CN111582771A - Risk assessment method, device, equipment and computer readable storage medium - Google Patents
Risk assessment method, device, equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN111582771A CN111582771A CN202010552077.5A CN202010552077A CN111582771A CN 111582771 A CN111582771 A CN 111582771A CN 202010552077 A CN202010552077 A CN 202010552077A CN 111582771 A CN111582771 A CN 111582771A
- Authority
- CN
- China
- Prior art keywords
- request
- target
- change
- subsystem
- influence
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
Abstract
The invention relates to the technical field of financial science and technology, and discloses a risk assessment method, a risk assessment device, risk assessment equipment and a computer-readable storage medium. The risk assessment method comprises the following steps: when a subsystem change request is received, obtaining change information according to the subsystem change request; determining a target influence request and a target influence factor according to the change information, and acquiring historical average request quantity of the target influence request; and calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity. The invention can improve the changing risk evaluation efficiency and the accuracy of the changing risk evaluation result.
Description
Technical Field
The present invention relates to the field of financial technology (Fintech), and in particular, to a risk assessment method, apparatus, device, and computer-readable storage medium.
Background
With the development of computer technology, more and more technologies are applied in the financial field, and the traditional financial industry is gradually changing to financial technology (Fintech), but higher requirements are also put forward on the technologies due to the requirements of the financial industry on safety and real-time performance.
The functional implementation of product services usually requires processing by means of multiple subsystems. When a function is updated or repaired, the corresponding subsystem needs to be changed. In the changing process, the changing risk often exists, so the changing risk needs to be evaluated before changing so as to take corresponding preventive measures.
Currently, the following two methods are generally used to assess risk of alteration, or a combination of the two methods: 1) according to certain process rules, related managers or technicians are organized to carry out risk review on a main body related to change (for example, version information related to new release of version change) and a change scheme (for example, a main body is implemented, steps are implemented and the like); 2) providing a document similar to a question-answering or configuration system, answering or filling by related personnel, and then evaluating the risk according to certain rules according to the answering or filling result. All the methods need manual participation, and the subjective factors of people have certain influence on the risk assessment result, so that the assessment accuracy is poor, and the risk assessment efficiency is low. Therefore, how to improve the efficiency of changing risk assessment and the accuracy of the result of changing risk assessment is an urgent problem to be solved at present.
Disclosure of Invention
The invention mainly aims to provide a risk assessment method, a risk assessment device, risk assessment equipment and a computer readable storage medium, and aims to solve the problems that in the prior art, the change risk assessment efficiency is low and the accuracy of a change risk assessment result is poor.
In order to achieve the above object, the present invention provides a risk assessment method, including:
when a subsystem change request is received, obtaining change information according to the subsystem change request;
determining a target influence request and a target influence factor according to the change information, and acquiring historical average request quantity of the target influence request;
and calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity.
Optionally, the change information includes a target change subsystem identifier, change entity information, and change time information, and the step of determining a target influence request and a target influence factor according to the change information and acquiring a historical average request amount of the target influence request includes:
inquiring an influence request list corresponding to each subsystem obtained through statistics in advance to obtain a target influence request corresponding to the target change subsystem identification;
determining a target influence factor according to the change entity information;
detecting whether a target change subsystem corresponding to the target change subsystem identification adopts a flow switching mechanism or not to obtain a detection result;
determining a target influence time period according to the detection result and the change time information;
and acquiring the historical average request quantity of the target influence request in the target influence time period.
Optionally, the risk assessment method further comprises:
obtaining calling path information of each type of request in advance, and obtaining a calling chain of each type of request according to the calling path information;
and counting by taking each subsystem in the calling chain as a dimension to obtain an influence request list corresponding to each subsystem.
Optionally, the step of determining a target influence factor according to the change entity information includes:
if the changed entity information is the changed entity quantity, acquiring the entity total quantity of the target changed subsystem, and performing division operation on the changed entity quantity and the entity total quantity to obtain a target influence factor;
and if the change entity information is a target change entity, acquiring a weight value corresponding to the target change entity, and adding the weight value to obtain a target influence factor.
Optionally, the step of obtaining the historical average request amount of the target influence request in the target influence time period includes:
acquiring a current date, and determining a target historical date according to the current date and preset days;
acquiring the total historical request quantity of the target influence request in the target influence time period of the target historical date;
and calculating to obtain the historical average request quantity according to the historical total request quantity and the preset days.
Optionally, the step of determining a corresponding risk level according to the estimated influence request amount includes:
matching the estimated influence request quantity with a preset request quantity interval of a target change subsystem, and determining a target request quantity interval in which the estimated influence request quantity is located;
and determining the risk level corresponding to the target request quantity interval according to the mapping relation between the preset request quantity interval of the target change subsystem and the risk level.
