idnits 2.17.00 (12 Aug 2021) /tmp/idnits13495/draft-zhou-nmrg-digitaltwin-network-concepts-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document date (5 March 2022) is 71 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'Rosen2015' is mentioned on line 173, but not defined == Unused Reference: 'Roson2015' is defined on line 946, but no explicit reference was found in the text == Outdated reference: A later version (-09) exists of draft-irtf-nmrg-ibn-concepts-definitions-06 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Research Task Force C. Zhou 3 Internet-Draft H. Yang 4 Intended status: Informational X. Duan 5 Expires: 6 September 2022 China Mobile 6 D. Lopez 7 A. Pastor 8 Telefonica I+D 9 Q. Wu 10 Huawei 11 M. Boucadair 12 C. Jacquenet 13 Orange 14 5 March 2022 16 Digital Twin Network: Concepts and Reference Architecture 17 draft-zhou-nmrg-digitaltwin-network-concepts-07 19 Abstract 21 Digital Twin technology has been seen as a rapid adoption technology 22 in Industry 4.0. The application of Digital Twin technology in the 23 networking field is meant to develop various rich network 24 applications and realize efficient and cost effective data driven 25 network management and accelerate network innovation. 27 This document presents an overview of the concepts of Digital Twin 28 Network, provides the basic definitions and a reference architecture, 29 lists a set of application scenarios, and discusses the benefits and 30 key challenges of such technology. 32 Status of This Memo 34 This Internet-Draft is submitted in full conformance with the 35 provisions of BCP 78 and BCP 79. 37 Internet-Drafts are working documents of the Internet Engineering 38 Task Force (IETF). Note that other groups may also distribute 39 working documents as Internet-Drafts. The list of current Internet- 40 Drafts is at https://datatracker.ietf.org/drafts/current/. 42 Internet-Drafts are draft documents valid for a maximum of six months 43 and may be updated, replaced, or obsoleted by other documents at any 44 time. It is inappropriate to use Internet-Drafts as reference 45 material or to cite them other than as "work in progress." 47 This Internet-Draft will expire on 6 September 2022. 49 Copyright Notice 51 Copyright (c) 2022 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 56 license-info) in effect on the date of publication of this document. 57 Please review these documents carefully, as they describe your rights 58 and restrictions with respect to this document. Code Components 59 extracted from this document must include Revised BSD License text as 60 described in Section 4.e of the Trust Legal Provisions and are 61 provided without warranty as described in the Revised BSD License. 63 Table of Contents 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 66 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 67 2.1. Acronyms & Abbreviations . . . . . . . . . . . . . . . . 3 68 2.2. Definitions . . . . . . . . . . . . . . . . . . . . . . . 4 69 3. Introduction and Concepts of Digital Twin Network . . . . . . 4 70 3.1. Background of Digital Twin . . . . . . . . . . . . . . . 4 71 3.2. Digital Twin for Networks . . . . . . . . . . . . . . . . 5 72 3.3. Definition of Digital Twin Network . . . . . . . . . . . 6 73 4. Benefits of Digital Twin Network . . . . . . . . . . . . . . 9 74 4.1. Optimized Network Total Cost of Operation . . . . . . . . 10 75 4.2. Optimized Decision Making . . . . . . . . . . . . . . . . 10 76 4.3. Safer Assessment of Innovative Network Capabilities . . . 10 77 4.4. Privacy and Regulatory Compliance . . . . . . . . . . . . 11 78 4.5. Customized Network Operation Training . . . . . . . . . . 11 79 5. Challenges to Build Digital Twin Network . . . . . . . . . . 11 80 6. A Reference Architecture of Digital Twin Network . . . . . . 13 81 7. Interaction with IBN . . . . . . . . . . . . . . . . . . . . 16 82 8. Sample Application Scenarios . . . . . . . . . . . . . . . . 17 83 8.1. Human Training . . . . . . . . . . . . . . . . . . . . . 17 84 8.2. Machine Learning Training . . . . . . . . . . . . . . . . 17 85 8.3. DevOps-Oriented Certification . . . . . . . . . . . . . . 18 86 8.4. Network Fuzzing . . . . . . . . . . . . . . . . . . . . . 18 87 9. Research Perspectives: A Summary . . . . . . . . . . . . . . 18 88 10. Security Considerations . . . . . . . . . . . . . . . . . . . 18 89 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19 90 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 91 13. Open issues . . . . . . . . . . . . . . . . . . . . . . . . . 19 92 14. Informative References . . . . . . . . . . . . . . . . . . . 20 93 Appendix A. Change Logs . . . . . . . . . . . . . . . . . . . . 22 94 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 96 1. Introduction 98 The fast growth of network scale and the increased demand placed on 99 these networks require them to accommodate and adapt dynamically to 100 customer needs, implying a significant challenge to network 101 operators. Indeed, network operation and maintenance are becoming 102 more complex due to higher complexity of the managed networks and the 103 sophisticated services they are delivering. As such, providing 104 innovations on network technologies, management and operation will be 105 more and more challenging due to the high risk of interfering with 106 existing services and the higher trial costs if no reliable emulation 107 platforms are available. 109 A Digital Twin is the real-time representation of a physical entity 110 in the digital world. It has the characteristics of virtual-reality 111 interrelation and real-time interaction, iterative operation and 112 process optimization, full life-cycle and comprehensive data-driven 113 network infrastructure. Currently, digital twin has been widely 114 acknowledged in academic publications. See more in Section 3. 116 A digital twin for networks platform can be built by applying Digital 117 Twin technologies to networks and creating a virtual image of 118 physical network facilities (called herein, emulation). Basically, 119 the digital twin for networks is an expansion platform of network 120 simulation. The main difference compared to traditional network 121 management systems is the interactive virtual-real mapping and data 122 driven approach to build closed-loop network automation. Therefore, 123 a digital twin network platform is more than an emulation platform or 124 network simulator. 