Skip to main content

Digital Twin Network: Concepts and Reference Architecture
draft-zhou-nmrg-digitaltwin-network-concepts-05

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
Authors Cheng Zhou , Hongwei Yang , Xiaodong Duan , Diego Lopez , Antonio Pastor , Qin Wu , Mohamed Boucadair , Christian Jacquenet
Last updated 2021-10-25 (Latest revision 2021-07-07)
Replaced by draft-irtf-nmrg-network-digital-twin-arch, draft-irtf-nmrg-network-digital-twin-arch
RFC stream (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-zhou-nmrg-digitaltwin-network-concepts-05
Internet Research Task Force                                     C. Zhou
Internet-Draft                                                   H. Yang
Intended status: Informational                                   X. Duan
Expires: April 28, 2022                                     China Mobile
                                                                D. Lopez
                                                               A. Pastor
                                                          Telefonica I+D
                                                                   Q. Wu
                                                                  Huawei
                                                            M. Boucadair
                                                            C. Jacquenet
                                                                  Orange
                                                        October 25, 2021

       Digital Twin Network: Concepts and Reference Architecture
            draft-zhou-nmrg-digitaltwin-network-concepts-05

Abstract

   Digital Twin technology has been seen as a rapid adoption technology
   in Industry 4.0.  The application of Digital Twin technology in the
   networking field is meant to realize efficient and intelligent
   management and accelerate network innovation.

   This document presents an overview of the concepts of Digital Twin
   Network (DTN), provides the basic definitions and a reference
   architecture, lists a set of application scenarios, and discusses the
   benefits and key challenges of such technology.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 28, 2022.

Zhou, et al.             Expires April 28, 2022                 [Page 1]
Internet-Draft        Digital Twin Network Concept          October 2021

Copyright Notice

   Copyright (c) 2021 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Requirements Language . . . . . . . . . . . . . . . . . . . .   3
   3.  Definitions and Acronyms  . . . . . . . . . . . . . . . . . .   4
   4.  Definition of Digital Twin Networks . . . . . . . . . . . . .   4
   5.  Benefits of Digital Twin Networks . . . . . . . . . . . . . .   6
     5.1.  Optimized Network Total Cost of Operation . . . . . . . .   7
     5.2.  Optimized Decision Making . . . . . . . . . . . . . . . .   7
     5.3.  Safer Assessment of Innovative Network Capabilities . . .   7
     5.4.  Privacy and Regulatory Compliance . . . . . . . . . . . .   8
     5.5.  Customized Network Operation Training . . . . . . . . . .   8
   6.  Reference Architecture of Digital Twin Network  . . . . . . .   8
   7.  Challenges to Build Digital Twin Networks . . . . . . . . . .  11
   8.  Interaction with IBN  . . . . . . . . . . . . . . . . . . . .  12
   9.  Application Scenarios . . . . . . . . . . . . . . . . . . . .  12
     9.1.  Human Training  . . . . . . . . . . . . . . . . . . . . .  12
     9.2.  ML Training . . . . . . . . . . . . . . . . . . . . . . .  13
     9.3.  DevOps-Oriented Certification . . . . . . . . . . . . . .  13
     9.4.  Network Fuzzing . . . . . . . . . . . . . . . . . . . . .  13
   10. Summary . . . . . . . . . . . . . . . . . . . . . . . . . . .  14
   11. Security Considerations . . . . . . . . . . . . . . . . . . .  14
   12. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  14
   13. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  15
   14. Open issues . . . . . . . . . . . . . . . . . . . . . . . . .  15
   15. References  . . . . . . . . . . . . . . . . . . . . . . . . .  15
     15.1.  Normative References . . . . . . . . . . . . . . . . . .  15
     15.2.  Informative References . . . . . . . . . . . . . . . . .  15
   Appendix A.  Change Logs  . . . . . . . . . . . . . . . . . . . .  16
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  17

