Online learning method for security training, online learning platform

By modeling the job responsibilities of security personnel and conducting multi-position collaborative training scenarios under a unified event evolution framework, the system identifies areas of ambiguity in responsibilities and generates collaborative cognitive alignment learning content. This solves the problem of ambiguity in responsibilities during multi-position collaboration in existing technologies and improves the efficiency of collaborative handling by security personnel in complex scenarios.

CN121860825BActive Publication Date: 2026-07-10ZHEJIANG HEJI ELECTRONIC TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
ZHEJIANG HEJI ELECTRONIC TECH CO LTD
Filing Date
2026-03-19
Publication Date
2026-07-10

AI Technical Summary

Technical Problem

Existing online security learning platforms are unable to effectively train and correct systemic risks caused by ambiguous responsibilities or cognitive misalignments during multi-position collaboration. This is especially true in sudden security incidents, where overlapping responsibilities or unclear division of duties between different positions can lead to delays, duplicate actions, or collaborative failures.

Method used

By modeling the job responsibilities of security personnel, identifying areas of ambiguity in responsibilities, and constructing multi-position collaborative training scenarios under a unified event evolution framework, decision-making behaviors are collected, and targeted collaborative cognitive alignment learning content is generated to improve collaborative handling efficiency.

Benefits of technology

It effectively reduces the risk of cognitive mismatch in multi-position collaborative handling and improves the efficiency and training effectiveness of security personnel in complex and emergency scenarios.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121860825B_ABST
    Figure CN121860825B_ABST
Patent Text Reader

Abstract

The application belongs to the technical field of security and protection training, and discloses an online learning method and an online learning platform for security and protection training. The method is based on the post type information of security personnel, constructs a post responsibility element model, and maps and analyzes the responsibility elements of multiple posts for preset or historical security event types, identifies event intervals with overlapping responsibilities or inconsistent intervention trigger conditions, and determines the responsibility ambiguity zone. A unified event evolution main line is further constructed, a multi-post collaborative training scene is generated in combination with the event perception permissions of different posts, and the decision-making behavior of security personnel in the responsibility ambiguity zone is collected in the training scene. The intervention timing and responsibility expectation differences between posts are analyzed, and then learning content for post collaborative cognitive alignment is generated and pushed. Through post differentiated cutting and collaborative training of event information, the consistency of multi-post collaborative disposal cognition is realized, and the pertinence and effectiveness of security and protection training in complex scenarios are improved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of security training technology, specifically to online learning methods and platforms for security training. Background Technology

[0002] As security management requirements in public service and densely populated areas such as hospitals, schools, and commercial complexes continue to rise, the professional training of security personnel is gradually shifting from offline centralized training to online learning based on network platforms. Existing online security learning platforms typically categorize and push training courses based on employees' job types (such as gatekeepers, patrol officers, monitoring center staff, etc.) and service scenarios, enabling personnel in different positions to learn security knowledge and operational procedures that match their responsibilities.

[0003] However, in actual security work, security incidents are often sudden, continuous, and uncertain in their occurrence and evolution. A single position cannot independently complete the entire response process, usually requiring the coordinated intervention of multiple positions at different times. Especially in the early stages of abnormal behavior, when risks are not yet clear, or when the incident has not yet reached the escalation threshold, there are often overlapping responsibilities or unclear division of duties between different positions. At this time, even if security personnel in each position strictly follow their respective training content, inconsistencies in understanding between positions may lead to delays in response, duplicate responses, or failures in coordination. Such problems are usually difficult to expose and correct through the training content of a single position, and are not easily detected in daily assessments or simulations; their risk consequences often only become apparent after a real incident occurs.

[0004] Existing online security learning methods mostly construct their curriculum around job positions as basic units, focusing on the explanation and assessment of internal operational procedures, standard requirements, and emergency response steps, lacking systematic modeling and training for multi-position collaborative scenarios. Although some platforms introduce scenario-based case teaching, they usually still present the event process from a single perspective, failing to reflect the information asymmetry faced by different positions in the same event, nor can they represent the differences in judgment between positions in the boundary areas of responsibility.

[0005] In summary, existing technologies are insufficient for effectively training and correcting systemic risks arising from ambiguous responsibilities or cognitive misalignments during multi-position collaboration. This limits the practical effectiveness of online security learning platforms in handling complex scenarios and real-world events, and requires further improvement. Summary of the Invention

[0006] In view of the above-mentioned shortcomings mentioned in the background art, the purpose of this invention is to provide an online learning method and online learning platform for security training.

[0007] The first aspect of the present invention provides an online learning method for security training, the method comprising the following steps: S1, selecting corresponding job responsibility rules from a preset job responsibility rule library based on the job type information of security personnel, and constraining and modeling the parameter value range and judgment conditions of event perception authority, handling authority, and intervention triggering conditions for different positions based on the job responsibility rules, so as to obtain a corresponding job responsibility element model; S2, performing mapping analysis on the job responsibility element models of multiple positions for preset or historical security event types, identifying event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, and determining them as ambiguity areas of responsibility; S3. S4. For the ambiguity of responsibilities, an event evolution mainline is constructed to align the event cognition process scattered from the perspectives of different positions in terms of time and state. Based on the event evolution mainline and the event perception permissions of different positions, a multi-position collaborative training scenario is generated to present the information state of the same event under different positions. S5. During the collaborative training process based on the multi-position collaborative training scenario, the decision-making behavior of security personnel in each position within the ambiguity of responsibilities is collected. The differences in intervention timing and expected responsibilities between positions are analyzed. Based on the analysis results, learning content for position collaborative cognition alignment is generated and pushed to the security personnel in the corresponding positions.

[0008] The second aspect of this invention provides an online learning platform for security training, comprising: a job responsibility modeling module, used to select corresponding job responsibility rules from a preset job responsibility rule library based on the job type information of security personnel, and to perform constraint modeling on the parameter value range and judgment conditions of event perception authority, handling authority, and intervention triggering conditions for different positions based on the job responsibility rules, so as to obtain a corresponding job responsibility element model; a responsibility ambiguity zone identification module, used to perform mapping analysis on the job responsibility element models of multiple positions for preset or historical security event types, identify event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, and determine them as responsibility ambiguity zones; and a collaborative training scenario generation module. The module is used to construct an event evolution mainline for the responsibility ambiguity zone, which aligns the event cognition process scattered from the perspectives of different positions in terms of time and state. Based on the event evolution mainline and the event perception permissions of different positions, it generates multi-position collaborative training scenarios corresponding to each position to present the information state of the same event under different positions. The collaborative cognition alignment module is used to collect the decision-making behavior of security personnel in each position within the responsibility ambiguity zone during the collaborative training process based on the multi-position collaborative training scenarios, analyze the differences in intervention timing and expected responsibilities between positions, and generate learning content for position collaborative cognition alignment based on the analysis results, and push it to the security personnel in the corresponding positions.

[0009] Compared with existing technologies, this invention models the job responsibilities of security personnel and identifies ambiguous areas of responsibility under a unified event evolution framework. It then constructs a multi-position collaborative training scenario based on job-specific perception permissions, transforming security training from single-position knowledge learning to multi-position collaborative cognitive training. By tailoring event information to different job roles and collecting decision-making behaviors within ambiguous areas of responsibility, it objectively quantifies the cognitive differences among different positions regarding intervention timing and expected responsibilities. Based on this, it generates targeted collaborative cognitive alignment learning content, effectively reducing the risk of cognitive mismatch in multi-position collaborative handling and improving the efficiency and effectiveness of collaborative handling and training for security personnel in complex and emergency scenarios. Attached Figure Description

[0010] Figure 1 This is a schematic diagram of the overall process of an online learning method for security training disclosed in an embodiment of the present invention.

