse data categories and the environment/geo context. Upon deployment of the DDI, the service may choose the AI/ML algorithms trained with the matching features (e.g., for AI algorithm 1, it can have two flavors, flavor 1(a) trained with the feature set a and flavor 1(b) trained with the feature set b, and upon deployment the service will on-board the algorithm flavor matching the environment context and geo). In some examples, if any rules/policies are being changed, the AI/ML algorithm may be retrained with additional feature set to have a new/updated flavor. In some examples, an adversarial avoidance module, which may be implemented by one(s) of the algorithms 638, and/or, more generally, the analytics manager 636, may learn the defect pattern or quality pattern over a period through DDI. In some such examples, any change from the nominal level may be flagged and taken into consideration for model update or hyper parameter optimization during the continuous learning cycle. In some such examples, this check, verification, etc., may be particularly applicable in fully autonomous industrial systems to securely update models.
The example data usage monitoring circuitry 1300 may be alerted that an ethical divergence is occurring with one or more data streams being sourced by data sources 1504. In such circumstances, the example data usage monitoring circuitry 1300 may cause the resource manager orchestration circuitry 1304 to deploy one or more super nodes to monitor such questionable data streams. In some examples, a super node may be a logical node deployed within a data consumer resource, such as within AI application node 1 (1506), AI application node 2 (1508), and/or AI application node 3 (1510). In some examples, a super node may be deployed as a physical node located between the data sources and one or more consumers of the data (e.g., AI application node 1 (1506), AI application node 2 (1508), and/or AI application node 3 (1510)), or at a minimum at a location with access to the data stream.
In some examples, once deployed, super node A 1512 and/or super node B 1514 assess if the data streams (e.g., data streams 1516 and 1518) satisfy a nominal pattern or not. In some examples, super node A 1512 is deployed with a first instantiation of a machine learning model that assesses one or more of the data streams 1516 by generating outputs of a value representing a characteristic of one or more of the data streams 1516 and/or a value representing a characteristic of AI application node 1 (1506) and/or AI application node 2 (1508). In some examples, super node B 1512 is deployed with a second instantiation of a machine learning model that assesses one or more of the data streams 1518 by generating outputs of a value representing a characteristic of one or more of the data streams 1518 and/or a value representing a characteristic of AI application node 3 (1510). The example super node A (1512) and example super node B (1514), then exchange the outputs from their respective machine learning models. Then either one or both of example super node A (1512) and example super node B (1514) combine both sets of outputs (e.g., concatenate) and feed the combined outputs back into their respective machine learning models as training data to work towards a consensus of a nominal data pattern across such data streams 1516 and 1518.
In some examples, a super node may monitor a cluster of nodes. For example, super node A 1512 may be deployed to monitor a cluster of nodes that include AI application node 1 (1506) and AI application node 2 (1508). In some examples, the consensus data patterns may be represented by one or more graph nodes and/or one or more correlation factors, as discussed above in
In some examples, different AI algorithms (e.g., AI algorithms 1-3 (638)) may be selected in a hierarchy of super nodes. In some examples, a hierarchy of super nodes may provide a tree topology of filtering questionable data streams at ever-greater levels of scrutiny. For example, a first super node may detect anomalies in the data stream (vs. a nominal/baseline data stream). If the first super node determines that an anomaly is present, then the first super node may pass the data stream onto a second super node that is trained to classify anomalies. For example, some anomalies do not create an ethical divergence of the data stream but rather have a valid reason for showing. In some examples, there may be multiple levels of anomaly classification. In some examples, if each super node detects such anomalies, then an additional super node may be deployed to perform gradation on the detected anomalies. For example, not only may a first super node verify an anomaly has taken place and a second super node (e.g., next tier in the hierarchy) then may then classify the anomaly, but a third super node then may grade the anomaly (e.g., a geographical location that is top secret or risky with respect to privacy). Thus, multiple thresholds may exist to allow ML models deployed on super nodes to classify data streams more accurately.
For example, the resource manager orchestration circuitry 1606 may deploy a “standard” node 1608 to monitor data usage in the edge network, and more specifically to monitor data usage in the incoming data stream 1604. In some examples, the standard node 1608 for monitoring utilizes a deployed primary machine learning (ML) model 1610A to generate outputs corresponding to data within the data stream.
The example resource manager orchestration circuitry 1606 may deploy a super node 1612 to monitor a cluster of AI application nodes that consume data. In some examples, the super node 1612 utilizes another instantiation of the primary machine learning (ML) model 1610B to generate outputs corresponding to data within the data stream. In some examples, the super node 1612 shares data with other super nodes that are also monitoring data streams. In some examples, a group of super nodes that share data may develop a consensus data pattern to use as an example nominal data stream to which a target data stream is compared to effectuate identification and mitigation of ethical divergence of data streams.
The example resource manager orchestration circuitry 1606 may deploy a DDI node 1614 to monitor an ingested data stream with a different (e.g., secondary) machine learning model (e.g., secondary ML model 1616). The secondary ML model 1616 may be utilized because a feature set used to train the secondary ML model 1616 is a closest match to one or more data points or metadata tags corresponding to the incoming data stream 1604. In some examples, a group of DDI nodes performs federated learning to build a consensus nominal stream pattern to compare against any target data stream.
While an example manner of implementing the ADM system 600 of
At block 1704, the data usage monitoring circuitry 1300 orchestrates resources in an edge environment based on the data ingested from the data source. For example, the resource manager orchestration circuitry 1304 (
At block 1706, the data usage monitoring circuitry 1300 executes a machine learning (ML) model based on the data to generate outputs, the outputs including at least one of a first value representative of a characteristic of a data stream or a second value representative of a characteristic of an AI application node (consuming or attempting to the consume the data stream). For example, the ML circuitry 1306 (
At block 1708, the data usage monitoring circuitry 1300 determines the outputs of a machine learning model satisfy a threshold value to effectuate identification and mitigation of an ethical divergence in a data stream. In some examples, the threshold value is compared against a delta value associated with a difference between a value that represents the target data stream (at least corresponding to one or more data points within the target data stream) and a value that represents at least one nominal/baseline data stream. In some examples, data usage monitoring circuitry 1300 normalizes the delta value (representing a value between 0 and 1). In some examples, if the delta value is above a delta score/value difference, then the threshold value is satisfied (e.g., exceeded).
At block 1710, the data usage monitoring circuitry 1300 causes operation(s) at node(s) of the edge environment based on at least one of the data or the outputs, the node(s) associated with the data. In some examples, the data usage monitoring circuitry 1300 causes operation(s) in response to the threshold value being satisfied.
For example, the operation execution circuitry 1310 (
At block 1804, the data usage monitoring circuitry 1300 tags portion(s) of the data with metadata. For example, the interface circuitry 1302 can tag, assign, and/or otherwise embed metadata into portion(s) of the video data. In some examples, the interface circuitry 1302 (e.g., the interface circuitry 1310 of the edge cloud 810) can generate metadata including an IP address, a MAC address, a device type of the first monitoring sensor 828, etc., and/or any combination(s) thereof, and associate the metadata with the portion(s) of the video data.
