US Patent 11575571 Centralized security event generation policy

A model-based industrial security policy configuration system implements a plant-wide industrial asset security policy in accordance with security policy definitions provided by a user. The configuration system models the collection of industrial assets for which diverse security policies are to be implemented. An interface allows the user to define zone-specific security configuration and event management policies for a plant environment at a high-level based on a security model that groups the industrial assets into security zones. Based on the model and these policy definitions, the system generates asset-level security setting instructions configured to set appropriate device settings on one or more of the industrial assets to implement the security event management policies, and deploys these instructions to the appropriate assets in order to implement the defined policies.