Keywords

1 Introduction

Cyber-physical systems (CPS) are highly complex mechanisms which involve transdisciplinary approaches and effect various aspects of our lives depending on their application domain. A CPS is characterized by tight integration between physical and computation processes within it [1, 2]. Examples of CPS include a smart grid, autonomous automobile systems, automated industrial control systems (Industry 4.0) [3, 4], process control systems [5], robotics systems, and automatic pilot avionics [6].

A cyber-physical system is a complex distributed system controlled or monitored by computer-based algorithms and tightly integrated with the Internet and its users [7]. We can thus say that cyber-physical systems have a network structure. Due to several factors, such as a large number of elements and connections between them, the need for real-time processing of large amounts of data [8, 9], and the environmental influence, it becomes necessary to address the problem of the communication network for such complex distributed systems characterized by uncertainty not common for uniform networks. By now, there have been few studies focusing on intra-network modeling of such systems, as the emphasis tends to be more on the computational elements, and less on an intense link between the computational and physical elements. However, intra-network optimization modeling can significantly enhance the efficiency of such systems and broaden the scope of their application domains.

2 Modeling a Cyber-Physical System as a Multicommodity Network

An important thing in designing cyber-physical systems is formalization. When designing a CPS, structural modeling techniques should be used. Such techniques involve using graph representation models of complex systems. A CPS model can be presented as an aggregation of the CPS’s algorithms and structure represented as graphs with the same vertex set [10]. Let the structure graph be defined as the physical graph, as it represents the conditional physical infrastructure allowing for the information flows. The algorithm graph should be then defined as the logical graph since it represents the structure of the connections between the system’s elements, namely their mutual requirements for the information flow. The edges of the graph connect the elements of the system, which pass a flow with specific characteristics from one to the other. Such pairs of elements are called source-sink pairs. The information flows between a source-sink pair of the logical graph can only go through the channels of the physical infrastructure of the network, i.e. the edges of the physical graph. The kind of network described above is called a multicommodity network [11], because flows of different source-sink pairs are not interchangeable since every information flow is aimed at a specific addressee and cannot be substituted with any other flow. In fact, information flows between the nods of the logical graph correspond to different types of products, which go along the edges of the physical graph without interacting.

The requirements set by the source-sink pairs for the flows are estimated using specific units of measure for each parameter, such as the value of flow, its cost, etc. The edges of the logical graph are assigned corresponding values in the units adopted for the flow of a particular source-sink pair. The edges of the physical graph limit the flows within any source-sink pair that uses this communication channel. Therefore, every edge is assigned a characteristic measured in the same units as the requirements of the source-sink pairs. The challenge is to allocate the flows of the network so that the paths between the source-sink pairs going along the edges of the physical graph were optimal for each pair of nods of the logical graph [12]. Optimal allocation will account for the restrictions of both the physical graph (flow capacity or other parameters) and the logical graph (requirements of the components of the cyber-physical system).

Since we do not know which pairs will be exchanging flows at any specific moment in time, we are not able to forecast which flows will be going along each of the edges of the physical graph at any specific moment in time. We can thus consider two different situations.

  1. 1.

    Flows of every source-sink pair pass along the network at any moment in time. This is the maximum flow capacity of the network.

  2. 2.

    Only one flow passes along the network at any moment of time. This helps to determine the maximum degree to which the requirements of the corresponding source-sink pair can be met.

Both situations are rare, as it is more likely that a different number of single-product flows pass through the network at different moments. However, their analysis demonstrates the ability of the system to meet the requirements of the source-sink pairs, i.e. its ability to function efficiently. Analyzing the first situation, we can assess the efficiency of the whole system at maximum load, although it does not allow us to evaluate its ability to meet the requirements of a specific pair. Analyzing the second situation, we can assess the ability of the system to meet the requirements of every pair of elements and determine the safety margin in case the requirements or the system’s capacity change. In this chapter, we will focus primarily on the second situation.