Optionally, the risk assessment method further comprises:
acquiring request fault tolerance corresponding to each subsystem;
calculating to obtain a request quantity interval corresponding to each risk level according to the request fault tolerance and the mapping relation between the preset threshold range and the risk level;
and constructing a mapping relation between the request quantity interval and the risk level of each subsystem according to the calculation result.
In addition, to achieve the above object, the present invention also provides a risk assessment apparatus including:
the first acquisition module is used for acquiring change information according to a subsystem change request when the subsystem change request is received;
the second acquisition module is used for determining a target influence request and a target influence factor according to the change information and acquiring the historical average request quantity of the target influence request;
and the risk evaluation module is used for calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor and determining a corresponding risk level according to the estimated influence request quantity.
In addition, to achieve the above object, the present invention also provides a risk assessment apparatus including: a memory, a processor and a risk assessment program stored on the memory and executable on the processor, the risk assessment program when executed by the processor implementing the steps of the risk assessment method as described above.
Further, to achieve the above object, the present invention also provides a computer readable storage medium having stored thereon a risk assessment program, which when executed by a processor, implements the steps of the risk assessment method as described above.
The invention provides a risk assessment method, a risk assessment device, risk assessment equipment and a computer-readable storage medium, wherein when a subsystem change request is received, change information carried in the subsystem change request is acquired; then, determining a target influence request and a target influence factor according to the change information, and acquiring historical average request quantity of the target influence request; and then calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity. According to the method, the change risk is intelligently evaluated, compared with the prior art that manual evaluation is adopted, the change risk evaluation efficiency and the accuracy of the change risk evaluation result can be improved.
Drawings
FIG. 1 is a schematic diagram of an apparatus architecture of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of a risk assessment method according to a first embodiment of the present invention;
FIG. 3 is a functional block diagram of a risk assessment device according to a first embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic device structure diagram of a hardware operating environment according to an embodiment of the present invention.
The risk assessment device in the embodiment of the present invention may be a smart phone, or may be a terminal device such as a PC (personal computer), a tablet computer, or a portable computer.
As shown in fig. 1, the risk assessment apparatus may include: a processor 1001, such as a CPU, a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., a Wi-Fi interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the configuration of the risk assessment device shown in FIG. 1 does not constitute a limitation of the risk assessment device, and may include more or less components than those shown, or some components in combination, or a different arrangement of components.
As shown in fig. 1, a memory 1005, which is a kind of computer storage medium, may include therein an operating system, a network communication module, and a risk assessment program.
In the terminal shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting a client and performing data communication with the client; and the processor 1001 may be configured to invoke a risk assessment program stored in the memory 1005 and perform the various steps of the following risk assessment method.
Based on the hardware structure, the invention provides various embodiments of the risk assessment method.
The invention provides a risk assessment method.
Referring to fig. 2, fig. 2 is a schematic flow chart of a risk assessment method according to a first embodiment of the present invention.
In this embodiment, the risk assessment method includes:
step S10, when receiving the subsystem change request, obtaining the change information according to the subsystem change request;
the risk assessment method of the embodiment is implemented by a risk assessment device, which takes a server as an example for description.
In this embodiment, when a worker needs to change one or more subsystems in a service or a product, a subsystem change request may be triggered when input of relevant change information corresponding to software or App, such as an identifier (e.g., name or number) of a subsystem to be changed and entity information (e.g., number or entity number) to be changed in the subsystem is completed. At this time, the server acquires the change information based on the subsystem change request when receiving the subsystem change request. The change information comprises a target change subsystem identifier, change entity information and change time information. The target change subsystem is marked as the name or number of the subsystem to be changed, the change entity information is the number of the entities to be changed or the number of the entities to be changed, the change time information comprises change starting time, change finishing time and rollback operation time, the change starting time is the time for starting the subsystem change, the change finishing time is the time for finishing the subsystem change, and the rollback operation time is the time for finishing rollback operation and possibly causing problems after the subsystem change. Because the staff inputs the identification of the subsystem to be changed and the entity information to be changed in the subsystem when triggering the subsystem change request, the identification of the target change subsystem and the target change entity information can be directly obtained from the subsystem change request. The change time information is determined according to the historical change record of the target change subsystem corresponding to the target change subsystem identifier, specifically, the historical change time information of the target change subsystem can be obtained firstly, wherein the historical change time information comprises historical change starting time and historical change duration; then, respectively counting the historical change starting time and the historical change duration, and determining the change starting time and the change duration according to the counting result, wherein if the mode in the historical change starting time obtained by counting can be determined as the change starting time, the mode in the historical change duration obtained by counting can be determined as the change duration, and the specific determination rule can be flexibly set according to the actual situation; and finally, calculating to obtain a change completion time (change completion time is the change starting time + the change time) according to the change starting time and the change time, and obtaining a change rollback time (change rollback time is the change completion time + the preset rollback interval time) according to the change completion time and the preset rollback interval time. For example, obtaining the change operation for the last 10 times, if the historical change starting time for the last 10 times is counted to obtain that 7 times all occur at 8 o' clock in the evening, then taking the time as the change starting time; if most of historical changes take 10 minutes, namely the mode in the historical change time length is counted to be 10 minutes, the change completion time is determined to be 8 points and 10 points; and the back-off time is generally difficult to count, a default preset back-off interval time is adopted, for example, 5 minutes, and the back-off operation time can be determined to be 8 points and 15 points.