[0011] Figure 2 This is a typical schematic diagram of a system architecture for implementing the solution of the present invention as disclosed in an embodiment of the present invention.

[0012] Figure 3 This is a schematic diagram of the structure of an online learning platform for security training disclosed in an embodiment of the present invention. Detailed Implementation

[0013] The specific embodiments of this disclosure will be described in detail below with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are for illustration and explanation only and are not intended to limit this disclosure.

[0014] It is understood that the online learning method for security training described in this embodiment can be deployed on the business server, cloud-based learning management system, or industry-specific training system corresponding to the security online learning platform. This method is used to identify, analyze, and correct collaborative cognitive biases among security personnel in complex security incidents. It is particularly suitable for security application scenarios involving multi-position collaboration, dynamically changing responsibility boundaries, and uncertain event development rhythms, such as sudden disputes in hospitals, abnormal gatherings in large commercial complexes, and unusual nighttime behavior on campuses.

[0015] Please see Figure 1 , Figure 2This invention provides an online learning method for security training. The method includes the following steps: S1, selecting corresponding job responsibility rules from a preset job responsibility rule library based on the job type information of security personnel, and constraining and modeling the parameter value range and judgment conditions of event perception permissions, handling permissions, and intervention trigger conditions for different positions based on the job responsibility rules, so as to obtain the corresponding job responsibility element model; In this embodiment, the platform first obtains the job type information of security personnel. The job type information can be directly provided by the personnel system, scheduling system, or user registration information, for example, identified as gatekeeper, patrolman, or monitoring center worker.

[0016] The platform has a pre-built job responsibility rule library, which stores job responsibility rules corresponding to different positions. The job responsibility rules include at least the following three types of rule elements: 1) event perception permission rules, which limit the types and sources of information that the position can obtain in different security event stages; 2) handling permission rules, which limit the types of handling actions that the position is allowed to take in different event stages; 3) intervention trigger condition rules, which limit the event state or parameter conditions under which the position should intervene.

[0017] After obtaining job type information, the platform selects the corresponding job responsibility rules from the job responsibility rule library and performs parameterized constraint modeling of event perception permissions, handling permissions, and intervention triggering conditions based on these job responsibility rules. For example, for a gatekeeper position, its event perception permissions can be constrained to include only close-range video footage, human observation results, and access control status information; its handling permissions can be constrained to on-site inquiry, preliminary dissuasion, or reporting; and its intervention triggering conditions can be set to the time the person stays for exceeding a threshold or the abnormal behavior score exceeding a threshold.

[0018] For example, the job responsibility element model can be represented as: R={P_perception, P_action, C_trigger}, where: P_perception represents the set of event perception permission parameters; P_action represents the set of handling permission parameters; and C_trigger represents the set of intervention triggering condition parameters.

[0019] The event perception permission parameter P_perception describes the range of event information that a position can obtain under a specific security event type and stage. It can be represented as: P_perception = {I_type, I_range, I_source}, where: I_type represents the type of information the position can obtain; I_range represents the spatial range of information the position can obtain; and I_source represents the information source device or system. For example, for a gatekeeper position, its event perception permission can be modeled as: I_type = {access control status information, entrance / exit video footage, manual observation records}, I_range = {20-meter radius around the entrance / exit}, and I_source = {access control system, entrance / exit camera}.

[0020] For monitoring center positions, their event perception permissions can be modeled as follows: I_type={global video information, behavior recognition alarm information, alarm linkage information}, I_range={monitoring system coverage area}, I_source = {video surveillance platform, behavior analysis system}.

[0021] The handling authority parameter P_action describes the set of handling actions that a position is allowed to perform under a specific event stage. It can be represented as: P_action={A_set, A_level}, where: A_set represents the set of handling actions that the position is allowed to perform; A_level represents the handling authority level of the position.

[0022] For example, the authority levels for gatekeeper positions can be modeled as follows: Gatekeeper position: A_set = {Inquire, Dissuade, Report}, A_level = 1; For patrol positions, the authority levels can be modeled as follows: A_set = {On-site Intervention, Personnel Evacuation, Report to Monitoring Center}, A_level = 2; For monitoring center positions, the authority levels can be modeled as follows: A_set = {Broadcast Prompt, Dispatch Patrol Personnel, Alarm Linkage}, A_level = 3. The authority levels represent the hierarchical relationship of the positions in collaborative responses.

[0023] The intervention trigger parameter C_trigger describes the event conditions under which intervention is required for a given position. It can be modeled using a threshold function: C_trigger = f(Risk, Time, Behavior) ≥ θ, where: Risk represents the event risk score; Time represents the duration of the abnormal behavior; Behavior represents the characteristic index of the abnormal behavior; and θ represents the intervention trigger threshold for the position. When the value of the above function is greater than or equal to the threshold θ for the corresponding position, the position is deemed to meet the intervention conditions.

[0024] In some embodiments, the event risk score Risk can be calculated using event status parameters, for example: Risk = w1×D+w2×A+w3×T, where: D represents the personnel density index; A represents the abnormal behavior score; T represents the normalized value of the abnormal duration; and w1, w2, and w3 are weighting coefficients.

[0025] For example, in an event of abnormal crowd gathering: D can be represented as the ratio between the current number of people in the area and the maximum capacity of the area; A can be represented as the abnormal behavior score output by the behavior recognition algorithm; T can be represented as the ratio between the duration of the abnormal behavior and a preset time threshold.

[0026] Based on the rules governing different job responsibilities, different trigger thresholds can be set for different positions. For example: gatekeeper position: θ_gate=0.4; patrol position: θ_patrol=0.6; monitoring center position: θ_center=0.8. This yields the intervention trigger intervals for different positions during the event evolution process: Trigger_gate={t|Risk(t)≥0.4}, Trigger_patrol={t|Risk(t)≥0.6}, Trigger_center={t|Risk(t)≥0.8}.

[0027] For example, when the Risk value is in the range of 0.6 to 0.8, both the gate post and the patrol post meet the intervention conditions, while the monitoring center post has not yet reached the intervention threshold. This range may form an overlapping area where multiple posts simultaneously meet the intervention conditions.

[0028] S2 involves mapping and analyzing the job responsibility element models of multiple positions for preset or historical security event types to identify event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, defining these as responsibility ambiguity zones. In this embodiment, by mapping the event perception authority, handling authority, and intervention triggering conditions of different positions to a unified event development framework, it is possible to identify situations where multiple positions simultaneously meet the intervention conditions or none meet them at the same event stage. It is understood that the event stages corresponding to the above situations are often high-risk stages in actual security handling processes where responsibility boundaries are unclear or handling is delayed. By defining the scope of responsibility ambiguity zones, collaborative training can focus on the key stages most prone to cognitive biases, rather than covering the entire event process.

[0029] As an example, a mapping analysis is performed on the job responsibility element models of multiple positions for preset or historical security event types to identify event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, which are then designated as responsibility ambiguity areas. This includes: S21, obtaining the event perception permission parameters, handling permission parameters, and intervention triggering condition parameters contained in the job responsibility element models corresponding to the same preset or historical security event type; in specific implementation, the same preset or historical security event type is selected as the analysis object. The security event type can be predefined based on historical event statistics or dynamically generated by the platform according to risk assessment rules. The key is that the event type has a clear event evolution process and quantifiable state characteristics.

