Abstract
Functional dependencies in complex technical infrastructures can cause unexpected cascades of failures, with major consequences on availability. For this reason, they must be identified and managed. In recent works, the authors have proposed to use association rule mining for identifying functional dependencies in complex technical infrastructures from alarm data. For this, it is important to have adequate metrics for assessing the effectiveness of the association rules identifying the functional dependencies. This work demonstrates the limitations of traditional metrics, such as lift, interestingness, cosine and laplace, and proposes a novel metric to measure the level of dependency among groups of alarms. The proposed metric is compared to the traditional metrics with reference to a synthetic case study and, then, applied to a largescale database of alarms collected from the complex technical infrastructure of CERN (European Organization for Nuclear Research). The results confirm the effectiveness of the proposed metric of evaluation of association rules in identifying functional dependencies.
Similar content being viewed by others
Avoid common mistakes on your manuscript.
1 Introduction
Functional Dependencies (FDEPs) play a crucial role in the operation of Complex Technical Infrastructures (CTIs) but can also constitute channels of vulnerability through which failures can cascade (Johansson and Hassel 2010; Eusgeld et al. 2011; Kröger and Zio, 2011; Zio, 2016a, b; Hickford et al. 2018; Azzolin et al. 2018; Huai et al. 2018; Cantelmi et al. 2021). In fact, local malfunctions or perturbations can propagate, due to FDEPs, through groups of dependent components, originating unexpected cascades of failures across systems, which can lead to largescale consequences of CTI unavailability and event unexpected damages of equipment (Johansson and Hassel 2010; Eusgeld et al. 2011; Kröger and Zio, 2011; Moura et al. 2015; Zio 2016a, b; Antonello et al. 2019). Examples of CTIs which can be affected by FDEPs are electric power grids, natural gas pipelines, water distribution networks, transportation networks, large research facilities and internet communication networks (Zhang et al. 2016; Ballantyne et al. 2018; Li and Liu 2018). One evidence of cascading failures caused by FDEPs in CTIs is the power blackout that triggered a shortage of water supply and propagated by inducing malfunctions and failures in other critical infrastructures in the eastern USA on 14th August 2003. Similarly, in India, a major blackout triggered by a power relay failure led to water supply and oil supply interruption communications interruption, and serious traffic congestion, which paralyzed the region for a long period of time (Jin et al. 2017). Other examples include the 1998 Canada ice storm (Chang et al. 2007), the 2001 US World Trade Center attack (Mendonça & Wallace, 2006), the 2003 North American blackout (U.S.Canada Power System Outage Task Force, 2004), the 2010 Chile earthquake and tsunami (Wen et al. 2010) and the power blackout resulted from Hurricane Sandy in 2012, which led to a loss of water supply in New York City.
Traditional methods for FDEPs identification typically require a deep knowledge of the systems, including its logic and structure function. In practice, this is not easy to retrieve for complex and evolving CTIs (Billinton and Allan, 1992; Xing et al. 2014). Recent works have explored the possibility of using datadriven methods applied to alarm messages collected by supervision systems (Serio et al. 2018; Antonello et al. 2019). An Association Rule Mining (ARM) method which scan alarm databases to identify FDEPs and groups of functionally dependent components has been proposed in (Antonello et al. 2021a). The method relies on an Aprioribased algorithm (Srikant and Agrawal 1996) that extracts patterns of alarms frequently occurring together and derives the association among them in the form of “if (condition) then (consequence)” rules. An association rule is considered only if the frequency of occurrence of the involved alarms is larger than a predefined threshold, called minimum support, and if the conditional probability of occurrence of the consequence given the condition is larger than a predefined threshold, called minimum confidence (Srikant and Agrawal, 1996; Hui et al. 2005). On the other hand, the identification of rare functional dependencies related to cascading malfunctions and perturbations for vulnerability analysis (Antonello et al. 2021b), requires using small values of minimum support with the consequences of a) finding many spurious rules, i.e. rules including alarms that do not belong to a real FDEP but are included by chance (Zhang et al. 2016; Hämäläinen and Webb 2019; Antonello et al. 2022) and b) finding a very large number of rules (Van Leeuwen and Galbrun, 2015; Marinica and Guillet, 2010). Therefore, the generated rules must be postprocessed to identify the FDEPs of interest by experts of the system. This labour intensive task can, in principle, be alleviated by using metrics, such as confidence, lift, interestingness, cosine and laplace, that have been proposed to assess the strength of association rules (Benites and Sapozhnikova 2014; Luna et al. 2018). However, these metrics, which consider statistical properties of the data, such as the probability of occurrence of a rule in the database, the cooccurrence probability of the condition given the consequence part (and vice versa) and the probability of occurrence of the condition and/or the consequence (Luna et al. 2018), are not tailored on the user necessities (Mathu et al. 2011). In practice, they application to the identification of FDEPs do not guarantee that the interesting rules, such as those rare and without spurious alarms, will be extracted (Marinica and Guillet, 2010). Moreover, as suggested in (Mathu et al. 2011), rule postprocessing should be based on user necessities.
In this context, the objective of this work is twofold: (1) analyse the effectiveness and make emerge the limitations of the traditional metrics used to evaluate the association rules identifying FDEPs; (2) propose a novel metric to effectively i) identify FDEPs from alarm data, but also ii) discriminate between spurious and actual FDEPs. The proposed metric is constructed considering the definition of conditional probability and the need of avoiding the inclusion of spurious alarms in functionally dependent groups.
The main contributions of the work are:
the analysis and the identification of criticalities in the postprocessing approach based on metrics of association rule quality with respect to FDEPs identification;
the proposal of a metric for discovering groups of nonspurious, functionally dependent alarms.
The effectiveness of the proposed metric is analysed by comparison with the most commonly used metrics for association rules considering i) a synthetic case study and ii) a largescale database of alarms generated by different supervision systems of a representative subset of the CTI of CERN.