Zhou, et al.             Expires April 28, 2022                 [Page 2]
Internet-Draft        Digital Twin Network Concept          October 2021

1.  Introduction

   The fast growing of network scale and the increased demand placed on
   these networks, requires them to accommodate and adapt dynamically to
   customer needs, implying a big challenge to network operators.
   Indeed, network operation and maintenance are becoming more complex
   due to higher complexity of the managed networks and the
   sophisticated services they are delivering.  As such, providing
   innovations on network technologies, management and operation will be
   more and more challenging due to the high risk of interfering with
   existing services and the higher trial costs if no reliable emulation
   platforms are available.

   A Digital Twin is the real-time representation of a physical entity
   in the digital world.  It has the characteristics of virtual-reality
   interrelation and real-time interaction, iterative operation and
   process optimization, full life-cycle and full business data-driven.
   So far, this paradigm has been successfully applied in the fields of
   intelligent manufacturing, smart city, or complex system operation
   and maintenance to help with not only object design and testing, but
   also management aspects [Tao2019].  See more in Section 4.

   A digital twin network platform can be built by applying Digital Twin
   technologies to networks and creating a virtual image of physical
   network facilities (called herein, emulation).  Basically, the
   digital twin network is an expansion platform of network simulation.
   The main difference compared to traditional network management system
   is the use of interactive virtual-real mapping to build closed-loop
   network automation.  Through the real-time data interaction between
   the physical network and its twin network(s), the digital twin
   network platform might help the network designers to achieve more
   simplification, automatic, resilient, and full life-cycle operation
   and maintenance.

   Having an emulation platform that allows to reliably represent the
   state of a network is more dependable than a simulation platform.
   The emulated platform can, thus, be used to assess specific behaviors
   (including network transformation) before actual implementation in
   the physical network, tweak the network for better optimized
   behavior, run 'what-if' scenarios that cannot be tested and evaluated
   easily in the physical network.  Service impact analysis tasks will
   also be facilitated.

2.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP

Zhou, et al.             Expires April 28, 2022                 [Page 3]
Internet-Draft        Digital Twin Network Concept          October 2021

   14 [RFC2119][RFC8174] when, and only when, they appear in all
   capitals, as shown here.

3.  Definitions and Acronyms

   PLM: Product Lifecycle Management

   IBN: Intent-Based Networking

   AI: Artificial Intelligence

   ML: Machine Learning

   OAM: Operations, Administration, and Maintenance

   CI/CD: Continuous Integration / Continuous Delivery

4.  Definition of Digital Twin Networks

   The concept of a virtual equivalent to a physical product or the
   digital twin was first introduced in the Product Lifecycle Management
   (PLM) course in 2003 by Scholar Michael Grieves [Grieves2014].  It
   has been since then widely acknowledged in both industry and academic
   publications.  And some researchers have also tried to apply the
   concept of digital twin to the networking field, such as [Dong2019],
   [Dai2020] and [Nguyen2021].  However, there is no standard definition
   of "digital twin network" within the networking industry and SDOs.

   This document defines digital twin network as a virtual
   representation of the physical network.  Such virtual representation
   of the network is meant to be used to analyze, diagnose, emulate, and
   then control the physical network based on data, models, and
   interfaces.  To that aim, a real-time and interactive mapping is
   required between the physical network and its virtual twin network.

   As shown in Figure 1, the digital twin network involves four key
   technology elements: data, mapping, models, and interfaces.