Step S20, determining a target influence request and a target influence factor according to the change information, and acquiring the historical average request quantity of the target influence request;
and then, determining a target influence request and a target influence factor according to the change information, and acquiring the historical average request quantity of the target influence request. The target influence request is a request which can be influenced in the change process of the target change subsystem.
Specifically, a target influence request corresponding to the target change subsystem can be obtained by inquiring a pre-counted influence request list corresponding to each subsystem; determining a target influence factor according to the changed entity information; then, detecting whether a flow switching mechanism is adopted by the target changing subsystem or not to obtain a detection result; determining a target influence time period according to the detection result and the change time information; and acquiring the historical average request quantity of the target influence requests in the target influence time period. For a specific implementation, reference may be made to the second embodiment described below, which is not described herein again.
And step S30, calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity.
And finally, calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity.
Wherein the predicted impact request quantity is the product of the sum of the historical average request quantities and the target impact factor. I.e., (x) ═ I ∑ piWherein f (x) is the predicted impact request amount, I is the target impact factor, piRepresenting the historical average request size of the target influencing request i.
Specifically, the step of determining the corresponding risk level according to the estimated influence request amount comprises the following steps:
a31, matching the estimated influence request quantity with a preset request quantity interval of a target change subsystem, and determining a target request quantity interval in which the estimated influence request quantity is located;
step a32, determining a risk level corresponding to the target request quantity interval according to a preset mapping relation between the request quantity interval of the target change subsystem and the risk level.
In this embodiment, the mapping relationship between the different request quantity intervals of each subsystem and the risk level may be preset, when determining the risk level, the request quantity interval of the target change subsystem may be obtained, the estimated influence request quantity may be matched with the preset request quantity interval of the target change subsystem, the request quantity interval where the estimated influence request quantity is located is determined and recorded as the target request quantity interval, and then, the risk level corresponding to the target request quantity interval is determined according to the mapping relationship between the preset request quantity interval of the target change subsystem and the risk level.
Further, after determining the risk level, a corresponding monitoring policy may be adopted to monitor the subsystem changing process based on the risk level, wherein the making of the monitoring policy may make different risk monitoring policies for different risk levels based on actual conditions, and is not limited herein.
Further, after the risk level is determined, a reminding mode corresponding to the risk level can be determined according to a preset mapping relation between the risk level and the reminding mode, and then risk reminding is carried out according to the reminding mode. The reminding mode includes, but is not limited to, reminding means (such as text prompt, voice prompt, and the like), reminding times, and the like, so that the staff can visually acquire the risk level.
In addition, if a plurality of subsystems in a certain service or product are updated, the output reminding can be performed on the risk level of each subsystem respectively, or the highest risk level can be selected for output reminding.
For the purpose of facilitating understanding of the embodiments of the present invention, the following are exemplified:
if the target change subsystem is obtained as S2, the corresponding target influence request includes a request a2 for a product a and a request B2 for a product B, the change entity information is n entities to be changed, and the target change subsystem S2 includes m entities, and the target influence factor I is determined to be n/m, that is, in this embodiment, the target influence factor is obtained by dividing the number of the entities to be changed by the total number of the entities in the target change system, and then the historical average request amount p of the target influence request a2 is obtained1And obtaining the historical average request quantity of the target influence request b2, which is recorded as p2. Therefore, the estimated influence request quantity of the target influence requests a2 and b2 can be calculated to be n/m (p)1+p2) And further based on the estimateThe impact request volume determines the corresponding risk level.
