NORIA UI: Efficient incident management on large-scale ICT systems represented as knowledge graphs

Incident management in telecom and computer networks requires correlating and interpreting heterogeneous technical information sources. While knowledge graphs have proven flexible for data integration and logical reasoning, their use in network and cyber-security monitoring systems (NMS/SIEM) is not yet widespread. In this work, we explore the integration of knowledge graphs to facil-itate the diagnosis of complex situations from the perspective of NetOps/SecOps experts who use NMS/SIEMs. Through expert inter-views, we identify expectations in terms of ergonomics and decision support functions, and propose a Web-based client-server software architecture using an RDF knowledge graph that describes network systems and their dynamics. Based on a UI/UX evaluation and feed-back from a user panel, we demonstrate the need to go beyond simple data retrieval from the knowledge graph. We also highlight the importance of synergistic reasoning and interactive analysis of multi-layered systems. Overall, our work provides a foundation for future designs of knowledge-graph-based NMS/SIEM decision support systems with hybrid logical/probabilistic reasoning.