At block 1806, the data usage monitoring circuitry 1300 queries an orchestrator to identify a machine learning (ML) model as associated with the metadata. For example, the interface circuitry 1302 (e.g., the interface circuitry 1302 of the edge cloud 810) can query the resource manager/orchestration agent 642 of
At block 1808, the data usage monitoring circuitry 1300 executes ML model(s) at the node to determine at least one of the first value representative of a characteristic of a data stream or a second value representative of a characteristic of an AI application node. For example, the ML circuitry 1306 (
In response to executing ML model(s) at the node to determine at least one of the first value representative of a characteristic of a data stream or a second value representative of a characteristic of an AI application node at block 1808, the example machine readable instructions and/or the example operations 1800 of
The example machine readable instructions and/or the example operations 1900 of
At block 1904, the data usage monitoring circuitry 1300 instantiates resources in the edge environment to execute workload(s) based on the orchestration policy. For example, the resource manager orchestration circuitry 1304 can allocate, deploy, and/or launch hardware, software, and/or firmware resources at a node, such as the edge cloud 810 of
At block 1906, the data usage monitoring circuitry 1300 generates a topology associated with the resources to at least one of execute a workload or route data in the edge environment with the resources. For example, the resource manager orchestration circuitry 1304 can generate a topology (e.g., a resource topology, a network topology, etc.) associated with resources of the edge network environment 800. In some examples, the topology can be a network topology including network connections (e.g., connections using IP addresses and ports, MAC addresses, logical addresses, etc.) to one(s) of the first monitoring sensor 828, the second monitoring sensor 830, the first industrial machine 816, the edge cloud 810, etc., of
At block 1908, the data usage monitoring circuitry 1300 identifies node(s) as preferred node(s) in the edge environment based on the topology, the preferred node(s) to generate local determinations associated with the data. For example, the resource manager orchestration circuitry 1304 can identify the edge cloud 810 as one of the preferred node(s) in the preferred nodes table 624 of
At block 1910, the data usage monitoring circuitry 1300 deploys machine learning (ML) model(s) to the node(s) in response to identification(s) of the node(s) as the preferred node(s). For example, the resource manager orchestration circuitry 1304 can provide, transmit, and/or otherwise deliver the ML model A 1328 and/or the ML model B 1330 to the edge cloud 810 in response to an identification of the edge cloud 810 as a preferred node in the edge network environment 800.
In response to deploying ML model(s) to the node(s) in response to identification(s) of the node(s) as the preferred node(s) at block 1910, the example machine readable instructions and/or the example operations 1900 of
The example machine readable instructions and/or the example operations 2000 of
If, at block 2002, the data usage monitoring circuitry 1300 determines to execute the ML model in a training phase, control proceeds to block 2004. At block 2004, the data usage monitoring circuitry 1300 obtains training data for an observation period. For example, the ML circuitry 1306 can obtain training data, such as labeled sensor data, for an observation period (e.g., labeled sensor data captured for a particular hour, week, day, etc.). In some examples, the ML circuitry 1306 can obtain training data, such as labeled intentions or desires of the identification and mitigation of the ethical divergence of a data stream, to be used to train the ML model 1368.
At block 2006, the data usage monitoring circuitry 1300 executes the ML model using the training data to generate outputs representative of baseline data for characteristics of a data stream and characteristics of an AI application node. For example, the ML circuitry 1306 can execute the ML model A 1328 and/or the ML model B 1330 to determine at least one of a first baseline value of a characteristic of a data stream or a second baseline value of a characteristic of an AI application node associated with the training data that can be used for the inference phase. An example process that may be executed and/or instantiated by processor circuitry to implement block 2006 is described below in connection with
If, at block 2002, the data usage monitoring circuitry 1300 determines to execute the ML model in an inference phase, control proceeds to block 2008. At block 2008, the data usage monitoring circuitry 1300 executes the ML model using the ingested data to generate outputs representative of characteristics of a data stream and characteristics of an AI application node of the ingested data. For example, the ML circuitry 1306 can execute the ML model A 1328 and/or the ML model B 1330, based on the training data, to determine at least one of a first value representative of a characteristic of a data stream ingested at a node or a second value representative of a characteristic of an AI application node (consuming or attempting to consume the data stream). An example process that may be executed and/or instantiated by processor circuitry to implement block 2008 is described below in connection with
At block 2010, the data usage monitoring circuitry 1300 determines whether to update the baseline data based on the outputs. For example, the ML circuitry 1306 can determine that ingested data is target data stream data and thereby the ML circuitry 1306 can determine to update stored baseline data.
If, at block 2010, the data usage monitoring circuitry 1300 determines to update the baseline data based on the outputs, control proceeds to block 2012. At block 2012, the data usage monitoring circuitry 1300 updates the baseline data in a datastore based on the outputs. In response to updating the baseline data in a datastore based on the outputs at block 2012, the example machine readable instructions and/or the example operations 2000 of
If, at block 2010, the data usage monitoring circuitry 1300 determines not to update the baseline data based on the outputs, control proceeds to block 2014. At block 2014, the data usage monitoring circuitry 1300 tags the ingested data for identification and mitigation of ethical divergence operations. For example, the ML circuitry 1306 can append metadata to the ingested data to cause the ingested data to undergo identification and mitigation of ethical divergence operation(s), such as being compressed, discarded, and/or otherwise modified. In response to tagging the ingested data for identification and mitigation of ethical divergence operations at block 2014, the example machine readable instructions and/or the example operations 2000 conclude. For example, the machine readable instructions and/or the operations 2000 of
The example machine readable instructions and/or the example operations 2100 of
At block 2104, the data usage monitoring circuitry 1300 determines a value of data quality based on the at least one of the training data or the ingested data. For example, the ML circuitry 1306 can execute the ML model 1368 to determine a first value representative of a characteristic of an AI application node associated with training data during a training phase, a second value of the AI application node associated with data ingested at the logical entity 601 of
At block 2106, the data usage monitoring circuitry 1300 determines whether at least one of the values of the data stream characteristic or the AI application node characteristic satisfy a threshold. For example, the ML circuitry 1306 can execute the ML model 1368 to determine that the first value of the data stream characteristic satisfies a first threshold (e.g., a data stream characteristic threshold, a data stream characteristic threshold associated with a training phase, etc.), the second value of the data stream characteristic satisfies a second threshold (e.g., a data stream characteristic threshold, a data stream characteristic threshold associated with an inference phase, etc.), etc., and/or any combination(s) thereof. In some examples, the ML circuitry 1306 can execute the ML model 1368 to determine that the first value of the AI application node characteristic satisfies a third threshold (e.g., an AI application node characteristic threshold, a, AI application node characteristic threshold associated with a training phase, etc.), the second value of the data quality satisfies a fourth threshold (e.g., an AI application node characteristic, an AI application node characteristic threshold associated with an inference phase, etc.), etc., and/or any combination(s) thereof.
If, at block 2106, the data usage monitoring circuitry 1300 determines that at least one of the values of the data stream characteristic or the AI application node characteristic do not satisfy a threshold, the example machine readable instructions and/or the example operations 2100 conclude. For example, the machine readable instructions and/or the example operations 2100 can return to block 2010 of the machine readable instructions and/or the operations 2000 of
If, at block 2106, the data usage monitoring circuitry 1300 determines that at least one of the values of the data stream characteristic or the AI application node characteristic satisfy a threshold, control proceeds to block 2108. At block 2108, the data usage monitoring circuitry 1300 stores the data in a datastore. For example, the ML circuitry 1306 can store the training data, or portion(s) thereof, as the normal data 1418, the critical data 1424, etc., of
At block 2110, the data usage monitoring circuitry 1300 generates an alert. For example, the ML circuitry 1306 can generate an alert indicative of the training data, the ingested data, etc., being representative of data to be surfaced to a user, another electronic system in the edge network environment 800 of
In response to generating an alert at block 2110, the example machine readable instructions and/or the example operations 2100 conclude. For example, the machine readable instructions and/or the example operations 2100 can return to block 2010 of the machine readable instructions and/or the operations 2000 of
The example machine readable instructions and/or the example operations 2100 of
The example machine readable instructions and/or the example operations 2200 of
At block 2204, the data usage monitoring circuitry 1300 determines/identifies a sensitive attribute of the target data stream. For example, a sensitive attribute of the data stream may include data that provides/describes sensitive topics, such as identification information of individuals (e.g., human resources data), classification of individuals based on race, gender, or other or any other type of classification, information about financial statements, governmental records, confidential records, or one or more other sensitive attributes.
At block 2206, the data usage monitoring circuitry 1300 determines/identifies a security level of the target data stream. For example, a security level of a data stream may include a level of known confidentiality based on content type, sensitive attributes, etc. such as confidential data, restricted data, top secret data, etc.