The embodiment of the invention provides a risk assessment method, which comprises the steps of obtaining change information carried in a subsystem change request when the subsystem change request is received; then, determining a target influence request and a target influence factor according to the change information, and acquiring historical average request quantity of the target influence request; and then calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity. In the embodiment of the invention, the target influence request and the target influence factor are determined and obtained based on the change information of the subsystem, then the estimated influence request quantity corresponding to the target influence request is estimated and obtained by combining the target influence factor and the request quantity data of historical monitoring, and the risk grade is determined based on the estimated influence request quantity.
Further, based on the first embodiment described above, a second embodiment of the risk assessment method of the present invention is proposed.
In this embodiment, the change information includes a target change subsystem identifier, change entity information, and change time information, and step S20 includes:
a21, inquiring an influence request list corresponding to each subsystem obtained by statistics in advance to obtain a target influence request corresponding to the target change subsystem identifier;
in this embodiment, the change information includes a target change subsystem identifier, change entity information, and change time information, where the target change subsystem identifier may be a name or a number of the target change subsystem, and the change time information includes change start time, change completion time, and rollback operation time.
The acquisition process of the target influence request is as follows: the method includes the steps of querying an influence request list corresponding to each subsystem, which is obtained through statistics in advance, wherein the influence request list corresponding to each subsystem is a request list which may be influenced by changes of each subsystem, and is obtained through statistics based on call path information of the subsystem called in the processing process of each type of request.
Step a22, determining a target influence factor according to the change entity information;
and determining a target influence factor according to the changed entity information.
Specifically, step a22 includes:
step a221, if the changed entity information is the changed entity number, acquiring the entity total number of the target changed subsystem, and performing division operation on the changed entity number and the entity total number to obtain a target influence factor;
step a222, if the change entity information is a target change entity, obtaining a weight value corresponding to the target change entity, and performing summation operation on the weight value to obtain a target influence factor.
In this embodiment, the determination manner of the target influence factor includes, but is not limited to:
1) if the changed entity information is the changed entity quantity, acquiring the entity total quantity of the target changed subsystem, and performing division operation on the changed entity quantity and the entity total quantity to obtain a target influence factor, namely the target influence factor is the changed entity quantity/the entity total quantity;
2) if the change entity information is a target change entity, namely, entity information (such as a number) to be changed, a weight value corresponding to the target change entity is obtained according to a preset weight value of each entity in the subsystem, and the weight values are summed to obtain a target influence factor. That is, the target influence factor is the sum of the weight values of the target modification entity.
Step a23, detecting whether the target change subsystem corresponding to the target change subsystem identification adopts a flow switching mechanism to obtain a detection result;
a24, determining a target influence time period according to the detection result and the change time information;
step a25, obtaining the historical average request quantity of the target influence request in the target influence time period.
The historical average request quantity of the target influence requests is obtained as follows:
firstly, whether a target change subsystem corresponding to the target change subsystem identification adopts a flow switching mechanism is detected to obtain a detection result, and then a target influence time period is determined according to the detection result and the change time information. The change time information includes a change starting time (denoted as t1), a change finishing time (denoted as t2), and a rollback operation time (denoted as t3), where the change starting time is a time for starting the subsystem change, the change finishing time is a time for finishing the subsystem change, and the rollback operation time is a time for completing the rollback operation after the subsystem change and possibly causing a problem.
If the detection result is that the target change subsystem adopts a flow switching mechanism, the flow is switched away at the time point t1, the flow is switched in at the time point t2, and at the moment, the target influence time period is determined to be t3-t2, namely the time period from the change completion time to the rollback operation time; and if the detection result is that the target change subsystem does not adopt a flow switching mechanism, determining that the target influence time period is t3-t1, namely the time period from the starting time to the rollback operation time is changed.
After the target influence time period is determined, the historical average request quantity of the target influence requests in the target influence time period is obtained.
As one of the obtaining manners of the historical average request amount, the total request amount of the target influence request in the target influence time period of a certain preset time period (e.g., near n months) may be directly obtained, and then the total request amount is divided by the total number of days corresponding to n months, so as to obtain the historical average request amount of the target influence request in the target influence time period.
As another obtaining method of the historical average request quantity, the total request quantity of the target influence request in a target influence time period of a certain preset specific number of days is obtained, and then the total request quantity is divided by the total quantity of the specific number of days to obtain the historical average request quantity of the target influence request in the target influence time period. Specifically, step a25 includes:
step a251, acquiring a current date, and determining a target historical date according to the current date and preset days;
step a252, acquiring a total historical request quantity of the target influence request in the target influence time period of the target history date;
step a253, calculating to obtain the historical average request quantity according to the historical total request quantity and the preset days.