Zhou, et al.             Expires April 28, 2022                 [Page 4]
Internet-Draft        Digital Twin Network Concept          October 2021

               +-------------+                 +--------------+
               |             |                 |              |
               |  Mapping    |                 |  Interface   |
               |             |                 |              |
               +-------------+-----------------+--------------+
                        |                          |
                        |    Analyze, Diagnose     |
                        |                          |
                        | +----------------------+ |
                        | | NETWORK DIGITAL TWIN | |
                        | +----------------------+ |
            +------------+                        +------------+
            |            |   Emulate, Control     |            |
            |   Models   |                        |    Data    |
            |            |------------------------|            |
            +------------+                        +------------+

              Figure 1: Key Elements of Digital Twin Network

   Data:  A digital twin network should maintain historical data and/or
      real time data (configuration data, operational state data,
      topology data, trace data, metric data, process data, etc.) about
      its real-world twin (i.e., physical network) that are required by
      the models to represent and understand the states and behaviors of
      the real-world twin.  The data is characterized as the single
      source of "truth" and populated in the data repository, which
      provides timely and accurate data service support for building
      various models.

   Models:  Techniques that involve collecting data from one or more
      sources in the real-world twin and developing a comprehensive
      representation of the data (e.g., system, entity, process) using
      specific models.  They are used as emulation and diagnosis basis
      to provide dynamics and elements on how the live physical network
      operates and generates reasoning data utilized for decision-
      making.  Various models such as service models, data models,
      dataset models, or knowledge graph can be used to represent the
      physical network assets and then instantiated to serve various
      network applications.

   Interfaces:  Standardized interfaces can ensure the interoperability
      of digital twin network.  There are two major types of interfaces:

      *  The interface between the digital twin network platform and the
         physical network infrastructure.

      *  The interface between digital twin network platform and
         applications.

Zhou, et al.             Expires April 28, 2022                 [Page 5]
Internet-Draft        Digital Twin Network Concept          October 2021

      The former provides real time data collection and control on the
      physical network.  The latter helps deliver application requests
      to the digital twin network platform and expose the various
      platform capabilities to applications.

   Mapping:  Is used to identify the digital twin and the underlying
      entities and establish a real-time interactive relation between
      the physical network and the twin network or between two twin
      networks.  The mapping can be:

      *  One to one (pairing, vertical): Synchronize between a physical
         network and its virtual twin network with continuous flows.

      *  One to many (coupling, horizontal): Synchronize among virtual
         twin networks with occasional data exchange.

      Such mappings provides good visibility of actual status, making
      the digital twin suitable to analyze and understand what is going
      on in the physical network.  It also allows using the digital twin
      to optimize the performance and maintenance of the physical
      network.

   The digital twin network constructed based on the four core
   technology elements can analyze, diagnose, emulate, and control the
   physical network in its whole life cycle with the help of
   optimization algorithms, management methods, and expert knowledge.
   One of the objectives of such control is to master the digital twin
   network environment and its elements to derive the required system
   behavior, e.g., provide:

   o  repeatability: that is the capacity to replicate network
      conditions on-demand.

   o  reproducibility: i.e., the ability to replay successions of
      events, possibly under controlled variations.

5.  Benefits of Digital Twin Networks

   Digital twin networks can help enabling closed-loop network
   management across the entire lifecycle, from deployment and
   emulation, to visualized assessment, physical deployment, and
   continuous verification.  By doing so, network operators (and end-
   users to some extent, as allowed by specific application interfaces)
   can maintain a global, systemic, and consistent view of the network.
   Also, network operators can safely exercise the enforcement of
   network planning policies, deployment procedures, etc., without
   jeopardizing the daily operation of the physical network.

Zhou, et al.             Expires April 28, 2022                 [Page 6]
Internet-Draft        Digital Twin Network Concept          October 2021

   The benefits of digital twin network can be categorized as follows:
   lower cost of network, optimized and safer decision-making, safer
   testing of innovative network capabilities (including "what-if"
   scenarios), privacy and regulatory compliance, and customized network
   operation training.  The following subsections further elaborate on
   such benefits.

5.1.  Optimized Network Total Cost of Operation

   Large scale networks are complex to operate.  Since there is no
   effective platform for simulation, network optimization designs have
   to be tested on the physical network at the cost of jeopardizing its
   daily operation and possibly degrading the quality of the services
   supported by the network.  Such assessment greatly increases network
   operator's Operational Expenditure (OPEX) budgets too.

