Research on the Robustness of Command and Control Networks under Cascading Failures

Abstract

The current analysis of cascading failures in command and control networks pays little attention to their roles and mechanisms, resulting in challenges in quantifying survivability evaluation metrics and limiting practical application. To address these issues, this paper designs a command and control network model with a recovery strategy to improve the scientific evaluation of critical nodes and enhance the reliability of subsequent cascading failure simulations. Two capacity parameters are introduced to analyze the nonlinear behavior between network node load and capacity, and an optimal recovery strategy is proposed. This strategy prioritizes the recovery of critical nodes, thereby minimizing the overall probability of network failure. Simulations were conducted under both random failure and deliberate attack scenarios, comparing the proposed strategy with random recovery and betweenness-priority recovery strategies to identify the optimal recovery approach. The experiments showed that the optimal recovery strategy significantly enhanced the network’s survivability and recovery efficiency, allowing for the restoration of basic network functions in the shortest possible time and reducing the impact of cascading failures. By integrating the operability and uncertainty of real-world command and control networks, this method improved the network’s recovery capability and overall stability in the face of cascading failures through scientific evaluation and strategy optimization.

1. Introduction

Cascading failures in networks refer to the phenomenon where, after the failure of a node in a complex network, the load of the failed node is redistributed according to the coupling relationships between adjacent nodes. This redistribution process can cause the load on neighboring nodes to exceed their capacity, triggering a chain reaction of consecutive failures in these nodes, ultimately leading to partial paralysis or complete collapse of the network. Since Buldyrev et al. sparked a wave of research on cascading failures in networks in 2010, the issue of network stability and robustness has gradually become a pressing and highly challenging frontier topic [1]. Studying cascading failures is of great practical significance for effectively preventing and controlling such phenomena and enhancing network robustness.

Research on cascading failures mainly focuses on using different models to describe this phenomenon, such as the load-capacity model [2,3], the coupled map lattice model [4,5], the binary influence model, the OPA model, and the sandpile model, each with its unique characteristics and applicable conditions. Some studies redistribute the load of failed nodes across global nodes. However, current complex network models are relatively coarse and lack real-time distribution, making them difficult to apply effectively. Parshani et al. [6] studied the robustness of partially interdependent networks, but their conclusions lacked general applicability after node failures. Brummitt et al. used the sandpile model to study cascading failures in interdependent networks and analyzed phase transition conditions through the propagation of failures, without considering the impact of load [7]. Yan et al. proposed a network cascading failure model based on time series, which, although considering the time series relationship of load, lacks analysis of redistribution methods [8]. Wang et al. proposed a cascading failure model with adjustable parameters based on the node degree for load redistribution, but the model considered few factors and was independent of node capacity [9]. Duan et al. suggested that the range of load distribution lies between global and nearest neighbors and analyzed the conditions for cascading failures on scale-free networks [10]. Motter et al. studied the robustness of BA networks and found that high-degree, heavily loaded nodes could cause the network to fail at a rapid rate under random or deliberate attacks [11]. Wang et al. removed nodes in ascending and descending order of degree to observe the impact on network cascading failures [12]. Han et al. studied cascading failures in interdependent networks under edge attacks, distributing the load of failed nodes indiscriminately to connected and coupled edges without considering the heterogeneity of load in real systems [13]. Li et al. proposed a dynamic load redistribution strategy that randomly selects a portion of nodes to suspend operation based on a certain proportion, then redistributes the load according to node degree characteristics but without considering the real-time nature of some loads [6]. In command and control (C2) networks, hidden Markov models (HMMs) can also be applied to real-time state monitoring and prediction in complex dynamic environments, making them particularly suitable for addressing the high uncertainty and multi-state transition scenarios commonly found in C2 systems. The application of HMMs enables the capture of potential states during system operation and the identification of early signs of unexpected events or failures, allowing for effective intervention and decision-making before the events fully manifest. Compared with traditional methods, HMMs can maintain strong learning capabilities and state recognition accuracy even under conditions of incomplete data or significant observational noise. The HMM model generation approach proposed in the referenced literature can be beneficially compared with the system framework used in this study, with a focus on the reliability and robustness of the model in estimating different state transition probabilities and state predictions [14].

