November 4, 2016
False positives waste system administrators’ time, costing companies money and eroding confidence in the reliability of the insights gleaned from the industrial internet of things (IIoT). By incorporating human input into the feedback loop that informs their analytics models, companies can improve the IIoT, increase efficiency, and reduce costs.
False-positive alerts about technology system breaches and other problems cost companies too much time and money. False-positive malware alerts alone cost US organizations an average of $1.3 million per year. And 80 percent of system administrators say the most challenging part of their job is suppressing false alerts. It is not uncommon for IT administrators to attend to 50 or more alerts in a day.
False positives deter industrial internet of things adoption
A false positive occurs when a system reaches a conclusion that human system administrators either ignore or determine to be wrong. False positives are a major deterrent to the adoption of the industrial internet of things (IIoT) because they waste employees’ time and distract them from more important tasks, undermining confidence in IIoT systems.
The problem only gets worse with more data, because more data means more false alarms. As a result, many enterprises hesitate to add more data to their IIoT systems.
Reducing false alarms through human feedback
But by incorporating human feedback into the overall process, the system can learn over time which situations lead to false positives and can update its model to reduce them.
Smarter machines speed human decision making
Today, humans determine whether an alert is false, make observations, and can rewrite the rules to reduce false alerts. In the future, however, systems will become smarter all around, and with the help of machine learning, machines could make correlations that can reduce false alarms. Machines will also be able to provide recommendations to human operators, so they can revise the rules and more easily spot real problems faster.
Teaching machines to think like humans
Today, humans provide the key feedback about whether an alert is true or false. In the future, machines will be able to “learn” how to fill this role, reducing false positives and increasing our confidence in the reliability of the IIOT.
Improving analytics models
Another approach to reducing false positives is to look beyond just the alerts and correlate other key data, such as information about what causes the alert. If a system sends an alert about high humidity, for example, it would be good to know if the cause is a plumbing leak, a rainstorm, or something else. This approach will likely require adding more instrumentation to the system. For example, if the higher humidity is due to a burst pipe, installing leak sensors will allow the correlation of humidity with leak detection, providing a way to validate such alerts and improve confidence about the prediction.
The challenge is to strike a balance between false positives and false negatives. Ideally, companies will create analytical models that have predictive power as well as a manageable number of false positives and false negatives.
Achieving this balance depends on building a modeling framework that is robust, reliable, and economical. It comes down to how models are created from data, how they are validated, and how failure modes are identified, clustered, and labeled. A great deal of data science is at the heart of creating such a robust model.
IIoT solutions will catch on more quickly and provide real value when they are able to reduce the noise created by false positives and prioritize the signal, which should amount to the reliable, timely, actionable predictions that can be used to increase efficiency—and the company’s bottom line.