126 Through the real-time data interaction between the physical network 127 and its twin network(s), the digital twin network platform might help 128 the network designers to achieve more simplification, automatic, 129 resilient, and full life-cycle operation and maintenance. More 130 specifically, the digital twin network can, thus, be used to develop 131 various rich network applications and assess specific behaviors 132 (including network transformation) before actual implementation in 133 the physical network, tweak the network for better optimized 134 behavior, run 'what-if' scenarios that cannot be tested and evaluated 135 easily in the physical network. In addition, service impact analysis 136 tasks can also be facilitated. 138 2. Terminology 140 2.1. Acronyms & Abbreviations 142 IBN: Intent-Based Networking 143 IA: Artificial Intelligence 145 CI/CD: Continuous Integration / Continuous Delivery 147 ML: Machine Learning 149 OAM: Operations, Administration, and Maintenance 151 PLM: Product Lifecycle Management 153 2.2. Definitions 155 This document makes use of the following terms: 157 Digital Twin: a virtual instance of a physical system (twin) that is 158 continually updated with the latter's performance, maintenance, 159 and health status data throughout the physical system's life 160 cycle. 162 Digital twin network: a digital twin that is used in the context of 163 networking. This is also called, digital twin for networks. See 164 more in Section 3.3. 166 3. Introduction and Concepts of Digital Twin Network 168 3.1. Background of Digital Twin 170 The concept of the "twin" dates to the National Aeronautics and Space 171 Administration (NASA) Apollo program in the 1970s, where a replica of 172 space vehicles on Earth was built to mirror the condition of the 173 equipment during the mission [Rosen2015]. 175 In 2003, Digital Twin was attributed to John Vickers by Michael 176 Grieves in his product lifecycle management (PLM) course as "virtual 177 digital representation equivalent to physical products" 178 [Grieves2014]. Digital twin can be defined as a virtual instance of 179 a physical system (twin) that is continually updated with the 180 latter's performance, maintenance, and health status data throughout 181 the physical system's life cycle [Madni2019]. By providing a living 182 copy of physical system, digital twins bring numerous advantages, 183 such as accelerated business processes, enhanced productivity, and 184 faster innovation with reduced costs. So far, digital twin has been 185 successfully applied in the fields of intelligent manufacturing, 186 smart city, or complex system operation and maintenance to help with 187 not only object design and testing, but also management aspects 188 [Tao2019]. 190 Compared with 'digital model' and 'digital shadow', the key 191 difference of 'digital twin' is the direction of data between the 192 physical and virtual systems [Fuller2020]. Typically, when using a 193 digital twin, the (twin) system is generated and then synchronized 194 using data flows in both directions between physical and digital 195 components, so that control data can be sent, and changes between the 196 physical and digital objectives and systems are automatically 197 represented. This behavior is unlike a 'digital model' or 'digital 198 shadow', which are usually synchronized manually, lacking of control 199 data, and might not have a full cycle of data integrated. 201 At present (2022), there is no unified definition of digital twin 202 framework. The industry, scientific research institutions, and 203 standards developing organizations are trying to define a general or 204 domain-specific framework of digital twin. [Natis-Gartner2017] 205 proposed that building a digital twin of a physical entity requires 206 four key elements: model, data, monitoring, and uniqueness. 207 [Tao2019] proposed a five-dimensional framework of digital twin {PE, 208 VE, SS, DD, CN}, in which PE represents physical entity, VE 209 represents virtual entity, SS represents service, DD represents twin 210 data, and CN represents the connection between various components. 211 [ISO-2021] issued a draft standard for digital twin manufacturing 212 system, and proposed a reference framework including data collection 213 domain, device control domain, digital twin domain, and user domain. 215 3.2. Digital Twin for Networks 217 Communication networks can provide a solid foundation for 218 implementing various 'digital twin' applications. At the same time, 219 in the face of increasing business types, scale and complexity, a 220 network itself also needs to use digital twin technology to seek 221 better solutions beyond physical network. Since 2017, the 222 application of digital twin technology in the field of communication 223 networks has gradually been researched. Some examples are listed 224 below. 226 In academy, [Dong2019] established the digital twin of 5G mobile edge 227 computing (MEC) network, used the twin offline to train the resource 228 allocation optimization and normalized energy-saving algorithm based 229 on reinforcement learning, and then updated the scheme to MEC 230 network. [Dai2020] established a digital twin edge network for 231 mobile edge computing system, in which a twin edge server is used to 232 evaluate the state of entity server, and the twin mobile edge 233 computing system provides data for training offloading strategy. 234 [Nguyen2021] discusses how to deploy a digital twin for complex 5G 235 networks. [Hong2021] presents a digital twin platform towards 236 automatic and intelligent management for data center networks, and 237 then proposes a simplified the workflows of network service 238 management. In addition, international workshops dedicated to 239 digital twin in network field have already appeared, such as IEEE 240 DTPI 2021 - Digital Twin Network Online Session [DTPI2021], or are 241 being proposed such as IEEE NOMS 2022 - TNT workshop [TNT2022]. 