Limitations and requirements for the flows depend on the characteristics of the system. Let us consider a basic situation when it is necessary to maximize the flows between the source-sink pairs. In this case, there are certain requirements for the flow volume. It is obvious that for each source-sink pair the maximum flow should be determined, taking into account the network’s flow capacity [13]. The system, however, may also require to minimize the cost of the flows, as well as to find the shortest paths, or the minimum-cost maximum flow, etc. In this case, the network’s edges are assigned other parameters, such as the cost or the length of the path. We will further refer to these parameters as the characteristics of the edges of the network. The efficiency assessment procedure remains the same. If all the flows meet the logical requirements of the network’s elements, it is considered acceptable, as it is able to function efficiently. If the opposite happens, it is either necessary to elaborate on the network (by improving the parameters of the existing edges or adding new edges to the physical graph) or to reconsider the conditions for the pairs whose requirements cannot be fulfilled.

The cyber-physical system represented by the above network model is characterized by uncertainties of three types.

The first type concerns the requirements of the source-sink pairs. In this case, either the decision-making agent is not fully aware of the requirements of the system’s elements, or there is an objective necessity to increase the requirements (e.g. due to external factors), which the decision-making agent does not know about beforehand.

The second type concerns the characteristics matrix of the channels of the physical infrastructure, i.e. the physical graph. We assume that these values will be lower than those calculated while designing the network. Such uncertainty may result from the channels of the physical graph being damaged by external factors.

Uncertainty of the third type is caused by factors that are practically impossible to formalize. Although they do not affect either the characteristics of the edges or the requirements of the components, the system’s ability to fulfill these requirements deteriorates.

Uncertainties of all the three types may be either internal or external. However, external influence is less predictable, which is why we will now focus on this type. We will further refer to any unpredicted or undesirable event (or a series of events) that may result in the system’s malfunction as an incident. The degree of influence of an incident on the system should be referred to as the incident’s gravity. Incident impacts may vary and effect the characteristics of the edges and the requirements for the flows between the source-sink pairs. They may also include non-formalized factors.

A decrease in the characteristics of the edges of the physical graph may be rather significant and difficult to compensate for. This means that a posteriori reallocation of flows will be required. Therefore, we will consider the problem taking into account the possibility of optimal allocation of flows after a damaging impact.

In case of uncertainty, when we do not have complete information, we must determine the guaranteed result, which means that we should expect the worst possible outcome. The localization of the impact resulting from the incident (edges and/or pairs subject to the damaging effect) and the way this impact is distributed between the edges and pairs of the network are considered to be unknown. To assess the efficiency of the network after the incident, it is necessary to determine the worst outcome of the incident, i.e. to determine the situation when the characteristics of the edges deteriorate, the requirements increase, or there are other factors that cause maximum damage to the network’s functioning. The efficiency of the network is defined as its ability to fulfill the maximum flow requirements of the source-sink pairs.

Thus, analyzing the efficiency of a distributed cyber-physical system in the presence of uncertainty, we can say that a system which is not capable of performing its functions is not efficient. The most effective way to analyze the efficiency is to assess the efficiency of the system multiple times changing various parameters of uncertainty. This will help to establish the dependency between the system’s efficiency and the uncertainty factors. Therefore, modeling different versions of the cyber-physical system functioning under various conditions enables us to analyze the system’s efficiency in each situation and compare the results. For illustrative purposes, it is advisable to make dependency graphs for each version of the system and compare them afterward.

3 Evaluation of the Efficiency of the Multicommodity Network

By efficiency of the multicommodity network representing the cyber-physical system, we mean a complex parameter demonstrating how well the network can fulfill the requirements of the source-sink pairs. In other words, the degree to which the flows passing through the channels of the physical graph fulfil the requirements of the elements of the logical graph. The difficulty in fulfilling the requirements grows parallel to the increase in the requirements and the decrease in the quality of the flow between the nods of the pair. By the quality of the flow, we mean the degree to which the flow complies with the required characteristics specific to the network. If the quality of even a single flow is lower than necessary, it is not possible to meet the requirements. This dependency may be described by the concept of “difficulty of achieving the goal” introduced by Russman in [14]. The parameter “difficulty of achieving the goal” is an integrated characteristic of the quality of an object based on the ratio of the object’s properties and the requirements for this object set by the system. These requirements most often depend on the requirements for the whole system.

Given below is a brief mathematical description of the “difficulty of achieving the goal” parameter. A particular estimate of the difficulty \(d_{k}\) depends on the requirements \(\varepsilon_{k}\) for the quality of the k-th object and the value \(\mu_{k}\) of the quality of the k-th object. In order to determine the function \(d_{k}\) we need to determine its properties [15]:

  1. 1.

