Internet-Draft Digital Twin Network Concept December 2021
Zhou, et al. Expires 5 June 2022 [Page]
Workgroup:
Internet Research Task Force
Internet-Draft:
draft-zhou-nmrg-digitaltwin-network-concepts-06
Published:
Intended Status:
Informational
Expires:
Authors:
C. Zhou
China Mobile
H. Yang
China Mobile
X. Duan
China Mobile
D. Lopez
Telefonica I+D
A. Pastor
Telefonica I+D
Q. Wu
Huawei
M. Boucadair
Orange
C. Jacquenet
Orange

Digital Twin Network: Concepts and Reference Architecture

Abstract

Digital Twin technology has been seen as a rapid adoption technology in Industry 4.0. The application of Digital Twin technology in the networking field is meant to realize efficient and intelligent management and accelerate network innovation.

This document presents an overview of the concepts of Digital Twin Network, provides the basic definitions and a reference architecture, lists a set of application scenarios, and discusses the benefits and key challenges of such technology.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 5 June 2022.

Table of Contents

1. Introduction

The fast growing of network scale and the increased demand placed on these networks, requires them to accommodate and adapt dynamically to customer needs, implying a big challenge to network operators. Indeed, network operation and maintenance are becoming more complex due to higher complexity of the managed networks and the sophisticated services they are delivering. As such, providing innovations on network technologies, management and operation will be more and more challenging due to the high risk of interfering with existing services and the higher trial costs if no reliable emulation platforms are available.

A Digital Twin is the real-time representation of a physical entity in the digital world. It has the characteristics of virtual-reality interrelation and real-time interaction, iterative operation and process optimization, full life-cycle and full business data-driven. So far, this paradigm has been successfully applied in the fields of intelligent manufacturing, smart city, or complex system operation and maintenance to help with not only object design and testing, but also management aspects [Tao2019]. See more in Section 4.

A digital twin network platform can be built by applying Digital Twin technologies to networks and creating a virtual image of physical network facilities (called herein, emulation). Basically, the digital twin network is an expansion platform of network simulation. The main difference compared to traditional network management system is the use of interactive virtual-real mapping to build closed-loop network automation. Through the real-time data interaction between the physical network and its twin network(s), the digital twin network platform might help the network designers to achieve more simplification, automatic, resilient, and full life-cycle operation and maintenance.

Having an emulation platform that allows to reliably represent the state of a network is more dependable than a simulation platform. The emulated platform can, thus, be used to assess specific behaviors (including network transformation) before actual implementation in the physical network, tweak the network for better optimized behavior, run 'what-if' scenarios that cannot be tested and evaluated easily in the physical network. Service impact analysis tasks will also be facilitated.

2. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119][RFC8174] when, and only when, they appear in all capitals, as shown here.

3. Definitions and Acronyms

PLM: Product Lifecycle Management

IBN: Intent-Based Networking

AI: Artificial Intelligence

ML: Machine Learning

OAM: Operations, Administration, and Maintenance

CI/CD: Continuous Integration / Continuous Delivery

4. Definition of Digital Twin Network

The concept of a virtual equivalent to a physical product or the digital twin was first introduced in the Product Lifecycle Management (PLM) course in 2003 by Scholar Michael Grieves [Grieves2014]. It has been since then widely acknowledged in both industry and academic publications. And some researchers have also tried to apply the concept of digital twin to the networking field, such as [Dong2019], [Dai2020] and [Nguyen2021]. So far, there is no standard definition of "digital twin network" within the networking industry and SDOs.

This document defines digital twin network as a virtual representation of the physical network. Such virtual representation of the network is meant to be used to analyze, diagnose, emulate, and then control the physical network based on data, models, and interfaces. To that aim, a real-time and interactive mapping is required between the physical network and its virtual twin network.

As shown in Figure 1, the digital twin network involves four key technology elements: data, mapping, models, and interfaces.

