5G Digital Twin: A Study of Enabling Technologies

Abstract

5G networks require dynamic network monitoring and advanced security solutions. This work performs the essential steps to implement a basic 5G digital twin (DT) in a warehouse scenario. This study provides a paradigm of end-to-end connection and encryption to internet of things (IoT) devices. Network function virtualization (NFV) technologies are crucial to connecting and encrypting IoT devices. Innovative logistical scenarios are undergoing constant changes in logistics, and higher deployment of IoT devices in logistic scenarios, such as warehouses, demands better communication capabilities. The simulation tools enable digital twin network implementation in planning. Altair Feko (WinProp) simulates the radio behavior of a typical warehouse framework. The radio behavior can be exported as a radio simulation dataset file. This dataset file represents the virtual network’s payload. GNS3, an open-source network simulator, performs data payload transmission among clients to servers using custom NFV components. By transmitting data from client to server, we achieved end-to-end communication. Additionally, custom NFV components enable advanced encryption standard (AES) adoption. In summary, this work analyzes the round-trip time (RTT) and throughput of the payload data packages, in which two data packages, encrypted and non-encrypted, are observed.

1. Introduction

The quantity of user equipment (UE) devices connected to the internet has increased rapidly since 2007 due to the introduction of the iPhone, and the IoT “birth” during 2008 fueled this increase [1]. More and more connected devices require higher network capabilities. Ericsson responded to these needs and launched a white paper on the 5G concept to meet those demands in 2014 [2].

A definition of the main system architecture requirements is needed to provide a straightforward approach. The 3rd Generation Partnership Project (3GPP) performs a task in cooperation with the European Telecommunication Standard Institute (ETSI), which released details in 3GPP TS 23.501 Release 16 [3]. Based on this, radio access network (RAN), user equipment (UE), and access management function (AMF) are the minimum components. The introduction of network function virtualization (NFV) and software-defined network (SDN) allows additional network functions, creating a more feasible and even safer network.

Network function virtualization (NFV) is the virtualization of routers, firewalls, and advanced packet cores. These components can execute software applications and connect to the central infrastructure. Software-defined network (SDN) is an approach to networking that provides tools for programming, traffic control, or network slicing. These functions help to achieve higher network performance. The technologies above enable most use cases of 5G networks, and the primary use cases are enhanced mobile broadband capabilities (eMBB), ultra-reliable low-latency communications (URLLCs), and massive machine-type communications (mMTCs).

Industrial applications with a high density of devices need the implementation of mMTC solutions. There is an increasing demand for Smart logistic solutions such as tracking and fleet management. Supply chain and logistics companies are willing to adopt this kind of solution [4]. Smart logistics needs real-time data to track current operations, create predictions and increase the overall equipment efficiency (OEE). Migration from previous wireless networks to 5G meets this need. However, the adoption rate is still moderate due to the high complexity of the technologies involved.

5G test-beds are crucial to define, test, analyze and deploy solutions in different mobile network scenarios. Digital twin solutions allow the use of virtual equipment for its testing stage. Additionally, the digital environment can be connected to its physical counterpart. Adopters can test different networking or security settings in virtual environments by developing digital models.

5G hardware, software, and training methods are unfamiliar to most non-academic users contributing to the slow 5G adoption. The use of 5G digital twins can enable radio and network simulation to help adopters to justify investment decisions. Regarding network simulation, Network function virtualization (NFV) technologies represent a cost-effective approach. By simulating network equipment, adopters can estimate network performance and understand the amount of required equipment for their particular case [5]. Implementation of NFV solutions reduces the energy consumption and hardware cost of the network.

The academic community provides an extensive collection of frameworks, reviews, and surveys about digital twins in 5G scenarios. Our study complements the research method introduced by the previous research authors to provide a practical application of a basic digital twin in a 5G scenario with data information. The selected testing environment is a warehouse at the Industry 4.0 Implementation Center at the National Taiwan University of Science and Technology. The electromagnetic software, Altair Feko (WinProp), simulates radio coverage testing in the environment, generating a radio dataset in comma-separated values (.CSV). Later, the network transmission simulation used the radio dataset file as the network payload.

With an emphasis on end-to-end communication, this study conducted data transmission and security. GNS3, the selected network simulator in this study, contains Ubuntu NFV solutions for data transmission. Ubuntu virtual machines work as clients and servers. Wireshark, an open-source packet analyzer, has been selected to monitor the data transmission between client and server. In addition, cybersecurity encryption can be implemented in Ubuntu devices to avoid security risks.

Digital twin simulation allows basic testing of 5G technologies, and radio coverage graphics visualize the interaction between 5G radio and its surrounding environment. The combination of NFV technologies and additional modules allows end-to-end connection between client and server. Implementing this set of tools can help speed up the adoption process of 5G technologies for non-familiar adopters.

2. Related Work

Norbert Wiener, the author of the book “cybernetics”, suggested the combination of physical processes, computation, and communication, and he coined the term in 1948 [6]. The term evolved into cyber-physical systems (CPS), which expands the integration from process to complete systems. Its main goal is seamless integration between the practical world and its digital counterpart. In contrast, digital twins (DTs) are focused applications that allow providing high-fidelity virtual models. For this reason, DT can be understood as a focused application of CPS [7].

The origin of the digital twin (DT) concept began in the 1960s, and during this period, NASA developed “twinning” methods for its Apollo Space Program. Constant data connection provided telemetry data to an array of 15 simulators. This system could compute many simulated equipment failure scenarios or tested communication failures [8]. Nowadays, it is possible to define a DT as an advanced system that can provide high-fidelity models [9].

The connection between DT and its physical counterpart is crucial to generating high-fidelity models. The two-way data connection enables constant updates, and the main goal is to achieve a higher correlation between simulated and actual data tested in the field. Due to its modularity, digital twin solutions combine many technologies. As an example, Nvidia Omniverse combines telemetry data from sensors with augmented reality (AR) solutions.

Digital twin industrial applications are presented in manufacturing, energy, industrial assets, or architecture structures. Intelligent manufacturing solutions (CPS) are currently listed as the top priority in manufacturing of government-level strategies, such as Industrial Internet (US), Industry 4.0 (Germany), or Made in China 2025 (China), reflecting this priority [10]. Early adopters such as BMW, General Electric, Microsoft, or Siemens are developing their digital twin technologies.

The logistics sector needs signal monitoring systems to avoid unexpected disruptions [11]. The digital supply chain twin (DSCT) is a digital dynamic simulation model [12]. It has three scopes: network level, site level, and asset level.

Smart logistics belongs to the site level, covering warehouses and manufacturing scenarios. IoT solutions in ports [13], smart contracts for tracing supply chain parts [14], or new frameworks for next-generation ports and warehouses are examples of smart logistics applications [15].

The implementation of IoT solutions in ports requires the deployment of a massive number of devices. Therefore, the adoption of massive machine-type communication (mMTC) is required. Data encryption and end-to-end performance are required to test and validate mMTC applications. In this regard, 5G digital twins could perform network simulations for these two specific applications [16].

Digital twin integration with 5G technologies is gaining popularity among the research community. The research efforts from Dimitris et al. (2021) help to provide a generalized architecture of an IoT smart manufacturing scenario. In this case, the study highlights using digital twins to apply advanced technologies based on 5G wireless communications [17].

According to Qi et al. (2021), “Many researchers and participators in engineering are not clear which technologies and tools should be used”. Their work provided an extensive summary of enabling technologies for digital twins and established general research directions [18]. The definition of clear research directions is part of the work of Zao et al. (2022), where the authors proposed a framework for digitalized museums. Digitalized museums require combining digital twins, artificial intelligence (AI), and 5G technologies. The implementation of the proposed framework was simulated using MATLAB [19].

According to Hu et al. (2021), “There is a lack of consideration of the environmental coupling, which results in the inaccurate representation of the virtual components in existing DT models”. The authors suggested a strong focus on real-world data, including physical parameters [20].

Research from Zeb et al. (2022) provided the expected features beyond 5G/6G networks. The main list of features includes network services (eMBB, mMTC, and URLLC), network slicing (SDN, NFV), cloud-native deployments (Kubernetes, KubeFlow), federated learning (FL), age of information (AoI), and green communication (power saving, energy harvesting) [21].

Based on the previous considerations, our study provides the needed components to simulate and test a small-scale 5G digital twin. The study of enabling technologies provides a straightforward approach to using software tools. Our study considers the influence of real-world materials in the data generation section to obtain accurate radio representations. In addition, the use of NFV technologies in the data transmission section allows end-to-end communication between client and server. There is a need to provide an empirical analysis of the software tools to test and validate the previous list of features. This study’s result section analyzes package data size, TCP streams, round-trip time, average network throughput, and capture of data packages. The discussion and conclusion sections summarize the study and future research directions.

2.1. Available Test-Beds

To test and evaluate the performance of a 5G network, academic and corporate institutions use the 5G test-bed to research, develop, and predict its future implementation under a wide variety of scenarios [22].

Currently, many network test-bed solutions can fulfill network slice selection function (NSSF) needs. Norwegian University of Science and Technology researchers conducted an extensive review of a small-scale 5G test-bed in this regard. In the review, the team provided a valuable summary of a wide variety of test-bed for network slicing in 5G [23]. A common trend was combining SDN and NFV technologies (the BlueArch, shown in 19 of the 21 test-bed evaluated). On the other hand, radio access technologies (RATs) had a lower adoption rate (the SliceNet, shown in 13 of the 21 test-bed). RAT combines radio networks, Wi-Fi, long-term evolution (LTE), and 5G new radio). Radio propagation is sensitive to its physical environment. The presence of materials such as metal or brick can cause unexpected blind spots.

Radio datasets are the basis for distance estimation or location fingerprint techniques [24]. Smart logistic solutions such as fleet management and tracking solutions require distance estimation and location fingerprint. The use of simulators with data generation capabilities can provide customized radio datasets.

The lower adoption rate of RATs in the 5G small-scale test-beds review represents a research opportunity. Combining radio simulators with other technologies, such as NFV or SDN, could provide tools to test and validate essential 5G technologies for non-familiar adopters.

2.2. Additional Requirements

5G relies on the latest technology to perform equipment virtualization, network slicing, and traffic control that exposes the network to cyber-attacks [25]. The next-generation networks must include cybersecurity tools that can provide safe connections. Data encryption, blacklist listing, and machine learning network analysis are some examples of cybersecurity tools.

3. Materials and Methods

This section describes the materials and methods used in this study. When adopting new technologies, decision-makers want to evaluate the system before its acquisition. Using simulators helps estimate coverage and the main parameters of a 5G deployment scenario.

In general, physical objects affect the coverage of the 5G network in an industrial environment where heavy machinery, production lines, or compound materials are ubiquitously in working fields. Antenna position, frequency band, or transmitting power also affect radio coverage. Antenna position or transmitting power changes can improve or deteriorate the radio signal coverage. Radio simulators can provide visual representation features to understand the effect of these changes.

Additionally, network simulators allow data transmission and analysis with virtual equipment representing either a valid user or a non-authorized user. Virtual equipment can provide security measures to guarantee safety across the network, where the simulation of firewalls or encryption techniques can help to increase network security.

Using 5G digital twins allows radio and network behavior simulation to represent common issues about 5G technologies. This study aims to provide a practical application scenario of enabling 5G technologies, providing an initial testing approach to non-academic adopters.

3.1. Main Subjects of the 5G Digital Twin

This section describes the materials and methods used in the central parts of this study, data collection, transmission, and methods. Feko-WinProp (Altair) simulates a deterministic radio signal for data collection, and GNS3 represents the whole network and its data transmission. Finally, the method part depicts the step-by-step approach of this research. The main subjects conducted are listed in

Table 1. The portions in the practice of the 5G digital twin.

Data Generation	Data Transmission	Analysis Methods
List of radio parameters	Data encryption	Round-trip time (RTT)
Building CAD file	TCP	Throughput
Data generation (.CSV)	Wireshark	Packet analyzer

.

3.2. Radio Access Network (RAN)

Radio access network (RAN) is the implementation of both legacy and new radio technologies. New features such as multiple input, multiple output (MIMO), beamforming, and new dedicated radio bands (1–24 GHz) are available. These features enhance the radio performance of 5G. Due to its higher operating frequencies, 5G tends to be vulnerable to its environment. This issue is significant in warehouses or manufacturing sites, which tend to have higher penetration losses. To test the feasibility of a project, it is essential to study radio coverage analysis.

The set of bands available for 5G new radio (NR) has been defined in the technical specification 3GPP TS 38.101-1 Release 15 [26]. According to this technical specification, there are three major frequency bands: low (700 MHz), high (3.1–4.9 GHz), and very high (26 GHz). The use of each specific band depends on the geographical area.

Table 2. Commercially Available 5G Frequency Bands in Taiwan.

Band	f (MHz)
N1	2100
N3	1800
N28	700
N41	2500
N78	3500
N79 1	4700

¹ N79 is a dedicated band for private users and requires special authorization.

represents Taiwan’s current 5G frequency bands for individuals and private users.

Frequency bands under 2.7 GHz have lower performance due to a higher concentration of cellular networks (3G and 4G) across the ultra-high-frequency band (UHF). In contrast, the C-band frequency range (3.4–3.6 GHz) is highly available. During the early phase of the 5G deployment in Taiwan, the central band provided at that time was N1. Nowadays, N78 is the most popular frequency band. N1 is the second most adopted frequency band in Taiwan.

Currently, the leading mobile network operators (MNOs) in Taiwan offer five frequency bands, as shown in

Table 3. List of frequency bands available in Taiwan by MNO.

Band/MNO	N1	N3	N28	N41	N78
Chunghwa Telecom	●	●			●
Taiwan Mobile	●	●	●		●
Far East Tone	●	●		●	●
T-Star Telecom	●	●	●		●
Asia Pacific Telecom			●	●

. The current bands offered cover low- to high-frequency bands.

MNOs provide wireless network coverage maps to evaluate the service availability in a given location. However, this can differ from the network experience of each user. OpenSignal, a private analytics company, collects network parameters such as signal strength, available networks, or data speed of each application user. Thus, users can visualize the radio coverage map in their current location [27].

Radio coverage simulators are needed to predict the coverage of a custom wireless network. In the case of custom wireless networks, equipment parameters such as transmitting power or radiation patterns affect the result of the coverage. In this regard, VE2DBE is a free online radio simulator, merging the antenna parameters with location data from geographic databases such as OpenStreetMap, Bing Road, Bing Satellite, USGS Topo, USGS Sat, Open TopoMap, and OSM gray. The coverage file is a geo-referenced map of the antenna coverage in a selected area. This file contains multiple images, such as a radio coverage map (.PNG), terrain relief map (.JPG), land cover map (.PNG), and population density map (.PNG). VE2DBE can be used for radio coverage simulation in large-scale areas [28].

Physical obstacles and reflective materials affect the coverage of custom wireless networks notorious in environments such as warehouses or manufacturing scenarios. In these environments, accurate radio coverage requires both antenna parameters and obstacles’ material parameters. In this regard, advanced electromagnetic simulators such as Altair Feko (winProp) enable radio network planning for small and large-scale areas [29]. Small-scale areas include buildings, warehouses, or manufacturing sites. Large-scale areas include urban and rural environments.

The electromagnetic radio simulator provides a graphical representation of the radio coverage in a selected area with real-world physical data. In addition, the simulated radio coverage values can be exported as a comma-separated value (.CSV) file. The file contains the space coordinates and power values (expressed in dBm).

This work focuses on the 5G NR specification provided by the local MNO, Chunghwa Telecom, the largest telecommunications company in Taiwan. Using Altair, WinProp conducted the radio coverage analysis in a warehouse environment. By simulating the physical characteristics of the space, it is possible to estimate the maximum range of coverage of the radio signal. This helps to speed up the validation time of 5G use cases.

3.3. Testing Environment

The primary experiment environment includes a warehouse, outdoor space, and buildings as the testing ground for the DSCT Site Level. Figure 1A shows the layout of the testing ground in scale, which is the facilities of the Industry 4.0 Implementation Center at the National Taiwan University of Science and Technology. The layout space uses computer-aided design (CAD) to represent the geometric location of the building and antenna. The warehouse space is about 10 × 10 square meters, and the radio waves transmission range is about 30 × 40 m around the warehouse, peripheral space, and building. Figure 1B shows the location of the antenna at the testing site. The antenna sits at the top of the Industry 4.0 Implementation Center building, with a relative height of 5.3 m from the ground.

The testing environment layout allows radio coverage simulation using an electromagnetic radio simulator, an initial approach for radio coverage analysis and network deployment. The generated radio coverage simulation data can compare with practical signal measurements in a further plan. Acquiring dedicated hardware devices such as industrial boards with 5G capabilities or software-defined radio (SDR) modules is required to obtain practical measurements. The acquisition of dedicated hardware is currently under consideration and included in our future research development plan.

3.4. Data Generation

Chunghwa Telecom provides service for three frequency bands, N1, N3, and N78. N78 is located in the C-Band frequency range and has an operating frequency of 3500 MHz. The following radio coverage analysis focuses on implementing the N78 frequency band. Supported channel Bandwidths for the N78 band are divided into different channels (10–100 MHz). The most popular channel bandwidth for N78 is 100 MHz, the maximum supported channel bandwidth. Smaller channel widths are prevalent in early N78 deployment before spectrum auctions.

Regarding the location of the antenna, it sat at the top of the Industry 4.0 Implementation Center building, with a relative height of 5.3 m from the ground. The azimuth and down-tilt values of the antenna are 150° and 35°. Additionally, its transmitting power is 40 dBm (10 W). The height of the user equipment (UE or client) is assumed to be 1.5 m above the ground.

Table 4. 5G parameters for radio simulation.

Parameters	Value
Frequency band	N78
Operating frequency	3500 MHz
Bandwidth	100 MHz
BS antenna height	5.3 m
Azimuth	150°
Down-tilt	35°
BS transmit power	40 dBm
Receiver height	1.5 m
Receiver power	23 dBm

represents the 5G network coverage simulation parameters.

Material penetration losses are proportional to the frequency value. A slight frequency increment can generate different radio propagation results. Advanced electromagnetic radio simulators contain material libraries for accurate environment representation. In this study, these values are in the WinProp Material library, which includes an extensive catalog of common materials for indoor and outdoor spaces.

The radio coverage simulation utilizes deterministic software (WinProp, Altair Software Inc., Troy, MI, USA), which is in charge of data modeling. Figure 2 shows 5G radio signal coverage contours in the CAD file layout. This figure combines simulation parameters and test environment materials listed in Table 4 and

Table 5. Test environment material parameters.

Material	Size (mm)	Transmission Loss (dB)	Reflection Loss (dB)
Concrete	300	28.95	7.51
Brick	300	20.11	9.52
Wood	150	6.18	11.43
Metal	5	750.2	0.05
Glass	5	1.72	7.53

. The WinProp software can export the data generated by the simulation process with the parameters we mentioned in the last subsections.

The generated data contains power and distance values (expressed in the cartesian coordinate system) and can be saved as a dataset that consists of 1283 samples, as

Table 6. Simulation values in WinProp.

X	Y	dBm
30,945.269	4874.697	−48.047
30,946.269	4874.697	−48.079
30,947.269	4874.697	−48.811
30,948.269	4874.697	−50.194
[…]	[…]	[…]

shown. The first column represents the horizontal plane (x plane), the second column represents the vertical plane (y plane), and the last column stores the power value expressed in dBm.

This data can be saved in a comma-separated values (.CSV) file. The generated radio simulation dataset represents the payload of the network. Payload transmission between client and server allows network performance analysis. The following section will study the different components required for data transmission.

Altair Feko (WinProp), as an electromagnetic simulator for wireless networks, generated the values in Table 6 and the radio coverage map in Figure 2. Please note that both antenna and receiver have been simulated with the parameters indicated in Table 4. Therefore, no hardware is implemented in this study except the antenna provided by the local MNO. For future research, the acquisition of hardware components, such as industrial boards with 5G capabilities or software-defined radio (SDR) modules, is currently under consideration.

3.5. Data Transmission

Network software programs allow the generation of virtual networks. This network uses different components such as routers, switches, or similar. By using said components, data transmission is possible. The data package selected for this task is the dataset generated before. The following points explain the different components of the data transmission part.

3.5.1. Network Management User Interface

Graphical Network Simulator-3 (GNS3) is an open-source network software written in Python that utilizes to present the network topology. GNS3 can host Docker containers, network switch, firewalls, or Ubuntu servers. A two-way data connection is possible via telnet. This combination of components allows the simulation of complex network environments [30].

3.5.2. Network Functionality Virtualization (NFV)

NFV is the total virtualization of multiple network functions, such as routers or firewalls. Networking hardware companies such as Cisco [31], Juniper [32], Huawei [33], or FortiNet [34] are providing kernel-based virtual machines (KVMs), which are digital versions of their equipment. For the implementation of user equipment (guest users), companies such as Canonical [35] also provide a collection of KVMs. KVM solutions provide similar functions to their physical counterparts, a feature highly valuable for equipment testing, which helps reduce the error rate during deployment. In addition, KVM enables the connection between the simulated environment and the natural world (two-way connection), providing a hybrid combination of hardware and software components.

3.5.3. Software-Defined Network (SDN)

Dynamic network control is necessary to achieve higher network performance. Improving routing processes and data flow requirements is possible with SDN [36]. SDN controllers can be present in both front-haul and back-haul links. In this regard, Ryu is an SDN controller with a well-defined API written in Python [37]. Located at the node level, Ryu can communicate with the Mininet controller.

Based on the study from NUST, there are over 21 test-beds currently available. Due to the vast offer and proven effectiveness, we did not plan to apply SDN solutions in this study.

3.5.4. Packet Analyzer (Wireshark)

Wireshark is an open-source packet analyzer used for data interception over computer networks. The software allows the graphical representation of data packets and supports many internet protocols, according to the internet protocol suite (TCP/IP model) [38].

Table 7. Wireshark supported protocols.

TCP/IP	Protocol
Application	HTTP, MQTT, Telnet
Transport	TCP, UDP
Network	IPv4, IPv6
Network interface	Ethernet, 802.11 b/g/n (Wi-Fi), LTE

depicts a brief list of supported protocols used for IoT applications. We study the packet round-trip time (RTT) and throughput in this work.

3.5.5. AES Encryption

The use of the advanced encryption standard (AES) in this study aims to fulfill the additional requirements stated. AES is a block cipher encryption method, where all the data are encrypted in blocks, and the length of each block is 128 bits. In addition, it is a symmetric algorithm requiring the same key for encryption and decryption of data. The key size would determine how many rounds of encryption are required [39].

From a performance point of view, symmetric algorithms are less resource-intensive and faster than asymmetric algorithms. The radio simulation dataset is the selected payload to encrypt in this study.

3.6. Dynamic NFV Components

This study requires the adoption of dynamic components to perform data transmission and encryption. This type of component runs kernel modules. The OS modules allow script file implementation using Python3 as the programming language.

3.6.1. Ubuntu-Docker (NFV)

Ubuntu is the selected operating system (OS) to simulate the behavior of user equipment (client) and server. Using a container image-hosted operating system can decrease the setup time. Container images are standalone executable packages of software with essential components to run applications. Docker is an open-source container service. Linux command line interface (CLI) commands are needed to interact with the system. Default modules of the system can be updated at will. The extra modules in

Table 8. Docker-Ubuntu extra modules for data transmission and encryption.

Module	Version	Description
socket	3.8.13	TCP socket
pycryptodome	3.14.1	AES
tqdm	4.30.0	Progress bar

are necessary for data transmission and encryption.

3.6.2. FortiGate (NFV)

FortiGate is a KVM solution provided by FortiNet. The software module includes a graphic user interface (GUI) and a CLI. The module setting allows the data transmission between client and server via ethernet port. For this reason, its behavior in this research can be passive, similar to an ethernet switch. Dynamic testing of FortiOS is under consideration for future work.

3.7. List of Network Components

Testing of 5G technologies included NFV and RAN technologies in the research. To summarize the previous points,

Table 9. List of network components.

Technology	Virtual Equipment	Physical Equipment	Reference Name
NFV	Docker-Ubuntu	5G UE	Ubuntu-DockerGuest-1
NFV, RAN	Ethernet Switch	Ericsson 5G Small Cell	5G AP
NFV	Ethernet Switch	Cisco 2959X	L2_Switch
NFV	FortiGate 6.45	FortiGate 81E	FortiGate6.4.5-1
NFV	Ethernet Switch	Cisco 3850	L3_Switch
NFV	Docker-Ubuntu	Server	Ubuntu-DockerGuest-2

contains the list of components necessary to conduct data transmission. Physical equipment and its virtual counterpart are both listed. GNS3 allows the connection of the previous list of components to the virtual network via multiple protocols such as TCP or UDP [40]. The connection between the physical and virtual worlds can be considered for future work.

3.8. 5G Network Architecture

This study implements kernel-based virtual machines (KVMs), digital equipment versions. KVM solutions provide similar functions to their physical counterparts, a feature highly valuable for equipment testing. In this study, FortiGate 6.45 and Docker-Ubuntu are dynamic NFV components capable of emulating actual networking hardware activities. FortiGate KVM requires the acquisition of its physical hardware. Therefore, its use is limited to authorized users. In contrast, Ubuntu-Docker is an open-source container service.

A 5G network is composed of two sections: front-haul and back-haul. The front-haul section refers to the network’s wireless access (5G RAN) and establishes a radio connection between the user equipment (UbuntuDockerGuest-1) and the 5G Access Point. In contrast, back-haul access relies on a fiber to the X (FTTX) connection and connects the different network equipment components.

The network representation of the Industry 4.0 Implementation Center has been conducted with GNS3, as shown in Figure 3. Its architecture consists of public and private networks. The blue highlighted block (Figure 3, left) is the “known” part of the network (private). This part of the network uses NFV components to send data. The connection between Ericsson’s 5G access point (Small Cell) and L2 Switch (OSI Layer 2) relies on the FTTX connection. A firewall is after the L2 Switch to guarantee network security.

The red block on the right side of Figure 3 is the highlighted public network, which interconnects to private networks via the L3 switch (OSI Layer 3). The primary function of this part is to guarantee access to the internet.

Figure 3 represents the network layout of the private network. Therefore, the image represents a dynamic network simulator system rather than graphic icons. The components included in Figure 3 are KVM solutions (UbuntuDocker-1, UbuntuDocker-2, and FortiGate 6.4.5-1) and open-source NFV components (ethernet switch). Linux command line interface (CLI) commands are required to interact with the system to control each component.

3.9. Method

The radio parameters needed for simulation vary in each country. These 5G radio parameters are required for the deterministic radio simulator. In this case, the operating frequency band in this study is N78.

The simulator requires a CAD file representation to simulate radio coverage. A material library provided by WinProp allows material attributes to the CAD file. GNS3 is the network simulation host of the virtual network, and Ubuntu-Docker allows data transmission and encryption. The generated dataset contains cartesian coordinates and their predicted power value.

Data encryption relies on the AES algorithm, and it is an optional feature. To send data between the client (UbuntuDockerGuest-1) and server (UbuntuDockerGuest-2), Ubuntu-Docker uses TCP protocol. The selected port for data transmission is 21,880. After establishing a TCP connection, data transmission is possible. The packet analyzer (Wireshark) is required to observe data transmission. Figure 4 shows the workflow of the execution process of the 5G digital twin.

4. Results

Wireshark is the selected packet analyzer for this study, which provides a graphical representation of TCP streams, round-trip time (RTT), and throughput. The TCP protocol is executed in both client and server to establish communication. After the server-side data transmission port opens, the client sends data to the selected IP address and its respective port. The following points can explore the network performance differences between the data packages.

4.1. Data Size Comparison

In this study, two data packages are available: non-encrypted and encrypted packets, and both save in comma-separated value (.CSV) files. Non-encrypted package refers to the generated radio dataset containing raw data. Encrypted package refers to the generated dataset after encryption with the AES algorithm. After encryption, the new file is 34 percent larger than the non-encrypted dataset.

Table 10. Size comparison between encrypted and non-encrypted data packages.

Data Package	Size (kB)
Non-encrypted	32.7
Encrypted	43.7

represents the difference in file size among these two data packages.

4.2. TCP Streams

The first step of establishing a TCP session is the client’s and server’s handshake. The data transmission begins after the connection is established. Figure 5 represents both handshake (green) and data transmission (red).

4.3. Round-Trip Time

The time between request and response from the client to server, measured in milliseconds, represents the round-trip time of the network. RTT can be affected by distance, transmission medium, number of network hops, traffic levels, or server response time.

In this study, the main difference between encrypted and non-encrypted file transmission is the size of the document. Figure 6 and Figure 7 represent the different RTT times of non-encrypted and encrypted files, respectively.

4.4. Average Network Throughput

Network throughput is the amount of data transmitted from client to server in a given period, and the measurement unit is the bit per second (bits/s). The horizontal axis represents the time in seconds for each data section. Enforced limitations, network congestion, latency or packet loss, and errors can be affected throughput.

Non-encrypted file requires 0.02 s to achieve its highest throughput, 260,000 (bits/s). In comparison, the encrypted file requires 0.025 s to achieve a higher throughput of 350,000 bits/s. Figure 8 and Figure 9 represent both non-encrypted and encrypted files.

4.5. Data Package Analyzer

Wireshark allows packet sniffing, capturing the data stream from client to server. After selecting the target package, Wireshark provides a representation in both HEX and UTF-8 values. Without data encryption, raw values are exposed to both white-hat and black-hat hackers. Figure 10 displays the compromised values on its right side, which are identical to the dataset obtained in Table 6.

The AES algorithm requires the use of the same key for encryption and decryption, and it can also provide excellent security if the key is not compromised. In contrast, Figure 11 represents the ciphertext values on its right side, which are extremely hard to decode.

5. Discussion

The implementation of the different technologies presented in this study facilitates the simulation of 5G digital twins. The network simulator (GNS3) allows the combination of NFV components and data transmission across a virtual network. The deterministic radio simulator provides a coverage map of the warehouse scenario. This data can be exported as a comma-separated value file (.CSV file), generating a 5G radio coverage dataset with cartesian coordinates and power values. The use of dynamic network components is required for sending data. In this regard, Ubuntu-Docker KVM is quite helpful. This component allows extra modules in a given scripting language (Python3). The TCP protocol enables client and server connection by denoting a specific port (21880). The selected transmission mode for this study is simplex. This communication mode is unidirectional between client to server. The transmission of files is individual. Wireshark is the software used to monitor data transmission.

Data security is a constant challenge in data communication networks. The packet analyzer allows the capture of packages across the network. Capturing data is known as packet sniffing, and it could represent a security risk when dealing with more sensitive data. The AES algorithm has been adopted in this study to hedge this risk.

This study compares the difference between encrypted and non-encrypted files across the network. RTT time between files is slightly different, ranging from 1.2 to 3 milliseconds. Throughput measures the amount of data transmitted from client to server in a given period. Therefore, when the data package increases, the throughput also tends to increase. In this case, the file size increases an extra 34 percent after encryption. The encrypted file takes an extra 0.005 s to achieve its maximum throughput, which is 90,000 bits/s higher than its counterpart. The extra 0.005 s represent a 25 percent increase in time. In other words, the extra size of the file significantly influences time and throughput.

Packet capture exposes the vulnerability of non-encrypted files. The raw data can be decoded and easily read by an attacker. In contrast, data encrypted with the AES algorithm can be captured but not easily decoded.

6. Conclusions

Three main issues are common when implementing a digital twin. To begin, digital twin needs a clear definition of tools and technologies. In addition, the applications need to consider real-world physical data. Finally, digital twins must adopt the expected features beyond 5G/6G networks. This study provides the following solutions to solve the main issues. Firstly, this study is a practical analysis of Altair Feko and GNS3 software tools. Secondly, our study considers the influence of real-world materials in the radio section. Finally, this study adopts network function virtualization (NFV) technologies for 5G networks.

In 5G scenarios, using simulation software for radio enables the adoption of essential digital twin technologies. The generated dataset represents the payload for transmission between client and server. Network monitoring and advanced security features depend on implementing NFV technologies. In this regard, communication between virtual network components has been achieved. This study adopted a specific encryption method (AES). This method solved packet sniffing issues by encrypting the dataset in this study.

Filtering mechanisms in firewalls can alter the network’s performance. FortiGate KVM functions can simulate virtual firewalls, which is a topic of further study. Finally, our future goal is to enable a two-way connection that allows telnet communication between hardware and software in the GNS3 platform. Two-way connections allow interaction between physical and digital environments. The acquisition of hardware components, such as industrial boards with 5G capabilities or software-defined radio (SDR) modules, is currently under consideration and included in our future research development plan.