Scientific Programming and Digital Twins in Medical InformaticsView this Special Issue
Quantitative Assessment Model of IT Operation and Maintenance Operation Risk Based on the Digital Twin Model
In recent years, with the popularization of computer and information network technology, the core business of more and more industries has basically realized informatization office. Although the informatization office has brought a lot of convenience to people, the increasingly complex informatization infrastructure equipment has also buried many hidden dangers for people. More and more security incidents are caused by unfamiliarity with these infrastructures. How to use the information infrastructure correctly has become a problem considered by more and more enterprise information security departments, and the position of IT operation and maintenance is born to solve this hidden danger. The IT (Internet Technology) operation and maintenance personnel of each enterprise formulate a set of operational risk quantitative assessment models for the enterprise based on the internal information infrastructure equipment of the enterprise so that the enterprise staff can use these infrastructure equipment efficiently and safely. This paper focused on the quantitative assessment model of IT operation and maintenance operation risk constructed by the digital twin model. The quantitative assessment model of IT operation and maintenance operation risk constructed by the digital twin model was compared with the quantitative assessment model of IT operation and maintenance operation risk constructed by other traditional models. The comparison results showed that the output results of the evaluation model constructed by the digital twin model were closer to the actual results, and the accuracy rate was 35.9% higher than that of the previous operational risk assessment model.
IT operation and maintenance can be said to be one of the hottest jobs in the IT industry today. With the continuous popularization and improvement of information construction, all walks of life are basically using IT-related equipment such as computers and other tools for office work. Some large enterprises even need to set up a management and office system belonging to their own company, which covers a series of large-scale equipment such as company system network, company system management equipment, and company website. Therefore, IT operation and maintenance are indispensable in any enterprise. It is almost an unstoppable trend to apply the digital twin model with higher prediction accuracy to the daily risk assessment of IT operation and maintenance. The quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model would bring better work convenience for IT operation and maintenance workers. For example, the higher accuracy of the digital twin model can make the prediction of risk events more accurate, thereby protecting the safety of grassroots workers and so on.
The digital twin model was first applied by National Aeronautics and Space Administration in space exploration missions in 1960, which can be said to have made great contributions to the early space exploration missions. With the continuous development of the technology of the digital twin model, its difficulty is also reduced, which has been studied by many companies. Stark et al. connected and extended the digital twin model with new data strings of product and service operations, which made the digital twin model change the traditional model of product development . Uhlemann et al. used the accuracy of the prediction results of the digital twin model to apply it in the production system to display various key data in data production in real time . Based on the digital twin model, Li et al. built a general diagnostic model for aircraft wings, which can diagnose and handle various types of discrete and continuous variables of distribution, as well as nonlinear relationships between nodes . Wang et al. combined 3D GIS (geographic information system) technology with a digital twin model to build a digital twin system of road traffic, which promoted the development of China’s traffic highways . Schleich et al. proposed a comprehensive reference system for the shape of skin models constructed from digital twins, which bridged the gap between real-world manufacturing and kept it as low as possible . Tao and Zhang discussed a new concept of real-time digital twin workshop (DTS) based on the digital twin model, including four components: physical workshop, virtual workshop, workshop service system, and workshop digital twin data, which catered to the urgent needs of smart manufacturing . Zhang et al. proposed a scheme for rapid and personalized production and design of insulating glass production lines based on the digital twin model, which combined physical system modeling and process data for coengineering analysis by production personnel . The theory of the current digital twin model is very mature, but due to its high requirements on machine computing power, it cannot be widely used in various fields.
