A method of managing alerts in a client instance associated with a configuration management database (CMDB) platform is disclosed. The method includes: receiving a request identifying a particular CI and a particular alert; identifying related CIs from a plurality of CIs associated with the client instance based on the particular CI and the particular alert; identifying alerts, incidents (INTs), changes (CHGs), and problems (PRBs) of the client instance that are associated with either the particular CI or the related CIs; determining frequency data for the alerts, INTs, CHGs, and PRBs associated with the particular CIs and frequency data for the alerts, INTs, CHGs, and PRBs associated with the related CIs; and sending a response that includes the frequency data for the alerts, INTs, CHGs, and PRBs associated with the particular CIs to be presented alongside the frequency data for the alerts, INTs, CHGs, PRBs associated with the related CIs.

An automated process identifies root causes of defects in a 5G wireless or other data processing system. A design studio or similar tool can be used to track information about one or more particular defects. Information collected could include, for example, results of simulated or actual data processing, technical conditions identified by a system monitor, defect insertion information, defect escape information, and the like. Defect data can be analyzed by an artificial intelligence or other logic to identify root cause attributes that gave rise to the defects. These attributes, in turn, can be used to locate new defects that would have otherwise remained undetected.

The present technology is directed to providing fault management with dynamic restricted access in a tenant network. The tenant network can be a private 5G cellular network or other wireless communication network. The present technology can identify a fault event within the tenant network based on received telemetry data, associate the fault event with a vendor component included in the tenant network, and generate a vendor fault context. The vendor fault context can be generated to include only the portion of telemetry data that is determined to be related to the fault event or the vendor component. The present technology can further use the vendor fault context to create a time-bound user account for remotely accessing the tenant network for fault triage and management. The time-bound user account can be associated to a static role-based access control (RBAC) scheme configured with access restrictions determined based on the vendor fault context.

Disclosed herein is a method for detection of a cyber-threat to a computer system. The method is arranged to be performed by a processing apparatus. The method comprises receiving input data associated with a first entity associated with the computer system, deriving metrics from the input data, the metrics representative of characteristics of the received input data, analysing the metrics using one or more models, and determining, in accordance with the analysed metrics and a model of normal behavior of the first entity, a cyber-threat risk parameter indicative of a likelihood of a cyber-threat. A computer readable medium, a computer program and a threat detection system are also disclosed.

Disclosed herein is a method for detection of a cyber-threat to a computer system. The method is arranged to be performed by a processing apparatus. The method comprises receiving input data associated with a first entity associated with the computer system, deriving metrics from the input data, the metrics representative of characteristics of the received input data, analysing the metrics using one or more models, and determining, in accordance with the analysed metrics and a model of normal behavior of the first entity, a cyber-threat risk parameter indicative of a likelihood of a cyber-threat. A computer readable medium, a computer program and a threat detection system are also disclosed.

A system, method, and computer program product are provided for a determining a network situation in a communication network. In use, at least one threshold value of at least one operational parameter of a communication network is obtained, the at least one operational parameter representing at least one operational status of at least one of a computational device or a communication device. Additionally, log data of the communication network is obtained, the log data containing at least one value of the at least one operational parameter reported by at least one network entity of the communication network. The at least one value of the at least one operational parameter of the log data is compared with a corresponding threshold value of the at least one threshold value to form a detection of a network situation. Further, the detection of the network situation is reported if the at least one value of the at least one operational parameter of the log data traverses the corresponding threshold value of the at least one threshold value.

Inducements are provided to customers to regularly connect back to a service provider and report usage that is expressed using a count of requests from a local computing device for cloud-based operations such as packet routing, container instantiation, virtual machine (VM) utilization, calls to a service or application, and the like. The count information is reported within a secure context, such as a trusted execution environment (TEE), using public-private key pair cryptography by which key derivation is dependent on some form of counting. For example, a customer computing device that is subject to a usage license encrypts an operation count and reports it to the service provider.

Inducements are provided to customers to regularly connect back to a service provider and report usage that is expressed using a count of requests from a local computing device for cloud-based operations such as packet routing, container instantiation, virtual machine (VM) utilization, calls to a service or application, and the like. The count information is reported within a secure context, such as a trusted execution environment (TEE), using public-private key pair cryptography by which key derivation is dependent on some form of counting. For example, a customer computing device that is subject to a usage license encrypts an operation count and reports it to the service provider.

The claimed system and method describes a root cause analysis system for a radio access network. Some aspects include automatic identification of possible causes for network issues, their ranking, determination of the root (main) cause and execution of related best actions, alerts and reporting in order to automatically identify, mitigate or eliminate the problem.

An example operation may include a method comprising one or more of receiving a VNFC module LCM request where the LCM request specifies a VNFC instance (VNFCI), a target VNFC module, and an LCM operation to be performed, comprising retrieving a VNFCI data entry, determining a target OS installation of the VNFCI, establishing a secure connection to a target OS on a VNFCI hosting VM/container, determining a default command for the LCM operation, adapting the default command to the target OS, executing the adapted command, normalizing a response code, and sending a response to the VNFC module LCM request.