At block 2208, the data usage monitoring circuitry 1300 determines/identifies a source location of the source node that is sourcing the target data stream. For example, a source location of a source node that is sourcing the target data stream may be described by an Internet Protocol (IP) address, a physical address, or another type of address that corresponds to a virtual or geographic location that may change how data is viewed. For example, a virtual source location IP address from a bank may cause heightened ethical scrutiny for a data stream with financial data. For example, a geographical source location at a military facility may cause heighted ethical scrutiny for image data. For example, a geographical source location in a recording studio may cause heighted ethical scrutiny for audio data.
At block 2210, the data usage monitoring circuitry 1300 determines a value representative of a characteristic of the target data stream based on the determinations. For example, the ML circuitry 1306 can generate an output (e.g., an output based on ingested data from the data sources 604) by executing the data graph model 1326, the ML model A 1328 and/or the ML model B 1330, etc., and/or any combination(s) thereof, to determine a value of a characteristic of the data streambased on at least one of a content type of the target data stream, a sensitive attribute of the target data stream, a security level of the target data stream, and/or a source location of the source node that is sourcing target data stream. In some examples, the ML circuitry 1306 can determine the value of the characteristic of the data stream to be a numerical value (e.g., a value in a range of 0 to 1). In some examples, the ML circuitry 1306 can determine the value of the data stream characteristic to be a numerical identifier. In some examples, the ML circuitry 1306 can determine the value of data stream characteristic to be a label or text identifier.
In response to determining the value of the data stream characteristic based on the determinations at block 2210, the example machine readable instructions and/or the example operations 2200 conclude. For example, the machine readable instructions and/or the example operations 2200 can return to block 2104 of the machine readable instructions and/or the operations 2100 of
The example machine readable instructions and/or the example operations 2300 of
At block 2304, the data usage monitoring circuitry 1300 determines a usage context of the AI application node.
At block 2306, the data usage monitoring circuitry 1300 determines a value representative of an AI application node characteristic based on the determinations. For example, the ML circuitry 1306 can determine a value of an AI application node characteristic associated with the ingested data, or portion(s) thereof, based on at least one of the service type attribute or the usage context of the data.
In response to determining the value of the data quality based on the determinations at block 2306, the example machine readable instructions and/or the example operations 2300 conclude. For example, the machine readable instructions and/or the example operations 2300 can return to block 2106 of the machine readable instructions and/or the operations 2100 of
At block 2404 the data usage monitoring circuitry 1300 ingests network traffic at the first super node. In some examples, a target data stream is present within the ingested network traffic. In some examples, a target AI application node is consuming the target data stream or attempting to consume the target data stream.
At block 2406 the data usage monitoring circuitry 1300 executes the machine learning model at the first super node based on the ingested network traffic at the first super node to generate outputs representative of a data stream characteristic or an AI application node characteristic.
At block 2408, the data usage monitoring circuitry 1300 shares the outputs from the first super node with one or more additional super nodes (e.g., a second super node).
At block 2410, the data usage monitoring circuitry 1300 obtains outputs from one or more additional super nodes (e.g., the second super node). In some examples, the first super node may share first outputs with a first set of additional super nodes and may obtain second outputs from a second set of additional super nodes where the first and second set of additional super nodes may not be the same. For example, the first and second set of super nodes may be the same set of super nodes, may be a completely different set of super nodes with no overlapping super nodes, or may be a combination of some super nodes from the first set of super nodes and other super nodes not in the first set of super nodes. In some examples, the one or more additional super nodes that share the second outputs with the first super node may also share the data streams (or portions of the data streams) that created the second outputs when input into the machine learning model(s). In some examples, the portions of the data streams may include individual data points and/or features within the data streams.
At block 2412, the data usage monitoring circuitry 1300 tracks metadata in the target data stream and tracks metadata that is present in the target data stream and tracks behavior of the target AI application node that is consuming or attempting to consume the target data stream. In some examples, the data consumption tracker circuitry 1316 accesses the target data stream at the super node location and keep a count of each metadata tagging an amount of data in the target data stream. For example, the data consumption tracker circuitry 1316 may count metadata tags that indicate a specific content type in one or more portions of data in the target data stream. In some examples, the data consumption tracker circuitry 1316 counts occurrences of behavior from the target AI application node. For example, the data consumption tracker circuitry 1316 may determine a usage context of the target AI application node when the target AI application node attempts to consume a portion of data in the data stream that is tagged with metadata. For example, a patient intake target AI application node in a healthcare facility retrieves a portion of data in the data stream that is tagged with a sensitive attribute regarding personal identification information, but in the usage context, this particular target AI application node does not indicate an ethical divergence anomaly. Thus, in some examples, the data consumption tracker circuitry 1316 tracks both metadata in the target data stream and tracks metadata that is present in the target data stream and tracks behavior of the target AI application node in order to accurately provide detection of anomalies.
At block 2414, the data usage monitoring circuitry 1300 builds at least one consensus nominal data stream pattern based on the first outputs (e.g., generated by the first super node) and the second outputs (e.g., generated by one or more additional super nodes). In some examples, the ML circuitry 1306 executes the machine learning model with a combination of the first outputs and second outputs in a training phase to converge to a nominal data stream pattern for use in comparison against target data streams.
In response to building the consensus nominal data stream pattern at block 2414, the example machine readable instructions and/or the example operations 2400 conclude.
At block 2504, the data usage monitoring circuitry 1300 ingests network traffic (e.g., ingests data in data streams in the network traffic) at the DDI node. For example, the interface circuitry 1302 (
At block 2506, the data usage monitoring circuitry 1300 tracks metadata in the target data stream and tracks the behavior of the target AI application node at the DDI node. For example, the data consumption tracking circuitry 1316 can perform tasks that are described in
At block 2508, the data usage monitoring circuitry 1300 selects a machine learning model for use at the DDI node. For example, the algorithm manager circuitry 1312 selects an AI algorithm used to train a machine learning model to be executed on the DDI node. In some examples, the machine learning model selected (e.g., selected either directly or through the selection of the AI algorithm used to train the machine learning model) has matching features to features/characteristics present in the target data stream. For example, the interface circuitry 1302 may tag data within a target data stream with metadata that corresponds to one or more features (e.g., characteristics such as data stream characteristics and/or AI application node characteristics) representative of the data. In some examples, the algorithm manager circuitry 1312 may have access to a plurality of AI algorithms (e.g., algorithms 1-3 (638)), each of which may focus on a subset of an overall set of features available. Thus, in some examples, the algorithm manager circuitry 1312 may select a second algorithm used to train ML model B 1330 (as opposed to a first algorithm used to train ML model A 1328). In some examples, ML model A 1328 and ML model B 1330 are trained to different feature sets. In some examples, algorithm manager circuitry 1312 will select an ML model trained with either an algorithm that utilizes the set of features in the target data stream, or, alternatively, an algorithm that utilizes a closest feature set available to the set of features in the target data stream.
At block 2510, the data usage monitoring circuitry 1300 executes, over a period of time, a machine learning model (e.g., selected at block 2508) based on the target data stream, to generate second outputs representative of a data stream characteristic and/or a target AI application node characteristic. For example, the ML circuitry 1306 can execute the machine learning model to focus on a most closely related set of features to the features/characteristics in the target data stream to more accurately allow a comparison of the target data stream to one or more nominal data streams.
At block 2512, the data usage monitoring circuitry 1300 synchronizes data with other DDI nodes deployed in the edge environment over a period of time. For example, the DDI circuitry 1314 can synchronize data patterns with other one(s) of the nodes 1408, 1410, and/or 1412 (
At block 2514, the data usage monitoring circuitry 1300 determines whether the second outputs, generated from block 2510, satisfy a threshold value at any point within the period of time. For example, the DDI circuitry 1314 may not continue to process data related to a target AI application node if no anomaly is found when the target data stream is compared against one or more nominal data streams over a period of time. If a threshold value (e.g., an anomaly threshold ethical divergence value) is not found, then the process completes. Otherwise, the process continues at block 2516.
