Industrial control security event simplification and aggregation method and device

The invention provides an industrial control security event simplification and aggregation method and device, computer equipment and a storage medium. The method comprises the steps of obtaining a data source; configuring a corresponding attribution identifier and a global identifier for the data source; and inputting the data source configured with the attribution identifier and the global identifier into an aggregation model to obtain an event corresponding to the data source. According to the invention, network security, especially industrial control network security resource validity utilization and data validity aggregation are solved. 本申请提供的一种工控安全事件精简聚合方法、装置、计算机设备和存储介质，所述方法包括：获取数据源；为所述数据源分别配置对应的归属地标识和全局标识；将配置有归属地标识和全局标识的所述数据源输入聚合模型，得到所述数据源对应的事件。本申请解决了网络安全特别是工控网络安全资源有效性利用及数据有效性聚合。