[0030] After determining the type of security incident, the job responsibility element models corresponding to multiple positions are accessed respectively, and for the security incident type, the event perception permission parameters, handling permission parameters, and intervention trigger condition parameters related to the event are extracted from the job responsibility element models.

[0031] Among them, the event awareness permission parameter is used to limit the range of event status information that the position can obtain under the event type, such as whether it can obtain global monitoring information, local on-site information, system analysis results, or manually reported information; the handling permission parameter is used to limit the set of handling actions that the position is authorized to perform under the event type, such as whether on-site intervention is allowed, whether it is limited to information reporting, and whether it has linkage scheduling authority; the intervention trigger condition parameter is used to describe when the position needs to intervene during the event evolution process, which is usually expressed in the form of risk level, status change, or time accumulation.

[0032] It should be noted that this embodiment does not limit the intervention triggering conditions of different positions to adopt the same parameter form, but allows them to be set independently under their respective responsibility rules framework.

[0033] S22, under the premise of satisfying the event perception and handling permissions constraints of the corresponding positions, the intervention triggering condition parameters of different positions under the security event type are aligned and compared to determine the intervention triggering range corresponding to each position. In specific implementation, for a certain position, if it does not have the corresponding event perception permission under the security event type, it means that the position cannot obtain the event information used to determine whether the intervention condition is valid. In this case, the intervention triggering condition corresponding to the position will not participate in the subsequent alignment analysis. Similarly, if a certain position does not have the handling permission to perform an effective handling action under the event type, its intervention triggering condition will also not be included in the analysis scope. It can be understood that by using event perception permission and handling permission as dual constraints, it can be ensured that the subsequent analysis is only carried out on positions that have actual intervention significance under the premise of being able to perceive and handle, thereby avoiding the analysis results from deviating from the actual collaborative handling scenario.

[0034] After constraint screening, the remaining intervention trigger condition parameters for different positions are aligned and compared. Specifically, the judgment criteria upon which each position's intervention trigger condition depends are uniformly mapped to the same event evolution dimension. This event evolution dimension can be a discrete sequence of event stages or a continuous risk level scale, reflecting the gradual evolution of an event from its initial state to a high-risk state. Understandably, through this mapping, the originally dispersed and heterogeneous intervention trigger conditions for different positions are transformed into intervention trigger intervals on a unified event evolution dimension, making the intervention positions of each position comparable during the event's development.

[0035] S23, determine whether there are overlapping or intermittent intervals between the intervention triggering intervals of different positions; wherein, the overlapping interval is used to represent the situation where multiple positions meet the intervention conditions in the same event stage, and the intermittent interval is used to represent the situation where multiple positions do not meet the intervention conditions in the same event stage; in specific implementation, determine whether the intervention triggering intervals of multiple positions overlap within the same event evolution stage. When there is overlap, it indicates that multiple positions simultaneously meet the intervention conditions within that event stage, and the existing job responsibility rules do not clearly define the primary responsible position or the order of coordination, which may easily lead to overlapping responsibilities, repeated handling, or mutual waiting in actual handling.

[0036] Simultaneously, it also determines whether there are situations where a certain stage of an event's evolution is not covered by the intervention trigger range of any position. When such a situation occurs, it indicates that the event's state has changed within that stage, but the intervention conditions of any position have not yet been met, which can easily lead to a response lag or a gap in responsibility during actual handling.

[0037] Understandably, by simultaneously identifying overlapping and interval intervals, the platform can comprehensively characterize two typical but hidden risk scenarios in multi-position collaborative handling, rather than being limited to the responsibility judgment from the perspective of a single position.

[0038] S24, the event phases where the overlapping intervals or the intervals exist are identified as the responsibility ambiguity zone.

[0039] In practice, the aforementioned ambiguous area of ​​responsibilities is not equivalent to a defect in the rules of job responsibilities. Rather, it is used to describe the objective situation where, under specific security incident types and specific stages of incident evolution, the intervention boundaries formed by different positions based on existing rules of responsibilities are insufficient to support efficient collaborative handling.

[0040] By defining this type of event phase as a fuzzy area of ​​responsibility, we can subsequently build targeted multi-position collaborative training scenarios around this fuzzy area and conduct alignment analysis on the decision-making behaviors of different positions within this area. This allows collaborative training and cognitive correction to focus on the key phases where collaborative mismatch is most likely to occur, rather than generalizing training to the entire event process.

[0041] S3. An event evolutionary mainline is constructed for the responsibility ambiguity zone to align the event perception process, which is dispersed across different job positions, in terms of time and state. Based on this event evolutionary mainline and the event perception permissions of different positions, multi-job collaborative training scenarios are generated to present the information state of the same event under different positions. In this embodiment, by introducing a unified event evolutionary mainline, the event perception process, originally dispersed across different job positions, is aligned in terms of time and state. Furthermore, by combining job position event perception permissions, event information is differentiated and tailored to job positions, ensuring that different positions receive only event information matching their responsibilities at the same event stage. This provides a unified event benchmark and controllable information difference conditions for subsequent collection and analysis of decision-making behavior of different positions within the responsibility ambiguity zone, thereby avoiding analytical biases caused by inconsistent event stages or inconsistent information states.

[0042] As an example, an event evolution mainline is constructed for the ambiguous responsibility area to align the event perception process scattered from the perspectives of different positions in terms of time and state. Based on the event evolution mainline and the event perception permissions of different positions, a multi-position collaborative training scenario corresponding to each position is generated, including: S31, based on the security event type corresponding to the ambiguous responsibility area, the evolution process of the event from its initial occurrence state to its completion state is divided into stages, and an event evolution mainline containing multiple continuous event stages is constructed. In specific implementation, the platform determines the security event type corresponding to the ambiguous responsibility area. The event type can be derived from a preset event database or historical event classification results, such as abnormal gathering of people, suspicious loitering, and signs of impending conflict escalation. Then, the platform extracts the observable state change features of this type of security event from its initial occurrence to its completion, and divides the event evolution process into stages accordingly.

[0043] It should be noted that the stage division in this embodiment is based on the state changes that can be collected by the platform or perceived by the job during the event evolution process, so as to ensure that the division can be used for real-time presentation or offline review during the training process. To this end, the platform can divide the event evolution process into multiple consecutive event stages, and each event stage satisfies a sequential progression relationship, that is, the occurrence of the next stage is based on the event state meeting the corresponding stage entry conditions.

[0044] For example, for an abnormal gathering of people, the platform can divide the event evolution process into: the initial abnormality stage: abnormal characteristics such as people staying or loitering appear but the risk is not yet clear; the risk accumulation stage: the duration or frequency of the abnormality increases and a gathering trend appears; the intervention stage: the risk level reaches a state where multiple positions may need to respond at the same time or the main responsible position needs to be identified; and the handling completion stage: personnel evacuation, site restoration or handover for processing is completed.

[0045] It should be noted that the above examples are only used to illustrate the idea of ​​stage division, and the present invention does not limit the specific stage names, number of stages or stage division basis.

[0046] To enable the platform to automatically implement the stage division, it pre-constructs event stage templates corresponding to different security event types. These templates can pre-record multiple candidate event stages, along with corresponding stage entry, stage maintenance, and stage exit conditions. The stage entry, stage maintenance, and stage exit conditions can be defined based on event state characteristics.