    +-------------+                 +--------------+
    |             |                 |              |
    |  Mapping    |                 |  Interface   |
    |             |                 |              |
    +-------------+-----------------+--------------+
             |                          |
             |    Analyze, Diagnose     |
             |                          |
             | +----------------------+ |
             | | Digital Twin Network | |
             | +----------------------+ |
 +------------+                        +------------+
 |            |   Emulate, Control     |            |
 |   Models   |                        |    Data    |
 |            |------------------------|            |
 +------------+                        +------------+
Figure 1: Key Elements of Digital Twin Network
Data:
A digital twin network should maintain historical data and/or real time data (configuration data, operational state data, topology data, trace data, metric data, process data, etc.) about its real-world twin (i.e., physical network) that are required by the models to represent and understand the states and behaviors of the real-world twin. The data is characterized as the single source of "truth" and populated in the data repository, which provides timely and accurate data service support for building various models.
Models:
Techniques that involve collecting data from one or more sources in the real-world twin and developing a comprehensive representation of the data (e.g., system, entity, process) using specific models. They are used as emulation and diagnosis basis to provide dynamics and elements on how the live physical network operates and generates reasoning data utilized for decision-making. Various models such as service models, data models, dataset models, or knowledge graph can be used to represent the physical network assets and then instantiated to serve various network applications.
Interfaces:

Standardized interfaces can ensure the interoperability of digital twin network. There are two major types of interfaces:

  • The interface between the digital twin network platform and the physical network infrastructure.
  • The interface between digital twin network platform and applications.

The former provides real time data collection and control on the physical network. The latter helps deliver application requests to the digital twin network platform and expose the various platform capabilities to applications.

Mapping:

Is used to identify the digital twin and the underlying entities and establish a real-time interactive relation between the physical network and the twin network or between two twin networks. The mapping can be:

  • One to one (pairing, vertical): Synchronize between a physical network and its virtual twin network with continuous flows.
  • One to many (coupling, horizontal): Synchronize among virtual twin networks with occasional data exchange.

Such mappings provides good visibility of actual status, making the digital twin suitable to analyze and understand what is going on in the physical network. It also allows using the digital twin to optimize the performance and maintenance of the physical network.

The digital twin network constructed based on the four core technology elements can analyze, diagnose, emulate, and control the physical network in its whole life cycle with the help of optimization algorithms, management methods, and expert knowledge. One of the objectives of such control is to master the digital twin network environment and its elements to derive the required system behavior, e.g., provide:

5. Expected Benefits of Digital Twin Network

Digital twin network can help enabling closed-loop network management across the entire lifecycle, from deployment and emulation, to visualized assessment, physical deployment, and continuous verification. By doing so, network operators (and end-users to some extent, as allowed by specific application interfaces) can maintain a global, systemic, and consistent view of the network. Also, network operators can safely exercise the enforcement of network planning policies, deployment procedures, etc., without jeopardizing the daily operation of the physical network.

The benefits of digital twin network can be categorized as follows: lower cost of network, optimized and safer decision-making, safer testing of innovative network capabilities (including "what-if" scenarios), privacy and regulatory compliance, and customized network operation training. The following subsections further elaborate on such benefits.

5.1. Optimized Network Total Cost of Operation

Large scale networks are complex to operate. Since there is no effective platform for simulation, network optimization designs have to be tested on the physical network at the cost of jeopardizing its daily operation and possibly degrading the quality of the services supported by the network. Such assessment greatly increases network operator's Operational Expenditure (OPEX) budgets too.

With a digital twin network platform, network operators can safely emulate candidate optimization solutions before deploying them in the physical network. In addition, operator's OPEX on the real physical network deployment will be greatly decreased accordingly at the cost of the complexity of the assessment and the resources involved.

5.2. Optimized Decision Making

Traditional network operation and management mainly focus on deploying and managing running services, but hardly support predictive maintenance techniques.

Digital twin network can combine data acquisition, big data processing, and AI modeling to assess the status of the network, but also to predict future trends, and better organize predictive maintenance. The ability to reproduce network behaviors under various conditions facilitates the corresponding assessment of the various evolution options as often as required.

5.3. Safer Assessment of Innovative Network Capabilities

Testing a new feature in an operational network is not only complex, but also extremely risky. Service impact analysis is required to be adequately achieved prior to effective activation of a new feature.

Digital twin network can greatly help assessing innovative network capabilities without jeopardizing the daily operation of the physical network. In addition, it helps researchers to explore network innovation (e.g., new network protocols, network AI/ML applications) efficiently, and network operators to deploy new technologies quickly with lower risks. Take AI/ ML application as example, it is a conflict between the continuous high reliability requirement (i.e., 99.999%) and the slow learning speed or phase-in learning steps of AI/ML algorithms. With digital twin network, AI/ML can complete the learning and training with the sufficient data before deploying the model in the real network. This would encourage more network AI innovations in future networks.