The remainder of the paper is organized as follows: Sect. 2 describes the context of the work and introduces the association rules mining. In Sect. 3, the proposed metric is presented. Section 4 discusses the case studies and the obtained results. Finally, Sect. 5 draws some conclusions and recommends potential future lines of work.
2 Context of the work
2.1 Complex technical infrastructure
In this work, a CTI composed by \({N}_{c}\) components is considered together with a database of a large number of alarm messages,\({N}^{al}>>1\), generated during its operation over a long period of time [\({t}_{0}, {t}_{f}\)]. The generic ith alarm message is associated to the pair \({(t}_{i}{, m}_{i})\) of the time \({t}_{i}\) at which the alarm of type \({m}_{i}\) occurs. Assuming that there are \({M}_{j}^{al}\) types of alarms associated to the generic jth component, \({c}_{j}\), a label \({a}_{j}^{k}\) is introduced for the kth type of alarm message associated to component \({c}_{j}\). The set \(A\) containing all types of alarm messages in the database is:
and the total number of types of alarm messages is:
Following (Antonello et al. 2019), the overall time interval [\({t}_{0}, {t}_{f}\)] during which the alarm messages have been collected is subdivided into \(Z\) consecutive small time intervals of the same length \(\Delta t=\frac{{t}_{f}{t}_{0}}{Z}\) and a Boolean variable, \({s}_{j}^{k}(z)\), \(z=1,\ldots ,Z\), is associated to the occurrence of alarm \({a}_{j}^{k}\) in the zth time interval:
The state of the CTI during the generic zth time interval is represented by the Boolean vector:
According to this notation, the database of alarms \({(t}_{i}{, m}_{i}), i=1,\ldots ,{N}^{al}\), is represented by the Boolean matrix:
whose generic zth row refers to the state of the CTI during the zth time interval. Therefore, T provides a dynamic representation of the CTI state evolution in the time interval [\({t}_{0}, {t}_{f}\)].
3 Association rules mining
Association rules mining algorithms have been used for identifying FDEPs in relational databases (Sánchez et al. 2008; Yao and Hamilton 2008) and have been tailored in (Antonello et al. 2019) to identify FDEPs from alarm data collected in CTIs. Considering a pattern (subset) of alarms \(X\subseteq A\), an association rule is a probabilistic logical expression of the form \({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}},{x}^{{\varvec{a}}}\subset X, {y}^{{\varvec{a}}}=X{x}^{{\varvec{a}}}\), representing the conditional cooccurrence of the two subsets, \({x}^{{\varvec{a}}}\) and \({y}^{{\varvec{a}}}\), of the pattern \(X\subseteq A\), where \({x}^{{\varvec{a}}}\) and \({y}^{{\varvec{a}}}\) are referred to as “antecedent” and “consequent” of the rule, respectively (Srikant and Agrawal, 1996; Hui et al. 2005). Let \(n(X)\) be the counter of the number of vectors \(\overrightarrow{\mathcal{T}}(z)\) of the database \(T=\left[\begin{array}{l}\overrightarrow{\mathcal{T}}(1)\\ \ldots \\ \overrightarrow{\mathcal{T}}(Z)\end{array}\right]\) characterized by the occurrences of at least all the alarms of X (i.e., \({\forall a}_{j}^{k} \subset X, { s}_{j}^{k}\left(z\right)=1\)) and \(S\left(X\right)\) be the support of X, which represents an estimation of its probability of occurrence, \(P\left(X\right)\):
The expression \({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\) is an association rule if:
a) the support of X is larger than a minimum support threshold \(ms\):
b) the confidence of the rule \({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\) is larger than a minimum confidence threshold \(mc\):
where the confidence is an estimate of the conditional probability of occurrence \(P({y}^{{\varvec{a}}}{x}^{{\varvec{a}}})\) of the subset \({y}^{{\varvec{a}}}\) given the occurrence of \({x}^{{\varvec{a}}}\).
In this work, the Apriori algorithm is used for association rules mining (Srikant and Agrawal 1996; Zaki 2000; Witten and Frank 2016; Antonello et al. 2021a). It is based on the two steps of:
Identification of frequent subsets of alarms, \({X}^{fp}\subseteq A\) characterized by a support larger than \(ms\), i.e., \(S\left({X}^{fp}\right)>ms\);
Extraction of association rules \({x}^{\boldsymbol{a}} \Rightarrow {y}^{\boldsymbol{a}},{x}^{\boldsymbol{a}} \subset {X}^{fp}, {y}^{\boldsymbol{a}}={X}^{fp}{x}^{\boldsymbol{a}}\) from the frequent subsets of alarms identified in 1). An association rule should satisfy the confidence condition \(C\left({x}^{\boldsymbol{a}}\,\,\Rightarrow \,\,{y}^{\boldsymbol{a}}\right)>mc.\)
4 Association rules metrics
The effectiveness of an association rule, \({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}},{x}^{{\varvec{a}}}\subset X, {y}^{{\varvec{a}}}={x}^{{\varvec{a}}}\), is typically evaluated considering adhoc defined metrics, such as the lift (Luna et al. 2018), interestingness (Ghosh and Nath, 2004), cosine (Luna et al. 2018) and laplace (Geng and Hamilton, 2006).
The lift metric is defined as:
The numerator is the probability of the joint occurrence of the antecedent and the consequent (\(P\left(\mathrm{X}\right))\) and the denominator represents the same quantity, but under the hypothesis of independence between antecedent and consequent (i.e., \(P\left({x}^{{\varvec{a}}}\right)\cdot P\left({y}^{{\varvec{a}}}\right))\). Then, the lift measures the mutual dependency among the alarms in the rule antecedent and consequent parts (Luna et al. 2018). The larger the lift, the stronger the mutual dependency among \({x}^{{\varvec{a}}}\) and \({y}^{{\varvec{a}}}\). In particular, values of lift equal to (lower than) 1, indicate that the rule antecedent and consequent parts are uncorrelated (negatively correlated). The value of lift can be estimated from a dataset of alarms as:
Cosine is a metric derived from the lift (Luna et al. 2018):
whose main difference with lift and cosine is that its estimate:
is not proportional to the total number of time intervals Z in the database (Luna et al. 2018).
Another metric proposed to evaluate the strength of a rule is the Interestingness (Ghosh and Nath, 2004):
which is proportional to the following three quantities: 1) how much the consequent is dependent on the antecedent (i.e., \(Conf\left({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\right))\), 2) how much the antecedent is dependent on the consequent (i.e., \(Conf\left( {y}^{{\varvec{a}}} \Rightarrow {x}^{{\varvec{a}}}\right))\), and 3) how rare is the rule (i.e., \(\left(1P\left(X\right)\right))\). According to this metric, the most interesting rules are characterized by a strong mutual dependency between antecedent and consequent and are rare.
Finally, we consider the Laplace metric, which is a metric specifically derived from confidence to account for statistical fluctuations when the support is estimated from databases:
This metric is monotone in both support and confidence, and has been proven to be useful to identify only rules with large support and confidence at the same time (Geng and Hamilton, 2006).