With the continuous advancement of risk quantification techniques in recent years, it is no longer very difficult to predict the range of possible outcomes of an event or behavior. Risk quantification is the evaluation of the range of possible outcomes of the overall project by estimating the interaction of two or more different risks. The core content of risk quantification is to first determine which practices need to be carried out and which corresponding countermeasures need to be developed. In order to deal with a large number of correlated lane-specific traffic variables, Xu et al. studied the impact of different traffic flow conditions on collision casualties for different collision types by utilizing high-resolution traffic data. He also developed a four-stage random parameter sequential logistic regression model . In order to reduce the risk of mine closure due to negative social and environmental impacts, Cui et al. proposed a new risk assessment method based on a cloud model for the ambiguity and randomness of qualitative and quantitative knowledge transfer in the process of quantitative risk assessment. This provided an operational guideline for effectively reducing the negative impacts of closed mines . Akinrolabu et al. studied security and privacy issues in the widespread adoption of cloud computing services and presented the Cloud Supply Chain Cyber Risk Assessment Model (CSCCRA). This model is a quantitative risk assessment model that effectively facilitates cost-effective risk mitigation . In order to cope with the situation that the island state detection device cannot operate in time after the photovoltaic power station is put into operation in an island, Zhao et al. established an electromagnetic transient model of the photovoltaic power station. The theoretical analysis conclusion was verified by simulation, which provided a theoretical basis for stability risk assessment . In order to study the influence of sewage to affect waters, Crank et al. conducted a quantitative microbial risk assessment and developed a risk quantitative model that linked the risk of CRASSPHAGE and PMMOVABUNDACE and the risk of swimmers in the purposes . Papazoglou et al. proposed a model that quantifies the risk of workers exposed to a single hazard. The model can link working conditions and worker behavior to the likelihood that an accident would lead to one of three outcomes to reduce the likelihood of an accident occurring . Wang et al. took the many risk factors faced by Chinese coal-to-formaldehyde enterprises as an example. In order to reduce the uncertainty in its risk assessment process, risk quantification and the cloud model (CM) were used to improve the quantitative risk assessment of the original processing industry so that the risk quantification model would be more accurate and effective . However, the calculation of risk quantification technology is still very complicated, so it cannot be widely used in all walks of life.
This paper discussed and studied the possibility of the quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model in actual IT operation and maintenance work. According to surveys, experiments, and other methods, the improvement degree of the digital twin model for the quantitative assessment of IT operation and maintenance operational risks was obtained. In addition, this paper also initially constructed a simple quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model. This can not only provide an idea for the subsequent application of the digital twin model but also provide convenience for a large number of IT operation and maintenance workers, saving some time. At the same time, it greatly improved the safety of staff in other departments of the enterprise when they use the information equipment to work and also improved the operation efficiency of the enterprise.
2. Digital Twin Technology
Digital twin technology is the comprehensive use of information technologies such as perception, calculation, modeling, and the description and prediction of physical entities through the definition of software so as to realize the mapping and interaction between real space and virtual space . That is to say, some real-life problems or physical entities are virtualized through computer technology and put into virtual space for operation simulation to achieve some high-demand purposes.
In order to understand the digital twin technology, it is first necessary to learn the digital twin ecological structure . The first is the digital twin layer, which includes four layers: physical layer, data layer, model layer, and functional layer. The physical layer covers various entities in the real world as a foundation; the data layer, as a key layer, covers work tasks such as data collection, data processing, and data analysis; the model layer, as the core layer, mainly covers visualization models, algorithm models, and data model software; the final functional layer, as the target layer, mainly performs tasks such as description, diagnosis, prediction, and decision-making. The distribution map of the digital twin circle is shown in Figure 1.
The second thing to understand is the technical elements of digital twins, which mainly include two spaces and three key technologies. The two spaces refer to real space and virtual space. Real-world data can be mapped into virtual space, and strategies and results in virtual space can be fed back into real space. The information exchange between the two is real-time. The three key technologies mainly include data, models, and software. There are certain requirements for the three. For example, real-time and dynamic data, accurate models, and software adapted to current hardware are required. The entire digital twin technology is processed and analyzed around this data; the model is required to cover the visualization model and data model (algorithm model) .
Digital twin technology can be used in every industry. However, since the construction of digital twin technology requires huge resources and data for modeling, it is currently only used in large enterprises or some special industries, such as large-scale construction projects, projects with relatively high total value, large-scale civil equipment such as electricity, and so on. However, as China’s asset-intensive industries continue to undergo digital transformation and disruptive changes in traditional operation methods, more and more companies need to standardize and systematically manage assets, equipment, and processes. Digital twin technology can facilitate this normalization process, so digital twin technology would definitely be used by every industry in the future.