In this embodiment, to improve the accuracy of estimating the influence request quantity, the historical average request quantity may be calculated by selecting the request quantity on a specific date based on the following principle: 1, historical monitoring data closer to the current change time and date can reflect the service request amount in the change period, 2, influence of sudden flow peak caused by holidays, rest days or activity days on the estimated amount is reduced as much as possible, and 3, the collected data history does not exceed the past 2 months generally. Therefore, k may be chosen to be 2 in the past from the current datei(i < 7) days of historical data.
Specifically, a current date is acquired, and a target historical date is determined according to the current date and preset days, wherein the preset days are 1, 2, 4, 8, 16, 32 and 64 days away from the current date.
Then, the total historical request quantity of the target influence requests in the target influence time period of the target historical date is obtained, and the average historical request quantity is calculated according to the total historical request quantity and the preset days, wherein the average historical request quantity is equal to the total historical request quantity/the total days (7 days) corresponding to the preset days.
It can be understood that the historical average request quantity of the target influence request is calculated by selecting the historical data in the specific date, compared with a preset time period selected at will, the accuracy of the calculation result of the historical average request quantity can be improved, the accuracy of the change risk assessment result can be improved, the calculation efficiency can be higher on the premise that the accuracy of the calculation result of the historical average request quantity is ensured, and the accuracy and efficiency of the change risk assessment result are better balanced.
Further, based on the second embodiment described above, a third embodiment of the risk assessment method of the present invention is provided.
In this embodiment, before the step a21, the risk assessment method further includes:
step A, obtaining the calling path information of each type of request in advance, and obtaining the calling chain of each type of request according to the calling path information;
in this embodiment, the obtaining process of the influence request list corresponding to each subsystem is as follows:
the method comprises the steps of obtaining calling path information of various types of requests in advance, wherein the calling path information is generated when the requests call various subsystems in the processing process, and it can be understood that the calling path information can comprise a plurality of calling path information, and can be composed of a request identifier, a current calling subsystem identifier and a target sending subsystem identifier, the request identifier has global uniqueness, and can be composed of a unique identity ID (serial number), an initial calling subsystem identifier and a request type serial number.
Specifically, the product service at present generally consists of a plurality of subsystems, that is, the processing of the request usually requires the calling of the plurality of subsystems, and the common mode used for calling between the subsystems is RPC (remote procedure Call) or message-based event-driven mode. In either way, at the initial entry of a request for product services, when a request is received, a globally unique identity ID, such as uID, may be generated for the request, and then specific fields are added to the ID, such as a field indicating which subsystem the current message originates from (i.e., originating calling subsystem ID), a field for which type of service request the message belongs to (i.e., request type number), to form a request ID, such as 111-S1-a1, where the field 111 is the globally unique ID, S1 is the originating subsystem, and a1 indicates that the request is a1 service request. When a service request is forwarded from the S1 subsystem to the S2 subsystem, this global traceId is added to the RPC call parameter or the message sent, together with the source address S1 (i.e. the current calling subsystem identity, denoted srcad) and the destination address S2 (i.e. the destination sending subsystem identity, denoted dstAdd) of this call. When the processing of this request at S2 is completed and the next subsystem processing is required to be diverted, this information is also appended. Then the requests contain a triplet of invocation information traceId, srcAdd, dstAdd. Assume for the traceId mentioned above: 111-S1-a1, forming a sequence of triplet information based on all requests of the traceId, {111-S1-a1, S1, S2}, {111-S1-a1, S2, S3}, {111-S1-a1, S3, S4}, and subsequently obtaining the corresponding call path information based on the request identification traceId.
Then, obtaining the call chain of each type of request according to the call path information. For example, in the above example, the call chain from which request a1 can be obtained is: s1- > S2- > S3- > S4.
And B, counting by taking each subsystem in the calling chain as a dimension to obtain an influence request list corresponding to each subsystem.
And then, counting by taking each subsystem in the calling chain as a dimension to obtain an influence request list corresponding to each subsystem.
Assume that the request call chain acquired to a product a1 passes through subsystems S1, S2, S3, S4, the request call chain of a2 passes through subsystems S1, S3, S4, S5, the request call chain of B product B1 passes through subsystems S6, S3, S7, and the request call chain of B2 passes through subsystems S7, S2, S3, S8. That is, the list of the obtained call chains is as follows:
a1:{S1,S2,S3,S4}
a2:{S1,S3,S4,S5}
b1:{S6、S3、S7}
b2:{S7、S2、S3、S8}
counting by taking each subsystem in the call chain list as a dimension to obtain an influence request list corresponding to each subsystem, wherein the influence request list comprises the following steps:
S1:(a1、a2),
S2:(a1、b2),
S3:(a1、a2、b1、b2),
S4:(a1、a2),
S5:(a2),
S6:(b1),
S7:(b1、b2),
S8:(b2)。
in this embodiment, the call path information corresponding to each type of request is analyzed and counted to obtain an influence request list corresponding to each subsystem, that is, a request list that may be influenced by the change of each subsystem, so that a target influence request corresponding to a target change subsystem is conveniently queried subsequently.