Table 1 reports the main metrics proposed for evaluating association rules, considering both their probabilistic formulation and their estimation from a database.
5 A novel metric for evaluating association rules identifying FDEPs
5.1 Probabilistic description of FDEPs
According to (Etesami and Kiyavash 2017), two components of a system are functionally dependent if the operation of one is influenced by the operation of the other. Notice that functionally dependent components are usually causally related and FDEPs are unidirectional, e.g., a compressor requires the functioning of the electrical systems to work properly, whereas the electrical system do not require the functioning of the compressor to operate. However, although the occurrences of malfunctions and failures triggered by FDPEs are temporally ordered, e.g. the malfunction of the electric system precedes the malfunction of the compressor, several methods for the identification of FDEPs, such as those based on the extraction of association rules from alarms (Serio et al. 2018; Antonello et al. 2020) or traditional parametric models for root cause of failures analysis, such as beta factor model, binomial failure rate model etc. (Mosleh, 1991; Zio, 2009; O'Connor and Mosleh, 2016), do not consider the temporal order of the chains of events involved in the FDEPs. Similarly in this work we focus only on the identification of the group of functionally dependent components involved in the FDEPs, which can be successively analysed by operators and experts to reconstruct the causal chain of events, or processed by adhoc algorithms tailored to identify causal relationships from groups of alarms (Antonello et al. 2020).
Considering alarm messages triggered when components have abnormal behaviours or nonnominal performances for the relevant operating mode, two generic components of a CTI, \({c}_{1}\) and \({c}_{2}\), are assumed to be functionally dependent if an abnormal behaviour of component \({c}_{1}\), revealed by an alarm,\({a}_{1}^{k}\), increases the probability of occurrence of a malfunction of components \({c}_{2}\), revealed by another alarm,\({a}_{2}^{k}\), or viceversa.
From the probabilistic point of view, the two malfunctions revealed by the alarms \({a}_{1}^{k}\) and \({a}_{2}^{k}\), whose probabilities of occurrence are \({P(a}_{1}^{k})\) and \({P(a}_{2}^{k})\), are functionally dependent if the probability of their cooccurrence, \({P(a}_{1}^{k}\cap {a}_{2}^{k})\), is:
In general, considering a pattern of R alarms \({X}_{FDEP}=\left\{{a}_{{j}^{1}}^{{k}^{1}}, \ldots , {a}_{{j}^{R}}^{{k}^{R}}\right\}\) triggered by a functional dependency, its probability of occurrence is:
Therefore, in case of functional dependency among the alarms of \({X}_{FDEP}\), the ratio:
is expected to be larger than 1. In particular, the stronger the dependency among the alarms of the pattern \({X}_{FDEP}\), the larger the ratio \({I}_{{X}_{FDEP}}\). The index \({I}_{{X}_{FDEP}}\) is defined as the lift of the itemset \({X}_{FDEP}\) and used as metric to assess dependencies among the items of an association rule. If the probability of occurrence of a generic pattern \(X=\left\{{a}_{{j}^{1}}^{{k}^{1}}, \ldots , {a}_{{j}^{R}}^{{k}^{R}}\right\}\) is estimated from the alarm database using its support, Eq. 15 becomes:
6 A novel metric
A drawback of the index \({\widehat{I}}_{X}\) is that it does not allow distinguishing the presence of a spurious (independent) alarm within a group of functionally dependent alarms. Let us consider a pattern \({X}_{S}\) made by R functionally dependent alarms \({X}_{FDEP}=\left\{{a}_{{j}^{1}}^{{k}^{1}}, \ldots , {a}_{{j}^{R}}^{{k}^{R}}\right\}\) and a spurious alarm \({a}_{js}^{ks}\), i.e. \({X}_{S}={X}_{FDEP}\cup {a}_{js}^{ks}\). By applying Eq. 15, the index \({I}_{{X}_{S}}\) is:
Considering the statistical fluctuation in the occurrence of the alarms, it may occur that \({\widehat{I}}_{{X}_{FDEP}}<{\widehat{I}}_{{X}_{S}}\) and, therefore, the index \({\widehat{I}}_{X}\) can provide misleading information on the FDEPs.
Notice that in case of FDEP among a pattern of alarms \({X}_{FDEP}=\left\{{a}_{{j}^{1}}^{{k}^{1}}, \ldots , {a}_{{j}^{R}}^{{k}^{R}}\right\}\), the probability of occurrence of each malfunction \(P({a}_{{j}^{r}}^{{k}^{r}})\), \(r=1, \ldots\), R, can be decomposed into:
where \({{P}_{{X}_{FDEP}}(a}_{j}^{k})\) and \({{P}_{Ind}(a}_{j}^{k})\) are the probabilities that \({a}_{j}^{k}\) occurs due to the FDEP and due to an event independent of the FDEP, respectively (Mosleh, 1991; Zio, 2009; O'Connor and Mosleh, 2016). In this work, where we are interested in rare FDEPs, we assume that the probability of occurrence \(P({X}_{FDEP})\) is greater than a fraction \(\alpha \in [0, 1]\) of the total probability of occurrence \(,{P(a}_{j}^{k})\) of each alarm\({a}_{j}^{k}\):
This assumption is motivated by: a) the probability that a generic alarm \({a}_{j}^{k}\) occurs due to the rare FDEP is typically very close to the probability of occurrence of the whole pattern involved in the FDEP \({X}_{FDEP}\), \({{P}_{{X}_{FDEP}}(a}_{j}^{k})\approx P({X}_{FDEP})\), and b) to make possible the identification of the FDEP, its probability of occurrence \(P({X}_{FDEP})\) should be larger than the probability of the cooccurrence (by chance) of the generic alarm \({a}_{j}^{k}\) and a spurious alarm \({a}_{js}^{ks}\), \(P\left({X}_{FDEP}\right)>{P(a}_{j}^{k})\cdot P({a}_{js}^{ks})\).
Consequently, if we consider a spurious alarm, \({a}_{js}^{ks}\) and a rare FDEP \({X}_{FDEP}=\left\{{a}_{{j}^{1}}^{{k}^{1}}, \ldots , {a}_{{j}^{R}}^{{k}^{R}}\right\}\) with \(P\left({X}_{FDEP}\right)<\alpha\), the above mentioned assumption are not valid and, therefore, the cooccurrence probability,\(P\left({X}_{S}\right),\) \({X}_{S}={X}_{FDEP}\cup {a}_{js}^{ks}\), does not satisfy Eq. 21:
In this light, we define a novel metric for the evaluation of association rules identifying FDEPs:
where \({max}_{{a}_{j}^{k}\in X}\left(P\left({a}_{j}^{k}\right)\right)\) is the largest support among the alarms of \(X\). Notice that given a pattern of alarm \(X\), if the alarm with the largest support in \(X\), \({max}_{{a}_{j}^{k}\in X}\left(P\left({a}_{j}^{k}\right)\right)\), satisfies Eq. 21, also the other alarms satisfy it. In particular, given a generic rule \({r}_{FDEP}:\{{{x}^{{\varvec{a}}}}_{FDEP}\to {{y}^{{\varvec{a}}}}_{FDEP}\}\) which describes a real functional dependency involving the pattern of alarms \({{X}_{FDEP}={x}^{{\varvec{a}}}}_{FDEP}\cup {{y}^{{\varvec{a}}}}_{FDEP}\), the metric \({I}_{FDEP}({X}_{FDEP})\) is larger than 1. On the other hand, if we consider a spurious rule, \({r}_{S}:\{{{x}^{{\varvec{a}}}}_{S}T\to {{y}^{{\varvec{a}}}}_{S}\}\), \({{X}_{S}={x}^{{\varvec{a}}}}_{S}\cup {{y}^{{\varvec{a}}}}_{S}\), including the alarm set \({X}_{FDEP}\) and another alarm \({a}_{js}^{ks}\) that does not belong to the actual functional dependency, i.e. \({X}_{S}={X}_{FDEP}\cup {a}_{js}^{ks}\), \(\alpha *{max}_{{a}_{j}^{k}\in {X}_{S}}\left(P\left({a}_{j}^{k}\right)\right)\) is larger than the probability of occurrence of the pattern \({X}_{S}\) and, therefore, the value of the metric \({I}_{FDEP}({X}_{S})\) is equal to 0.