3. Quantitative Assessment Model of IT Operation and Maintenance Operation Risk
After a period of development, IT operation and maintenance have now entered a relatively stable stage, and its work content has also been carefully divided into multiple contents. Common daily work contents of IT operation and maintenance include ant patrol in hardware form, HP Operations Orchestration in software, IBM Tivoli, and others. The hardware form is mainly the daily operation and management within the IT department . The quantitative assessment model of IT operation and maintenance operation risk firstly supervises the operation status of network equipment, server equipment, and operating system under the jurisdiction; the second is the management of various application support software such as databases and other services; the next is data storage, backup, and data recovery after data loss; finally, it is to manage the resources of each IT system in the enterprise, including the management of physical entities or logic and the convenient management of enterprise information security. The other parts are responsible for the update iteration of the operation and maintenance software.
The power grid company’s operation and maintenance supervision system (IMS) is used as an example to comprehensively analyze the possible risk factors in its IT operation and maintenance operations and to evaluate the security of the system on this basis after the results are obtained. First of all, the operation and maintenance supervision system of the power grid company is divided into one management system and four subsystems. The management system mainly conducts centralized monitoring of various equipment and systems, while the subsystems (IT system monitoring management, IT service management, security management, and desktop management) mainly conduct detailed monitoring of each management task. This plays an important role in the streamlined and standardized management of the power grid IT system and at the same time provides a solid foundation for the system’s update and iteration. The operation and maintenance supervision system (IMS) of the power grid company is shown in Figure 2 .
The next step is to analyze the security risks of the power grid company’s operation and maintenance operations. The company manages the company’s operation and maintenance supervision system based on the ITSM system of ITIL/ISO 20000. ISO/IEC20000 is derived from the BS15000 standard. BS15000 is a standard developed by the British Standards Institute for IT service management, which first started in 1995. After several revisions, it became the ISO20000 information technology service management standard consisting of two parts and is widely accepted by IT service management. Its flow chart is shown in Figure 3. After researching and analyzing this flow chart, it is not difficult to see that there are security risks in incident management, problem management, change management, and configuration management. These four processes all have steps that must be manually operated. Therefore, how to simplify the risk prompt of IT operation and maintenance to facilitate the understanding of specific operators is a problem that must be solved first in the application of IT operation and maintenance [20, 21].
With the continuous development and progress of all walks of life in society, some hidden dangers in the process of industry development have also been exposed. How to effectively prevent these hidden dangers from happening again or prevent them from causing bigger mistakes is also being considered by more people. The risk quantitative assessment model is one of the main means to reduce or even solve such problems. The purpose of assessing risk is not to determine expected gains or expected losses but to grasp the ratio of the two. This estimated gain-to-loss ratio should exist in each alternative in this way to minimize the probability of security incidents [22, 23].
4. Algorithm Evaluation of the Risk Quantitative Assessment Model
China’s quantitative risk assessment models mainly include VaR (value at risk), KMV, CreditMetrics, error back propagation algorithm, multivariate linear judgment Z-score model, and so on.
Firstly, the VaR algorithm is analyzed. The core idea of the VaR algorithm is to calculate the maximum possible loss of an enterprise’s financial industry under normal market fluctuations . Although VaR’s prediction of losses is relatively accurate, there are still some problems: the VaR model is established under the guidance of economic theory, but economic theory does not clarify the dynamic relationship between variables. P represents the probability that the asset loss is less than the upper limit of possible losses, and represents the degree of value loss of an enterprise in a certain holding period; VaR represents the value at risk at a given confidence level a, then its core formula can be written as
First of all, VaR can simply and clearly express the size of market risk, and beginners can judge the financial risk of enterprises through the calculation of VaR. Secondly, the algorithm can estimate the risk before the event occurs for the enterprise’s reference. Finally, the VaR algorithm can calculate the risk of a portfolio composed of a combination of financial instruments, instead of only calculating the risk of a single financial instrument or product. The VaR algorithm can also calculate the price risk coefficient of the product.R is the rate of return, and P is the closing price; t is the time, and a is the 1-confidence level. The formula for calculating the risk of futures trading using the VaR algorithm can be obtained as follows:
Next is the KMV algorithm model, which is mainly used to calculate the probability of default for short-term events. The KMV algorithm is sufficiently forward-looking compared with other algorithms, but its key default database is missing in China. Therefore, there are limited reference data in China, which leads to limited accuracy.