    If \(\mu_{k} > 0\) and \(\varepsilon_{k} = 0\), then \(d_{k} = 0\), i.e. when there are no requirements for the quality, the difficulty level is minimal.

  2. 2.

    If \(\mu_{k} = 1\) and \(\mu_{k} > \varepsilon_{k}\), then \(d_{k} = 0\), i.e. when the quality of the object is maximal, the difficulty level is minimal.

  3. 3.

    If \(\varepsilon_{k} = \mu_{k}\), then \(d_{k} = 1\), i.e. when the quality of the object complies with the requirement for the quality, the difficulty level is maximal.

Using the three conditions, we obtained the following formula for assessing the difficulty of achieving the goal [16]:

$$d_{k} = \frac{{\varepsilon_{k} \left( {1 - \mu_{k} } \right)}}{{\mu_{k} \left( {1 - \varepsilon_{k} } \right)}},$$
(1)

where \(d_{k} = 0\), when \(\varepsilon_{k} = \mu_{k} = 0\), and \(d_{k} = 1\), when \(\varepsilon_{k} = \mu_{k} = 1\).

Since the quality of any object is a hierarchy of its characteristics, an integrated estimate of the difficulty of achieving the goal should be the function of scores \(d_{k}\) of separate parameters. Let us assume that there is an object with two characteristics whose scores the difficulty of achieving the goal are \(d_{1}\) and \(d_{2}\). The overall difficulty estimate will be determined as \(D = f\left( {d_{1} ,d_{2} } \right)\).

Russman demonstrated [17] that only one function of two variables meets the requirements:

$$D = d_{1} + d_{2} - d_{1} d_{2} = 1 - \left( {1 - d_{1} } \right)\left( {1 - d_{2} } \right)$$
(2)

When n components of the integrated resource are present, the following formula is used to calculate the integrated estimate [17, 18]:

$$D = 1 - \mathop \prod \limits_{k = 1}^{n} \left( {1 - d_{k} } \right)$$
(3)

Flow characteristics of the studied network may vary (the flow value, the cost of the flow, etc.) both in the measurement units and in application domains. The flow may also be characterized by several parameters (e.g. minimum-cost maximum flow), which makes the parameter of the difficulty of achieving the goal a very useful and flexible tool for assessing the degree to which flow in a multicommodity network complies with the requirements set by the corresponding source-sink pair.

We shall thus consider the efficiency of the multicommodity network as an integrated estimate of the difficulty of achieving the goal. This value is calculated using (3), where particular difficulty estimates are determined as the degree of fulfillment of the requirements of each source-sink pair. The quality of the flow between the components of the source-sink pair is a certain parameter of the flow (the value, the cost, etc.), while the requirement for the quality of the flow is the requirement set by the source-sink pair.

4 An Algorithm for Evaluating the Efficiency of a Cyber-Physical System in the Presence of Uncertainty

Before we describe the algorithm for evaluating the efficiency of the cyber-physical system modeled as a multicommodity flow network, let us introduce a number of designations. The multicommodity network \(S = (V,P)\) is determined by a set \(V = \{ v_{1} , \ldots ,v_{n} \}\) of nods and \(P = \{ p_{1} , \ldots ,p_{m} \} \in V \times V\) of source-sink pairs or edges of the logical graph. Let the corresponding index sets be \(N = \{ 1, \ldots ,n\}\) and \(M = \{ 1, \ldots ,m\}\), with \(V = \{ v_{i} \}_{i \in N}\) and \(P = \{ p_{k} \}_{k \in M}\).

For any vertex \(v \in V\) let \(S(v)\) denote the set of indices of its outgoing edges, and \(T(v)\)—the set of indices of its incoming edges [11]. For each k-th source-sink pair let us introduce the designation \(p_{k} = (v_{sk} ,v_{tk} )\), where \(s_{k} < t_{k}\) is the vertex, \(v_{sk}\) is the source, and \(v_{tk}\) is the sink of the source-sink pair. \(g_{k}\) is the flow going from the source to the sink in every source-sink pair \(p_{k} \in P\).

The network has quantitative restrictions determined by the edges of the physical graph. Let us assume that each edge \((v_{i} ,v_{j} )\) of the network has a certain value \(c_{ij} \ge 0\), called the characteristic of the edge (the flow capacity, the cost of the flow, the length of the path, etc.) and measured in measurement units of the flow the network is created for. All the edges of the logical graph are assigned values \(y_{k} \ge 0\), measured in the measurement units of the flow. These values also pass along the logical edge of the multicommodity network.