   With a digital twin network platform, network operators can safely
   emulate candidate optimization solutions before deploying them in the
   physical network.  In addition, operator's OPEX on the real physical
   network deployment will be greatly decreased accordingly at the cost
   of the complexity of the assessment and the resources involved.

5.2.  Optimized Decision Making

   Traditional network operation and management mainly focus on
   deploying and managing running services, but hardly support
   predictive maintenance techniques.

   Digital twin network can combine data acquisition, big data
   processing, and AI modeling to assess the status of the network, but
   also to predict future trends, and better organize predictive
   maintenance.  The ability to reproduce network behaviors under
   various conditions facilitates the corresponding assessment of the
   various evolution options as often as required.

5.3.  Safer Assessment of Innovative Network Capabilities

   Testing a new feature in an operational network is not only complex,
   but also extremely risky.  Service impact analysis is required to be
   adequately achieved prior to effective activation of a new feature.

   Digital twin network can greatly help assessing innovative network
   capabilities without jeopardizing the daily operation of the physical
   network.  In addition, it helps researchers to explore network
   innovation (e.g., new network protocols, network AI/ML applications)
   efficiently, and network operators to deploy new technologies quickly
   with lower risks.  Take AI/ ML application as example, it is a
   conflict between the continuous high reliability requirement (i.e.,

Zhou, et al.             Expires April 28, 2022                 [Page 7]
Internet-Draft        Digital Twin Network Concept          October 2021

   99.999%) and the slow learning speed or phase-in learning steps of
   AI/ML algorithms.  With digital twin networks, AI/ML can complete the
   learning and training with the sufficient data before deploying the
   model in the real network.  This would encourage more network AI
   innovations in future networks.

5.4.  Privacy and Regulatory Compliance

   The requirements on data confidentiality and privacy on network
   providers increase the complexity of network management, as decisions
   made by computation logics such as an SDN controller may rely upon
   the packet payloads.  As a result, the improvement of data-driven
   management requires complementary techniques that can provide a
   strict control based upon security mechanisms to guarantee data
   privacy protection and regulatory compliance.  This may range from
   flow identification (using the archetypal five-tuple of addresses,
   ports and protocol) to techniques requiring some degree of payload
   inspection, all of them considered suitable to be associated to an
   individual person, and hence requiring strong protection and/or data
   anonymization mechanisms.

   With strong modeling capability provided by the digital twin network,
   very limited real data (if at all) will be needed to achieve similar
   or even higher level of data-driven intelligent analysis.  This way,
   a lower demand of sensitive data will permit to satisfy privacy
   requirements and simplify the use of privacy-preserving techniques
   for data-driven operation.

5.5.  Customized Network Operation Training

   Network architectures can be complex, and their operation requires
   expert personnel.  Digital twin network offers an opportunity to
   train staff for customized networks and specific user needs.  Two
   salient examples are the application of new network architectures and
   protocols or the use of "cyber-ranges" to train security experts in
   threat detection and mitigation.

6.  Reference Architecture of Digital Twin Network

   Based on the definition of the key digital twin network technology
   elements introduced in Section 4, a digital twin network architecture
   is depicted in Figure 2.  This digital twin network architecture is
   broken down into three layers: Application Layer, Network Digital
   Twin Layer, and Physical Network Layer.