Further, based on the first embodiment described above, a fourth embodiment of the risk assessment method of the present invention is proposed.
In this embodiment, before the step a31, the risk assessment method further includes:
step C, acquiring the request fault tolerance corresponding to each subsystem;
in this embodiment, the request fault tolerance corresponding to each subsystem is obtained. The request tolerance may be characterized by the product of the total number of requests and the target request success rate, for example, if a subsystem with a request success rate target of 99.99% per day receives 250 ten thousand requests per day, it may allow up to 250 errors per day, i.e., the request tolerance is 250.
Step D, calculating to obtain a request quantity interval corresponding to each risk level according to the request fault tolerance and the mapping relation between the preset threshold range and the risk level;
and then, calculating to obtain a request quantity interval corresponding to each risk level according to the request fault tolerance and the mapping relation between the preset threshold range and the risk level. Specifically, according to a preset mapping relationship between a threshold range and a risk level, a threshold range corresponding to each risk level is determined, and then multiplication is performed on the request fault tolerance and a boundary value of the threshold range corresponding to each risk level, so that a request interval corresponding to each risk level is obtained.
For example, it may be defined that affecting the demand below 20% (including 20%) of the maximum demand tolerance is a low risk, 20% -50% (excluding 20%, including 50%) is a medium risk, 50-80% (excluding 50% and 80%) is a high risk, and more than 80% (including 80%) is a serious concern risk. Correspondingly, the request tolerance may be multiplied by the threshold range to obtain the request interval corresponding to each risk level, for example, in the above example, 250 × 20% ═ 50 or less (including 50) is obtained as the low risk, 50-125 (including 50) is obtained as the medium risk, 125-.
And E, constructing a mapping relation between the request quantity interval and the risk level of each subsystem according to the calculation result.
And then, constructing a mapping relation between the request quantity interval and the risk level of each subsystem according to the calculation result. The mapping relationship may be in the form of a table, so as to facilitate the query.
In the embodiment of the invention, the mapping relation between the request quantity interval and the risk level of each subsystem is constructed, so that the corresponding risk level can be conveniently determined based on the estimated influence request quantity obtained by calculation, in addition, for the subsystems of different services, because the request fault tolerance is different, even if the threshold ranges of the risk levels are the same, the request quantity intervals of the subsystems obtained by final calculation are different, the fact that the subsystems of each service correspond to the request quantity intervals of the subsystems, but not all the subsystems uniformly set the request quantity intervals is realized, and the accuracy of subsequent risk evaluation of various services is further improved.
The invention also provides a risk assessment device.
Referring to fig. 3, fig. 3 is a functional module diagram of the risk assessment device according to the first embodiment of the present invention.
As shown in fig. 3, the risk assessment apparatus includes:
a first obtaining module 10, configured to obtain change information according to a subsystem change request when the subsystem change request is received;
a second obtaining module 20, configured to determine a target influence request and a target influence factor according to the change information, and obtain a historical average request amount of the target influence request;
and the risk evaluation module 30 is configured to calculate an estimated influence request amount according to the historical average request amount and the target influence factor, and determine a corresponding risk level according to the estimated influence request amount.
Further, the change information includes a target change subsystem identifier, change entity information, and change time information, and the second obtaining module 20 includes:
the query unit is used for querying an influence request list corresponding to each subsystem obtained through statistics in advance to obtain a target influence request corresponding to the target change subsystem identifier;
a first determining unit, configured to determine a target impact factor according to the change entity information;
the detection unit is used for detecting whether the target change subsystem corresponding to the target change subsystem identification adopts a flow switching mechanism or not to obtain a detection result;
a second determining unit, configured to determine a target influence time period according to the detection result and the change time information;
a first obtaining unit, configured to obtain a historical average request amount of the target impact request in the target impact time period.
Further, the second obtaining module 20 further includes:
the second acquisition unit is used for acquiring the calling path information of each type of request in advance and obtaining a calling chain of each type of request according to the calling path information;
and the counting unit is used for counting by taking each subsystem in the calling chain as a dimension to obtain an influence request list corresponding to each subsystem.
Further, the first determining unit is specifically configured to:
if the changed entity information is the changed entity quantity, acquiring the entity total quantity of the target changed subsystem, and performing division operation on the changed entity quantity and the entity total quantity to obtain a target influence factor;
and if the change entity information is a target change entity, acquiring a weight value corresponding to the target change entity, and adding the weight value to obtain a target influence factor.