Then, similarly to the metrics presented in Sects. 3.1 and 2.2 for which the probability of occurrence of a generic pattern X is estimated from the alarm database using its support, Eq. 23 becomes:
The proper setting of the parameter \(\alpha\) should consider that, in practice, frequent functional dependencies are typically already known, whereas the rare ones are more likely to be unknown and relevant for CTI vulnerability (Lee et al. 2005; Antonello et al. 2019). Thus, considering Eq. 24, the use of a large value for \(\alpha\) would drive the search to discover mainly the frequent FDEPs, with the risk of not identifying the rare FDEPs. On the opposite, some spurious patterns could be identified as actual FDEPs using very small values of \(\alpha\). For example, given a functionally dependent group of alarms \({X}_{FDEP}\) with support \(S\left({X}_{FDEP}\right)=0.01\) and a spurious alarm \({a}_{js}^{ks}\) with support \(S\left({a}_{js}^{ks}\right)=0.05\), their cooccurrence probability \(P\left({X}_{S}\right)=P\left({X}_{FDEP}\right)\cdot P\left({a}_{js}^{ks}\right)\), satisfies Eq. 20 when \(\alpha\) is lower than 0.001, i.e. \(P\left({X}_{FDEP}\right)\cdot P\left({a}_{js}^{ks}\right)\)= \(0.005>\alpha \cdot P\left({a}_{js}^{ks}\right)\).
7 Analysis of the effectiveness of the proposed metric in quantifying the interestingness of a rule
The effectiveness of a metric in quantifying the interest of a rule is typically verified considering various properties (PiatetskyShapiro 1991; Luna et al. 2018). In particular, (PiatetskyShapiro 1991) suggested that any quality metric M defined to quantify the interest of an association rule should be able to separate strong rules from weak ones by assigning larger values to the former. Also, M should verify the following three specific properties:
\(M({x}^{\boldsymbol{a}}\,\,\Rightarrow \,\,{y}^{\boldsymbol{a}})\) of an association rule \({x}^{\boldsymbol{a}}\,\,\Rightarrow \,\,{y}^{\boldsymbol{a}}\) extracted from the database by chance should be 0;
\(M({x}^{\boldsymbol{a}}\,\,\Rightarrow \,\,{y}^{\boldsymbol{a}})\) should monotonically increase with \(P\left(X\right)\) when \({P(x}^{\boldsymbol{a}})\) and \(P({y}^{\boldsymbol{a}})\) remain constant. This guarantees that the larger the correlation among the rule antecedent \({x}^{\boldsymbol{a}}\) and consequent \({y}^{\boldsymbol{a}}\), the more interesting the rule \({x}^{\boldsymbol{a}}\,\,\Rightarrow \,\,{y}^{\boldsymbol{a}}\);
\(M({x}^{\boldsymbol{a}}\,\,\Rightarrow \,\,{y}^{\boldsymbol{a}})\) should monotonically decrease when \({P(x}^{\boldsymbol{a}}) \,(P({y}^{\boldsymbol{a}}))\) increases if \(P\left(X\right) \,{\text{and}} \mathrm{P}({y}^{\boldsymbol{a}})\, (P\left({x}^{\boldsymbol{a}}\right))\) remain unchanged. This guarantees that the rarer is the antecedent, \({x}^{\boldsymbol{a}}\), (or consequent,\,\({y}^{\boldsymbol{a}}\)), the more interesting is the rule.
Considering the metric \({I}_{FDEP}\), with respect to an association rule \({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}},\) \({y}^{{\varvec{a}}}\cup {x}^{{\varvec{a}}}=X\), involving the alarms \({a}_{j}^{k}\in X\), property 1 is satisfied since \({I}_{FDEP}({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}})\ne 0\) only if all the alarms \({a}_{j}^{k}\in X\) are functionally dependent. With respect to property 2, when the denominator of the expression of \({I}_{FDEP}\left({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\right)\), \({\prod }_{{a}_{j}^{k}\in X}P({a}_{j}^{k})\), remain constant, \({P(x}^{{\varvec{a}}})\) and \(P({y}^{{\varvec{a}}})\) remain constant, and, therefore, the larger \(P\left(X\right)\), the larger \({I}_{FDEP}\left({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\right)\). Similarly, for what concerns property 3, when \(P(X)\) is fixed, \({I}_{FDEP}\left({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\right)\) is proportional to \(1/{P(a}_{j}^{k})\), and therefore, when \({P(x}^{{\varvec{a}}})\) (or \(P({y}^{{\varvec{a}}})\)) decreases, \({\prod }_{{a}_{j}^{k}\in {x}^{{\varvec{a}}}}P({a}_{j}^{k})\) decreases, and \({I}_{FDEP}\left({x}^{{\varvec{a}}} \Rightarrow {y}^{{\varvec{a}}}\right)\) increases.
7.1 Case studies
The effectiveness of the traditional association rules metrics of lift, interestingness, cosine, laplace and of the proposed metric \({I}_{FDEP}\) is evaluated considering i) a simulated system, and ii) a largescale alarm database collected on a representative portion of CERN’s CTI during 2016 (Serio et al. 2018; Antonello et al. 2019). The first application shows the limitations of the traditional metrics for evaluating association rules mining for FDEPs identification, the effectiveness of the proposed metric \({I}_{FDEP}\) in discriminating spurious rules and the robustness of the results with respect to statistical fluctuations in the alarm database. The second application considers a real CTI, for which we expect to discover unknown and rare functional dependencies are not known a priori.
7.2 Simulated system
We consider a system made by 4 components \({c}_{j}\), j \(=1, 2, \mathrm{3,4}\), which can be in the healthy, \(k=1\), or failed,\(k=2\), states and perform independent transitions at random times with constant failure rates. An alarm \({a}_{j}^{1}\) is triggered of each time component \({c}_{j}\) performs a state transition from state 1 to state 2. The repair, i.e. the transition from the failed, \(k=2\), to the healthy, \(k=1\), state is assumed to be instantaneous. Table 2 reports the failure rates, from state 1 to state 2, of each component \({c}_{j}\).
We further model a functional dependency among components \({c}_{1}, {c}_{2}, {c}_{3}\). It is originated by the transition from state 1 to state 2 of a component \({c}_{3}\) which causes the instantaneous transition of components \({c}_{2}\) from state 1 to state 2. Then, the functional dependency can propagate to component \({c}_{1}\) by causing its transition from state 1 to state 2. The probability of the malfunction propagation, i.e., the probability that a transition of components \({c}_{2}\) from state 1 to state 2 causes the same state transition of component \({c}_{1}\), is set to 0.75.
Table 3 reports the probability of occurrence of all the possible patterns of alarms, \(\subseteq\) \(\{{{a}_{1}^{1}, a}_{2}^{1}\), \({a}_{3}^{1}\), \({a}_{4}^{1}\}\), in 1 a.t.u.
Table 4 reports the values of the \({I}_{X}\left(X\right)\) and \({I}_{FDEP}\left(X\right)\) metrics for all the patterns of alarms, computed by applying Eqs. 17 and 23, respectively, when the parameter \(\alpha\) of Eqs. 23 and 24 is set equal to 0.03. Notice that, as expected, the value of the metric \({I}_{FDEP}\left(X\right)\) is equal to 0 for all the spurious patterns of alarms (i.e., the patterns containing the spurious alarm \({a}_{4}^{1}\)), and that the largest \({I}_{FDEP}\left(X\right)\) is assigned to the pattern \([{a}_{2}^{1}\), \({a}_{3}^{1}\), \({a}_{1}^{1}]\), which contains all the alarms involved in the FDEP. Since the Aprioribased algorithm tends to identify rules involving all the patterns (subsets) of alarms \({X}^{{\prime}}\) contained in the pattern (set) \({X}_{FDEP}\) formed by all the alarms involved in the FDEP, the largest value of the proposed metric is correctly assigned to the whole set of dependent alarms (\({X}_{FDEP}\)).