243 Although the application of digital twin technology in networking has 244 started, the research of digital twin for networks technology is 245 still in its infancy. Current applications focus on specific 246 scenarios (such as network optimization), where network digital twin 247 is just used as a network simulation tool to solve the problem of 248 network operation and maintenance. Combined with the characteristics 249 of digital twin technology and its application in other industries, 250 this document believes that digital twin network can be regarded as 251 an organic whole of the overall network system and become a general 252 architecture involving the whole life cycle of physical network in 253 the future, serving the application of network innovative 254 technologies such as network planning, construction, maintenance and 255 optimization, improving the automation and intelligence level of the 256 network. 258 3.3. Definition of Digital Twin Network 260 So far, there is no standard definition of "digital twin network" 261 within the networking industry. This document defines "digital twin 262 network" as a virtual representation of the physical network. Such 263 virtual representation of the network is meant to be used to analyze, 264 diagnose, emulate, and then control the physical network based on 265 data, models, and interfaces. To that aim, a real-time and 266 interactive mapping is required between the physical network and its 267 virtual twin network. 269 Referring the characteristics of digital twin in other industries and 270 the characteristics of the networking itself, the digital twin 271 network should involve four key elements: data, mapping, models and 272 interfaces as shown in Figure 1. 274 +-------------+ +--------------+ 275 | | | | 276 | Mapping | | Interface | 277 | | | | 278 +-------------+-----------------+--------------+ 279 | | 280 | Analyze, Diagnose | 281 | | 282 | +----------------------+ | 283 | | Digital Twin Network | | 284 | +----------------------+ | 285 +------------+ +------------+ 286 | | Emulate, Control | | 287 | Models | | Data | 288 | |------------------------| | 289 +------------+ +------------+ 291 Figure 1: Key Elements of Digital Twin Network 293 Data: A digital twin network should maintain historical data and/or 294 real time data (configuration data, operational state data, 295 topology data, trace data, metric data, process data, etc.) about 296 its real-world twin (i.e. physical network) that are required by 297 the models to represent and understand the states and behaviors of 298 the real-world twin. 300 The data is characterized as the single source of "truth" and 301 populated in the data repository, which provides timely and 302 accurate data service support for building various models. 304 Models: Techniques that involve collecting data from one or more 305 sources in the real-world twin and developing a comprehensive 306 representation of the data (e.g., system, entity, process) using 307 specific models. These models are used as emulation and diagnosis 308 basis to provide dynamics and elements on how the live physical 309 network operates and generates reasoning data utilized for 310 decision-making. 312 Various models such as service models, data models, dataset 313 models, or knowledge graph can be used to represent the physical 314 network assets and, then, instantiated to serve various network 315 applications. 317 Interfaces: Standardized interfaces can ensure the interoperability 318 of digital twin network. There are two major types of interfaces: 320 * The interface between the digital twin network platform and the 321 physical network infrastructure. 323 * The interface between digital twin network platform and 324 applications. 326 The former provides real-time data collection and control on the 327 physical network. The latter helps in delivering application 328 requests to the digital twin network platform and exposing the 329 various platform capabilities to applications. 331 Mapping: Used to identify the digital twin and the underlying 332 entities and establish a real-time interactive relation between 333 the physical network and the twin network or between two twin 334 networks. The mapping can be: 336 * One to one (pairing, vertical): Synchronize between a physical 337 network and its virtual twin network with continuous flows. 339 * One to many (coupling, horizontal): Synchronize among virtual 340 twin networks with occasional data exchange. 342 Such mappings provide a good visibility of actual status, making 343 the digital twin suitable to analyze and understand what is going 344 on in the physical network. It also allows using the digital twin 345 to optimize the performance and maintenance of the physical 346 network. 348 The digital twin network constructed based on the four core 349 technology elements can analyze, diagnose, emulate, and control the 350 physical network in its whole life cycle with the help of 351 optimization algorithms, management methods, and expert knowledge. 352 One of the objectives of such control is to master the digital twin 353 network environment and its elements to derive the required system 354 behavior, e.g., provide: 356 * repeatability: that is the capacity to replicate network 357 conditions on-demand. 359 * reproducibility: i.e., the ability to replay successions of 360 events, possibly under controlled variations. 362 Note: Real-time interaction is not always mandatory for all twins. 363 When testing some configuration changes or trying some innovative 364 techniques, the digital twins can behave as a simulation platform 365 without the need of real time telemetry data. And even in this 366 scenario, it is better to have interactive mapping capability so that 367 the validated changes can be tested in real network whenever required 368 by the testers. In most other cases (e.g., network optimization, 369 network fault recovery), real-time interaction between virtual and 370 real network is mandatory. This way, digital twin network can help 371 achieve the goal of autonomous network or self-driven network. 