[0047] Specifically, the platform first acquires multi-source raw data related to the target security event. This multi-source raw data includes at least one of the following: video surveillance data, access control / channel status data, alarm records, personnel trajectory data, manually reported data, and intercom / command data. Subsequently, the platform performs time alignment processing on the multi-source raw data, enabling data from different data sources to be mapped to a unified timeline. Simultaneously, based on camera IDs, area IDs, access control device IDs, or event object identifiers, the platform performs object association and area association processing on the multi-source raw data to form a sequence of event status data arranged in chronological order.

[0048] After obtaining the event status data sequence, the platform extracts stage-determining features from the event status data sequence to characterize the event's evolution state. These stage-determining features may include at least one of the following: number of people in the area, personnel density, abnormal dwell time, changes in movement speed, frequency of round trips, area occupancy rate, number of access control triggers, number of alarms, frequency of manual reporting, frequency of intercom commands, and behavioral anomaly scores. These stage-determining features can be extracted directly from a single data source or calculated by fusing multiple data sources.

[0049] During stage identification, the platform can use a rule-based state machine approach to identify the current event state as a stage. For any candidate event stage, when the stage determination features at the current moment or within the current time window meet the entry conditions corresponding to the candidate event stage, the platform determines that the event enters the candidate event stage; when the current event state continuously meets the maintenance conditions corresponding to the candidate event stage, the platform maintains the current event stage identifier unchanged; when the current event state no longer meets the current stage maintenance conditions but meets the entry conditions for the next stage, the platform determines that the event exits the current stage and switches to the next stage.

[0050] For example, for the initial anomaly occurrence stage, "the abnormal stay duration exceeds the first time threshold, and the number of people in the area exceeds the first number threshold" can be used as the stage entry condition; for the risk accumulation stage, "the number of people in the area continues to increase, the population density exceeds the second density threshold, or the abnormal behavior score exceeds the first behavior threshold" can be used as the stage entry condition; for the intervention stage, "the comprehensive risk score exceeds the intervention risk threshold, out-of-bounds behavior occurs, the number of alarms reaches the preset number, or the manual reporting triggers the escalation condition" can be used as the stage entry condition; for the disposal completion stage, "the number of people in the area returns to a safe range, the abnormal behavior disappears, and the disposal action has been completed" can be used as the stage entry condition.

[0051] After identifying the stages of each time segment or time window, the platform records the start time, end time, stage identifier, and adjacent stage switching relationship for each event stage, and organizes multiple event stages into an event evolution main line in chronological order. Thus, the event evolution main line is a structured event process sequence generated by the platform based on stage determination characteristics, stage entry conditions, and stage exit conditions.

[0052] After completing the phase division, the platform organizes each phase according to its evolutionary order, forming an event evolution mainline containing multiple consecutive event phases. The event evolution mainline can be understood as a unified process axis of events, which includes at least: phase identifiers, phase sequence relationships, and phase entry / exit conditions used to characterize phase boundaries.

[0053] S32, for each event stage in the event evolution main line, and in conjunction with the event perception permissions of different positions, determine the range of event information that each position can perceive in the corresponding event stage; in specific implementation, use the aforementioned generated event evolution main line as a benchmark, and process each event stage one by one. For any event stage, first determine the set of event information that can be generated or collected in that stage. The event information includes, but is not limited to: video footage or image frames, access control / channel status, alarm signals, personnel trajectory and density changes, behavior analysis results, manually reported content, intercom / command records, etc. It should be noted that this invention does not limit the information set to all coming from the same source; it can be a combination of multi-source heterogeneous information, as long as it can characterize the state characteristics of that event stage.

[0054] To obtain the aforementioned set of event information, the platform can be configured with a multi-source event data access module to receive data from video surveillance systems, access control systems, alarm systems, intercom systems, patrol terminals, or manual reporting terminals. For data from different systems, the platform can perform unified data standardization processing, including: unified timestamps, unified area identifiers, unified information type identifiers, and associated event object identifiers. This maps data from different sources into event information records that can be uniformly processed by the platform.

[0055] The platform can generate behavioral analysis results based on video and trajectory data for the event information. Specifically, the platform first performs target detection on the video frame sequence to identify personnel targets in the event scene; then, it performs cross-frame tracking on personnel targets in consecutive video frames to obtain corresponding personnel trajectory sequences. Further, the platform extracts behavioral features based on the trajectory sequences, which may include at least one of the following: dwell time, movement speed, number of direction changes, frequency of round trips, degree of regional clustering, boundary crossing, and changes in distance between adjacent personnel. Subsequently, the platform inputs the behavioral features into a preset abnormal behavior recognition model or abnormal behavior judgment rule base to output corresponding behavioral analysis results. The behavioral analysis results may include loitering judgment results, clustering judgment results, abnormal approach judgment results, boundary crossing judgment results, conflict escalation tendency results, and corresponding abnormal behavior scores.

[0056] It should be noted that the behavior analysis results can be determined using either a threshold-based method, such as determining loitering when the dwell time exceeds a set time threshold and the movement range is less than a set range threshold; or a machine learning or deep learning model-based identification method, such as outputting abnormal behavior categories based on object detection and temporal behavior classification models.

[0057] By combining the event perception permissions of different positions, the aforementioned event information set is filtered and constrained to determine the scope of event information that each position can perceive at that event stage. Event perception permissions are used to limit the types of event information that a position can obtain, the sources of that information, and the visible range. For example, for a monitoring center position, their perception permissions can cover information such as global video, switching between multiple cameras, and behavioral analysis alarms; for a patrol position, their perception permissions can mainly cover information within the visible range, the status of nearby equipment, and instructions from superiors; for a gatekeeper position, their perception permissions can focus on access control status, images near entrances and exits, or information observed manually.

[0058] To enable the permission constraint filtering to be executed automatically by the platform, the platform pre-establishes event-aware permission rules for different positions. For any position, its event-aware permission rules include at least: the set of allowed information types, the set of allowed information sources, the allowed spatial area range, and the allowed information granularity level. Therefore, the position's event-aware permission rules can be represented as: Permission = {Type_set, Source_set, Area_set, Granularity_set}, where Type_set represents the set of information types the position is allowed to access; Source_set represents the set of information sources the position is allowed to access; Area_set represents the spatial area range the position is allowed to access; and Granularity_set represents the set of information granularity levels the position is allowed to receive.

[0059] Simultaneously, the platform attaches corresponding information tags to each event record in the event information set. These information tags include at least: information type tag, information source tag, spatial region tag, time stage tag, and information granularity tag. For any event information record, these tags can be respectively denoted as Info_type, Info_source, Info_area, Info_stage, and Info_granularity.

[0060] Subsequently, the platform matches the event awareness permission rules for the target position with the event information records corresponding to the current event stage one by one. An event information record is retained in the perceptible event information range for that position only if it meets all of the following conditions: Info_type ∈ Type_set; Info_source ∈ Source_set; Info_area ∈ Area_set; Info_granularity ∈ Granularity_set; and the time stage corresponding to the event information record is consistent with the current event stage. If at least one condition is not met, the platform removes the event information record from the information range corresponding to the current event stage for that position.

[0061] For example, for gatekeepers, the platform can limit their event perception permission rules to only allow access to access control status information, entrance / exit camera footage, and manual observation records within the entrance / exit area; for patrol personnel, the platform can limit their event perception permission rules to allow access to on-site video, personnel location changes, and instructions issued by superiors within the patrol route coverage area; for monitoring center personnel, the platform can limit their event perception permission rules to allow access to global video information, behavior analysis alarm information, and alarm linkage information from different areas. Through the above tag matching and rule filtering process, the scope of perceptible event information for different positions at the same event stage can be automatically generated by the platform.