The values of the metrics lift, interestingness and cosine have been computed by using the equations reported in the first column of Table 1 for all the 56 association rules that can be generated from the 15 patterns of Table 3. Table 5 reports the 8 association rules with the largest lift. Notice that rules N° 3 4 are also characterized by the largest interestingness and cosine. Among them, 6 rules are spurious (rules N° 1, 2, 5, 6, 7, 8) and only 4 rules are describing the actual functional dependency (rules N° 3, 4, 9, 10). Notice that, the spurious rules 1 and 2 are characterized by the largest value of lift (250) and their values of interestingness, cosine and laplace are larger than the values of rules 9, 10, which describe the actual functional dependency. Consequently, lift, interestingness and cosine cannot clearly discriminate spurious rules.
Then, to verify the effectiveness of the proposed metric \({\widehat{I}}_{FDEP}(X)\) computed from an alarm database, the behaviour of the 4 componentssystem has been simulated for a period of time [\({t}_{0}, {t}_{f}\)] = [0, 1500 a.t.u.] and a database of 784 alarm messages has been obtained. The Boolean matrix, T, is computed following the procedure of Sect. 2.2 considering \(Z=1500\) time intervals of 1 a.t.u. and the metrics have been computed for all the 56 association rules that can be generated from the database. Table 6 reports the same list of association rules reported in Table 6, evaluated considering the same metrics and the laplace metric. The obtained results confirm that only the proposed metric \({\widehat{I}}_{FDEP}\left(X\right)\) is able to discriminate the spurious rules from a database of alarms.
To further analyze the robustness of the metrics with respect to the statistical fluctuations in the alarms occurrences, N = 1000 different alarm databases have been simulated and, for each database, the metrics have been computed. Table 7 reports the fraction of the databases in which the largest value of the considered metric is assigned to a spurious rule. As expected, only the value of the proposed metric, \({\widehat{I}}_{FDEP}\), is always larger for rules describing an actual functional dependency, whereas the other metrics are remarkably less robust to the statistical fluctuations.
This result is confirmed by Table 8 which reports the minimum, maximum and average values, over the 1000 alarm databases, of the metrics for rule 3, which refers to a real functional dependency, and for rule 7, which contains a spurious alarm. Notice that the \({\widehat{I}}_{FDEP}\) value of the spurious rule 3 is equal to zero in all the simulations, making clear its identification, whereas the other metrics tend to remarkably vary and they do not clearly discriminate the spurious rule from rule 7.
To verify the robustness of the proposed metric with respect to the probability of occurrence of the spurious alarm \({a}_{4}^{1}\), \(P({a}_{4}^{1})\), has been varied in the range [0.005, 0.7], whereas the probabilities of occurrences of the other alarms and of the functional dependency have not been modified. Table 9 reports the fraction of the simulations in which a spurious rule obtains the largest value of the metrics over the N = 1000 database simulations, as a function of \(P({a}_{4}^{1})\). Notice that, when the value of \(P({a}_{4}^{1})\) is larger than 0.01 only the proposed metric correctly identifies the spurious rules, whereas when \(P({a}_{4}^{1})\) is reduced to 0.01 or 0.005 the fraction of errors tend to increase. This is due to the fact that when \(P({a}_{4}^{1})\) is lower than 0.05, the number of occurrences in the database of the spurious rules is equal to 1 or 2. Thus, when the support is very small the discriminator factor of Eq. 24 can be satisfied by chance. Notice, however, that the minimum support threshold of the Apriori algorithm prevents the generation of rules characterized by 1 or 2 occurrences. On the contrary, the \(\widehat{lift}\), \(i\widehat{nterestingness}\), \(\widehat{cosine}\) and \(\widehat{laplace}\) are likely to assign the largest value of the metric to a spurious rule with most of the values of \(P({a}_{4}^{1})\). Notice that the smaller the fraction of simulations in which a spurious rule occurs, the smaller the probability of erroneously identifying a spurious rule as the one with the largest value of the metrics.
The sensitivity of the proposed metric with respect to the setting of the parameter \(\alpha\) of Eq. 24 is also investigated. Figure 1 shows the fraction of simulations in which at least one spurious rule has the value of \({\widehat{I}}_{FDEP}\) larger than 0 and the fraction of simulations in which at least one rule containing a FDEP has \({\widehat{I}}_{FDEP}\) equal to 0, as a function of the parameter \(\alpha\). As discussed in Sect. 3.3, the lower the value of the parameter \(\alpha\), the larger the probability that a spurious group satisfies the discriminator factor of Eq. 24. In particular, when the parameter \(\alpha\) is smaller than 0.01, the fraction of simulations in which the value \({\widehat{I}}_{FDEP}\) of spurious rules is larger than 0 tends to increase. On the opposite, the larger the value of the parameter \(\alpha\), the larger the probability that a rule containing a FDEP is not identified due to the condition \(P\left(X\right)>\alpha \cdot {max}_{{a}_{j}^{k}\in X}\left(P\left({a}_{j}^{k}\right)\right)\) in Eq. 24. Notice that when \(\alpha\) is in the range [0.01, 0.08], the proposed metric allows correctly identifying all the FDEPs and discriminating all the spurious rules.
Finally, notice that the proposed metric, \({\widehat{I}}_{FDEP}\), depends only on the patterns \(X=\left\{{a}_{{j}^{1}}^{{k}^{1}}, \ldots , {a}_{{j}^{R}}^{{k}^{R}}\right\}\) and do not require the definition of an association rule. This makes it possible to apply the metric also in the pattern mining domain, by evaluating the effectiveness of a pattern in describing a functional dependency, without the need of extracting associations rules, which is a timeconsuming task (Del Jesus et al. 2011; Mukhopadhyay et al. 2014). Further, considering an alarm database consisting of \({M}^{al}\) different alarm types, the number of possible patterns \(\sum_{k=2}^{{M}^{al}}\frac{{M}^{al}!}{k!\left({M}^{al}k\right)!}\) is significantly smaller than the number of association rules \({3}^{{M}^{al}}{2}^{{M}^{al}+1}+1\) that can be generated especially, as \({M}^{al}\) increases (Del Jesus et al. 2011).
7.3 CERN complex technical infrastructure