373 4. Benefits of Digital Twin Network 375 Digital twin network can help enabling closed-loop network management 376 across the entire lifecycle, from deployment and emulation, to 377 visualized assessment, physical deployment, and continuous 378 verification. By doing so, network operators and end-users to some 379 extent, as allowed by specific application interfaces, can maintain a 380 global, systemic, and consistent view of the network. Also, network 381 operators and/or enterprise user can safely exercise the enforcement 382 of network planning policies, deployment procedures, etc., without 383 jeopardizing the daily operation of the physical network. 385 The main difference between digital twin network and simulation 386 platform is the use of interactive virtual-real mapping to build 387 closed-loop network automation. Simulation platforms are the 388 predecessor of the digital twin network, one example of such a 389 simulation platform is network simulator [NS-3], which can be seen as 390 a variant of digital twin network but with low fidelity and lacking 391 for interactive interfaces to the real network. Compared with those 392 classical approaches, key benefits of digital twin network can be 393 summarized as follows: 395 1) Using real-time data to establish high fidelity twins, the 396 effectiveness of network simulation is higher; then the 397 simulation cost will be relatively low. 399 2) The impact and risk on running networks is low when automatically 400 applying configuration/policy changes after the full analysis and 401 required verifications (e.g., service impact analysis) within the 402 twin network. 404 3) The faults of the physical network can be automatically captured 405 by analyzing real-time data, then the correction strategy can be 406 distributed to the physical network elements after conducting 407 adequate analysis within the twins to complete the closed-loop 408 automatic fault repair. 410 The following subsections further elaborate such benefits in details. 412 4.1. Optimized Network Total Cost of Operation 414 Large scale networks are complex to operate. Since there is no 415 effective platform for simulation, network optimization designs have 416 to be tested on the physical network at the cost of jeopardizing its 417 daily operation and possibly degrading the quality of the services 418 supported by the network. Such assessment greatly increases network 419 operator's Operational Expenditure (OPEX) budgets too. 421 With a digital twin network platform, network operators can safely 422 emulate candidate optimization solutions before deploying them in the 423 physical network. In addition, operator's OPEX on the real physical 424 network deployment will be greatly decreased accordingly at the cost 425 of the complexity of the assessment and the resources involved. 427 4.2. Optimized Decision Making 429 Traditional network operation and management mainly focus on 430 deploying and managing running services, but hardly support 431 predictive maintenance techniques. 433 Digital twin network can combine data acquisition, big data 434 processing, and AI modeling to assess the status of the network, but 435 also to predict future trends, and better organize predictive 436 maintenance. The ability to reproduce network behaviors under 437 various conditions facilitates the corresponding assessment of the 438 various evolution options as often as required. 440 4.3. Safer Assessment of Innovative Network Capabilities 442 Testing a new feature in an operational network is not only complex, 443 but also extremely risky. Service impact analysis is required to be 444 adequately achieved prior to effective activation of a new feature. 446 Digital twin network can greatly help assessing innovative network 447 capabilities without jeopardizing the daily operation of the physical 448 network. In addition, it helps researchers to explore network 449 innovation (e.g., new network protocols, network AI/ML applications) 450 efficiently, and network operators to deploy new technologies quickly 451 with lower risks. Take AI/ ML application as example, it is a 452 conflict between the continuous high reliability requirement (i.e., 453 99.999%) and the slow learning speed or phase-in learning steps of 454 AI/ML algorithms. With digital twin network, AI/ML can complete the 455 learning and training with the sufficient data before deploying the 456 model in the real network. This would encourage more network AI 457 innovations in future networks. 459 4.4. Privacy and Regulatory Compliance 461 The requirements on data confidentiality and privacy on network 462 providers increase the complexity of network management, as decisions 463 made by computation logics such as an SDN controller may rely upon 464 the packet payloads. As a result, the improvement of data-driven 465 management requires complementary techniques that can provide a 466 strict control based upon security mechanisms to guarantee data 467 privacy protection and regulatory compliance. This may range from 468 flow identification (using the archetypal five-tuple of addresses, 469 ports and protocol) to techniques requiring some degree of payload 470 inspection, all of them considered suitable to be associated to an 471 individual person, and hence requiring strong protection and/or data 472 anonymization mechanisms. 474 With strong modeling capability provided by the digital twin network, 475 very limited real data (if at all) will be needed to achieve similar 476 or even higher level of data-driven intelligent analysis. This way, 477 a lower demand of sensitive data will permit to satisfy privacy 478 requirements and simplify the use of privacy-preserving techniques 479 for data-driven operation. 481 4.5. Customized Network Operation Training 483 Network architectures can be complex, and their operation requires 484 expert personnel. Digital twin network offers an opportunity to 485 train staff for customized networks and specific user needs. Two 486 salient examples are the application of new network architectures and 487 protocols or the use of "cyber-ranges" to train security experts in 488 threat detection and mitigation. 