At block 2516, the data usage monitoring circuitry 1300 determines whether an ethical divergence of a target data stream occurs at the DDI node greater than a frequency threshold. For example, the DDI circuitry 1314 may observe a divergence from the baseline/nominal data stream happens at least at a minimum rate over time. In some examples, if the ethical divergence rate does not exceed the minimum threshold, then the process completes. Otherwise, the process continues at block 2518.
At block 2516, the data usage monitoring circuitry 1300 determines whether an ethical divergence of a target data stream occurs at other DDI nodes greater than a frequency threshold. For example, the DDI circuitry 1314 may observe a divergence from the baseline/nominal data stream happens at least at a minimum rate over time at other DDI nodes (e.g., the divergence is potentially commonplace at more than just the target AI application node). In some examples, if the ethical divergence rate at other DDI nodes does not exceed the minimum threshold, then the process completes. Otherwise, the process continues at block 2520.
At block 2520, the data usage monitoring circuitry 1300 determines whether an ethical divergence of a target data stream meets a constraint. For example, the DDI circuitry 1314 may observe that while a divergence is present and the divergence exceeds the minimum threshold, the divergence is within a known constraint. For example, a regulatory requirement associated with a geographical region is known and therefore divergences happen, but are not mitigated for a reason. In some examples, if the ethical divergence of the target data stream meets the constraint, then the process completes. Otherwise, the process continues at block 2520
At block 2522, the data usage monitoring circuitry 1300 causes modification of the target data stream or a response to the attempt to consume the target data stream. For example, the DDI circuitry 1314 may trigger an action and/or control of data usage as defined in a service level agreement that governs the ingested data request. In some examples, a modification to the target data stream or a response to the attempt to consume the target data stream may include one or more processes described in
The example machine readable instructions and/or the example operations 2600 of
In some examples, the metadata manager circuitry 1308 may filter data using multiple layer classifications. In some examples, data from a target data stream that is represented by a group of data points in a graph model (e.g., graph models 1202 and/or 1204 in
At block 2604, the data usage monitoring circuitry 1300 removes duplicate data based on the data graph model(s). For example, the metadata manager circuitry 1308 can determine that data at and/or otherwise ingested at one(s) of the first nodes 1206 is/are duplicative based on comparing first metadata of the data with second metadata of the data graph model 1326, the graph models 1102, 1104. For example, the green data management circuitry 1040 can determine that the data has previously been analyzed and/or stored based on a presence of the first metadata, or portion(s) thereof, in the data graph model 1066, the graph models 1202, 1204, etc., as part of the second metadata.
In response to removing duplicate data based on the data graph model(s) at block 2604, the example machine readable instructions and/or the example operations 2600 conclude.
The example machine readable instructions and/or the example operations 2700 of
At block 2704, the data usage monitoring circuitry 1300 alerts the node(s) of the operation(s) to cause the operation(s) to be executed. For example, the operation execution circuitry 1310 can generate an alert indicative of an operation associated with super node 1512 (
In response to alerting the node(s) of the operation(s) to cause the operation(s) to be executed at block 2704, the example machine readable instructions and/or the example operations 2700 conclude. For example, the machine readable instructions and/or the example operations 2700 can return to the machine readable instructions and/or the operations 1700 of
The example machine readable instructions and/or the example operations 2800 of
At block 2804, the data usage monitoring circuitry 1300 analyzes the target AI application node behavior corresponding to the obtained metadata. For example, a filtered metadata tag may correspond to a characteristic (e.g., feature) of the data in the target data stream, such as a sensitive attribute (e.g., financial information), and the data consumption tracking circuitry 1316 may associate an observed/analyzed characteristic of the target AI application node (e.g., a service type attribute or a usage context) to the metadata tag from the data stream to provide greater context to the consumption (or consumption attempt).
At block 2806, the data usage monitoring circuitry 1300 adds to a metadata count and/or a target AI application behavior count for obtained metadata in the data stream and the corresponding behavior. For example, the data consumption tracking circuitry 1316 may keep a running count of each metadata tag for the target data stream and, additionally, may keep a running count of each target AI application node characteristic accompanying the consumption (or consumption attempts).
At block 2808, the data usage monitoring circuitry 1300 determines whether any metadata count or target AI application behavior count (e.g., updated during the operation of block 2806) has satisfied a threshold value. For example, the data consumption tracking circuitry 1316 may compare a count of a metadata tag to a threshold count and if the metadata tag count equals or exceeds the threshold count, then the threshold value has been satisfied. In some examples, the monitored counts of metadata tags and/or target AI application node behavior counts may be counted over a period of time. For example, there may be a window of a period of time that a count has to exceed within the period of time (e.g., a rolling window of the most recent one second of monitoring). In some examples, a threshold value may be a rate of occurrences per second instead of an actual count value of occurrences.
At block 2810, in response to the metadata count or the target AI application behavior count satisfying the threshold value, the data usage monitoring circuitry 1300 may generate an alert. For example, the data consumption tracking circuitry 1316 can send an alert to a designated alert handler node. In some examples, the data consumption tracking circuitry 1316 may send the alert to a cloud or to a central node. In some examples, the data consumption tracking circuitry 1316 may send the alert to the data rights management (DRM) circuitry 1318 for further handling. In some examples, the data consumption tracking circuitry 1316 may send the alert to the operation execution circuitry for further handling.
In response to alerting the node(s) of the operation(s) to cause the operation(s) to be executed at block 2810, the example machine readable instructions and/or the example operations 2800 conclude. For example, the machine readable instructions and/or the example operations 2800 can return to the machine readable instructions and/or the operations 2400 of
In some examples, the machine readable instructions and/or the example operations 2900 of
At block 2904, the data usage monitoring circuitry 1300, based on policy 1322, may tag data in the target data stream with metadata for tracking. For example, the DRM circuitry 1318 may tag data in the target data stream with metadata tags corresponding to tracking information about the time, date, source location, ownership of the data, identification of target AI application node attempting the consumption, and/or other types of tags.
At block 2906, the data usage monitoring circuitry 1300, based on policy 1322, may hash tracking information into the data in the target data stream. For example, the DRM circuitry 1318 may conceal tags/tracking information in the data stream by hashing such information into raw data in the target data stream.
At block 2908, the data usage monitoring circuitry 1300, based on policy 1322, may implement blockchaining for data in the target data stream. For example, the DRM circuitry 1318 may manage a blockchain ledger for the data in the target data stream to keep track of every owner of the data since the inception of the data.
At block 2910, the data usage monitoring circuitry 1300, based on policy 1322, may prohibit consumption of the data stream by the target AI application node. For example, the DRM circuitry 1318 may divert or stop the target data stream from reaching the node in any one of a number of ways, such as directing the source node to discontinue streaming the data in question in the target data stream.
The processor platform 3000 of the illustrated example includes processor circuitry 3012. The processor circuitry 3012 of the illustrated example is hardware. For example, the processor circuitry 3012 can be implemented by one or more integrated circuits, logic circuits, FPGAs, microprocessors, CPUs, GPUs, XPUs, DSPs, and/or microcontrollers from any desired family or manufacturer. The processor circuitry 3012 may be implemented by one or more semiconductor based (e.g., silicon based) devices. In this example, the processor circuitry 3012 implements the data ingestion manager 606, the data query manager 610, the data publishing manager 618, the node manager 622, the data security manager 632, the algorithm manager/recommender 634, and the analytics manager 636 of
The processor circuitry 3012 of the illustrated example includes a local memory 3013 (e.g., a cache, registers, etc.). The processor circuitry 3012 of the illustrated example is in communication with a main memory including a volatile memory 3014 and a non-volatile memory 3016 by a bus 3018. The volatile memory 3014 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS® Dynamic Random Access Memory (RDRAM®), and/or any other type of RAM device. The non-volatile memory 3016 may be implemented by flash memory and/or any other desired type of memory device. Access to the main memory 3014, 3016 of the illustrated example is controlled by a memory controller 3017.