[0062] It should be noted that the aforementioned perceptible range of event information refers to the subset of event information that the position can legally obtain and use to make intervention decisions according to its job responsibilities at that stage of the event. In other words, even if the platform can aggregate all event information at the system level, it will not include information beyond the perceptible authority of the position in its event information range, in order to ensure that the training scenario can realistically reproduce the collaborative handling conditions of information asymmetry between positions.

[0063] After obtaining the scope of event information for each position at each event stage, it can be organized into a mapping relationship of "position-stage-information scope". This can be used for subsequent job-differentiated tailoring and scenario generation of event information in the main event evolution line, thereby ensuring that the information status presented by different positions at the same event stage conforms to their responsibility perception boundaries and maintains stage consistency across positions.

[0064] S33, based on the scope of the event information, perform job-specific tailoring on the event information in the main event evolution line, and generate multi-job collaborative training scenarios corresponding to each job, so that different jobs present different information states in the same event stage.

[0065] In this embodiment, after the main event evolution line and the scope of event information for each position are determined, a structured information trimming mechanism is used to generate information presentation states with controllable differences in the same event stage for different positions, thereby constructing a multi-position collaborative training scenario that can be used for collaborative cognitive analysis.

[0066] It should be noted that in multi-position security collaborative response, the fundamental reason for the cognitive differences between different positions is not the difference in the events themselves, but rather the difference in the scope of information available to each position and the granularity of information expression at the same stage of event development. If the same set of event information is presented to all positions directly during training, it will be impossible to truly reflect the information asymmetry between positions, nor will it be possible to distinguish whether the differences in decision-making behavior between different positions stem from differences in responsibility judgment or differences in information conditions.

[0067] Therefore, this step uses the scope of event information determined in step S32 as the clipping boundary, and further introduces a control mechanism at the information granularity level, so that different positions not only see different information content at the same event stage, but also that the level of abstraction of their information expression is consistent with their job perception ability and responsibility requirements.

[0068] In practice, the platform first reads the job-stage-information scope mapping relationship to determine the set of candidate event information records corresponding to the target job in the current event stage. Then, the platform performs granularity adaptation processing on the set of candidate event information records according to the granularity level of the target information corresponding to the job. For raw video footage, the platform can choose to directly output video clips, output keyframe sequences, or output structured summary information extracted by the video analysis model, depending on the granularity level of the target information. For trajectory information, the platform can choose to output raw trajectory point sequences, output regional heat distribution results, or output a description of the trend of changes in the number of people. For behavioral analysis results, the platform can choose to output specific abnormal behavior categories and confidence levels, or only output risk warning labels.

[0069] During the trimming process, the platform executes the steps in the following order: first, permission filtering; second, granularity adaptation; and third, scene assembly. Specifically: First, it calls the range of perceptible event information for the current stage obtained in step S32 and removes event information that exceeds the job's perceptible permissions; second, it performs abstraction, summarization, or direct retention processing on the retained event information according to the target information granularity level; finally, it binds and assembles the processed event information according to a unified event stage node to form the training scene content for the current event stage of the job.

[0070] Specifically, for a given event information, if the granularity of its original expression is higher than the target information granularity level, the platform abstracts it to generate an expression that matches the target information granularity level. If the granularity of its original expression is lower than or equal to the target information granularity level, the original expression can be directly retained, or the format can be converted according to display needs. Thus, without altering the semantics of the event facts, different roles can receive a subset of event information that matches their job responsibilities and event perception permissions at the same event stage.

[0071] After generating the scene content for each event stage corresponding to each position, the platform binds the event information subsets of different positions to the corresponding stage nodes in the same event evolution main line and writes them into the multi-position collaborative training scene configuration data. The multi-position collaborative training scene configuration data may include at least: event stage identifier, position identifier, scene resource reference, event information subset identifier, and display order information. During training, the system can distribute the corresponding scene content to different position terminals according to the configuration data.

[0072] As an example, based on the scope of event information, the event information in the event evolution main line is tailored to different job positions to generate multi-job collaborative training scenarios corresponding to each job position. This includes: S331, for the event information in the event evolution main line, within the scope of event information, the event information is processed in layers according to the level of abstraction of the information content to obtain multiple preset information granularity levels. In specific implementation, using the event evolution main line as a time or state skeleton, in each event stage, all event information belonging to the event information scope of that stage is summarized. The event information may include raw sensor data (such as video footage, sensor values), semi-structured information (such as behavioral features, trajectory summaries), and high-level structured information (such as risk levels, status labels), etc.

[0073] Based on the level of abstraction of the information content, the aforementioned event information is processed in layers. The level of abstraction characterizes the process of information expression changing from direct perception to decision support. Furthermore, the information granularity level describes the expression form of the same event information at different levels of abstraction. For example, for event information generated during a certain stage of the same security event, it can include at least the following information granularity levels: The first information granularity level (low granularity level) is used to characterize the directly perceived information of the event. This level mainly contains raw perceived data that has not undergone or has only undergone basic processing, such as video footage captured by on-site cameras, real-time sensor values, and raw records of personnel locations. Information at this level can fully reflect the detailed state of the event, but requires a high level of information understanding and comprehensive judgment.

[0074] The second information granularity level (medium granularity level) is used to represent event information after the initial structuring of the raw perceived information. This level mainly includes behavioral features, statistical summaries, or trend descriptions extracted from the raw perceived data, such as trends in the number of people, descriptions of abnormal behavioral characteristics, and the range of clustered areas. This level of information retains key details while reducing information complexity, facilitating a rapid understanding of the event's development.

[0075] The third information granularity level (high granularity level) is used to represent highly abstract decision-making information about events. This level mainly contains structured conclusions or prompts obtained from the comprehensive analysis of the aforementioned information, such as risk level, event status label, and judgment results on whether intervention conditions have been met. The information at this level focuses on assisting decision-making rather than presenting specific original details.

[0076] It should be noted that the above-mentioned different information granularity levels maintain semantic consistency. That is, each level reflects the objective facts of the same event at the same stage of the event. The differences lie only in the degree of abstraction, richness of detail, and information density of the information expression, and there is no inconsistency in the facts of the event.

[0077] S332, based on the event perception permissions of different positions, select a target information granularity level that matches the event perception permission of each position from the multiple preset information granularity levels; in specific implementation, first obtain the event perception permission parameters included in the aforementioned constructed job responsibility element model for each position. The event perception permission parameters are used to limit the types and complexity of event information that the position can receive and utilize in actual work, such as whether it can understand structured analysis results, whether it relies on raw perceived information for judgment, etc.

[0078] Subsequently, the event perception permission parameters for this position are matched and analyzed against the aforementioned multiple preset information granularity levels. This matching analysis is based on the level of information abstraction within each granularity level, determining whether the information representation at that level exceeds or is insufficient to support the event judgment requirements of the position. During the matching analysis, the following principles must be followed: when the level of information abstraction within a certain granularity level is not higher than the upper limit allowed by the position's event perception permissions, that information granularity level is considered valid for the position; when the level of abstraction of an information granularity level exceeds the position's event perception permissions, that level is not selected as the target level.

[0079] Then, the platform selects the level that best covers the judgment needs of the position from the information granularity levels that can be effectively used by the position, and uses it as the target information granularity level for the position.

[0080] S333, when generating a multi-position collaborative training scenario corresponding to a specific position, only event information within the specified event information range is cropped according to the target information granularity level to obtain a subset of event information matching the position. Specifically, when generating a collaborative training scenario corresponding to a particular position, the aforementioned defined event information range for that position at the current event stage is used as the first layer of constraint for cropping. This constraint limits the cropping object, allowing only event information within the specified event information range to participate in subsequent processing, thereby preventing information exceeding the position's perception authority from being introduced into the training scenario.