490 5. Challenges to Build Digital Twin Network 492 According to [Hu2021], the main challenges in building and mantaining 493 digital twins can be summarized as the following five aspects: 495 * Data acquisition and processing 497 * High-fidelity modeling 499 * Real-time, two-way connection between the virtual and the real 500 twins 502 * Unified development platform and tools 504 * Environmental coupling technologies 505 Compared with other industrial fields, digital twin in networking 506 field has its unique characteristics. On one hand, network elements 507 and system have higher level of digitalization, which implies that 508 data acquisition and virtual-real connection are relatively easy to 509 achieve. On the other hand, there are many kinds of network elements 510 and topologies in the network field; and the complex giant system of 511 network carries a variety of business services. So, the construction 512 of a digital twin network system needs to consdier the following 513 major challenges: 515 Large scale challenge: A digital twin of large-scale networks will 516 significantly increase the complexity of data acquisition and 517 storage, the design and implementation of relevant models. The 518 requirements of software and hardware of the digital twin network 519 system will be even more constraining. Therefore, efficient and 520 low cost tools in various fields should be required. Take data as 521 an example, massive network data can help achieve more accurate 522 models. However, to lower the cost of virtual-real communication 523 and data storage, efficient tools on data collection and data 524 compression methods must be used. 526 Interoperability: Due to the inconsistency of technical 527 implementations and the heterogeneity of vendor technologies, it 528 is difficult to establish a unified digital twin network system 529 with a common technology in a network domain. Therefore, it is 530 needed firstly to propose a unified architecture of digital twin 531 network, in which all components and functionalities are clear to 532 all stakeholders; then define standardized and unified interfaces 533 to connect all network twins via ensuring necessary compatibility. 535 Data modeling difficulties: Based on large-scale network data, data 536 modeling should not only focus on ensuring the accuracy of model 537 functions, but also has to consider the flexibility and 538 scalability to compose and extend as required to support large 539 scale and multi-purpose applications. Balancing these 540 requirements further increases the complexity of building 541 efficient and hierarchical functional data models. As an optional 542 solution, straightforwardly clone the real network using 543 virtualized resources is feasible to build the twin network when 544 the network scale is relatively small. However, it will be of 545 unaffordable resource cost for larger scales network. In this 546 case, network modeling using mathematical abstraction or 547 leveraging the AI algorithms will be more suitable solutions. 549 Real-time requirements: Network services normally have real-time 550 requirements, the processing of model simulation and verification 551 through a digital twin network will increase the service latency. 552 Meanwhile, the real-time requirements will further increase 553 performance requirements on the system software and hardware. 554 Moreover, it is also challenge to keep network digital twins in 555 sync given the nature of distributed systems and propagation 556 delays. To address these requirements, the function and process 557 of the data model need to be based on automated processing 558 mechanism under various network application scenarios. On the one 559 hand, it is needed to design a simplified process to reduce the 560 time cost for tasks in network twin as much as possible; on the 561 other hand, it is recommended to define the real-time requirements 562 of different applications, and then match the corresponding 563 computing resources and suitable solutions as needed to complete 564 the task processing in the twin. 566 Security risks: A digital twin network has to synchronize all or 567 subset of the data related to involved physical networks in real 568 time, which inevitably augments the attack surface, with a higher 569 risk of information leakage, in particular. On one hand, it is 570 mandatory to design more secure data mechanism leveraging legacy 571 data protection methods, as well as innovative technologies such 572 as block chain. On the other hand, the system design can limit 573 the data (especially raw data) requirement on building digital 574 twin network, leveraging innovative modeling technologies such as 575 federal learning. 577 In brief, to address the above listed challenges, it is important to 578 firstly propose a unified architecture of digital twin network, which 579 defines the main functional components and interfaces (Section 6). 580 Then, relying upon such an architecture, it is required to continue 581 researching on the key enabling technologies including data 582 acquisition, data storage, data modeling, interface standardization, 583 and security assurance. 585 6. A Reference Architecture of Digital Twin Network 587 Based on the definition of the key digital twin network technology 588 elements introduced in Section 3.3, a digital twin network 589 architecture is depicted in Figure 2. This digital twin network 590 architecture is broken down into three layers: Application Layer, 591 Digital Twin Layer, and Physical Network Layer. 593 +---------------------------------------------------------+ 594 | +-------+ +-------+ +-------+ | 595 | | App 1 | | App 2 | ... | App n | Application| 596 | +-------+ +-------+ +-------+ | 597 +-------------^-------------------+-----------------------+ 598 |Capability Exposure| Intent Input 599 | | 600 +-------------+-------------------v-----------------------+ 601 | Instance of Digital Twin Network | 602 | +--------+ +------------------------+ +--------+ | 603 | | | | Service Mapping Models | | | | 604 | | | | +------------------+ | | | | 605 | | Data +---> |Functional Models | +---> Digital| | 606 | | Repo- | | +-----+-----^------+ | | Twin | | 607 | | sitory | | | | | | Network| | 608 | | | | +-----v-----+------+ | | Mgmt | | 609 | | <---+ | Basic Models | <---+ | | 610 | | | | +------------------+ | | | | 611 | +--------+ +------------------------+ +--------+ | 612 +--------^----------------------------+-------------------+ 613 | | 614 | data collection | control 615 +--------+----------------------------v-------------------+ 616 | Physical Network | 617 | | 618 +---------------------------------------------------------+ 620 Figure 2: Reference Architecture of Digital Twin Network 622 Physical Network: All or subset of network elements in the physical 623 network exchange network data and control messages with a network 624 digital twin instance, through twin-physical control interfaces. 