The processor platform 3000 of the illustrated example also includes interface circuitry 3020. The interface circuitry 3020 may be implemented by hardware in accordance with any type of interface standard, such as an Ethernet interface, a universal serial bus (USB) interface, a Bluetooth® interface, a near field communication (NFC) interface, a Peripheral Component Interconnect (PCI) interface, and/or a Peripheral Component Interconnect Express (PCIe) interface.
In the illustrated example, one or more input devices 3022 are connected to the interface circuitry 3020. The input device(s) 3022 permit(s) a user to enter data and/or commands into the processor circuitry 3012. The input device(s) 3022 can be implemented by, for example, a sensor (e.g., a light sensor, a humidity sensor, a motion sensor, a temperature sensor, etc.), an audio sensor, a microphone, a camera (still or video), a keyboard, a button, a mouse, a touchscreen, a track-pad, a trackball, an isopoint device, and/or a voice recognition system.
One or more output devices 3024 are also connected to the interface circuitry 3020 of the illustrated example. The output device(s) 3024 can be implemented, for example, by display devices (e.g., a light emitting diode (LED), an organic light emitting diode (OLED), a liquid crystal display (LCD), a cathode ray tube (CRT) display, an in-place switching (IPS) display, a touchscreen, etc.), a tactile output device, a printer, and/or speaker. The interface circuitry 3020 of the illustrated example, thus, typically includes a graphics driver card, a graphics driver chip, and/or graphics processor circuitry such as a GPU.
The interface circuitry 3020 of the illustrated example also includes a communication device such as a transmitter, a receiver, a transceiver, a modem, a residential gateway, a wireless access point, and/or a network interface to facilitate exchange of data with external machines (e.g., computing devices of any kind) by a network 3026. The communication can be by, for example, an Ethernet connection, a digital subscriber line (DSL) connection, a telephone line connection, a coaxial cable system, a satellite system, a line-of-site wireless system, a cellular telephone system, an optical connection, etc.
The processor platform 3000 of the illustrated example also includes one or more mass storage devices 3028 to store software and/or data. Examples of such mass storage devices 3028 include magnetic storage devices, optical storage devices, floppy disk drives, HDDs, CDs, Blu-ray disk drives, redundant array of independent disks (RAID) systems, solid state storage devices such as flash memory devices and/or SSDs, and DVD drives. In this example, the one or more mass storage devices 3028 implement the distributed datastore 644, the metadata datastore 646, and the raw datastore 648 of
The machine executable instructions 3032, which may be implemented by the machine readable instructions of
The processor platform 3000 of the illustrated example of
The processor platform 3100 of the illustrated example includes processor circuitry 3112. The processor circuitry 3112 of the illustrated example is hardware. For example, the processor circuitry 3112 can be implemented by one or more integrated circuits, logic circuits, FPGAs, microprocessors, CPUs, GPUs, XPUs, DSPs, and/or microcontrollers from any desired family or manufacturer. The processor circuitry 3112 may be implemented by one or more semiconductor based (e.g., silicon based) devices. In this example, the processor circuitry 3112 implements the resource manager orchestration circuitry 1304, the ML circuitry 1306, the metadata manager circuitry 1308, the operation execution circuitry 1310, the algorithm manager circuitry 1312, and the DDI circuitry 1314 of
The processor circuitry 3112 of the illustrated example includes a local memory 3113 (e.g., a cache, registers, etc.). The processor circuitry 3112 of the illustrated example is in communication with a main memory including a volatile memory 3114 and a non-volatile memory 3116 by a bus 3118. The volatile memory 3114 may be implemented by SDRAM, DRAM, RDRAM®, and/or any other type of RAM device. The non-volatile memory 3116 may be implemented by flash memory and/or any other desired type of memory device. Access to the main memory 3114, 3116 of the illustrated example is controlled by a memory controller 3117.
The processor platform 3100 of the illustrated example also includes interface circuitry 3120. The interface circuitry 3120 may be implemented by hardware in accordance with any type of interface standard, such as an Ethernet interface, a USB interface, a Bluetooth® interface, an NFC interface, a PCI interface, and/or a PCIe interface. In this example, the interface circuitry 3120 implements the interface circuitry 1302 of
In the illustrated example, one or more input devices 3122 are connected to the interface circuitry 3120. The input device(s) 3122 permit(s) a user to enter data and/or commands into the processor circuitry 3112. The input device(s) 3122 can be implemented by, for example, a sensor (e.g., a light sensor, a humidity sensor, a motion sensor, a temperature sensor, etc.), an audio sensor, a microphone, a camera (still or video), a keyboard, a button, a mouse, a touchscreen, a track-pad, a trackball, an isopoint device, and/or a voice recognition system.
One or more output devices 3124 are also connected to the interface circuitry 3120 of the illustrated example. The output device(s) 3124 can be implemented, for example, by display devices (e.g., an LED, an OLED, an LCD, a CRT display, an IPS display, a touchscreen, etc.), a tactile output device, a printer, and/or speaker. The interface circuitry 3120 of the illustrated example, thus, typically includes a graphics driver card, a graphics driver chip, and/or graphics processor circuitry such as a GPU.
The interface circuitry 3120 of the illustrated example also includes a communication device such as a transmitter, a receiver, a transceiver, a modem, a residential gateway, a wireless access point, and/or a network interface to facilitate exchange of data with external machines (e.g., computing devices of any kind) by a network 3126. The communication can be by, for example, an Ethernet connection, a DSL connection, a telephone line connection, a coaxial cable system, a satellite system, a line-of-site wireless system, a cellular telephone system, an optical connection, etc.
The processor platform 3100 of the illustrated example also includes one or more mass storage devices 3128 to store software and/or data. Examples of such mass storage devices 3128 include magnetic storage devices, optical storage devices, floppy disk drives, HDDs, CDs, Blu-ray disk drives, RAID systems, solid state storage devices such as flash memory devices and/or SSDs, and DVD drives. In this example, the one or more mass storage devices 3128 implement the datastore 1320, the policy 1322, the metadata 1324, the data graph model 1326, and the ML models AB 1328/1330 of
The machine executable instructions 3132, which may be implemented by the machine readable instructions of
The processor platform 3100 of the illustrated example of
The cores 3202 may communicate by a first example bus 3204. In some examples, the first bus 3204 may implement a communication bus to effectuate communication associated with one(s) of the cores 3202. For example, the first bus 3204 may implement at least one of an Inter-Integrated Circuit (I2C) bus, a Serial Peripheral Interface (SPI) bus, a PCI bus, or a PCIe bus. Additionally or alternatively, the first bus 3204 may implement any other type of computing or electrical bus. The cores 3202 may obtain data, instructions, and/or signals from one or more external devices by example interface circuitry 3206. The cores 3202 may output data, instructions, and/or signals to the one or more external devices by the interface circuitry 3206. Although the cores 3202 of this example include example local memory 3220 (e.g., Level 1 (L1) cache that may be split into an L1 data cache and an L1 instruction cache), the microprocessor 3200 also includes example shared memory 3210 that may be shared by the cores (e.g., Level 2 (L2_cache)) for high-speed access to data and/or instructions. Data and/or instructions may be transferred (e.g., shared) by writing to and/or reading from the shared memory 3210. The local memory 3220 of each of the cores 3202 and the shared memory 3210 may be part of a hierarchy of storage devices including multiple levels of cache memory and the main memory (e.g., the main memory 3014, 3016 of
Each core 3202 may be referred to as a CPU, DSP, GPU, etc., or any other type of hardware circuitry. Each core 3202 includes control unit circuitry 3214, arithmetic and logic (AL) circuitry (sometimes referred to as an ALU) 3216, a plurality of registers 3218, the L1 cache 3220, and a second example bus 3222. Other structures may be present. For example, each core 3202 may include vector unit circuitry, single instruction multiple data (SIMD) unit circuitry, load/store unit (LSU) circuitry, branch/jump unit circuitry, floating-point unit (FPU) circuitry, etc. The control unit circuitry 3214 includes semiconductor-based circuits structured to control (e.g., coordinate) data movement within the corresponding core 3202. The AL circuitry 3216 includes semiconductor-based circuits structured to perform one or more mathematic and/or logic operations on the data within the corresponding core 3202. The AL circuitry 3216 of some examples performs integer based operations. In other examples, the AL circuitry 3216 also performs floating point operations. In yet other examples, the AL circuitry 3216 may include first AL circuitry that performs integer based operations and second AL circuitry that performs floating point operations. In some examples, the AL circuitry 3216 may be referred to as an Arithmetic Logic Unit (ALU). The registers 3218 are semiconductor-based structures to store data and/or instructions such as results of one or more of the operations performed by the AL circuitry 3216 of the corresponding core 3202. For example, the registers 3218 may include vector register(s), SIMD register(s), general purpose register(s), flag register(s), segment register(s), machine specific register(s), instruction pointer register(s), control register(s), debug register(s), memory management register(s), machine check register(s), etc. The registers 3218 may be arranged in a bank as shown in
Each core 3202 and/or, more generally, the microprocessor 3200 may include additional and/or alternate structures to those shown and described above. For example, one or more clock circuits, one or more power supplies, one or more power gates, one or more cache home agents (CHAs), one or more converged/common mesh stops (CMSs), one or more shifters (e.g., barrel shifter(s)) and/or other circuitry may be present. The microprocessor 3200 is a semiconductor device fabricated to include many transistors interconnected to implement the structures described above in one or more integrated circuits (ICs) contained in one or more packages. The processor circuitry may include and/or cooperate with one or more accelerators. In some examples, accelerators are implemented by logic circuitry to perform certain tasks more quickly and/or efficiently than can be done by a general purpose processor. Examples of accelerators include ASICs and FPGAs such as those discussed herein. A GPU or other programmable device can also be an accelerator. Accelerators may be on-board the processor circuitry, in the same chip package as the processor circuitry and/or in one or more separate packages from the processor circuitry.