[0081] Within the scope of this event information, the aforementioned target information granularity level is used as the second layer of constraint to perform granularity matching and trimming of the event information. Specifically, for event information that falls within the scope of event information for this position, the platform determines whether its current expression format meets the requirements of the target information granularity level. Specifically: when the expression granularity of the event information is higher than the target information granularity level, the event information is abstracted or replaced with the expression format under the corresponding granularity level; when the expression granularity of the event information is lower than the target information granularity level, its original expression format is retained; when the expression granularity of the event information is consistent with the target information granularity level, it is directly retained.

[0082] Through the above processing, without changing the semantics of the event facts, the event information can be uniformly adjusted to an information granularity that matches the job's perception authority, and a subset of event information corresponding to the job can be formed.

[0083] S334, the subset of event information is used as the content of multi-position collaborative training scenario for the corresponding positions, so that different positions receive event information of different granularities at the same event stage.

[0084] In practice, when constructing a multi-position collaborative training scenario, the event stage identifiers in the event evolution main line are used as a unified benchmark, and the event information subsets corresponding to different positions are bound to the same event stage node. Therefore, although the content and granularity of the event information received by different positions during training may differ, their event stage and the order of event development remain consistent.

[0085] In this way, different positions face the same event, the same stage, and the same evolutionary trajectory during training. Their differences stem solely from the information conditions themselves, rather than from inconsistencies in the event's background or progression. Understandably, when conducting alignment analysis on the decision-making behaviors of different positions, this consistent design ensures that differences in positional decision-making are clearly attributed to differences in job information perception or responsibility judgment, thereby avoiding analytical biases introduced by inconsistent training scenarios.

[0086] S4. During the collaborative training process based on the multi-position collaborative training scenario, the decision-making behavior of security personnel in each position within the ambiguity of their responsibilities is collected. The differences in intervention timing and expected responsibilities between positions are analyzed. Based on the analysis results, learning content for position collaborative cognition alignment is generated and pushed to the corresponding security personnel.

[0087] In this embodiment, based on the existing multi-position collaborative training scenario, the decision-making behavior of security personnel in different positions is collected and analyzed for key event stages within the ambiguous responsibility zone. This identifies the differences in intervention timing and responsibility perception among positions, and generates learning content for collaborative cognition alignment accordingly.

[0088] As an example, the decision-making behavior of security personnel in various positions within the ambiguous responsibility zone is collected. The differences in intervention timing and expected responsibilities between positions are analyzed, and learning content for aligning collaborative cognition is generated based on the analysis results. This includes: S41, during collaborative training based on the multi-position collaborative training scenario, acquiring the decision-making behavior of security personnel in each position within the ambiguous responsibility zone for the same security event, and recording the corresponding decision time point and decision type. In specific implementation, within the constructed multi-position collaborative training scenario, training content at the same event evolution line and the same event stage is simultaneously presented to security personnel in different positions. When the training scenario progresses to the event stage corresponding to the ambiguous responsibility zone, this stage is marked as a key decision-making collection stage, and monitoring of the security personnel's operational behavior begins.

[0089] The decision-making behavior refers to the operational choices made by security personnel within the same security event phase that have significance for handling the event, such as whether to intervene, whether to perform specific actions, whether to report, whether to request cooperation from other positions, or whether to continue observation. It should be noted that this embodiment does not limit the specific type of decision-making behavior. As long as the behavior can reflect the security personnel's judgment on whether to intervene and how to intervene, it can be used as the subject of decision-making behavior collection.

[0090] When a security personnel makes a decision, the platform simultaneously records the corresponding decision time and decision type. The decision time is linked to the main event evolution line and mapped to the event stage identifier or relative sequence number within the stage when the decision occurs, thereby ensuring the time-separability of decision-making behaviors across different positions.

[0091] S42, based on the recorded decision-making time points, performs alignment analysis on the intervention timing of security personnel in different positions to determine the intervention sequence and time difference of each position within the aforementioned responsibility ambiguity zone, as the intervention timing difference; in specific implementation, the event evolution main line is used as a unified time reference framework, mapping the decision-making behaviors made by different positions within the responsibility ambiguity zone to the same event stage time axis or state axis. In this way, the decision-making behaviors of different positions no longer depend on their respective local time, but are compared based on a unified event stage sequence.

[0092] The decision-making time points of different positions within the same ambiguous responsibility area are ranked to determine the order of intervention for each position. For example, it can be determined that a certain position makes the intervention decision first within the ambiguous responsibility area, while other positions make decisions in subsequent stages or at later points within a stage.

[0093] Based on this, the intervention time difference between different positions is further calculated. This intervention time difference characterizes the differences in perception of the urgency of intervention among different positions under the same event conditions. It can be expressed as differences between stages or relative order differences within stages, regardless of whether the event ultimately escalates or whether the handling is successful.

[0094] S43, based on the recorded decision types, analyze the expected attribution of responsibility for handling the security incident by security personnel in different positions, and determine the differences in expected responsibility between positions; in specific implementation, by analyzing the decision types chosen by different positions within the ambiguity zone of responsibility, infer their cognitive tendency regarding whether they should bear the responsibility for handling the incident. For example, decision-making behaviors such as actively intervening, executing handling actions, or actively initiating coordination requests indicate that the position believes it has a high degree of responsibility for handling the incident at this stage; while decision-making behaviors such as choosing to continue observing, waiting for other positions to intervene, or only recording information indicate that the position has a low expectation of bearing the main responsibility for handling the incident.

[0095] It should be noted that the analysis of responsibility expectations is based on modeling the perception of job responsibility reflected in the decision type. The platform does not judge whether the decision of a certain position conforms to the norm, but focuses on whether the subjective perception of responsibility attribution is consistent across different positions under the same event conditions.

[0096] Understandably, through the above methods, the platform can transform the differences in responsibility perception that were originally implicit in operational behavior into data on differences in expected responsibility that can be analyzed and compared, serving as a basis for subsequent collaborative cognitive alignment.

[0097] S44. Based on the differences in intervention timing and the differences in expected responsibilities, generate learning content for job-related collaborative cognitive alignment and push it to the security personnel in the corresponding positions.

[0098] In practice, the aforementioned differences in intervention timing and expected responsibility are uniformly structured and organized. This structured organization uses a responsibility ambiguity zone as the analysis unit, associating and organizing the behavioral characteristics of different positions within the same ambiguity zone to form a difference description result containing at least the following elements: the order of intervention for different positions within the responsibility ambiguity zone; the distribution of intervention time differences for different positions within this zone; and the expected responsibility tendencies of different positions and their consistency or inconsistency.

[0099] Through the above analysis, we can distinguish the following typical collaborative cognitive biases: For example, a certain position is the first to intervene in the area of ​​ambiguous responsibilities, but other positions generally believe that this position is not the primary responsible position; or multiple positions intervene at the same stage, but their decision-making types show that each position tends to attribute the main responsibility to other positions.

[0100] After compiling the discrepancy results, the types of job-related cognitive biases are further determined based on the combined relationship between differences in intervention timing and differences in responsibility expectations. Specifically, the following principles are used to identify the types of biases: when intervention timing is highly concentrated among jobs but responsibility expectations are dispersed, it is determined to be a collaborative bias due to inconsistent responsibility expectations; when there are significant differences in the timing of intervention among jobs and responsibility expectations are highly concentrated in a single job, it is determined to be a collaborative bias due to inconsistent intervention timing; when both intervention timing and responsibility expectations are highly dispersed among jobs, it is determined to be a multi-job collaborative cognitive mismatch bias.