625 The physical network can be a mobile access network, a transport 626 network, a mobile core, a backbone, etc. The physical network can 627 also be a data center network, a campus enterprise network, an 628 industrial Internet of Things, etc. 630 The physical network can span across a single network 631 administrative domain or multiple network administrative domains. 633 This document focuses on the IETF related physical network such as 634 IP bearer network and datacenter network. 636 Digital Twin Layer: This layer includes three key subsystems: Data 637 Repository subsystem, Service Mapping Models subsystem, and 638 Digital Twin Network Management subsystem. 640 One or multiple digital twin network instances can be built and 641 maintained: 643 * Data Repository subsystem is responsible for collecting and 644 storing various network data for building various models by 645 collecting and updating the real-time operational data of 646 various network elements through the twin southbound interface, 647 and providing data services (e.g., fast retrieval, concurrent 648 conflict handling, batch service) and unified interfaces to 649 Service Mapping Models subsystem. 651 * Service Mapping Models complete data modeling, provide data 652 model instances for various network applications, and maximizes 653 the agility and programmability of network services. The data 654 models include two major types: basic and functional models. 656 - Basic models refer to the network element model(s) and 657 network topology model(s) of the network digital twin based 658 on the basic configuration, environment information, 659 operational state, link topology and other information of 660 the network element(s), to complete the real-time accurate 661 characterization of the physical network. 663 - Functional models refer to various data models used for 664 network analysis, emulation, diagnosis, prediction, 665 assurance, etc. The functional models can be constructed 666 and expanded by multiple dimensions: by network type, there 667 can be models serving for a single or multiple network 668 domains; by function type, it can be divided into state 669 monitoring, traffic analysis, security exercise, fault 670 diagnosis, quality assurance and other models; by network 671 lifecycle management, it can be divided into planning, 672 construction, maintenance, optimization and operation. 673 Functional models can also be divided into general models 674 and special-purpose models. Specifically, multiple 675 dimensions can be combined to create a data model for more 676 specific application scenarios. 678 New applications might need new functional models that do 679 not exist yet. If a new model is needed, 'Service Mapping 680 Models' subsystem will be triggered to help creating new 681 models based on data retrieved from 'Data Repository'. 683 * Digital Twin Network Management fulfils the management function 684 of digital twin network, records the life-cycle transactions of 685 the twin entity, monitors the performance and resource 686 consumption of the twin entity or even of individual models, 687 visualizes and controls various elements of the network digital 688 twin, including topology management, model management and 689 security management. 691 Notes: 'Data collection' and 'change control' are regarded as 692 southbound interfaces between virtual and physical network. From 693 implementation perspective, they can optionally form a sub-layer 694 or sub-system to provide common functionalities of data collection 695 and change control, enabled by a specific infrastructure 696 supporting bi-directional flows and facilitating data aggregation, 697 action translation, pre-processing and ontologies. 699 Application Layer: Various applications (e.g., Operations, 700 Administration, and Maintenance (OAM)) can effectively run over a 701 digital twin network platform to implement either conventional or 702 innovative network operations, with low cost and less service 703 impact on real networks. Network applications make requests that 704 need to be addressed by the digital twin network. Such requests 705 are exchanged through a northbound interface, so they are applied 706 by service emulation at the appropriate twin instance(s). 708 7. Interaction with IBN 710 Implementing Intent-Based Networking (IBN) is an innovative 711 technology for life-cycle network management. Future networks will 712 be possibly Intent-based, which means that users can input their 713 abstract 'intent' to the network, instead of detailed policies or 714 configurations on the network devices. 715 [I-D.irtf-nmrg-ibn-concepts-definitions] clarifies the concept of 716 "Intent" and provides an overview of IBN functionalities. The key 717 characteristic of an IBN system is that user intent can be assured 718 automatically via continuously adjusting the policies and validating 719 the real-time situation. 721 IBN can be envisaged in a digital twin network context to show how 722 digital twin network improves the efficiency of deploying network 723 innovation. To lower the impact on real networks, several rounds of 724 adjustment and validation can be emulated on the digital twin network 725 platform instead of directly on physical network. Therefore, digital 726 twin network can be an important enabler platform to implement IBN 727 systems and speed up their deployment. 729 8. Sample Application Scenarios 731 Digital twin network can be applied to solve different problems in 732 network management and operation. 734 8.1. Human Training 736 The usual approach to network OAM with procedures applied by humans 737 is open to errors in all these procedures, with impact in network 738 availability and resilience. Response procedures and actions for 739 most relevant operational requests and incidents are commonly defined 740 to reduce errors to a minimum. The progressive automation of these 741 procedures, such as predictive control or closed-loop management, 742 reduce the faults and response time, but still there is the need of a 743 human-in-the-loop for multiples actions. These processes are not 744 intuitive and require training to learn how to respond. 