The formula for calculating the probability of default of a company isIn formula (5), represents the value of an underlying stock, and D represents the face value of debt. Its value with or without risk is calculated as follows:
According to the KMV algorithm, formulas (7) and (8) can be derived from formula (6), and then the probability of default PD under the risk neutrality of the enterprise can be calculated. The calculation of is shown in the following formula :
The KMV algorithm can also calculate the default implementation point PD of the company from the company’s debt situation.
Although the CreditMetrics algorithm is also calculated based on the VaR algorithm, its solution idea is different from the VaR algorithm. The CreditMetrics algorithm has its own set of methods to obtain the distribution law of portfolio value risk.Among them, represents the inflow interest in year n and so on. F represents the principal, and represents the forward interest rate in the nth year, then its market value can be calculated by formula (11).
Formula (12) is used to calculate the market value at the end of the period corresponding to the credit rating at the end of the period.
The risky market value of credit assets is calculated by formula (13), where M represents the default recovery rate.
Next, the error back propagation algorithm is introduced. The error back propagation algorithm realizes the linear classification problem through a single perceptron or a single-layer neural network and can solve the nonlinear classification problem through a multilayer neural network. The weight of each connection and the threshold of each neuron are calculated by the model parameters in the neural network. The main advantage is that the algorithm has certain generalization and generalization capabilities, and the disadvantage is that the algorithm has a slow learning speed, and the possibility of network training failure is high. Its main formulas such as formulas (15) and (16) are as follows:
First, the activation functions of the hidden layer and the output layer are operated using the sigmoid function, and the input value accepted by the neurons of the hidden layer is X.
Second, a linear transformation is performed, and the obtained result is used as the input of the activation function to generate the result of the hidden layer.
Then, the output of the hidden layer accepted by the output layer neuron is used as the input of the next point, which is linearly transformed again.
Finally, the output of formula (19) is used as the input data of the activation function of the next node to generate the final output result.
The above are several algorithms commonly used in risk quantitative assessment models. The rest of the regression models such as the multivariate linear judgment Z-score model are not used in this article, so they would not be introduced.
5. Experiment on the Quantitative Assessment Model of IT Operation and Maintenance Operation Risk Based on Digital Twin
In order to test whether the accuracy of the quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model has been greatly improved compared with the traditional one, this paper investigated the output results of some enterprises in various countries using the previous quantitative assessment model of IT operation and maintenance operation risk. The same data were input into the quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model for calculation, and the result was output. The results output by the two models were compared with the real results. The margins of error were analyzed and compared, and the data were tabulated, which is easier to see the specific effect of model optimization.
Most IT operation and maintenance operations consist of a set of activities with strong logical relationships, which can be based on the content of the operation and the characteristics of the activities. It is divided into different phases or steps, each of which may contain one or more operations. Generally speaking, a complete operation process needs to be prepared in advance and the prediction of possible risks. After the operation is completed, the effect of the operation needs to be checked to see whether it has achieved the expected goal of the operation. Finally, the operation is recorded and archived. The IT operation and maintenance industry has been developing rapidly in recent years with the continuous popularization of global information technology. The global market size of IT operation and maintenance in recent years is shown in Figure 4.
With the development of Chinese enterprises, China’s IT operation and maintenance market has also grown steadily in recent years. The proportion of monitoring analysis, delivery automation, standardized management, and other categories has steadily increased. In recent years, enterprises have also gotten rid of the dependence on the quantitative assessment model of IT operation and maintenance operation risk in other countries, such as ITOM, ITOA, and Docker, and other countries’ IT operation and maintenance operation risk quantitative assessment software. Through continuous updating and iteration of the quantitative assessment model of IT operation and maintenance operation risk established according to the characteristics of the enterprise itself and development planning goals, the enterprise operation and maintenance process is optimized. The IT operation steps of the enterprise are standardized, and the process efficiency of IT operation and maintenance operations to the grassroots level is improved; the time from the calculation of specific results in the risk quantitative assessment model to the implementation of the enterprise is shortened, and the proportion of manual intervention is reduced. Its growth trend is shown in Figure 5.