Zhou, et al.             Expires April 28, 2022                 [Page 8]
Internet-Draft        Digital Twin Network Concept          October 2021

        +---------------------------------------------------------+
        |   +-------+   +-------+          +-------+              |
        |   | App 1 |   | App 2 |   ...    | App n |   Application|
        |   +-------+   +-------+          +-------+              |
        +-------------^-------------------+-----------------------+
                      |Capability Exposure| Intent Input
                      |                   |
        +-------------+-------------------v-----------------------+
        |                         Instance of Network Digital Twin|
        |  +--------+   +------------------------+   +--------+   |
        |  |        |   | Service Mapping Models |   |        |   |
        |  |        |   |  +------------------+  |   |        |   |
        |  | Data   +--->  |Functional Models |  +---> Digital|   |
        |  | Repo-  |   |  +-----+-----^------+  |   | Twin   |   |
        |  | sitory |   |        |     |         |   | Entity |   |
        |  |        |   |  +-----v-----+------+  |   |  Mgmt  |   |
        |  |        <---+  |  Basic Models    |  <---+        |   |
        |  |        |   |  +------------------+  |   |        |   |
        |  +--------+   +------------------------+   +--------+   |
        +--------^----------------------------+-------------------+
                 |                            |
                 | data collection            | control
        +--------+----------------------------v-------------------+
        |                   Physical Network                      |
        |                                                         |
        +---------------------------------------------------------+

         Figure 2: Reference Architecture of Digital Twin Network

   1.  Physical Network: (All or relevant) network elements in the
       physical network exchange massive network data and control with
       network digital twin entity, through twin southbound interfaces.
       As the physical object of the network twin, the physical network
       can be a mobile access network, a transport network, a mobile
       core, a backbone, etc.  The network can also be a data center
       network, a campus enterprise network, an industrial Internet of
       Things, etc.  The network can span across a single network domain
       or multiple network domains.

   2.  The Intermediate layer is the Network Digital Twin.  This layer
       includes three key subsystems: Data Repository subsystem, Service
       Mapping Models subsystem, and Digital Twin Entity Management
       subsystem.

       *  Data Repository subsystem is responsible for collecting and
          storing various network data for building various models by
          collecting and updating the real-time operational data of
          various network elements through the twin southbound

Zhou, et al.             Expires April 28, 2022                 [Page 9]
Internet-Draft        Digital Twin Network Concept          October 2021

          interface, and providing data services (e.g., fast retrieval,
          concurrent conflict handling, batch service) and unified
          interfaces to Service Mapping Models subsystem.

       *  Service Mapping Models complete data modeling, provide data
          model instances for various network applications, and
          maximizes the agility and programmability of network services.
          The data models include two major types: basic and functional
          models.

          +  Basic models refer to the network element model(s) and
             network topology model(s) of the network digital twin based
             on the basic configuration, environment information,
             operational state, link topology and other information of
             the network element(s), to complete the real-time accurate
             characterization of the physical network.

          +  Functional models refer to various data models used for
             network analysis, emulation, diagnosis, prediction,
             assurance, etc.  The functional models can be constructed
             and expanded by multiple dimensions: by network type, there
             can be models serving for a single or multiple network
             domains; by function type, it can be divided into state
             monitoring, traffic analysis, security exercise, fault
             diagnosis, quality assurance and other models; by network
             lifecycle management, it can be divided into planning,
             construction, maintenance, optimization and operation.
             Functional models can also be divided into general models
             and special-purpose models.  Specifically, multiple
             dimensions can be combined to create a data model for more
             specific application scenarios.

             New applications might need new functional models that do
             not exist yet.  If a new model is needed, 'Service Mapping
             Models' subsystem will be triggered to help creating new
             models based on data retrieved from 'Data Repository'.

       *  Digital Twin Entity Management fulfils the management function
          of digital twin network, records the life-cycle transactions
          of the entity, monitors the performance and resource
          consumption of the entity or even of individual models,
          visualizes and controls various elements of the network
          digital twin, including topology management, model management
          and security management.

       Notes: 'Data collection' and 'change control' are regarded as
       southbound interfaces between virtual and physical network.  From
       implementation perspective, they can optionally form a sub-layer

Zhou, et al.             Expires April 28, 2022                [Page 10]
Internet-Draft        Digital Twin Network Concept          October 2021

       or sub-system to provide common functionalities of data
       collection and change control, enabled by a specific
       infrastructure supporting bi-directional flows and facilitating
       data aggregation, action translation, pre-processing and
       ontologies.