746 The use of digital twin network for this purpose in different network 747 management activities will improve the operators performance. One 748 common example is cybersecurity incident handling, where "cyber- 749 range" exercises are executed periodically to train security 750 practitioners. Digital twin network will offer realistic 751 environments, fitted to the real production networks. 753 8.2. Machine Learning Training 755 Machine Learning requires data and their context to be available in 756 order to apply it. A common approach in the network management 757 environment has been to simulate or import data in a specific 758 environment (the ML developer lab), where they are used to train the 759 selected model, while later, when the model is deployed in 760 production, re-train or adjust to the production environment context. 761 This demands a specific adaption period. 763 Digital twin network simplifies the complete ML lifecycle development 764 by providing a realistic environment, including network topologies, 765 to generate the data required in a well-aligned context. Dataset 766 generated belongs to the digital twin network and not to the 767 production network, allowing information access by third parties, 768 without impacting data privacy. 770 8.3. DevOps-Oriented Certification 772 The potential application of CI/CD models network management 773 operations increases the risk associated to deployment of non- 774 validated updates, what conflicts with the goal of the certification 775 requirements applied by network service providers. A solution for 776 addressing these certification requirements is to verify the specific 777 impacts of updates on service assurance and SLAs using a digital twin 778 network environment replicating the network particularities, as a 779 previous step to production release. 781 Digital twin network control functional block supports such dynamic 782 mechanisms required by DevOps procedures. 784 8.4. Network Fuzzing 786 Network management dependency on programmability increases systems 787 complexity. The behavior of new protocol stacks, API parameters, and 788 interactions among complex software components are examples that 789 imply higher risk to errors or vulnerabilities in software and 790 configuration. 792 Digital twin network allows to apply fuzzing testing techniques on a 793 twin network environment, with interactions and conditions similar to 794 the production network, permitting to identify and solve 795 vulnerabilities, bugs and zero-days attacks before production 796 delivery. 798 9. Research Perspectives: A Summary 800 Research on digital twin network has just started. This document 801 presents an overview of the digital twin network concepts and 802 reference architecture. Looking forward, further elaboration on 803 digital twin network scenarios, requirements, architecture, and key 804 enabling technologies should be investigated by the industry, so as 805 to accelerate the implementation and deployment of digital twin 806 network. 808 10. Security Considerations 810 This document describes concepts and definitions of digital twin 811 network. As such, the following security considerations remain high 812 level, i.e., in the form of principles, guidelines or requirements. 814 Security considerations of the digital twin network include: 816 * Secure the digital twin system itself. 818 * Data privacy protection. 820 Securing the digital twin network system aims at making the digital 821 twin system operationally secure by implementing security mechanisms 822 and applying security best practices. In the context of digital twin 823 network, such mechanisms and practices may consist in data 824 verification and model validation, mapping operations between 825 physical network and digital counterpart network by authenticated and 826 authorized users only. 828 Synchronizing the data between the physical and the digital twin 829 networks may increase the risk of sensitive data and information 830 leakage. Strict control and security mechanisms must be provided and 831 enabled to prevent data leaks. 833 11. Acknowledgements 835 Many thanks to the NMRG participants for their comments and reviews. 836 Thanks to Daniel King, Quifang Ma, Laurent Ciavaglia, Jerome 837 Francois, Jordi Paillisse, Luis Miguel Contreras Murillo, Alexander 838 Clemm, Qiao Xiang, Ramin Sadre, Pedro Martinez-Julia, Wei Wang, 839 Zongpeng Du, and Peng Liu. 841 Diego Lopez and Antonio Pastor were partly supported by the European 842 Commission under Horizon 2020 grant agreement no. 833685 (SPIDER), 843 and grant agreement no. 871808 (INSPIRE-5Gplus). 845 12. IANA Considerations 847 This document has no requests to IANA. 849 13. Open issues 851 * The draft focuses on concept and architecture of digital twin 852 network, not including enabling technologies. Actually, each 853 'enabling technology' is worth of a separate draft to study in 854 details in future. A decision is needed that whether to add a 855 section to describe the enabling technologies in brief. 857 * Related to above issue, if section of enabling technologies is 858 added, recent technologies (e.g. Network connectivity, Real-time 859 data communication, Collaboration management, conflict detection 860 and resolution, etc.) recently discussed in the IRTF/IETF should 861 be described. 863 * In section of 'Sample Application Scenarios', to dig deeper into 864 one or two use cases. 866 * On the research side, the idea behind digital twin networks is 867 reminiscent of earlier work from the 1990s that should be 868 referenced/acknowledged. Examples include the Shadow MIB concept, 869 Inductive Modeling Technique, etc. 871 14. Informative References 873 [Dai2020] Dai, Y. Dai., Zhang, K. Zhang., Maharjan, S. Maharjan., 874 and Yan Zhang. Zhang, "Deep Reinforcement Learning for 875 Stochastic Computation Offloading in Digital Twin 876 Networks. IEEE Transactions on Industrial Informatics, 877 vol. 17, no. 17", August 2020. 