5.4. Privacy and Regulatory Compliance

The requirements on data confidentiality and privacy on network providers increase the complexity of network management, as decisions made by computation logics such as an SDN controller may rely upon the packet payloads. As a result, the improvement of data-driven management requires complementary techniques that can provide a strict control based upon security mechanisms to guarantee data privacy protection and regulatory compliance. This may range from flow identification (using the archetypal five-tuple of addresses, ports and protocol) to techniques requiring some degree of payload inspection, all of them considered suitable to be associated to an individual person, and hence requiring strong protection and/or data anonymization mechanisms.

With strong modeling capability provided by the digital twin network, very limited real data (if at all) will be needed to achieve similar or even higher level of data-driven intelligent analysis. This way, a lower demand of sensitive data will permit to satisfy privacy requirements and simplify the use of privacy-preserving techniques for data-driven operation.

5.5. Customized Network Operation Training

Network architectures can be complex, and their operation requires expert personnel. Digital twin network offers an opportunity to train staff for customized networks and specific user needs. Two salient examples are the application of new network architectures and protocols or the use of "cyber-ranges" to train security experts in threat detection and mitigation.

6. A Reference Architecture of Digital Twin Network

Based on the definition of the key digital twin network technology elements introduced in Section 4, a digital twin network architecture is depicted in Figure 2. This digital twin network architecture is broken down into three layers: Application Layer, Digital Twin Layer, and Physical Network Layer.

+---------------------------------------------------------+
|   +-------+   +-------+          +-------+              |
|   | App 1 |   | App 2 |   ...    | App n |   Application|
|   +-------+   +-------+          +-------+              |
+-------------^-------------------+-----------------------+
              |Capability Exposure| Intent Input
              |                   |
+-------------+-------------------v-----------------------+
|                        Instance of Digital Twin Network |
|  +--------+   +------------------------+   +--------+   |
|  |        |   | Service Mapping Models |   |        |   |
|  |        |   |  +------------------+  |   |        |   |
|  | Data   +--->  |Functional Models |  +---> Digital|   |
|  | Repo-  |   |  +-----+-----^------+  |   | Twin   |   |
|  | sitory |   |        |     |         |   | Entity |   |
|  |        |   |  +-----v-----+------+  |   |  Mgmt  |   |
|  |        <---+  |  Basic Models    |  <---+        |   |
|  |        |   |  +------------------+  |   |        |   |
|  +--------+   +------------------------+   +--------+   |
+--------^----------------------------+-------------------+
         |                            |
         | data collection            | control
+--------+----------------------------v-------------------+
|                   Physical Network                      |
|                                                         |
+---------------------------------------------------------+
Figure 2: Reference Architecture of Digital Twin Network
  1. Physical Network: All or subset of network elements in the physical network exchange massive network data and control with a network digital twin instance, through twin-physical control interfaces. The physical network can be a mobile access network, a transport network, a mobile core, a backbone, etc. The physical network can also be a data center network, a campus enterprise network, an industrial Internet of Things, etc. Also, the physical network can span across a single network administrative domain or multiple network administrative domains.
  2. Digital Twin Layer: This layer includes three key subsystems: Data Repository subsystem, Service Mapping Models subsystem, and Digital Twin Entity Management subsystem. One or multiple digital twin network instances can be built and maintained.

    • Data Repository subsystem is responsible for collecting and storing various network data for building various models by collecting and updating the real-time operational data of various network elements through the twin southbound interface, and providing data services (e.g., fast retrieval, concurrent conflict handling, batch service) and unified interfaces to Service Mapping Models subsystem.
    • Service Mapping Models complete data modeling, provide data model instances for various network applications, and maximizes the agility and programmability of network services. The data models include two major types: basic and functional models.

      • Basic models refer to the network element model(s) and network topology model(s) of the network digital twin based on the basic configuration, environment information, operational state, link topology and other information of the network element(s), to complete the real-time accurate characterization of the physical network.
      • Functional models refer to various data models used for network analysis, emulation, diagnosis, prediction, assurance, etc. The functional models can be constructed and expanded by multiple dimensions: by network type, there can be models serving for a single or multiple network domains; by function type, it can be divided into state monitoring, traffic analysis, security exercise, fault diagnosis, quality assurance and other models; by network lifecycle management, it can be divided into planning, construction, maintenance, optimization and operation. Functional models can also be divided into general models and special-purpose models. Specifically, multiple dimensions can be combined to create a data model for more specific application scenarios.

        New applications might need new functional models that do not exist yet. If a new model is needed, 'Service Mapping Models' subsystem will be triggered to help creating new models based on data retrieved from 'Data Repository'.

    • Digital Twin Entity Management fulfils the management function of digital twin network, records the life-cycle transactions of the entity, monitors the performance and resource consumption of the entity or even of individual models, visualizes and controls various elements of the network digital twin, including topology management, model management and security management.