[0101] After identifying the types of cognitive biases in job collaboration, learning content for aligning job collaboration cognition is generated based on the corresponding bias types. The generation process of the learning content is organized based on the following three levels: Difference Presentation Layer: The learning content presents the distribution of intervention timing and differences in expected responsibilities among different positions within the same ambiguous area of ​​responsibility. For example, it displays the decision-making position of each position in the form of a comparison view or timeline, so that security personnel can intuitively understand the differences between their own decisions and those of other positions.

[0102] Collaboration Relationship Description Layer: Building upon the presentation of differences, this layer further explains the reasonable collaborative relationships between various positions within the ambiguous responsibility area, incorporating job responsibility rules and collaborative handling logic. For example, it describes the typical division of responsibilities, information transmission sequence, or collaborative intervention logic for different positions during this event phase, without requiring a single handling path.

[0103] Alignment Example Guidance Layer: The learning content provides reference alignment examples based on historical collaborative handling experience or rule constraints. These examples are used to guide different positions to understand how to form a more consistent understanding of intervention timing and responsibility with other positions in similar ambiguity areas of responsibility, without changing their own job responsibilities.

[0104] After generating collaborative cognitive alignment learning content, the platform pushes the content to the corresponding security personnel's terminals based on job type. Specifically, the learning content received by different positions maintains consistency in core collaborative logic, but the content focus and presentation can be adapted to the characteristics of job responsibilities. For example, for positions primarily responsible for information aggregation, the emphasis can be placed on the timing of collaborative triggering within areas of ambiguous responsibility; for on-site positions, the emphasis can be placed on their role in information feedback and cooperation during collaborative handling.

[0105] Please see Figure 2 This invention also provides an online learning platform 100 for security training, comprising: a job responsibility modeling module 10, used to select corresponding job responsibility rules from a preset job responsibility rule library based on the job type information of security personnel, and to perform constraint modeling on the parameter value range and judgment conditions of event perception authority, handling authority, and intervention triggering conditions for different positions based on the job responsibility rules, so as to obtain the corresponding job responsibility element model; a job responsibility ambiguity area identification module 20, used to perform mapping analysis on the job responsibility element models of multiple positions for preset or historical security event types, identify event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, and determine them as job responsibility ambiguity areas; and a collaborative training field. The scene generation module 30 is used to construct an event evolution main line for the responsibility ambiguity area, which aligns the event cognition process scattered from the perspectives of different positions in terms of time and state. Based on the event evolution main line and the event perception permissions of different positions, it generates multi-position collaborative training scenarios corresponding to each position, so as to present the information state of the same event under different positions. The collaborative cognition alignment module 40 is used to collect the decision-making behavior of security personnel in each position in the responsibility ambiguity area during the collaborative training process based on the multi-position collaborative training scenario, analyze the differences in intervention timing and expected responsibilities between positions, generate learning content for position collaborative cognition alignment based on the analysis results, and push it to the security personnel in the corresponding positions.

[0106] As an example, the responsibility ambiguity identification module 20 is configured to: acquire event perception permission parameters, handling permission parameters, and intervention triggering condition parameters contained in multiple job responsibility element models corresponding to the same preset or historical security event type; under the premise of satisfying the event perception permission and handling permission constraints of the corresponding job, align and compare the intervention triggering condition parameters of different jobs under the security event type to determine the intervention triggering interval corresponding to each job; determine whether there are overlapping intervals or intervals between the intervention triggering intervals of different jobs; wherein, the overlapping interval is used to represent the situation where multiple jobs meet the intervention conditions in the same event stage, and the interval is used to represent the situation where multiple jobs do not meet the intervention conditions in the same event stage; and determine the event stage where the overlapping interval or the interval exists as the responsibility ambiguity zone.

[0107] As an example, the collaborative training scenario generation module 30 is configured to: divide the evolution process of an event from its initial occurrence state to its completion state into stages based on the security event type corresponding to the ambiguity of responsibilities, and construct an event evolution mainline containing multiple consecutive event stages; for each event stage in the event evolution mainline, determine the range of event information that each position can perceive in the corresponding event stage by combining the event perception permissions of different positions; based on the event information range, perform position-differentiated trimming on the event information in the event evolution mainline to generate multi-position collaborative training scenarios corresponding to each position, so that different positions present different information states in the same event stage.

[0108] As an example, the collaborative training scenario generation module 30 is configured to: for event information in the event evolution main line, within the scope of the event information, perform layered processing on the event information according to the level of abstraction of the information content to obtain multiple preset information granularity levels; according to the event perception permissions of different positions, select a target information granularity level that matches the event perception permissions of each position from the multiple preset information granularity levels; when generating a multi-position collaborative training scenario for the corresponding position, only for the event information within the scope of the event information, perform cropping according to the target information granularity level to obtain a subset of event information that matches the position; use the subset of event information as the content of the multi-position collaborative training scenario for the corresponding position, so that different positions receive event information of different granularities at the same event stage.

[0109] As an example, the collaborative cognitive alignment module 40 is configured to: during collaborative training based on the multi-position collaborative training scenario, acquire the decision-making behaviors of security personnel in each position within the ambiguity of responsibilities for the same security event, and record the corresponding decision time points and decision types; perform alignment analysis on the intervention timing of security personnel in different positions based on the recorded decision time points, determine the intervention sequence and intervention time difference of each position within the ambiguity of responsibilities, as the intervention timing difference; analyze the expected responsibility attribution of security personnel in different positions for the security event based on the recorded decision types, and determine the difference in expected responsibility between positions; generate learning content for collaborative cognitive alignment of positions based on the difference in intervention timing and the difference in expected responsibility, and push it to the security personnel in the corresponding positions.

[0110] Although embodiments of the invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made to these embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the appended claims and their equivalents.

Claims

1. An online learning method for security training, characterized in that, The method includes the following steps: S1. Select the corresponding job responsibility rules from the preset job responsibility rule library according to the job type information of security personnel, and perform constraint modeling on the parameter value range and judgment conditions of event perception authority, handling authority and intervention triggering conditions of different positions based on the job responsibility rules, so as to obtain the corresponding job responsibility element model. S2, for preset or historical security event types, performs mapping analysis on the job responsibility element model of multiple positions, identifies event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, and determines them as responsibility ambiguity areas; S3, construct an event evolution main line for the ambiguity of responsibilities to align the event cognition process scattered from the perspectives of different positions in terms of time and state, and generate multi-position collaborative training scenarios corresponding to each position based on the event evolution main line and the event perception permissions of different positions, so as to present the information status of the same event under different positions respectively. S4. During the collaborative training process based on the multi-position collaborative training scenario, the decision-making behavior of security personnel in each position within the ambiguity of their responsibilities is collected. The differences in intervention timing and expected responsibilities between positions are analyzed. Based on the analysis results, learning content for position collaborative cognition alignment is generated and pushed to the security personnel in the corresponding positions. Mapping analysis is performed on the job responsibility element models of multiple positions for preset or historical security event types to identify event intervals with overlapping responsibilities or inconsistent intervention triggering conditions. These intervals are defined as responsibility ambiguity areas, including: S21, obtain the event perception permission parameters, handling permission parameters and intervention trigger condition parameters contained in multiple job responsibility element models corresponding to the same preset or historical security event type; S22, Under the premise of satisfying the event perception and handling authority constraints of the corresponding post, the intervention trigger condition parameters of different posts under the security event type are aligned and compared to determine the intervention trigger interval of each post. S23, determine whether there are overlapping intervals or intervals between the intervention triggering intervals of different positions; wherein, the overlapping interval is used to represent the situation where multiple positions meet the intervention conditions in the same event stage, and the interval is used to represent the situation where multiple positions do not meet the intervention conditions in the same event stage. S24, the event phases where the overlapping intervals or the intervals exist are identified as the responsibility ambiguity zone.