   3.  Application Layer: Various applications (e.g., OAM, IBN) can
       effectively run over a digital twin network platform to implement
       either conventional or innovative network operations, with low
       cost and less service impact on real networks.  Network
       applications make requests that need to be addressed by the
       digital twin network.  Such requests are exchanged through a
       northbound interface, so they are applied by service emulation at
       the appropriate twin instance(s).

7.  Challenges to Build Digital Twin Networks

   As mentioned in Section 5, digital twin networks can bring many
   benefits to network management as well as facilitate the introduction
   of innovative network capabilities.  However, building an effective
   and efficient digital twin network system remains a challenge.  The
   following is a list of major challenges:

   o  Large scale challenge: A digital twin of large-scale networks will
      significantly increase the complexity of data acquisition and
      storage, the design and implementation of models.  The
      requirements of software and hardware of the digital twin network
      system will be even more constraining.

   o  Interoperability: It is difficult to establish a unified digital
      twin network system with a unified data model in the whole network
      domain due to the inconsistency of technical implementations and
      the heterogeneity of vendor technologies.

   o  Data modeling difficulties: Based on large-scale network data,
      data modeling should not only focus on ensuring the accuracy of
      model functions, but also need to consider the flexibility and
      scalability of the model.  Balancing these requirements further
      increase the complexity of building efficient and hierarchical
      functional data models.

   o  Real-time requirements: For services with real-time requirements,
      the processing of model simulation and verification through a
      digital twin network will increase the service delay, so the
      function and process of the data model need to be based on
      automated processing mechanism under various network application
      scenarios; at the same time, the real-time requirements will

Zhou, et al.             Expires April 28, 2022                [Page 11]
Internet-Draft        Digital Twin Network Concept          October 2021

      further increase performance requirements on the system software
      and hardware.

   o  Security risks: A digital twin network has to synchronize all the
      data of involved physical networks in real time, which inevitably
      augments the attack surface, with a higher risk of information
      leakage, in particular.

   To address these challenges, digital twin networks need continuous
   optimization and breakthrough on key enabling technologies including
   data acquisition, data storage, data modeling, network visualization,
   interface standardization, and security assurance, so as to meet the
   requirements of compatibility, reliability, real-time, and security.

8.  Interaction with IBN

   Implementing Intent-Based Networking (IBN) is an innovative
   technology for life-cycle network management.  Future networks will
   be possibly Intent-based, which means that users can input their
   abstract 'intent' to the network, instead of detailed policies or
   configurations on the network devices.
   [I-D.irtf-nmrg-ibn-concepts-definitions] clarifies the concept of
   "Intent" and provides an overview of IBN functionalities.  The key
   characteristic of an IBN system is that user intent can be assured
   automatically via continuously adjusting the policies and validating
   the real-time situation.

   IBN can be envisaged in a digital twin network context to show how
   digital twin network improves the efficiency of deploying network
   innovation.  To lower the impact on real networks, several rounds of
   adjustment and validation can be emulated on the digital twin network
   platform instead of directly on physical network.  Therefore, digital
   twin networks can be an important enabler platform to implement IBN
   systems and speed up their deployment.

9.  Application Scenarios

   Digital twin network can be applied to solve different problems in
   network management and operation.

9.1.  Human Training

   The usual approach to network Operations, Administration, and
   Maintenance (OAM) with procedures applied by humans is open to errors
   in all these procedures, with impact in network availability and
   resilience.  Response procedures and actions for most relevant
   operational requests and incidents are commonly defined to reduce
   errors to a minimum.  The progressive automation of these procedures,

Zhou, et al.             Expires April 28, 2022                [Page 12]
Internet-Draft        Digital Twin Network Concept          October 2021

   such as predictive control or closed-loop management, reduce the
   faults and response time, but still there is the need of a human-in-
   the-loop for multiples actions.  These processes are not intuitive
   and require training to learn how to respond.