CERN (European Organization for Nuclear Research) LHC (Large Hadron Collider) is the largest existing particle accelerator and is made of a CTI composed by several systems working together for its functioning (Todd et al. 2016; Nielsen and Serio, 2016). It consists of a 27 km ring of superconducting magnets and engineered infrastructures, extending over the Swiss and French borders and located about 100 m underground. We consider the alarms databases generated during the period [\({t}_{0}, {t}_{f}\)] = [January 1^{st}, 2016; December 31^{st}, 2016] by the cryogenic, the electric and the cooling and ventilation systems in two adjacent sectors located in theLHC point 8, which is representative of the overall CTI complexity although composed only of ¼ of the overall CTI for these main three systems. A number \({N}_{al}=\) 253,591 alarms reporting \({M}^{al}\)=6800 different types of malfunctions caused by \({N}_{c}=\) 2895 components have been collected during the considered period. The Aprioribased ARM approach proposed in (Antonello et al. 2019) has been applied considering 17,500 time intervals of length 30 min. Setting the minimum support and the minimum confidence thresholds equal to 0.02 and 0.8, respectively, 202 association rules have been obtained. Given the large number of obtained rules, it is important to prioritize them to identify the most interesting FDEPs of the CTI. To this aim, the rules have been ranked using the proposed metric \({\widehat{I}}_{FDEP}\) with \(\alpha\) equal to 0.03, \({\widehat{I}}_{X}\) and the association rule metrics reported in Table 1.
Table 10 reports five rules with large \({\widehat{I}}_{FDEP}\) values and their position in the ranking based on the other metrics. Rules 1, 2 and 3 involve the same group of alarms and differ only for the combination in the antecedent and consequent part. This is consistent with the facts that the Apriori algorithm tends to identify rules involving all the subsets of the alarm generated from a FDEP, and that an association rule \(r=\left\{{x}^{a}\Rightarrow {y}^{a} \right\}\) is a logical probabilistic expression and the rule direction,\(\Rightarrow\), does not imply causality among the components in the antecedent and consequent part of the rule (Antonello et al. 2019). According to CERN experts, these rules, which are characterized by the largest value of \({\widehat{I}}_{FDEP}\), describe the propagation of a malfunction triggered by a problem in a cooling tower of the CV system (revealed by the alarms \({a}_{1123}^{2}\), \({a}_{1124}^{2}\)) to the low pressure compressors (revealed by the alarms \({a}_{100}^{3}\), \({a}_{101}^{3}\), \({a}_{102}^{3}\)), and the high pressure compressors of the Cryogenic system (revealed by the alarms \({a}_{123}^{4}\), \({a}_{124}^{4}\)). The analysis of the major failure events occurred in the past has shown that this FDEP was part of chain of malfunctions responsible of a CTI shutdown occurred in 2016. Also, the same FDEP occurred in 33 other events during 2016, without causing the CTI shutdown. This is due to the fact that to fully propagate and lead the CTI shutdown, the cascade of events triggered by the FDEP require particular operating condition and/or the deterioration of other components involved in the operations. Therefore, its early identification would have made possible the implementation of preventive procedure to reduce its probability of occurrence and/or the impact of its consequences. In detail, the identified functionally dependent groups of alarms involved in a FDEP would have allowed performing detailed analyses on the monitored key physical quantities of the components associated to the alarms, to investigate the causes of the malfunction and prevent their future occurrences. This highlights the importance of the rules and, therefore, confirms the capability of the proposed metric \({\widehat{I}}_{FDEP}\) of identifying real functional dependencies among the CTI components. Similarly, the following rules of the \({\widehat{I}}_{FDEP}\) ranking describe relevant FDEPs occurred in the CTI of CERN.
Table 11 reports a rule containing, according to CERN experts, the spurious alarm \({a}_{1924}^{2}\) generated by an independent component of the CV system, which is not related to the alarms \({a}_{1374}^{2}\) and \({a}_{1424}^{2}\), generated by two functionally dependent pumps of a cooling circuit (see rules 5 of Table 10). Also, the actual functional dependence is captured in Rule 5 of Table 10, making the spurious rule unnecessary.
Notice that this rule is clearly identified as spurious only from the proposed metric \({\widehat{I}}_{FDEP}\), whereas the other metric values are large and would identify it as an actual rule.
Also, according to the CTI experts and engineers, the rules ranking obtained by the application of the proposed metric provides practical indications for:
updating the maintenance planning focusing on the importance of the discovered FDEPs; for example, increasing the frequency of the inspections of the component that causes the chain of events involved in a FDEP, with the objective of reducing the probability of their initiation;
discarding the spurious patterns of alarms, which can lead to possible errors of diagnosis of cascading failures;
implementing automatic or semiautomatic tools to support control room operators in real time in the management of alarms and failures. The discovered FDEPs can be used to warn the operators when an alarm involved in one of the discovered FDEPs occurs, in order to anticipate preventive interventions.
Table 12 provides the description of the alarms involved in the rules of Tables 10 and 11. The complete list of alarms involved in the database cannot be provided for confidentiality reasons.
8 Conclusions
A novel metric for the evaluation of association rules mined from alarm data to identify FDEPs has been proposed. The proposed metric allows ranking the association rules obtained from the ARM algorithm. This is a fundamental task in real applications where hundreds of rules are typically generated, the use of the traditional association rule metrics has been shown to be not effective and their onebyone analysis is a timeconsuming task. The effectiveness of the proposed metric has been shown by its application to the association rules generated from a simulated alarm database and a largescale alarm database collected at CERN’s CTI during 2016. The obtained results and the comparison with the traditional association rule metrics have shown (i) the capability of the proposed metric of allowing the identification of actual FDEPs, (ii) the ability to discriminate spurious rules, and (iii) the robustness with respect to statistical fluctuations.
For future works, one direction lies in the application of the proposed metric to the direct identification of FDEPs without the need of generating association rules. Also, since the concept of dependency plays an important role in many fields, such as database design, machine learning, knowledge discovery and medical applications, the application of the proposed metric for other objectives than the identification of FDEPs in CTIs will be investigated.
Abbreviations
 CTI:

Complex technical infrastructure
 FDEP:

Functional dependency
 \({N}_{c}\) :

Number of CTI components
 \({c}_{j}\) :

Generic component j
 \({a}_{j}^{k}\) :

Alarm associated to the malfunction of type k of component j
 \({M}_{j}^{al}\) :

Number of types of alarms triggered by component j
 \({M}^{al}\) :

Total number of types of alarms
 \(A=\left\{{a}_{j}^{k}\right\}\) :

Set of all possible types of alarms
 \({N}^{al}\) :

Total number of alarms collected in the database
 [\({t}_{0}, {t}_{f}\)]:

Time domain during which the \({N}^{al}\) alarm messages of the database have been collected
 Z :

Number of time intervals in which the time domain [\({t}_{0}, {t}_{f}\)] is subdivided
 \(\Delta t\) :

Time interval length
 \({s}_{j}^{k}\left(z\right)\) :

Boolean variable associated to the occurrence of the alarm \({a}_{j}^{k}\) in the z time interval z
 \({\overrightarrow{c}}_{j}\left(z\right)\) :

Vector of size \({M}_{j}^{al}\) indicating the state of the component j in the time interval z
 \(\overrightarrow{\mathcal{T}}\left(z\right)\) :

Vector of size \({M}^{al}\) indicating the state of the CTI in the time interval z
 T :

Matrix of size [\(\mathrm{Z}\times {M}^{al}\)] representing the evolution of the CTI state in the time domain [\({t}_{0}, {t}_{f}\)]
 X :

Generic pattern of alarms
 n(X):

Number of time intervals in which at least all the alarms of X occur
 S(X) :

Support of X
 \(P\left(X\right)\) :

Probability of occurrence of X
 \({X}^{fp}\) :

Generic frequent pattern of alarms
 s% :

Minimum support threshold
 c% :

Minimum confidence threshold
 \({r}_{l}=\left\{{x}_{l}^{a}\Rightarrow {x}_{l}^{a}\right\}\) :

nGeneric association rule
 \({x}^{a}\) :

Antecedent of the lth association rule
 \({y}^{a}\) :

Consequent of the lth association rule
 \(Conf({x}_{l}^{a}\Rightarrow {x}_{l}^{a})\) :

Confidence of the lth association rule
 AR :

Set of the obtained association rules
 \({\lambda }_{j}^{k}\) :