More specifically, in contrast to the microprocessor 3200 of
In the example of
The interconnections 3310 of the illustrated example are conductive pathways, traces, vias, or the like that may include electrically controllable switches (e.g., transistors) whose state can be changed by programming (e.g., using an HDL instruction language) to activate or deactivate one or more connections between one or more of the logic gate circuitry 3308 to program desired logic circuits.
The storage circuitry 3312 of the illustrated example is structured to store result(s) of the one or more of the operations performed by corresponding logic gates. The storage circuitry 3312 may be implemented by registers or the like. In the illustrated example, the storage circuitry 3312 is distributed amongst the logic gate circuitry 3308 to facilitate access and increase execution speed.
The example FPGA circuitry 3300 of
Although
In some examples, the processor circuitry 3312 of
A block diagram illustrating an example software distribution platform 3405 to distribute software such as the example machine readable instructions 3032 of
From the foregoing, it will be appreciated that example systems, methods, apparatus, and articles of manufacture have been disclosed for proactive data management and analytics. Disclosed systems, methods, apparatus, and articles of manufacture achieve and/or otherwise implement improved data ingestion, bus, analytics, storage, data publishing, privacy, security, and trust techniques over conventional data management systems. Disclosed systems, methods, apparatus, and articles of manufacture improve the efficiency of using a computing device by implementing examples disclosed herein. Disclosed systems, methods, apparatus, and articles of manufacture are accordingly directed to one or more improvement(s) in the operation of a machine such as a computer or other electronic and/or mechanical device.
Further examples and combinations thereof include the following:
Example 1 includes an apparatus to monitor data usage, comprising interface circuitry to communicatively couple a network to processor circuitry, and the processor circuitry including one or more of at least one of a central processor unit, a graphics processor unit, or a digital signal processor, the at least one of the central processor unit, the graphics processor unit, or the digital signal processor having control circuitry to control data movement within the processor circuitry, arithmetic and logic circuitry to perform one or more first operations corresponding to instructions, and one or more registers to store a result of the one or more first operations, the instructions in the apparatus, a Field Programmable Gate Array (FPGA), the FPGA including logic gate circuitry, a plurality of configurable interconnections, and storage circuitry, the logic gate circuitry and the plurality of the configurable interconnections to perform one or more second operations, the storage circuitry to store a result of the one or more second operations, or Application Specific Integrated Circuitry (ASIC) including logic gate circuitry to perform one or more third operations, the processor circuitry to perform at least one of the first operations, the second operations, or the third operations to instantiate resource manager orchestration circuitry to orchestrate resources in an edge environment based on ingested network traffic on an edge network, at least some of the ingested network traffic associated with at least one source node that is to source a target data stream and at least one target artificial intelligence (AI) application node that is to consume at least a portion of the target data stream, and machine learning circuitry to execute a machine learning model based on the ingested network traffic to generate one or more outputs, the one or more outputs including at least one of a first value representative of a data stream characteristic or a second value representative of an AI application node characteristic, determine the one or more outputs satisfy a threshold value, and generate an alert in response to the outputs satisfying the threshold value.
Example 2 includes the apparatus of example 1, wherein the interface circuitry is to ingest at least a portion of the target data stream from the data source, tag the at least portion of the target data stream with metadata, and query an orchestrator to identify the machine learning model as associated with the metadata, and the machine learning circuitry is to execute the machine learning model to determine the at least one of the first value representative of the data stream characteristic or the second value representative of the AI application node characteristic.
Example 3 includes the apparatus of example 1, wherein the machine learning circuitry is to determine at least one of a content type of the target data stream, a sensitive attribute of the target data stream, a security level of the target data stream, or a source location of the target data stream, and execute the machine learning model to determine the first value of the data stream characteristic based on the at least one of the content type, the sensitive attribute, the security level, or the source location.
Example 4 includes the apparatus of example 3, wherein the target data stream includes one or more target data points associated with the at least one of the content type, the sensitive attribute, the security level, or the source location, and the processor circuitry is to perform the at least one of the first operations, the second operations, or the third operations to instantiate metadata manager circuitry to generate at least one target graph node representation of the target data stream based on at least one of the one or more target data points, and the machine learning circuitry is to execute the machine learning model to compare the at least one target graph node representation to one or more baseline graph node representations, the one or more baseline graph node representations including respective one or more nominal data points from nominal data streams, the one or more nominal data points including at least one of a content type of nominal data stream, a sensitive attribute of the nominal data stream, a security level of the nominal data stream, or a source location of the nominal data stream.
Example 5 includes the apparatus of example 1, wherein the machine learning circuitry is to determine at least one of a service type attribute of the AI application node or a usage context of the target data stream for the AI application node, and execute the machine learning model to determine the second value of the AI application node characteristic based on at least one of the service type attribute or the usage context.
Example 6 includes the apparatus of example 1, wherein the machine learning circuitry is to train the machine learning model with at least one of nominal traffic or nominal node behavior, the nominal traffic indicative of one or more nominal data streams with one or more expected data points, the nominal node behavior indicative of one or more expected data consumption patterns by one or more nominal nodes.
Example 7 includes the apparatus of example 1, wherein the one or more outputs are one or more first outputs, and the resource manager orchestration circuitry is to instantiate a first super node in the edge environment, and deploy a second instantiation of the machine learning model to the first super node, and the machine learning circuitry is to execute the second instantiation of the machine learning model based on a first plurality of data streams within network traffic ingested at the first super node to generate one or more second outputs, the one or more second outputs including values representative of data stream characteristics and values representative of AI application node characteristics, share the one or more second outputs with a second super node in the edge environment, obtain one or more third outputs from the second super node, the one or more third outputs generated from a third instantiation of the machine learning model executed at the second super node based on a second plurality of data streams within network traffic ingested at the second super node, the one or more third outputs including values representative of data stream characteristics and values representative of AI application node characteristics, and train the machine learning model using at least one of the one or more second outputs or the one or more third outputs to build a consensus nominal data stream pattern.