In order to determine whether the system is acceptable, it is not necessary to model all the possible allocations of the flows of the physical network. It is enough to determine the allocations that ensure best possible flows between all the source-sink pairs. Let us use \(z_{k}\) to denote the best of all the possible flows \(g_{k}\). A set of such flows will then be denoted as \(Z(c) = \{ z_{k} \}\). This flow matrix ensures the maximal efficiency of the network [19].

Let us assuming that the incident’s gravity is the vector of three variables \(W = \left\{ {\beta ,\gamma ,\delta } \right\}\).

Parameter \(\beta\) denotes the expected increase in the requirements of any source-sink pair.

Parameter \(\gamma\) denotes the expected deterioration of the characteristics of any edge of the network.

Parameter \(\delta\) denotes non-formalized factors and the expected increase in the difficulty in fulfilling the requirements of any source-sink pair.

Using these designations, we can develop an algorithm for assessing the effectiveness of the described network. The algorithm is uniform for all the characteristics of the edges of the physical graph and differs only in the way the matrix \(Z(c)\) is determined.

  1. 1.

    Make the physical and logical graphs of the multicomponent cyber-physical system based on the model of a multicommodity network using the parameters of the system and the requirements for them.

  2. 2.

    Assess the best flows between the source-sink pairs, i.e. matrix \(Z(c)\). To determine the matrix, graph theory algorithms corresponding to the flow’s parameters should be used. Thus, if we need to determine the maximum flow, the maximum flow computation methods are used, such as the Ford–Fulkerson algorithm, the Dinic’s algorithm, the Gomory–Hu algorithm, etc.

  3. 3.

    Construct a matrix of the estimates of the difficulty of achieving the goal for all source-sink pairs. The quality of the obtained flows is evaluated using the following formula:

$$\mu_{k} = \frac{{z_{k} }}{{\overline{Z} + Z_{corr} }},$$
(4)

where \(\overline{Z} = \mathop {\hbox{max} }\nolimits_{1 \le k \le m} z_{k}\).

\(Z_{corr}\) is a special parameter for potential adjustments of the optimal quality (if no serious adjustments are required, the recommended value is \(\overline{Z}/100\)).

The next step is to evaluate the requirements for the quality of the flows:

$$\varepsilon_{k} = \frac{{y_{k} }}{{\overline{Z} + Z_{corr} }}$$
(5)

We should point out that both \(\mu\) and \(\varepsilon\) are measured in the interval [0, 1], with \(\varepsilon_{k} \le \mu_{k} \forall k\) for any source-sink par. If this condition is not fulfilled, the combination does not conform with the minimal quality requirements. In all the other cases, the difficulty value is:

$$d_{k} = \varepsilon_{k} (1 - \mu_{k} )/\mu_{k} (1 - \varepsilon_{k} )$$
(6)

Let us also introduce weighing coefficients in the range of \(0 < \alpha_{k} \le 0.1\). The final set of difficulties in fulfilling the requirements of the source-sink pairs is then determined as

$$D = \{ d_{k} {^{{\alpha_{k} }}}\, |\, d_{k} {^{{\alpha_{k} }}} = 1 - (1 - d_{k} )^{{\alpha_{k} }} \}$$
(7)

The integrated difficulty is determined using the formula:

$$D_{\text{int}} = \sum\limits_{k = 1}^{m} {d_{k} {^{{\alpha_{k} }}} }$$
(8)

This parameter demonstrates the integrated difficulty in fulfilling the requirements of all source-sink pairs of the network and serves as a criterion for assessing the system’s efficiency. The higher the difficulty value, the harder it is to meet the mutual requirements of the system’s elements at the given flow capacity of the network. When \(D = 1\), the difficulty value is maximal, which means that the system is highly vulnerable. If any of the values \(d_{k}\) is more than 1 (in the case when \(\varepsilon_{k} > \mu_{k}\)), the integrated value is also \(D > 1\), which means that the flow between the vertices in this pair does not meet the requirements and the system does not function efficiently.

  1. 4.