    Notes: 'Data collection' and 'change control' are regarded as southbound interfaces between virtual and physical network. From implementation perspective, they can optionally form a sub-layer or sub-system to provide common functionalities of data collection and change control, enabled by a specific infrastructure supporting bi-directional flows and facilitating data aggregation, action translation, pre-processing and ontologies.

  3. Application Layer: Various applications (e.g., Operations, Administration, and Maintenance (OAM)) can effectively run over a digital twin network platform to implement either conventional or innovative network operations, with low cost and less service impact on real networks. Network applications make requests that need to be addressed by the digital twin network. Such requests are exchanged through a northbound interface, so they are applied by service emulation at the appropriate twin instance(s).

7. Challenges to Build Digital Twin Network

As mentioned in Section 5, digital twin network can bring many benefits to network management as well as facilitate the introduction of innovative network capabilities. However, building an effective and efficient digital twin network system remains a challenge. The following is a list of major challenges:

Large scale challenge:
A digital twin of large-scale networks will significantly increase the complexity of data acquisition and storage, the design and implementation of relevant models. The requirements of software and hardware of the digital twin network system will be even more constraining.
Interoperability:
It is difficult to establish a unified digital twin network system with a unified data model in a network domain due to the inconsistency of technical implementations and the heterogeneity of vendor technologies.
Data modeling difficulties:
Based on large-scale network data, data modeling should not only focus on ensuring the accuracy of model functions, but also has to consider the flexibility and scalability induced by the model. Balancing these requirements further increases the complexity of building efficient and hierarchical functional data models.
Real-time requirements:
For services with real-time requirements, the processing of model simulation and verification through a digital twin network will increase the service delay, so the function and process of the data model need to be based on automated processing mechanism under various network application scenarios; at the same time, the real-time requirements will further increase performance requirements on the system software and hardware.
Security risks:
A digital twin network has to synchronize all or subset of the data related to involved physical networks in real time, which inevitably augments the attack surface, with a higher risk of information leakage, in particular.

To address these challenges, digital twin network needs continuous optimization and breakthrough on key enabling technologies including data acquisition, data storage, data modeling, network visualization, interface standardization, and security assurance, so as to meet the requirements of compatibility, reliability, real-time, and security.

8. Interaction with IBN

Implementing Intent-Based Networking (IBN) is an innovative technology for life-cycle network management. Future networks will be possibly Intent-based, which means that users can input their abstract 'intent' to the network, instead of detailed policies or configurations on the network devices. [I-D.irtf-nmrg-ibn-concepts-definitions] clarifies the concept of "Intent" and provides an overview of IBN functionalities. The key characteristic of an IBN system is that user intent can be assured automatically via continuously adjusting the policies and validating the real-time situation.

IBN can be envisaged in a digital twin network context to show how digital twin network improves the efficiency of deploying network innovation. To lower the impact on real networks, several rounds of adjustment and validation can be emulated on the digital twin network platform instead of directly on physical network. Therefore, digital twin network can be an important enabler platform to implement IBN systems and speed up their deployment.

9. Sample Application Scenarios

Digital twin network can be applied to solve different problems in network management and operation.

9.1. Human Training

The usual approach to network OAM with procedures applied by humans is open to errors in all these procedures, with impact in network availability and resilience. Response procedures and actions for most relevant operational requests and incidents are commonly defined to reduce errors to a minimum. The progressive automation of these procedures, such as predictive control or closed-loop management, reduce the faults and response time, but still there is the need of a human-in-the-loop for multiples actions. These processes are not intuitive and require training to learn how to respond.

The use of digital twin network for this purpose in different network management activities will improve the operators performance. One common example is cybersecurity incident handling, where "cyber-range" exercises are executed periodically to train security practitioners. Digital twin network will offer realistic environments, fitted to the real production networks.

9.2. ML Training

Machine Learning requires data and their context to be available in order to apply it. A common approach in the network management environment has been to simulate or import data in a specific environment (the ML developer lab), where they are used to train the selected model, while later, when the model is deployed in production, re-train or adjust to the production environment context. This demands a specific adaption period.

Digital twin network simplifies the complete ML lifecycle development by providing a realistic environment, including network topologies, to generate the data required in a well-aligned context. Dataset generated belongs to the digital twin network and not to the production network, allowing information access by third parties, without impacting data privacy.