Further, the first obtaining unit is specifically configured to:
acquiring a current date, and determining a target historical date according to the current date and preset days;
acquiring the total historical request quantity of the target influence request in the target influence time period of the target historical date;
and calculating to obtain the historical average request quantity according to the historical total request quantity and the preset days.
Further, the risk assessment module comprises:
the interval matching unit is used for matching the estimated influence request quantity with a preset request quantity interval of the target change subsystem and determining a target request quantity interval in which the estimated influence request quantity is located;
and the third determining unit is used for determining the risk level corresponding to the target request quantity interval according to the mapping relation between the preset request quantity interval of the target change subsystem and the risk level.
Further, the risk assessment apparatus further comprises:
the third acquisition module is used for acquiring the request fault tolerance corresponding to each subsystem;
the calculation module is used for calculating and obtaining a request quantity interval corresponding to each risk level according to the request fault tolerance and the mapping relation between the preset threshold range and the risk level;
and the construction module is used for constructing the mapping relation between the request quantity interval and the risk level of each subsystem according to the calculation result.
The function implementation of each module in the risk assessment device corresponds to each step in the risk assessment method embodiment, and the function and implementation process are not described in detail here.
The present invention also provides a computer readable storage medium having stored thereon a risk assessment program which, when executed by a processor, implements the steps of the risk assessment method according to any of the embodiments above.
The specific embodiment of the computer-readable storage medium of the present invention is substantially the same as the embodiments of the risk assessment method described above, and is not described herein again.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A risk assessment method, characterized in that the risk assessment method comprises:
when a subsystem change request is received, obtaining change information according to the subsystem change request;
determining a target influence request and a target influence factor according to the change information, and acquiring historical average request quantity of the target influence request;
and calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor, and determining a corresponding risk level according to the estimated influence request quantity.
2. The risk assessment method of claim 1, wherein the change information includes a target change subsystem identifier, change entity information, and change time information, and the step of determining a target impact request and a target impact factor based on the change information and obtaining a historical average request amount of the target impact request comprises:
inquiring an influence request list corresponding to each subsystem obtained through statistics in advance to obtain a target influence request corresponding to the target change subsystem identification;
determining a target influence factor according to the change entity information;
detecting whether a target change subsystem corresponding to the target change subsystem identification adopts a flow switching mechanism or not to obtain a detection result;
determining a target influence time period according to the detection result and the change time information;
and acquiring the historical average request quantity of the target influence request in the target influence time period.
3. The risk assessment method of claim 2, further comprising:
obtaining calling path information of each type of request in advance, and obtaining a calling chain of each type of request according to the calling path information;
and counting by taking each subsystem in the calling chain as a dimension to obtain an influence request list corresponding to each subsystem.
4. The risk assessment method of claim 2, wherein the step of determining a target impact factor from the change entity information comprises:
if the changed entity information is the changed entity quantity, acquiring the entity total quantity of the target changed subsystem, and performing division operation on the changed entity quantity and the entity total quantity to obtain a target influence factor;
and if the change entity information is a target change entity, acquiring a weight value corresponding to the target change entity, and adding the weight value to obtain a target influence factor.
5. The risk assessment method of claim 2, wherein the step of obtaining the historical average request volume for the target impact request over the target impact time period comprises:
acquiring a current date, and determining a target historical date according to the current date and preset days;
acquiring the total historical request quantity of the target influence request in the target influence time period of the target historical date;
and calculating to obtain the historical average request quantity according to the historical total request quantity and the preset days.
6. The risk assessment method according to any one of claims 2 to 5, wherein the step of determining a corresponding risk level based on the predicted impact request quantity comprises:
matching the estimated influence request quantity with a preset request quantity interval of a target change subsystem, and determining a target request quantity interval in which the estimated influence request quantity is located;
and determining the risk level corresponding to the target request quantity interval according to the mapping relation between the preset request quantity interval of the target change subsystem and the risk level.
7. The risk assessment method of claim 6, further comprising:
acquiring request fault tolerance corresponding to each subsystem;
calculating to obtain a request quantity interval corresponding to each risk level according to the request fault tolerance and the mapping relation between the preset threshold range and the risk level;
and constructing a mapping relation between the request quantity interval and the risk level of each subsystem according to the calculation result.
8. A risk assessment device, characterized in that it comprises:
the first acquisition module is used for acquiring change information according to a subsystem change request when the subsystem change request is received;
the second acquisition module is used for determining a target influence request and a target influence factor according to the change information and acquiring the historical average request quantity of the target influence request;
and the risk evaluation module is used for calculating to obtain an estimated influence request quantity according to the historical average request quantity and the target influence factor and determining a corresponding risk level according to the estimated influence request quantity.