Some studies focus primarily on how to define the initial load and capacity of network nodes, as well as strategies for capacity allocation. These studies often emphasize the importance of network nodes during cascading failures, generally considering nodes with higher degrees as more critical. In simulations of cascading failures, degree-based attack strategies, which prioritize attacking nodes with higher degrees, are commonly used. However, evaluating node importance based on a single metric has certain limitations. Although other existing methods for measuring node importance have made significant progress, they largely remain focused on the static aspects of networks. There is little research on the dynamic characteristics of network structure changes during cascading failures as nodes fail. Furthermore, attacks on nodes of varying importance have different impacts on network robustness, meaning the dynamic nature of node importance has yet to be fully revealed. This paper analyzes the robustness of command and control networks, defining it as the ability to maintain functionality after an attack. It also points out that the existing research tends to focus on command networks while neglecting communication networks, which has affected the quantitative evaluation and practical application of robustness [15,16].

In this study, considering the operability and uncertainty of actual command and control networks, a network design with a recovery strategy was proposed to enhance the scientific accuracy of critical node evaluation methods and the reliability of subsequent cascading failure simulations. Based on this, two capacity parameters were introduced to analyze the nonlinear behavior between the network node load and the capacity. An optimal recovery strategy was also proposed to ensure that the nodes restored in each simulation were the most important nodes in the current network. This allowed for an in-depth study of the network’s robustness against cascading failures. Through simulation experiments, this research analyzed the characteristics of network cascading failures and optimized the network design accordingly to improve its robustness.

The remainder of this paper is organized as follows: Section 2 introduces the recoverable command and control network generation algorithm. In Section 3, we provide a detailed description of the cascading failure model. Section 5 presents the simulation results and related performance analysis. Finally, Section 6 outlines the main conclusions and summary.

2. Recoverable Command and Control Network Generation Algorithm

This paper designs a recoverable command and control network generation algorithm. First, a resilience analysis framework is developed to evaluate the network’s stability and recovery capabilities under attack. Then, the process of generating a highly resilient command and control network is elaborated in detail. The algorithm aims to ensure that the network can quickly return to normal operation when faced with various disruptive challenges.

To accurately measure the resilience of the command and control network, a recoverable command and control network model is proposed. This model enhances the network’s redundancy and robustness, thereby improving its recovery capability and reliability. The specific generation algorithm is as follows:

Step 1: Define the initial parameters of the command and control network, including the command span (number of directly commanded nodes) $M$, the parallel command parameter $P$, the command hierarchy $R$, and the cross-level command parameter $K$.

Step 2: Generate a central node. Create a node, and set its level to 1, i.e., $r=1$. This node is the root node with the highest command level.

Step 3: According to the specified command span $M$, generate the $M$ child nodes for each node at level $r$, ensuring that connections are established between these child nodes and their parent nodes. Then, increment the value of r to deepen the hierarchy. This process gradually expands the entire structure, forming a hierarchical and closely connected network system.

Step 4: Continue executing step 3 until the hierarchy reaches the predetermined maximum depth $R$. This iterative process ultimately constructs a standard, hierarchical tree-like command and control network G, ensuring efficient information flow and accurate transmission of command instructions within the network.

Step 5: In the network, for nodes with a hierarchy less than $R-1$, a strategy is implemented where these nodes are selected with a certain probability $K$ and connected to the subnodes of their respective child nodes. This method not only enhances the network’s connectivity but also improves the efficiency of information transmission and the robustness of the network, making the structure of the command and control network $\mathit{G}$ more complex and efficient.

Step 6: In the constructed command and control network $G$, a meticulous strategy is adopted to establish direct connections between nodes of the same command level based on a certain probability $P$. This measure aims to enhance the internal synergy of the network. By improving the interconnectivity among nodes of the same level, it not only strengthens the network’s redundancy, ensuring that the network can still operate efficiently even if some nodes fail, but also promotes the rapid flow of information within the same level, greatly improving the flexibility and responsiveness of command and control [17].

Step 7: As the algorithm is gradually executed, the command and control network $G$ is eventually successfully constructed. The command and control network generated by the model is studied as a complex adaptive system. The characteristics of a complex adaptive system lie in the rich interactions between its constituent elements, which endow the system with a high degree of adaptability and flexibility, as shown in Equation (1).

$$x=\left(x_1,x_2,\cdots ,x_N\right),x_i\in 0,1$$

(1)

$N$ represents the number of components in the command and control system, and each component can exist in two states, 0 and 1, which are used to express the behavior choices made by the components in response to the external environment. In the command and control network, components refer to the nodes within the network. $N$ is used to represent the total number of effective nodes in the network at the initial state, and $K$ represents the interaction density of the nodes in the network at the initial state. The total number of interactions in the network at the initial state is $N\times K$, meaning that, on average, each node has interactions with $K$ other nodes at the initial state.