9.3. DevOps-Oriented Certification

The potential application of CI/CD models network management operations increases the risk associated to deployment of non- validated updates, what conflicts with the goal of the certification requirements applied by network service providers. A solution for addressing these certification requirements is to verify the specific impacts of updates on service assurance and SLAs using a digital twin network environment replicating the network particularities, as a previous step to production release.

Digital twin network control functional block supports such dynamic mechanisms required by DevOps procedures.

9.4. Network Fuzzing

Network management dependency on programmability increases systems complexity. The behavior of new protocol stacks, API parameters, and interactions among complex software components are examples that imply higher risk to errors or vulnerabilities in software and configuration.

Digital twin network allows to apply fuzzing testing techniques on a twin network environment, with interactions and conditions similar to the production network, permitting to identify and solve vulnerabilities, bugs and zero-days attacks before production delivery.

10. Research Perspectives: A Summary

Research on digital twin network has just started. This document presents an overview of the digital twin network concepts and reference architecture. Looking forward, further elaboration on digital twin network scenarios, requirements, architecture, and key enabling technologies should be investigated by the industry, so as to accelerate the implementation and deployment of digital twin network.

11. Security Considerations

This document describes concepts and definitions of digital twin network. As such, the following security considerations remain high level, i.e., in the form of principles, guidelines or requirements.

Security considerations of the digital twin network include:

Securing the digital twin network system aims at making the digital twin system operationally secure by implementing security mechanisms and applying security best practices. In the context of digital twin network, such mechanisms and practices may consist in data verification and model validation, mapping operations between physical network and digital counterpart network by authenticated and authorized users only.

Synchronizing the data between the physical and the digital twin networks may increase the risk of sensitive data and information leakage. Strict control and security mechanisms must be provided and enabled to prevent data leaks.

12. Acknowledgements

Diego Lopez and Antonio Pastor were partly supported by the European Commission under Horizon 2020 grant agreement no. 833685 (SPIDER), and grant agreement no. 871808 (INSPIRE-5Gplus).

13. IANA Considerations

This document has no requests to IANA.

14. Open issues

15. References

15.1. Normative References

[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.

15.2. Informative References

[Dai2020]
Dai, Y. Dai., Zhang, K. Zhang., Maharjan, S. Maharjan., and Yan Zhang. Zhang, "Deep Reinforcement Learning for Stochastic Computation Offloading in Digital Twin Networks. IEEE Transactions on Industrial Informatics, vol. 17, no. 17", .
[Dong2019]
Dong, R. Dong., She, C. She., HardjawanaLiu, W. Hardjawana., Li, Y. Li., and B. Vucetic. Vucetic, "Deep Learning for Hybrid 5G Services in Mobile Edge Computing Systems: Learn from a Digital Twin. IEEE Transactions on Wireless Communications,vol. 18, no. 10", .
[Grieves2014]
Grieves, M. Grieves., "Digital twin: Manufacturing excellence through virtual factory replication", .
[I-D.irtf-nmrg-ibn-concepts-definitions]
Clemm, A., Ciavaglia, L., Granville, L. Z., and J. Tantsura, "Intent-Based Networking - Concepts and Definitions", Work in Progress, Internet-Draft, draft-irtf-nmrg-ibn-concepts-definitions-05, , <https://www.ietf.org/archive/id/draft-irtf-nmrg-ibn-concepts-definitions-05.txt>.
[Nguyen2021]
Nguyen, H. X. Nguyen., Trestian, R. Trestian., To, D. To., and M. Tatipamula. Tatipamula, "Digital Twin for 5G and Beyond. IEEE Communications Magazine, vol. 59, no. 2", .
[Tao2019]
Tao, F. Tao., Zhang, H. Zhang., Liu, A. Liu., and A. Y. C. Nee. Nee, "Digital Twin in Industry: State-of-the-Art. IEEE Transactions on Industrial Informatics, vol. 15, no. 4.", .

Appendix A. Change Logs

v05 - v06

04 - v05

v03 - v04

v02 - v03

Authors' Addresses

Cheng Zhou
China Mobile
Beijing
100053
China
Hongwei Yang
China Mobile
Beijing
100053
China
Xiaodong Duan
China Mobile
Beijing
100053
China
Diego Lopez
Telefonica I+D
Seville
Spain
Antonio Pastor
Telefonica I+D
Madrid
Spain
Qin Wu
Huawei
101 Software Avenue, Yuhua District
Nanjing
Jiangsu, 210012
China
Mohamed Boucadair
Orange
Rennes 35000
France
Christian Jacquenet
Orange
Rennes 35000
France