   The use of digital twin network for this purpose in different network
   management activities will improve the operators performance.  One
   common example is cybersecurity incident handling, where "cyber-
   range" exercises are executed periodically to train security
   practitioners.  Digital twin network will offer realistic
   environments, fitted to the real production networks.

9.2.  ML Training

   Machine Learning requires data and their context to be available in
   order to apply it.  A common approach in the network management
   environment has been to simulate or import data in a specific
   environment (the ML developer lab), where they are used to train the
   selected model, while later, when the model is deployed in
   production, re-train or adjust to the production environment context.
   This demands a specific adaption period.

   Digital twin network simplifies the complete ML lifecycle development
   by providing a realistic environment, including network topologies,
   to generate the data required in a well-aligned context.  Dataset
   generated belongs to the digital twin network and not to the
   production network, allowing information access by third parties,
   without impacting data privacy.

9.3.  DevOps-Oriented Certification

   The potential application of CI/CD models network management
   operations increases the risk associated to deployment of non-
   validated updates, what conflicts with the goal of the certification
   requirements applied by network service providers.  A solution for
   addressing these certification requirements is to verify the specific
   impacts of updates on service assurance and SLAs using a digital twin
   network environment replicating the network particularities, as a
   previous step to production release.

   Digital twin network control functional block supports such dynamic
   mechanisms required by DevOps procedures.

9.4.  Network Fuzzing

   Network management dependency on programmability increases systems
   complexity.  The behavior of new protocol stacks, API parameters, and
   interactions among complex software components are examples that

Zhou, et al.             Expires April 28, 2022                [Page 13]
Internet-Draft        Digital Twin Network Concept          October 2021

   imply higher risk to errors or vulnerabilities in software and
   configuration.

   Digital twin network allows to apply fuzzing testing techniques on a
   twin network environment, with interactions and conditions similar to
   the production network, permitting to identify and solve
   vulnerabilities, bugs and zero-days attacks before production
   delivery.

10.  Summary

   Research on digital twin network has just started.  This document
   presents an overview of the digital twin network concepts.  Looking
   forward, further elaboration on digital twin network scenarios,
   requirements, architecture, and key enabling technologies should be
   investigated by the industry, so as to accelerate the implementation
   and deployment of digital twin networks.

11.  Security Considerations

   This document describes concepts and definitions of digital twin
   network.  As such, the following security considerations remain high
   level, i.e., in the form of principles, guidelines or requirements.

   Security considerations of the digital twin network include:

   o  Secure the digital twin system itself.

   o  Data privacy protection.

   Securing the digital twin network system aims at making the digital
   twin system operationally secure by implementing security mechanisms
   and applying security best practices.  In the context of digital twin
   network, such mechanisms and practices may consist in data
   verification and model validation, mapping operations between
   physical network and digital counterpart network by authenticated and
   authorized users only.

   Synchronizing the data between the physical and the digital twin
   networks may increase the risk of sensitive data and information
   leakage.  Strict control and security mechanisms must be provided and
   enabled to prevent data leaks.

12.  Acknowledgements

   Diego Lopez and Antonio Pastor were partly supported by the European
   Commission under Horizon 2020 grant agreement no. 833685 (SPIDER),
   and grant agreement no. 871808 (INSPIRE-5Gplus).

Zhou, et al.             Expires April 28, 2022                [Page 14]
Internet-Draft        Digital Twin Network Concept          October 2021

13.  IANA Considerations

   This document has no requests to IANA.

14.  Open issues

   o  Investigate related digital twin network work and identify the
      differences and commonalities, e.g., how is this concept and
      architecture different from digital twin for industry application?