Example 8 includes the apparatus of example 1, wherein the machine learning model is a first machine learning model, the one or more outputs are one or more first outputs, the threshold value is a first threshold value, and the resource manager orchestration circuitry is to instantiate a deep data inspection node in the edge environment, the deep data inspection node to have access to the target data stream, the interface circuitry to verify at least one feature in the target data stream corresponds to at least one of a target data stream characteristic or a target AI application node characteristic, the processor circuitry is to perform the at least one of the first operations, the second operations, or the third operations to instantiate algorithm manager circuitry to select a second machine learning model trained on a feature set representative of at least one of at least one of the target data stream characteristic or the target AI application node characteristic, the machine learning circuitry is to execute the second machine learning model over a period of time at the deep data inspection node based on the target data stream to generate one or more second outputs, the one or more second outputs including at least a third value representative of a deviation condition of the target data stream, and the processor circuitry is to perform the at least one of the first operations, the second operations, or the third operations to instantiate deep data inspection circuitry to determine the one or more second outputs satisfy a second threshold value at least once over the period of time.
Example 9 includes the apparatus of example 8, wherein the resource manager orchestration circuitry is to deploy the trained second machine learning model across the deep data inspection node and one or more additional deep data inspection nodes in the edge environment, and the machine learning circuitry is to train the second machine learning model with at least one nominal data stream pattern shared across the deep data inspection node and the one or more additional deep data inspection nodes.
Example 10 includes the apparatus of example 9, wherein the deep data inspection circuitry is to at least one of determine the deviation condition of the target data stream occurs less than or equal to a frequency threshold, determine the deviation condition of the target data stream occurs less than or equal to a frequency threshold at the one or more additional deep data inspection nodes, or determine the deviation condition of the target data stream does not meet at least one constraint, and the processor circuitry to perform the at least one of the first operations, the second operations, or the third operations to instantiate operation execution circuitry to cause at least one of a modification to the target data stream or a response to an attempt to consume the target data stream.
Example 11 includes the apparatus of example 1, wherein the processor circuitry to perform the at least one of the first operations, the second operations, or the third operations to instantiate operation execution circuitry to, in response to the alert being generated, at least one of tag a portion of the target data stream with metadata, implement a blockchain for at least one data point in the target data stream, or prohibit consumption of the target data stream by the target AI application node.
Example 12 includes a non-transitory machine readable storage medium comprising instructions that, when executed, cause processor circuitry to at least orchestrate resources in an edge environment based on ingested network traffic on an edge network, at least some of the ingested network traffic associated with at least one source node that is to source a target data stream and at least one target artificial intelligence (AI) application node that is to consume at least a portion of the target data stream, execute a machine learning model based on the ingested network traffic to generate one or more outputs, the one or more outputs including at least one a first value representative of a data stream characteristic or a second value representative of an AI application node characteristic, determine the one or more outputs satisfy a threshold value, and generate an alert in response to the outputs satisfying the threshold value.
Example 13 includes the non-transitory machine readable storage medium 12, wherein the instructions, when executed, further cause the processor circuitry to ingest at least a portion of the target data stream from the data source, tag the at least portion of the target data stream with metadata, query an orchestrator to identify the machine learning model as associated with the metadata, and execute the machine learning model to determine the at least one of the first value representative of the data stream characteristic or the second value representative of the AI application node characteristic.
Example 14 includes the non-transitory machine readable storage medium 12, wherein the instructions, when executed, further cause the processor circuitry to determine at least one of a content type of the target data stream, a sensitive attribute of the target data stream, a security level of the target data stream, or a source location of the target data stream, and execute the machine learning model to determine the first value of the data stream characteristic based on the at least one of the content type, the sensitive attribute, the security level, or the source location.
Example 15 includes the non-transitory machine readable storage medium of example 12, wherein the target data stream includes one or more target data points associated with at least one of a content type, a sensitive attribute, a security level, or a source location, and wherein the instructions, when executed, further cause the processor circuitry to generate at least one target graph node representation of the target data stream based on at least one of the one or more target data points, and execute the machine learning model to compare the at least one target graph node representation to one or more baseline graph node representations, the one or more baseline graph node representations including respective one or more nominal data points from nominal data streams, the one or more nominal data points including at least one of a content type of nominal data stream, a sensitive attribute of the nominal data stream, a security level of the nominal data stream, or a source location of the nominal data stream.
Example 16 includes the non-transitory machine readable storage medium of example 12, wherein the instructions, when executed, further cause the processor circuitry to determine at least one of a service type attribute of the AI application node or a usage context of the target data stream for the AI application node, and execute the machine learning model to determine the second value of the AI application node characteristic based on at least one of the service type attribute or the usage context.
Example 17 includes the non-transitory machine readable storage medium of example 12, wherein the instructions, when executed, further cause the processor circuitry to select at least one policy for the ingested network traffic used to initiate the machine learning model, and train the machine learning model with at least one of nominal traffic or nominal node behavior, the nominal traffic indicative of one or more nominal data streams with one or more expected data points, the nominal node behavior indicative of one or more expected data consumption patterns by one or more nominal nodes.
Example 18 includes the non-transitory machine readable storage medium of example 12, wherein the instructions, when executed, further cause the processor circuitry to instantiate a first super node in the edge environment, and deploy a second instantiation of the machine learning model to the first super node, execute the second instantiation of the machine learning model based on a first plurality of data streams within network traffic ingested at the first super node to generate one or more second outputs, the one or more second outputs including values representative of data stream characteristics and values representative of AI application node characteristics, share the one or more second outputs with a second super node in the edge environment, obtain one or more third outputs from the second super node, the one or more third outputs generated from a third instantiation of the machine learning model executed at the second super node based on a second plurality of data streams within network traffic ingested at the second super node, the one or more third outputs including values representative of data stream characteristics and values representative of AI application node characteristics, and train the machine learning model using at least one of the one or more second outputs or the one or more third outputs to build a consensus nominal data stream pattern.
Example 19 includes the non-transitory machine readable storage medium of example 12, wherein the machine learning model is a first machine learning model, wherein the outputs are first outputs, wherein the threshold value is a first threshold value, and wherein the instructions, when executed, further cause the processor circuitry to instantiate a deep data inspection node in the edge environment, the deep data inspection node to have access to the target data stream, verify at least one feature in the target data stream corresponds to at least one of a target data stream characteristic or a target AI application node characteristic, select a second machine learning model trained on a feature set representative of at least one of at least one of the target data stream characteristic or the target AI application node characteristic, execute the second machine learning model over a period of time at the deep data inspection node based on the target data stream to generate one or more second outputs, the one or more second outputs including at least a third value representative of a deviation condition of the target data stream, and determine the one or more second outputs satisfy a second threshold value at least once over the period of time.
Example 20 includes the non-transitory machine readable storage medium of example 19, wherein the instructions, when executed, further cause the processor circuitry to deploy the trained second machine learning model across the deep data inspection node and one or more additional deep data inspection nodes in the edge environment, and train the second machine learning model with at least one nominal data stream pattern shared across the deep data inspection node and the one or more additional deep data inspection nodes.
Example 21 includes the non-transitory machine readable storage medium of example 19, wherein the instructions, when executed, further cause the processor circuitry to at least one of determine the deviation condition of the target data stream occurs less than or equal to a frequency threshold, determine the deviation condition of the target data stream occurs less than or equal to a frequency threshold at the one or more additional deep data inspection nodes, or determine the deviation condition of the target data stream does not meet at least one constraint, and cause at least one of a modification to the target data stream or a response to an attempt to consume the target data stream.
Example 22 includes the non-transitory machine readable storage medium of example 12, wherein the instructions, when executed, further cause the processor circuitry to in response to the alert being generated, at least one of tag a portion of the target data stream with metadata, implement a blockchain for at least one data point in the target data stream, or prohibit consumption of the target data stream by the target AI application node.