The quantitative assessment model of IT operation and maintenance operation risk optimized based on the digital twin model can not only help China to rapidly develop the IT operation and maintenance industry but also quickly seize the international market with its high calculation accuracy. The calculation method of risk quantitative assessment is still relatively subjective. Its prediction accuracy is very insufficient, and the digital twin model builds the same physical scene in the virtual world of the computer. By using the powerful computing power of the computer to perform simulation calculations again and again, the calculation results obtained are not only close to reality but also faster than traditional risk quantification models. In order to make the risk assessment probability as accurate as possible, the enterprise can also integrate the security event management in the enterprise and the statistical information of the past IT operation and maintenance operation accidents so as to establish a larger virtual model of the enterprise itself for all-round simulation. This ensures the security of enterprise IT operations.
Based on the comparison of the actual operation results of the existing quantitative assessment model of IT operation and maintenance operation risk in China and the quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model and the results of handling several common problems in the current IT operation and maintenance industry, it can be concluded that the digital twin model-based IT operation and maintenance operational risk quantitative assessment model is superior to the previous accuracy rate, as shown in Figure 6.
According to the results of the appeal comparison experiment combined with the formula of the quantitative risk assessment model, it can be calculated that the accuracy of the quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model was 35.9% higher than that of the traditional quantitative assessment model of IT operation and maintenance operation. It can be seen that the quantitative assessment model of IT operation and maintenance operation risk built by the digital twin model has greatly improved the efficiency of the daily work of IT operation and maintenance staff.
With the continuous development of computer emerging technologies and the increasing complexity of enterprise IT business department systems, IT operations and maintenance are rapidly changing. At the same time, digital twin technology, as an important technology for realizing digital transformation, has always been concerned by many industries. At present, it has moved from the theoretical research stage to the application stage. Through the combined interaction of virtual and reality closed-loop, model problems such as monitoring, simulation, prediction, and optimization are realized. This paper constructed a quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model. This model optimized the shortcomings of low final result accuracy and low efficiency in the traditional IT operation and maintenance operational risk quantification model. In addition, the model can be used forever after being built once. It is convenient for maintenance personnel to update and iterate the model and save a lot of modeling costs for enterprises. Finally, this paper compared the traditional quantitative assessment model of IT operation and maintenance operation risk with the quantitative assessment model of IT operation and maintenance operation risk based on the digital twin model, which can make the algorithm optimization effect easier to understand. How to carry out effective and scientific risk quantitative assessment not only requires the progress of theoretical models, but it also requires massive basic data models as the cornerstone. These “cornerstones” should be one of the long-term works that every enterprise continuously explores and accumulates.
No data were used to support the findings of the study.
Conflicts of Interest
The authors declare no conflicts of interest.
This work was supported by the Key Scientific Research Platform and Scientific Research Project of Guangdong Universities in 2018 “RESEARCH on IT Operation and Maintenance Operation Risk Assessment Model and Method” (2018GWQNCX118).
C. Q. Cui, B. Wang, and Y. X. Zhao, “Risk management for mine closure: a cloud model and hybrid semi-quantitative decision method,” Journal of Mineral Metallurgy and Materials: English Edition, vol. 27, no. 8, pp. 150–164, 2020.View at: Google Scholar
K. Crank, S. Petersen, and K. Bibby, “Quantitative microbial risk assessment of swimming in sewage impacted waters using CrAssphage and pepper mild mottle virus in a customizable model,” Environmental Science and Technology Letters, vol. 6, no. 10, pp. 571–577, 2019.View at: Publisher Site | Google Scholar
J. Lee, “Integration of digital twin and deep learning in cyber-physical systems: towards smart manufacturing,” Journal of Physics: Conference Series, vol. 2020, no. 8, pp. 901–910, 2020.View at: Google Scholar
Z. Wang, J. Wang, Z. Wang, and Y. Hu, “Characterization and implication of edge WebAssembly runtimes,” in Proceedings of the 2021 IEEE 23rd Int Conf on High Performance Computing & Communications; 7th Int Conf on Data Science & Systems; 19th Int Conf on Smart City; 7th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys), pp. 71–80, IEEE, Haikou, Hainan, China, 2021, December.View at: Google Scholar