15.  References

15.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

15.2.  Informative References

   [Dai2020]  Dai, Y., Zhang, K., Maharjan, S., and Yan. Zhang, "Deep
              Reinforcement Learning for Stochastic Computation
              Offloading in Digital Twin Networks. IEEE Transactions on
              Industrial Informatics, vol. 17, no. 17", August 2020.

   [Dong2019]
              Dong, R., She, C., HardjawanaLiu, W., Li, Y., and B.
              Vucetic, "Deep Learning for Hybrid 5G Services in Mobile
              Edge Computing Systems: Learn from a Digital Twin. IEEE
              Transactions on Wireless Communications,vol. 18, no. 10",
              July 2019.

   [Grieves2014]
              Grieves, M., "Digital twin: Manufacturing excellence
              through virtual factory replication", 2003.

   [I-D.irtf-nmrg-ibn-concepts-definitions]
              Clemm, A., Ciavaglia, L., Granville, L. Z., and J.
              Tantsura, "Intent-Based Networking - Concepts and
              Definitions", draft-irtf-nmrg-ibn-concepts-definitions-05
              (work in progress), September 2021.

Zhou, et al.             Expires April 28, 2022                [Page 15]
Internet-Draft        Digital Twin Network Concept          October 2021

   [Nguyen2021]
              Nguyen, H., Trestian, R., To, D., and M. Tatipamula,
              "Digital Twin for 5G and Beyond. IEEE Communications
              Magazine, vol. 59, no. 2", February 2021.

   [Tao2019]  Tao, F., Zhang, H., Liu, A., and A. Nee, "Digital Twin in
              Industry: State-of-the-Art. IEEE Transactions on
              Industrial Informatics, vol. 15, no. 4.", April 2019.

Appendix A.  Change Logs

   v04 - v05

   o  Clarify the difference between digital twin network platform and
      traditional network management system;

   o  Add more references of researches on applying digital twin to
      network field;

   o  Clarify the benefit of 'Privacy and Regulatory Compliance';

   o  Refine the description of reference architecture;

   o  Other Editorial changes.

   v03 - v04

   o  Update data definition and models definitions to clarify their
      difference.

   o  Remove the orchestration element and consolidated into control
      functionality building block in the digital twin network.

   o  Clarify the mapping relation (one to one, and one to many) in the
      mapping definition.

   o  Add explanation text for continuous verification.

   v02 - v03

   o  Split interaction with IBN part as a separate section.

   o  Fill security section;

   o  Clarify the motivation in the introduction section;

   o  Use new boilerplate for requirements language section;

Zhou, et al.             Expires April 28, 2022                [Page 16]
Internet-Draft        Digital Twin Network Concept          October 2021

   o  Key elements definition update.

   o  Other editorial changes.

   o  Add open issues section.

   o  Add section on application scenarios.

Authors' Addresses

   Cheng Zhou
   China Mobile
   Beijing  100053
   China

   Email: zhouchengyjy@chinamobile.com

   Hongwei Yang
   China Mobile
   Beijing  100053
   China

   Email: yanghongwei@chinamobile.com

   Xiaodong Duan
   China Mobile
   Beijing  100053
   China

   Email: duanxiaodong@chinamobile.com

   Diego Lopez
   Telefonica I+D
   Seville
   Spain

   Email: diego.r.lopez@telefonica.com

   Antonio Pastor
   Telefonica I+D
   Madrid
   Spain

   Email: antonio.pastorperales@telefonica.com

Zhou, et al.             Expires April 28, 2022                [Page 17]
Internet-Draft        Digital Twin Network Concept          October 2021

   Qin Wu
   Huawei
   101 Software Avenue, Yuhua District
   Nanjing, Jiangsu  210012
   China

   Email: bill.wu@huawei.com

   Mohamed Boucadair
   Orange
   Rennes 35000
   France

   Email: mohamed.boucadair@orange.com

   Christian Jacquenet
   Orange
   Rennes 35000
   France

   Email: christian.jacquenet@orange.com

Zhou, et al.             Expires April 28, 2022                [Page 18]