Example 23 includes a method, comprising orchestrating resources in an edge environment based on ingested network traffic on an edge network, at least some of the ingested network traffic associated with at least one source node that is to source a target data stream and at least one target artificial intelligence (AI) application node that is to consume at least a portion of the target data stream, and executing a machine learning model based on the ingested network traffic to generate one or more outputs, the one or more outputs including at least one a first value representative of a data stream characteristic or a second value representative of an AI application node characteristic, determining the one or more outputs satisfy a threshold value, and generating an alert in response to the outputs satisfying the threshold value.
Example 24 includes the method of example 23, including determining at least one of a content type of the target data stream, a sensitive attribute of the target data stream, a security level of the target data stream, or a source location of the target data stream, and executing the machine learning model to determine the first value of the data stream characteristic based on the at least one of the content type, the sensitive attribute, the security level, or the source location.
Example 25 includes the method of example 23, including determining at least one of a service type attribute of the AI application node or a usage context of the target data stream for the AI application node, and executing the machine learning model to determine the second value of the AI application node characteristic based on at least one of the service type attribute or the usage context.
Example 26 includes the method of example 23, including ingesting at least a portion of the target data stream from the data source, tagging the at least portion of the target data stream with metadata, querying an orchestrator to identify the machine learning model as associated with the metadata, and executing the machine learning model to determine the at least one of the first value representative of the data stream characteristic or the second value representative of the AI application node characteristic.
Example 27 includes the method of example 23, wherein the target data stream includes one or more target data points associated with at least one of a content type, a sensitive attribute, a security level, or a source location, including generating at least one target graph node representation of the target data stream based on at least one of the one or more target data points, and executing the machine learning model to compare the at least one target graph node representation to one or more baseline graph node representations, the one or more baseline graph node representations including respective one or more nominal data points from nominal data streams, the one or more nominal data points including at least one of a content type of nominal data stream, a sensitive attribute of the nominal data stream, a security level of the nominal data stream, or a source location of the nominal data stream.
Example 28 includes the method of example 23, including selecting at least one policy for the ingested network traffic used to initiate the machine learning model, and training the machine learning model with at least one of nominal traffic or nominal node behavior, the nominal traffic indicative of one or more nominal data streams with one or more expected data points, the nominal node behavior indicative of one or more expected data consumption patterns by one or more nominal nodes.
Example 29 includes the method of example 23, including instantiating a first super node in the edge environment, and deploying a second instantiation of the machine learning model to the first super node, executing the second instantiation of the machine learning model based on a first plurality of data streams within network traffic ingested at the first super node to generate one or more second outputs, the one or more second outputs including values representative of data stream characteristics and values representative of AI application node characteristics, sharing the one or more second outputs with a second super node in the edge environment, obtaining one or more third outputs from the second super node, the one or more third outputs generated from a third instantiation of the machine learning model executed at the second super node based on a second plurality of data streams within network traffic ingested at the second super node, the one or more third outputs including values representative of data stream characteristics and values representative of AI application node characteristics, and training the machine learning model using at least one of the one or more second outputs or the one or more third outputs to build a consensus nominal data stream pattern.
Example 30 includes the method of example 23, wherein the machine learning model is a first machine learning model, wherein the outputs are first outputs, wherein the threshold value is a first threshold value, including instantiating a deep data inspection node in the edge environment, the deep data inspection node to have access to the target data stream, verifying at least one feature in the target data stream corresponds to at least one of a target data stream characteristic or a target AI application node characteristic, selecting a second machine learning model trained on a feature set representative of at least one of at least one of the target data stream characteristic or the target AI application node characteristic, executing the second machine learning model over a period of time at the deep data inspection node based on the target data stream to generate one or more second outputs, the one or more second outputs including at least a third value representative of a deviation condition of the target data stream, and determining the one or more second outputs satisfy a second threshold value at least once over the period of time.
Example 31 includes the method of example 30, including deploying the trained second machine learning model across the deep data inspection node and one or more additional deep data inspection nodes in the edge environment, and training the second machine learning model with at least one nominal data stream pattern shared across the deep data inspection node and the one or more additional deep data inspection nodes.
Example 32 includes the method of example 30, including at least one of determining the deviation condition of the target data stream occurs less than or equal to a frequency threshold, determining the deviation condition of the target data stream occurs less than or equal to a frequency threshold at the one or more additional deep data inspection nodes, or determining the deviation condition of the target data stream does not meet at least one constraint, and causing at least one of a modification to the target data stream or a response to an attempt to consume the target data stream.
Example 33 includes the method of example 23, including in response to the alert being generated, at least one of tagging a portion of the target data stream with metadata, implementing a blockchain for at least one data point in the target data stream, or prohibiting consumption of the target data stream by the target AI application node.
Example 34 is edge server processor circuitry to perform the method of any of Examples 23-33.
Example 35 is an edge cloud processor circuitry to perform the method of any of Examples 23-33.
Example 31 is edge node processor circuitry to perform the method of any of Examples 23-33.
Example 32 is dedicated private network circuitry to perform the method of any of Examples 23-33.
Example 33 is a programmable location data collector to perform the method of any of Examples 23-33.
Example 34 is an apparatus comprising processor circuitry to perform the method of any of Examples 23-33.
Example 35 is an apparatus comprising one or more edge gateways to perform the method of any of Examples 23-33.
Example 36 is an apparatus comprising one or more edge switches to perform the method of any of Examples 23-33.
Example 37 is an apparatus comprising at least one of one or more edge gateways or one or more edge switches to perform the method of any of Examples 23-33.
Example 38 is an apparatus comprising accelerator circuitry to perform the method of any of Examples 23-33.
Example 39 is an apparatus comprising one or more graphics processor units to perform the method of any of Examples 23-33.
Example 40 is an apparatus comprising one or more Artificial Intelligence processors to perform the method of any of Examples 23-33.
Example 41 is an apparatus comprising one or more machine learning processors to perform the method of any of Examples 23-33.
Example 42 is an apparatus comprising one or more neural network processors to perform the method of any of Examples 23-33.
Example 43 is an apparatus comprising one or more digital signal processors to perform the method of any of Examples 23-33.
Example 44 is an apparatus comprising one or more general purpose processors to perform the method of any of Examples 23-33.
Example 45 is an apparatus comprising network interface circuitry to perform the method of any of Examples 23-33.
Example 46 is an Infrastructure Processor Unit to perform the method of any of Examples 23-33.
Example 47 is hardware queue management circuitry to perform the method of any of Examples 23-33.
Example 48 is at least one of remote radio unit circuitry or radio access network circuitry to perform the method of any of Examples 23-33.
Example 49 is base station circuitry to perform the method of any of Examples 23-33.
Example 50 is user equipment circuitry to perform the method of any of Examples 23-33.
Example 51 is an Internet of Things device to perform the method of any of Examples 23-33.
Example 52 is a software distribution platform to distribute machine-readable instructions that, when executed by processor circuitry, cause the processor circuitry to perform the method of any of Examples 23-33.
Example 53 is edge cloud circuitry to perform the method of any of Examples 23-33.
Example 54 is distributed unit circuitry to perform the method of any of Examples 23-33.
Example 55 is control unit circuitry to perform the method of any of Examples 23-33.
Example 56 is core server circuitry to perform the method of any of Examples 23-33.
Example 57 is satellite circuitry to perform the method of any of Examples 23-33.
The following claims are hereby incorporated into this Detailed Description by this reference. Although certain example systems, methods, apparatus, and articles of manufacture have been disclosed herein, the scope of coverage of this patent is not limited thereto. On the contrary, this patent covers all systems, methods, apparatus, and articles of manufacture fairly falling within the scope of the claims of this patent.
This patent claims the benefit of U.S. Provisional Patent Application No. 63/248,312, which was filed on Sep. 24, 2021. U.S. Provisional Patent Application No. 63/248,312 is hereby incorporated herein by reference in its entirety. Priority to U.S. Provisional Patent Application No. 63/248,312 is hereby claimed.
| Number | Date | Country | |
|---|---|---|---|
| 63248312 | Sep 2021 | US |