    Estimate the expected incident’s gravity \(W = \left\{ {\beta ,\gamma ,\delta } \right\}\). The incident’s gravity can be determined by solving a number of special problems [17] or using expert forecasting methods. If the incident’s gravity cannot be determined precisely, or it is not necessary for the current problem, steps 4 and 5 can be omitted or performed using a preset gravity value.

  2. 5.

    Calculate the matrix \(C^{\gamma }\) of the expected characteristics of the edges of the physical graph and vector \(Y^{\beta }\) of the expected increased requirements. The incident’s gravity was estimated in step 4.

Formulas for calculating new parameters of the network:

$$c_{ij}^{\gamma } = \left( {1 - \gamma } \right)c_{ij}^{0}$$
(9)
$$y_{ij}^{\beta } = \left( {1 + \beta } \right)y_{ij}^{0}$$
(10)

It is now necessary to once more determine the best flows (perform step 2 with new parameters) and the set of estimates of the difficulty in fulfilling the requirements of the source-sink pairs (repeat step 3 with a new matrix).

To evaluate the non-formalized factors another parameter \(\delta\) of the incident’s gravity is used and \(D^{\delta }\) is calculated:

$$d_{ij}^{\delta } = \left( {1 + \delta } \right)d_{ij}^{0} = 1 - \left( {1 - d_{ij} } \right)^{{\left( {1 + \delta } \right)}}$$
(11)

The obtained parameter of the integrated estimate reflects the efficiency of the system after an incident of particular gravity. If the network is still acceptable, the system is considered efficient enough to resist the impact of the incident of expected gravity and meet the requirements of all the system’s components.

  1. 6.

    Repeat step 5 gradually increasing the incident’s gravity until the network stops being acceptable. Thus, the maximum incident’s gravity for the system can be determined. Efficiency indices and corresponding incident’s gravity values are marked on a diagram.

  2. 7.

    For a more detailed analysis, repeat step 6 for various incident impacts (with uncertainties of all the three types). The obtained diagrams will demonstrate the parametric dependence between the system’s efficiency and the uncertainty factors.

  3. 8.

    Repeat steps 1–7 for different versions of the network in order to compare several versions and select the most efficient one.

The described algorithm, therefore, determines the way to design the most efficient distributed cyber-physical system.

5 Simulation Experiment

The suggested algorithm was tested on the information network of the company Technopark-V (Voronezh), whose chart is presented in Fig. 1.

Fig. 1
figure 1

Chart of information network

Full size image

The following parameters were determined using the algorithm.

  • \(D = 0.767\)—the integrated efficiency estimation without uncertainties.

  • \(D = 0.944\)—the integrated efficiency estimation after an incident whose parameters were determined by experts.

  • \(W_{lim} (\beta_{lim} ;\gamma_{lim} ;\delta_{lim} ) = (0.18;0.15;0.19)\)—vector of the maximal parameters of the gravity of the incident after which the system still functions.

  • (18; 6), (12; 3), (17; 2)—the most vulnerable source-sink pairs. Diagrams demonstrating the dependency of the system’s efficiency on various uncertainty factors are presented in Fig. 2.

    Fig. 2
    figure 2

    Diagrams of the dependency of the system’s efficiency on various uncertainty factors

    Full size image

The analysis of the efficiency of the system allowed us to find the vulnerabilities and suggest recommendations on improving the network. As a result, a new network was developed. Summary diagrams of both networks are given in Fig. 3.

Fig. 3
figure 3

Summary diagrams of efficiency for both networks

Full size image

The suggested algorithm allows for the development of recommendations for selecting the most efficient and robust version of the network.

6 Conclusion

The US National Science Foundation (NSF) has identified cyber-physical systems as a key area of research [20]. Other developed countries, including Germany, Japan, and China, also consider development and improvement of CPS a highly promising sphere [21, 22]. However, the application of CPS involves a number of algorithm-related challenges caused primarily by network issues. Sophisticated tools for studying complex networks must be used when designing distributed cyber-physical systems, as they ensure the highest efficiency of the system. Modeling a cyber-physical system as a multicommodity network followed by the analysis of its efficiency in the presence of uncertainty allowed us to develop an algorithm for the analysis of efficiency of such systems based on the concept of difficulty of achieving the goal. The proposed techniques can be used when designing CPS under uncertainty. The simulation experiment carried out on an information network of the Technopark-V company demonstrated the effectiveness of the suggested method for determining the process of CPS design.