2. The online learning method for security training according to claim 1, characterized in that: For the aforementioned ambiguous responsibility area, an event evolution mainline is constructed to align the event perception processes scattered across different job positions in terms of time and state. Based on the event evolution mainline and the event perception permissions of different positions, multi-job collaborative training scenarios corresponding to each job position are generated, including: S31, Based on the security event type corresponding to the ambiguity of responsibility area, the evolution process of the event from the initial occurrence state to the completion state is divided into stages, and an event evolution main line containing multiple continuous event stages is constructed; S32, for each event stage in the event evolution main line, combined with the event perception permissions of different positions, determine the range of event information that each position can perceive in the corresponding event stage; S33, based on the scope of the event information, perform job-specific tailoring on the event information in the main event evolution line, and generate multi-job collaborative training scenarios corresponding to each job, so that different jobs present different information states in the same event stage.

3. The online learning method for security training according to claim 2, characterized in that: Based on the scope of the event information, the event information in the main event evolution line is subject to job-specific tailoring to generate multi-job collaborative training scenarios corresponding to each job, including: S331, for the event information in the main event evolution line, within the scope of the event information, the event information is processed in layers according to the degree of abstraction of the information content to obtain multiple preset information granularity levels; S332, based on the event perception permissions of different positions, select a target information granularity level that matches the event perception permissions of each position from the multiple preset information granularity levels; S333, when generating a multi-position collaborative training scenario for a corresponding position, only the event information within the scope of the event information is cropped according to the target information granularity level to obtain a subset of event information that matches the position; S334, the subset of event information is used as the content of multi-position collaborative training scenario for the corresponding positions, so that different positions receive event information of different granularities at the same event stage.

4. The online learning method for security training according to claim 1, characterized in that: Collect data on the decision-making behaviors of security personnel in various positions within areas of ambiguous responsibility, analyze the differences in intervention timing and expected responsibilities between positions, and generate learning content based on the analysis results for aligning cognitive understanding across positions, including: S41, during the collaborative training process based on the multi-position collaborative training scenario, the decision-making behavior of security personnel in each position in response to the same security event within the ambiguity of responsibilities is obtained, and the corresponding decision time point and decision type are recorded. S42, Based on the recorded decision-making time points, perform alignment analysis on the intervention timing of security personnel in different positions, determine the intervention sequence and intervention time difference of each position within the ambiguity of responsibilities, and use this as the intervention timing difference; S43, Based on the recorded decision types, analyze the expected responsibility attribution for handling the security incident by security personnel in different positions, and determine the differences in expected responsibility between positions; S44. Based on the differences in intervention timing and the differences in expected responsibilities, generate learning content for job-related collaborative cognitive alignment and push it to the security personnel in the corresponding positions.

5. An online learning platform for security training, characterized in that, include: The job responsibility modeling module is used to select the corresponding job responsibility rules from the preset job responsibility rule library based on the job type information of security personnel, and to perform constraint modeling on the parameter value range and judgment conditions of event perception authority, handling authority and intervention triggering conditions of different positions based on the job responsibility rules, so as to obtain the corresponding job responsibility element model. The responsibility ambiguity zone identification module is used to perform mapping analysis on the job responsibility element model of multiple positions for preset or historical security event types, identify event intervals with overlapping responsibilities or inconsistent intervention triggering conditions, and determine them as responsibility ambiguity zones. The collaborative training scenario generation module is used to construct an event evolution main line for the responsibility ambiguity area, which aligns the event cognition process scattered from the perspectives of different positions in terms of time and state. Based on the event evolution main line and the event perception permissions of different positions, it generates multi-position collaborative training scenarios corresponding to each position, so as to present the information status of the same event under different positions. The collaborative cognitive alignment module is used to collect the decision-making behavior of security personnel in each position within the ambiguity of their responsibilities during the collaborative training process based on the multi-position collaborative training scenario, analyze the differences in intervention timing and expected responsibilities between positions, generate learning content for collaborative cognitive alignment of positions based on the analysis results, and push it to the security personnel in the corresponding positions. The responsibility ambiguity region identification module is configured to: Obtain the event perception permission parameters, handling permission parameters, and intervention trigger condition parameters contained in multiple job responsibility element models corresponding to the same preset or historical security event type; Under the premise of satisfying the event perception and handling authority constraints of the corresponding positions, the intervention triggering condition parameters of different positions under the security event type are aligned and compared to determine the intervention triggering interval corresponding to each position; it is determined whether there are overlapping intervals or intervals between the intervention triggering intervals of different positions; wherein, the overlapping interval is used to represent the situation where multiple positions meet the intervention conditions in the same event stage, and the interval is used to represent the situation where multiple positions do not meet the intervention conditions in the same event stage. Event phases with overlapping or interval intervals are defined as responsibility ambiguity zones.

6. The online learning platform for security training according to claim 5, characterized in that: The collaborative training scenario generation module is configured to: Based on the security event types corresponding to the aforementioned ambiguous responsibility areas, the evolution process of an event from its initial occurrence to its completion is divided into stages, and an event evolution mainline containing multiple consecutive event stages is constructed. For each event stage in the event evolution main line, and in combination with the event perception permissions of different positions, the range of event information that each position can perceive in the corresponding event stage is determined. Based on the scope of the event information, the event information in the main line of event evolution is tailored to different job positions, generating multi-job collaborative training scenarios corresponding to each job position, so that different job positions present different information states in the same event stage.

7. The online learning platform for security training according to claim 6, characterized in that: The collaborative training scenario generation module is configured to: For the event information in the main event evolution line, within the scope of the event information, the event information is processed in layers according to the degree of abstraction of the information content to obtain multiple preset information granularity levels; Based on the event perception permissions of different positions, a target information granularity level matching the event perception permissions of each position is selected from the multiple preset information granularity levels. When generating a multi-position collaborative training scenario for a corresponding position, only the event information within the scope of the event information is cropped according to the target information granularity level to obtain a subset of event information that matches the position. The subset of event information is used as the content of multi-position collaborative training scenarios for corresponding positions, so that different positions receive event information of different granularities at the same event stage.

8. The online learning platform for security training according to claim 5, characterized in that: The collaborative cognitive alignment module is configured to: During the collaborative training process based on the multi-position collaborative training scenario, the decision-making behavior of security personnel in each position in response to the same security event within the ambiguity of their responsibilities is obtained, and the corresponding decision time point and decision type are recorded. Based on the recorded decision-making time points, an alignment analysis was performed on the intervention timing of security personnel in different positions to determine the order of intervention and the time difference of intervention within the ambiguous area of ​​responsibilities for each position, which serves as the difference in intervention timing. Based on the recorded decision types, the expected responsibility of security personnel in different positions for handling the security incidents is analyzed to determine the differences in expected responsibility between positions. Based on the differences in intervention timing and the differences in expected responsibilities, learning content for job-related collaborative cognitive alignment is generated and pushed to security personnel in the corresponding positions.