9. A risk assessment device, characterized in that it comprises: a memory, a processor, and a risk assessment program stored on the memory and executable on the processor, the risk assessment program when executed by the processor implementing the steps of the risk assessment method according to any one of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a risk assessment program which, when executed by a processor, implements the steps of the risk assessment method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010552077.5A CN111582771A (en) | 2020-06-16 | 2020-06-16 | Risk assessment method, device, equipment and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010552077.5A CN111582771A (en) | 2020-06-16 | 2020-06-16 | Risk assessment method, device, equipment and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111582771A true CN111582771A (en) | 2020-08-25 |
Family
ID=72125757
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010552077.5A Pending CN111582771A (en) | 2020-06-16 | 2020-06-16 | Risk assessment method, device, equipment and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111582771A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112446640A (en) * | 2020-12-10 | 2021-03-05 | 中国农业银行股份有限公司 | Information system change risk assessment method, related equipment and readable storage medium |
| CN112465461A (en) * | 2020-12-04 | 2021-03-09 | 金蝶云科技有限公司 | Business object information changing method, system, computer device and storage medium |
| CN112508327A (en) * | 2020-10-20 | 2021-03-16 | 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) | Component technical state change evaluation method |
| CN113837530A (en) * | 2021-08-13 | 2021-12-24 | 中国核电工程有限公司 | Method and system for judging influence of nuclear power plant change on fire probability safety analysis |
| CN115277404A (en) * | 2022-05-13 | 2022-11-01 | 清华大学 | Cloud network large-scale change, release and arrangement method, device, equipment and storage medium |
-
2020
- 2020-06-16 CN CN202010552077.5A patent/CN111582771A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112508327A (en) * | 2020-10-20 | 2021-03-16 | 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) | Component technical state change evaluation method |
| CN112508327B (en) * | 2020-10-20 | 2024-03-26 | 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) | Component technical state change evaluation method |
| CN112465461A (en) * | 2020-12-04 | 2021-03-09 | 金蝶云科技有限公司 | Business object information changing method, system, computer device and storage medium |
| CN112446640A (en) * | 2020-12-10 | 2021-03-05 | 中国农业银行股份有限公司 | Information system change risk assessment method, related equipment and readable storage medium |
| CN113837530A (en) * | 2021-08-13 | 2021-12-24 | 中国核电工程有限公司 | Method and system for judging influence of nuclear power plant change on fire probability safety analysis |
| CN115277404A (en) * | 2022-05-13 | 2022-11-01 | 清华大学 | Cloud network large-scale change, release and arrangement method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111582771A (en) | Risk assessment method, device, equipment and computer readable storage medium | |
| CN109543891B (en) | Method and apparatus for establishing capacity prediction model, and computer-readable storage medium | |
| CA3140333A1 (en) | Microservice rate limiting method and apparatus | |
| CN109669835B (en) | MySQL database monitoring method, device, equipment and readable storage medium | |
| CN109523373B (en) | Remote body-checking method, device and computer readable storage medium | |
| CN111756745B (en) | Alarm method, alarm device, terminal equipment and computer readable storage medium | |
| CN110990245A (en) | Micro-service operation state judgment method and device based on call chain data | |
| CN111158926B (en) | Service request analysis method, device and equipment | |
| CN110264222B (en) | Method, device and terminal equipment for investigating due-job based on data acquisition | |
| CN116595028A (en) | Service and evaluation corresponding relation construction method and system | |
| CN108874619B (en) | Information monitoring method, storage medium and server | |
| CN108377357B (en) | Visual platform call method and device | |
| CN111178839A (en) | Environmental protection tax declaration monitoring management method, device and system | |
| CN110888811B (en) | Code coverage rate information processing method and device, electronic equipment and medium | |
| CN110633165B (en) | Fault processing method, device, system server and computer readable storage medium | |
| WO2022068280A1 (en) | Data processing method and apparatus, device, and storage medium | |
| CN114513334A (en) | Risk management method and risk management device | |
| CN113094241A (en) | Method, device and equipment for determining accuracy of real-time program and storage medium | |
| CN109218062B (en) | Internet service alarm method and device based on confidence interval | |
| WO2020215542A1 (en) | Information notification method and device, computer apparatus, and storage medium | |
| CN111445157A (en) | Service data management method, device, equipment and storage medium | |
| US9723146B1 (en) | Systems and methods for representative credit predicated upon relationship development | |
| CN109508356B (en) | Data abnormality early warning method, device, computer equipment and storage medium | |
| CN109636202B (en) | Calculation method and device for per-person efficiency parameter and storage medium | |
| CN110471933B (en) | Information processing method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |