A Model-based Approach to Multi-domain Monitoring Data Aggregation





data, source, consumer, framework, aggregation, closed-loop, automation, metadata


The essential propellant for any closed-loop management mechanism is data related to the managed entity. While this is a general evidence, it becomes even more true when dealing with advanced closed-loop systems like the ones supported by Artificial Intelligence (AI), as they require a trustworthy, up-to-date and steady flow of state data to be applicable. Modern network infrastructures provide a vast amount of disparate data sources, especially in the multi-domain scenarios considered by the ETSI Industry Specification Group (ISG) Zero Touch Network and Service Management (ZSM) framework, and proper mechanisms for data aggregation, pre-processing and normalization are required to make possible AI-enabled closed-loop management. So far, solutions proposed for these data aggregation tasks have been specific to concrete data sources and consumers, following ad-hoc approaches unsuitable to address the vast heterogeneity of data sources and potential data consumers. This paper presents a model-based approach to a data aggregator framework, relying on standardized data models and telemetry protocols, and integrated with an open-source network orchestration stack to support their incorporation within network service lifecycles.


Download data is not yet available.

Author Biographies

Antonio Pastor, Telefónica I+D – Madrid, Spain and Universidad Politécnica de Madrid – Madrid, Spain

Antonio Pastor received the MSc. degree in industrial engineering from the Carlos III University of Madrid (UC3M), Spain, in 1999. Since then, he has been with Telefonica I+D (Research & Development), where he works on the engineering of different worldwide Telefónica networks. From 2006 to 2011 he has been working as an expert in network security for Telefonica Spain. Since 2012, as part of Telefonica Global CTIO, he leads innovation activities in network security based on network virtualization, SDN and artificial intelligence. He holds security certifications from ISACA and GIAC.

Diego R. López, Telefónica I+D – Madrid, Spain

Diego R. López joined Telefonica I+

D in 2011 as a Senior Technology Expert and is currently in charge of the Technology Exploration activities within the GCTIO Unit. Before joining Telefónica he spent some years in the academic sector, dedicated to research on network services, and was appointed member of the High-Level Expert Group on Scientific Data Infrastructures by the European Commission.

Diego is currently focused on applied research in network infrastructures, with a special emphasis on virtualization, data-driven management, new architectures, and security. Diego chairs the ETSI ISG on Permissioned Distributed Ledgers and the Network Operator Council of the ETSI ISG on Network Function Virtualization.

Jose Ordonez-Lucena, Telefónica I+D – Madrid, Spain

Jose Ordonez-Lucena received his B.Sc degree and M.Sc. degree in Telecommunications Engineering from the University of Granada in 2015 and 2017, respectively. He joined Telefónica I+D in 2018 as a Core & Platforms Technology Analyst, within the Global CTIO Unit. He is currently involved in technology exploration and innovative activities for 5G/B5G systems through different European research projects, with a focus on mobile network architectures and end-to-end network slicing solutions, considering their applicability for public-private network integration scenarios. He also takes part in standardization activities, acting as Telefónica delegate in 3GPP SA5, ETSI ISG ZSM and GSMA 5GJA. From 2017, he is also pursuing a PhD in Telecommunications Engineering at the University of Granada.

Sonia Fernández, Telefónica I+D – Madrid, Spain

Sonia Fernández received her B.Sc degree and M.Sc. degree in Telecommunications Engineering from the University of Cantabria in 2017 and from the Polytechnic University of Madrid in 2019, respectively. She currently works as Telecom Analyst in everis, an NTT Data Company. She joined Telefónica I+D in 2018 as a Transport & IP networks Analyst, within the Global CTIO Unit. She was involved in technology exploration and innovative activities for 5G systems through different European research projects, with a focus SDN networks and data-driven management, developing software tools to support network telemetry and autonomous management.

Jesús Folgueira, Telefónica I+D – Madrid, Spain

Jesús Folgueira joined to Network area in Telefonica I+

D (Research & Development) in 1997. From 2017, he is the Head of Transport and IP Networks within Telefonica Global CTO unit, in charge of Network Planning and Technology.

He received his MSc degree in Telecommunications Engineering from Technical University of Madrid-UPM in 1994 and MSc in Telecommunication Economics in 2015 (UNED).

He is focused on Optical, Metro & IP Networks architecture and technology, network control plane (SDN) and Open Networking. His expertise includes Broadband Access, R&D Management, and network deployment.

He is an IEEE member and accredited professional in Telecommunications in his country.


V.M. Hernández, R. Silva-Ortigoza: “Automatic Control with Experiments”, Springer 2019. ISBN 978-3-319-75804-6

ETSI GS NFV 002: “Network Functions Virtualisation (NFV); Architectural Framework”, December 2104. Available online at https://www.etsi.org/deliver/etsi_gs/nfv/001_099/002/01.02.01_60/gs_nfv002v010201p.pdf

ONF TR-502: “SDN architecture”, June “014. Available online at https://opennetworking.org/wp-content/uploads/2013/02/TR_SDN_ARCH_1.0_06062014.pdf

ETSI GS ZSM 009-1: “Zero-Touch Network and Service Management (ZSM); Closed-loop automation; Enablers”, March 2021. Available online at https://docbox.etsi.org/ISG/ZSM/Open/Drafts/009-1ed111_Cla_enab/ZSM-009-1_Cla_enabv0111.zip

IETF RFC 6020: “YANG – A Data Modeling Language for the Network Configuration Protocol (NETCONF)”, October 2010. Available online at: https://tools.ietf.org/html/rfc6020

IETF RFC 6241: “Network Configuration Protocol (NETCONF)”, June 2011. Available online at: https://tools.ietf.org/html/rfc6241

W3C Recommendation: “Extensible Markup Language (XML) 1.0 (Fifth Edition)”, November 2008. Available online at: https://www.w3.org/TR/2008/REC-xml-20081126/

ECMA Standard ECMA-404: “The JSON Data Interchange Syntax”, December 2017. Available online at: http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-404.pdf

Google Developers Resource: “Protocol Buffers Version 3 Language Specification”, May 2020. Available online at: https://developers.google.com/protocol-buffers/docs/reference/proto3-spec

IETF RFC 8040: “RESTCONF Protocol”, January 2017. Available online at: https://tools.ietf.org/html/rfc8040

Linux Foundation: “gRPC core concepts, architecture and lifecycle”, 2020. Available online at: https://grpc.io/docs/what-is-grpc/core-concepts/

ETSI GS CIM 006: “Context Information Management (CIM); Information Model (MOD0)”, July 2019. Available online at: https://www.etsi.org/deliver/etsi_gs/CIM/001_099/006/01.01.01_60/gs_CIM006v010101p.pdf

ETSI GS CIM 009: “Context Information Management (CIM); NGSI-LD API”, August 2020. Available online at: https://www.etsi.org/deliver/etsi_gs/CIM/001_099/009/01.03.01_60/gs_CIM009v010301p.pdf

ETSI SAREF: “SAREF: the Smart Applications REFerence ontology”, 2020. Available online at: https://saref.etsi.org/core/v3.1.1/

ETSI White Paper No. 31: “NGSI-LD API for Context Information Management”, January 2019. Available online at: https://www.etsi.org/images/files/ETSIWhitePapers/etsi_wp31_NGSI_API.pdf

IETF RFC 1157: “A Simple Network Management Protocol (SNMP)”, May 1990. Available online at: https://tools.ietf.org/html/rfc1157

Linux Foundation: “What is Prometheus?”, 2020. Available online at: https://prometheus.io/docs/introduction/overview/

IETF RFC 7011: “Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information”, September 2013. Available online at: https://tools.ietf.org/html/rfc7011

B. Chatras: “Applying a Service-Based Architecture Design Style to Network Functions Virtualization,” 2018 IEEE Conference on Standards for Communications and Networking (CSCN), Paris, 2018. DOI: 10.1109/CSCN.2018.8581751

ETSI GSM ZSM 002: “Zero-touch network and Service Management (ZSM); Reference Architecture”, August 2019. Available online as: https://www.etsi.org/deliver/etsi_gs/ZSM/001_099/002/01.01.01_60/gs_ZSM002v010101p.pdf

FIWARE Foundation: “Orion Context Broker Quick Start Guide”, 2020. Available online at: https://fiware-orion.readthedocs.io/en/master/quick_start_guide/index.html

ETSI OSM: “OSM Quickstart”, 2020. Available online at: https://osm.etsi.org/docs/user-guide/01-quickstart.html

Tabatabaei F., Wells D. (2016) “OSINT in the Context of Cyber-Security”. In: Akhgar B., Bayerl P., Sampson F. (eds) Open Source Intelligence Investigation. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-47671-1_14

D. Berman, A. Buczak, J. Chavis, C. Corbett: “A Survey of Deep Learning Methods for Cyber Security”, 2019. Information, 10, 122, DOI: 10.3390/info10040122.

J. Ortiz, R. Sanchez-Iborra, J. Bernabe, A. Skarmeta, C. Benzaid, T. Taleb, J.P. Wary: “INSPIRE-5Gplus: intelligent security and pervasive trust for 5G and beyond networks”, August 2020. Proceedings of the 15th International Conference on Availability, Reliability and Security (pp. 1–10), DOI: 10.1145/3407023.3409219.

S. Pastrana, G. Suárez-Tangil: “A first look at the Crypto-Mining Malware ecosystem: a decade of unrestricted wealth”, 2019. Proceedings of the ACM Internet Measurement Conference IMC ’19, pp. 73–86.

J. Muñoz, J. Suárez-Varela, P. Barlet-Ros, “Detecting cryptocurrency miners with NetFlow/IPFIX network measurements”, 2019. IEEE International Symposium on Measurements Networking, pp. 1–6, 10.1109/IWMN.2019.8804995.

IETF RFC 3954: “Cisco Systems NetFlow Services Export Version 9”, October 2004. Available online at: https://tools.ietf.org/html/rfc3954

Telecommunication Networks Group - Politecnico di Torino: “Tstat, TCP STatistic and Analysis Tool”, 2008. Available on line at: http://tstat.polito.it/

A. Pastor, A. Mozo, S. Vakaruk, D. Canavese, D. Lopez. L. Regano, A. Lioy: “Detection of Encrypted Cryptomining Malware Connections with Machine and Deep Learning”, 2020. IEEE Access, vol. 8, pp. 158036–158055, DOI: 10.1109/ACCESS.2020.3019658






Special Issue on Zero-touch Network and Service Automation (ZSM)