Transition rate of component j out of the generic state k
References
Agrawal R, Imieliński T (1993) Mining association rules between sets of items in large databases. ACM SIGMOD Rec 22(2):207–216
Antonello F, Baraldi P, Shokry A, Zio E, Gentile U, Serio L (2020) Datadriven extraction of association rules of dependent abnormal behaviour groups. In: Proceedings of the 29th European safety and reliability conference, ESREL 2019, 2020, pp 3308–3313
Antonello F, Baraldi P, Gentile U, Serio L, Shokry A, Zio E (2020) A method for inferring causal dependencies among abnormal behaviours of components in complex technical infrastructures. In: Proceedings of the 30th European safety and reliability conference and the 15th probabilistic safety assessment and management conference, 2020, pp 309–316
Antonello F, Baraldi P, Shokry A, Zio E, Gentile U, Serio L (2021a) Association rules extraction for the identification of functional dependencies in complex technical infrastructures. Reliab Eng Syst Saf 2021(209):107305
Antonello F, Baraldi P, Serio L, Zio E (2021b) A novel association rule mining method for the identification of rare functional dependencies in complex technical infrastructures from alarm data. Exp Syst Appl 2021(170):114560
Antonello F, Baraldi P, Zio E, Serio L (2022) A niching augmented evolutionary algorithm for the identification of functional dependencies in complex technical infrastructures from alarm data. IEEE Syst J. https://doi.org/10.1109/JSYST.2022.3146014
Ballantyne A, Lawrance N, Small M, Hodkiewicz M, Burton D (2018) Fault prediction and modelling in transport networks. 2018 IEEE international symposium on circuits and systems (ISCAS), Florence, pp 1–5
Benites F, Sapozhnikova E (2014) Evaluation of hierarchical interestingness measures for mining pairwise generalized association rules. IEEE Trans Knowl Data Eng 26(12):3012–3025
Billinton R, Allan RN (1992) Network modelling and evaluation of complex systems. Reliability evaluation of engineering systems. Springer, Boston
Cantelmi R, Di Gravio G, Patriarca R (2021) Reviewing qualitative research approaches in the context of critical infrastructure resilience. Environ Syst Decis 41:341–376
Chang SE, McDaniels TL, Mikawoz J, Peterson K (2007) Infrastructure failure interdependencies in extreme events: power outage consequences in the 1998 Ice storm. Nat Hazards 41(2):337–358
Del Jesus MJ, Gámez JA, González P, Puerta JM (2011) On the discovery of association rules by means of evolutionary algorithms. Wiley Interdiscipl Rev 1(5):397–415
Etesami J, Kiyavash N (2017) Measuring causal relationships in dynamical systems through recovery of functional dependencies. IEEE Trans Signal Inf Process Netw 3(4):650–659
Ghosh A, Nath B (2004) Multiobjective rule mining using genetic algorithms. Inf Sci (NY) 163(1–3):123–133
Geng L, Hamilton HJ (2006) Interestingness measures for data mining: a survey. ACM Comput Surv 38:2006
Hämäläinen W, Webb GI (2019) A tutorial on statistically sound pattern discovery. Data Min Knowl Disc 33:325–377
Hui CY et al (2005) Mining quantitative associations in large database. Softw Eng Middlew 3399(60373053):405–416
Eusgeld I, Nan C, Dietz S (2011) Systemofsystems approach for interdependent critical infrastructures. Reliab Eng Syst Saf 96(6):679–686
Luna JM, Ondra M, Fardoun HM, Ventura S (2018) Optimization of quality measures in association rule mining: an empirical study. Int J Comput Intell Syst 12(1):59–78
Kröger W, Zio E (2011) Vulnerable systems. Springer, London
Hickford AJ, Blainey SP, Ortega Hortelano A et al (2018) Resilience engineering: theory and practice in interdependent infrastructure systems. Environ Syst Decis 38:278–291
Li Y, Liu J (2018) A Bayesian network approach for imbalanced fault detection in high speed rail systems. In: 2018 IEEE international conference on prognostics and health management (ICPHM), Seattle, WA, pp 1–7
Jin C, Rong L, Sun K (2017) Modeling of interdependent critical infrastructures network in consideration of the hierarchy. Knowledge and systems sciences. Springer, Singapore, pp 117–128
Ji Y, Ying H, Tran J, Dews P, Mansour A, Michael Massanari R (2013) A method for mining infrequent causal associations and its application in finding adverse drug reaction signal pairs. IEEE Trans Knowl Data Eng 25(4):721–733
Johansson J, Hassel H (2010) An approach for modelling interdependent infrastructures in the context of vulnerability analysis”. Reliab Eng Syst Saf 95(12):1335–1344
Marinica C, Guillet F (2010) Knowledgebased interactive postmining of association rules using ontologies. IEEE Trans Knowl Data Eng 22(6):784–797
Mathu T, Narmadha D, Geetha S (2011) Mining and postmining of time stamped association rules. In: 3rd international conference on Electronics Computer Technology (ICECT) 2011, vol 4, pp 149–153
Mendonça D, Wallace WA (2006) Impacts of the 2001 world trade center attack on New York city critical infrastructures. J Infrastruct Syst 12(4):260–270
Mosleh A (1991) Common cause failures: an analysis methodology and examples. Reliab Eng Syst Saf 1991(34):249–292
Moura MDC, Lins IS, Droguett EL, Soares R, Pascual R (2015) A multiobjective genetic algorithm for determining efficient riskbased inspection programs. Reliab Eng Syst Saf 133(2015):253–265
Mukhopadhyay A, Maulik U, Bandyopadhyay S, Coello CAC (2014) Survey of multiobjective evolutionary algorithms for data mining: Part II. IEEE Trans Evol Comput 18(1):25–35
Nielsen, Serio L (2016) Technical services: unavailability root causes, strategy and limitations. In: Proceedings on 7th Evian Workshop on LHC beam operation, Evian Les Bains, France, December 2016
O’Connor A, Mosleh A (2016) A general cause based methodology for analysis of common cause and dependent failures in system risk and reliability assessments. Reliab Eng Syst Saf 145:341–350
PiatetskyShapiro G (1991) Discovery, analysis and presentation of strong rules. In: PiatetskyShapiro G, Frawley W, eds, Knowledge discovery in databases, pp 229–248. AAAI Press
Sánchez D, Serrano JM, Blanco I et al (2008) Using association rules to mine for strong approximate dependencies. Data Min Knowl Disc 16:313–348
Serio L, Antonello F, Baraldi P, Castellano A, Gentile U, Zio E (2018) Smart framework for the availability and reliability assessment and management of accelerators technical facilities. In: 9th International Particle Accelerator Conference, IPAC 2018
Srikant R, Agrawal R (1996) Mining quantitative association rules in large relational tables. ACM SIGMOD Rec 25(2):1–12
Su H, Zio E, Zhang J, Li X (2018) A systematic framework of vulnerability analysis of a natural gas pipeline network. Reliab Eng Syst Saf 175:79–91
Todd et al (2016) LHC Availability 2016: Standard Proton Physics. CERN, Geneva, Switzerland, Rep. CERNACC.NOTE2016–0067, December 2016
Wen RZ, Sun BT, Zhou BF (2010) Field survey of Mw8, 8 Feb 27. Chile earthquake and tsunami. Adv Mater Res 250(2011):2102–2106
Witten IH, Frank E (2016) Data mining: practical machine learning tool and techniques. Morgan, New York
U.S.Canada Power System Outage Task Force (2004) Final report on The August 14, 2003 Blackout in The United States and Canada: Causes and Recommendations
Van Leeuwen M, Galbrun E (2015) Association discovery in twoview data. IEEE Trans Knowl Data Eng 27(12):3190–3202
Yao H, Hamilton HJ (2008) Mining functional dependencies from data. Data Min Knowl Disc 16:197–219
Zaki MJ (2000) Generating nonredundant association rules. Proceedings of the sixth ACM SIGKDD international conference on Knowledge discovery and data mining  KDD ’00: 34–43
Zhang A, Shi W, Webb GI (2016) Mining significant association rules from uncertain data. Data Min Knowl Disc 30:928–963
Zio E (2009) Computational methods for reliability and risk analysis. World Scientific, Singapore
Zio E (2016a) Some challenges and opportunities in reliability engineering. IEEE Trans Reliab 99:1769–1782
Zio E (2016b) Challenges in the vulnerability and risk analysis of critical infrastructures. Reliab Eng Syst Saf 152(2016):137–150
Funding
Open access funding provided by Politecnico di Milano within the CRUICARE Agreement.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Antonello, F., Baraldi, P., Zio, E. et al. A Novel Metric to Evaluate the Association Rules for Identification of Functional Dependencies in Complex Technical Infrastructures. Environ Syst Decis 42, 436–449 (2022). https://doi.org/10.1007/s1066902209857z
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s1066902209857z