879 [Dong2019] Dong, R. Dong., She, C. She., HardjawanaLiu, W. 880 Hardjawana., Li, Y. Li., and B. Vucetic. Vucetic, "Deep 881 Learning for Hybrid 5G Services in Mobile Edge Computing 882 Systems: Learn from a Digital Twin. IEEE Transactions on 883 Wireless Communications,vol. 18, no. 10", July 2019. 885 [DTPI2021] "IEEE International Conference on Digital Twins and 886 Parallel Intelligence - Digital Twin Network Session, 887 https://www.dtpi.org/video/10", July 2021. 889 [Fuller2020] 890 Fuller, A. Fuller., Fan, Z., Day, C., and C. Barlow, 891 "Digital Twin: Enabling Technologies, Challenges and Open 892 Research," in IEEE Access, vol. 8, pp. 108952-108971", 893 2020. 895 [Grieves2014] 896 Grieves, M. Grieves., "Digital twin: Manufacturing 897 excellence through virtual factory replication", 2003, 898 . 902 [Hong2021] Hong, H., Wu, Q., Dong, F., Song, W., Sun, R., Han, T., 903 Zhou, C., and H. Yang, "NetGraph: An Intelligent Operated 904 Digital Twin Platform for Data Center Networks. In ACM 905 SIGCOMM 2021 Workshop on Network-Application Integration 906 (NAI' 21), Virtual Event, USA. ACM, New York, NY, USA", 907 2021. 909 [Hu2021] Hu, W., Zhang, T., Deng, X., Liu, Z., and J. Tan, "Digital 910 twin: a state-of-the-art review of its enabling 911 technologies, applications and challenges. Journal of 912 Intelligent Manufacturing and Special Equipment, Vol. 2 913 No. 1, pp. 1-34", 2021. 915 [I-D.irtf-nmrg-ibn-concepts-definitions] 916 Clemm, A., Ciavaglia, L., Granville, L. Z., and J. 917 Tantsura, "Intent-Based Networking - Concepts and 918 Definitions", Work in Progress, Internet-Draft, draft- 919 irtf-nmrg-ibn-concepts-definitions-06, 15 December 2021, 920 . 923 [ISO-2021] ISO, "Digital Twin manufacturing framework - Part 2: 924 Reference architecture: ISO/CD 23247-2. 925 https://www.iso.org/standard/78743.html", 2021. 927 [Madni2019] 928 Madni, A. Madni., Madni, C. Madni., and S. Lucero. Lucero, 929 "Leveraging digital twin technology in model-based systems 930 engineering. Systems, vol. 7, no. 1, p. 7", January 2019. 932 [Natis-Gartner2017] 933 Natis, Y. Natis., Velosa, A. Velosa., and W. R. Schulte. 934 Schulte, "Innovation insight for digital twins - driving 935 better IoT-fueled decisions. 936 https://www.gartner.com/en/documents/3645341", 2017. 938 [Nguyen2021] 939 Nguyen, H. X. Nguyen., Trestian, R. Trestian., To, D. To., 940 and M. Tatipamula. Tatipamula, "Digital Twin for 5G and 941 Beyond. IEEE Communications Magazine, vol. 59, no. 2", 942 February 2021. 944 [NS-3] "Network Simulator, NS-3. https://www.nsnam.org/". 946 [Roson2015] 947 Rosen, R. Rosen., Wichert, G. Von Wichert., Lo, G. Lo., 948 and K.D. Bettenhausen. Bettenhausen, "About the importance 949 of autonomy and DTs for the future of manufacturing. IFAC- 950 Papersonline, Vol. 48, pp. 567-572.", 2015. 952 [Tao2019] Tao, F. Tao., Zhang, H. Zhang., Liu, A. Liu., and A. Y. C. 953 Nee. Nee, "Digital Twin in Industry: State-of-the-Art. 954 IEEE Transactions on Industrial Informatics, vol. 15, no. 955 4.", April 2019. 957 [TNT2022] "IEEE International workshop on Technologies for Network 958 Twins, https://sites.google.com/view/tnt-2022/", 2022. 960 Appendix A. Change Logs 962 v06 - v07: Addressed reviewer's comments from adoption call, 963 including below major changes. 965 * Resequenced the sections via adding more subsections on concepts 966 of digital twin network, removing the 'Requirements Language' 967 section, and moving ahead the 'Challenges' section. 969 * Cited more papers, or industrial information on digital twin 970 concepts and digital twin for networks. 972 * Added more information on describing the challenges and key 973 characteristics digital twin network. 975 * Removed previous open issue on investigating related digital twin 976 network work and identify the differences and commonalities, and 977 added several new open issues for future studys. 979 * Other Editorial changes. 981 v05 - v06: Addressed comments form meeting and maillist, to request 982 adoptoin call. 984 * Remove acronym DTN to avoid conflict with 'Delay Tolerant 985 Network'; 987 * Elaborate the descriptoin of Digital Twin Network architecture 988 that supports multiple instances; 990 * Other Editorial changes. 992 04 - v05 994 * Clarify the difference between digital twin network platform and 995 traditional network management system; 997 * Add more references of researches on applying digital twin to 998 network field; 1000 * Clarify the benefit of 'Privacy and Regulatory Compliance'; 1002 * Refine the description of reference architecture; 1004 * Other Editorial changes. 1006 v03 - v04 1007 * Update data definition and models definitions to clarify their 1008 difference. 1010 * Remove the orchestration element and consolidated into control 1011 functionality building block in the digital twin network. 1013 * Clarify the mapping relation (one to one, and one to many) in the 1014 mapping definition. 1016 * Add explanation text for continuous verification. 1018 v02 - v03 1020 * Split interaction with IBN part as a separate section. 1022 * Fill security section; 1024 * Clarify the motivation in the introduction section; 1026 * Use new boilerplate for requirements language section; 1028 * Key elements definition update. 1030 * Other editorial changes. 1032 * Add open issues section. 1034 * Add section on application scenarios. 1036 Authors' Addresses 1038 Cheng Zhou 1039 China Mobile 1040 Beijing 1041 100053 1042 China 1043 Email: zhouchengyjy@chinamobile.com 1045 Hongwei Yang 1046 China Mobile 1047 Beijing 1048 100053 1049 China 1050 Email: yanghongwei@chinamobile.com 1051 Xiaodong Duan 1052 China Mobile 1053 Beijing 1054 100053 1055 China 1056 Email: duanxiaodong@chinamobile.com 1058 Diego Lopez 1059 Telefonica I+D 1060 Seville 1061 Spain 1062 Email: diego.r.lopez@telefonica.com 1064 Antonio Pastor 1065 Telefonica I+D 1066 Madrid 1067 Spain 1068 Email: antonio.pastorperales@telefonica.com 1070 Qin Wu 1071 Huawei 1072 101 Software Avenue, Yuhua District 1073 Nanjing 1074 Jiangsu, 210012 1075 China 1076 Email: bill.wu@huawei.com 1078 Mohamed Boucadair 1079 Orange 1080 Rennes 35000 1081 France 1082 Email: mohamed.boucadair@orange.com 1084 Christian Jacquenet 1085 Orange 1086 Rennes 35000 1087 France 1088 Email: christian.jacquenet@orange.com