3. Cascading Failure Model of Command and Control Network

3.1. Cascading Failure Stage

Consideration of the repair strategy in the cascading failure process typically involves the following stages:

(1)

Normal Operation Stage

At this stage, cascading failure has not yet begun, and all nodes are in an active state.

(2)

Attack Node Stage

The actual operating environment of the command and control network is complex, and any node within the network may fail due to unexpected events or attacks. Therefore, a random attack approach will be used to simulate the phenomenon of node failure in the command and control network under real-world conditions.

(3)

Load Redistribution Stage

The load balancing method [18] is used for node load distribution. This method has significant advantages in the command network cascading failure model:

(a)

Balanced load: By proportionally distributing the load of the failed node to its neighboring nodes, local overload is effectively avoided, reducing the risk of cascading failure.

(b)

Quick response: In the event of a node failure, the load can be rapidly redistributed, quickly restoring network functionality and minimizing the spread of cascading failure.

(c)

Flexibility: The method is applicable to different network structures and load situations, enhancing the network’s ability to adapt to cascading failures.

(d)

Ease of implementation: The calculation method is simple, making it easy to implement in actual command network systems, thereby improving the efficiency of responding to cascading failures. The calculation formula is as follows:

$$\left\{\begin{array}{c}\Delta F_i=F_f{P}_i,i\in {\mathsf{\Gamma }}_f\\ P_i={\displaystyle \frac{X_i}{\sum _{i\in {\mathsf{\Gamma }}_f}\hspace{1em}{X}_j}},i\in {\mathsf{\Gamma }}_f\end{array}\right.$$

(2)

Here, $\Delta F_i$ represents the load increment allocated to neighboring node $i$ from the failed node, and $P_i$ represents the load allocation proportion for neighboring node $i$. This proportion is determined by the comprehensive load-bearing capacity $X_i$ of neighboring node $i$.

In the command and control network, the comprehensive load-bearing capacity of a node reflects its ability to handle different situations. This capacity depends not only on the node’s own load-bearing capability but also on the load-bearing capabilities of its neighboring nodes. This aspect is particularly important in a command and control network because the connectivity of the network and the synergy between nodes are crucial for maintaining the network’s stability and efficiency. The calculation method for the comprehensive load-bearing capacity of a node is shown in Equation (3).

$$X_i=\left\{\begin{array}{cc}{\left[\mu Y_i+\left(1-\mu \right){\displaystyle \sum _{j\in {\mathsf{\Gamma }}_j}}\hspace{1em}{Y}_j\right]}^{\gamma }& j\notin \varnothing \\ Y_i^{\gamma },& j\in \varnothing \end{array}\right.$$

(3)

Here, $\mu$ is the proportional coefficient, with a value of 0.5; $\gamma$ is the exponential coefficient, with a value of 1. $X_i$ represents the comprehensive load-bearing capacity of node $i$, $C_i$ represents the load-bearing capacity of node $i$ itself, and $S_i$ is the sum of the load-bearing capacities of the neighboring nodes of node $i$. The calculation method for $X_i$ is shown in Equation (4).

$$Y_i=\left\{\begin{array}{cc}{C}_i-F_i,& F_i\le C_i\\ 0,& F_i>C_i\end{array}\right.$$

(4)

Here, $C_i$ represents the capacity of node $i$, and $F_i$ represents the load of node $i$. When the node is in an active state, its load-bearing capacity is equal to its remaining capacity. However, when the node is in a failed state, its load-bearing capacity is 0.

(4)

Repair Strategy Implementation Stage

A repair strategy is proposed for the command and control network, to be implemented after a round of attacks when the load of all failed nodes has been redistributed and the network remains functional. The repair strategy introduces a probabilistic [19,20,21,22] repair mechanism, simulating the uncertainty of the repair process in real-world scenarios, which increases the practical value of the model. It also considers the dynamic repair needs in situations of resource scarcity and severe conditions, reflecting a deep understanding and adaptability to real circumstances. The strategy involves setting the probability of successfully repairing a failed node to an active state as $p$ and generating a random number $q$ within the interval (0,1) to determine whether the failed node can be successfully repaired. If $p>q$, the failed node is successfully repaired to an active state; if $p\le q$, the failed node remains in a failed state. The repair process is shown in Equation (5).

$$z_i\left(t+u\right)=\left\{\begin{array}{c}1,q<p\\ 0,q\ge p\end{array}\right.$$

(5)

Here, $\mu$ represents the number of rounds required to repair a node from a failed state to an active state, with the default value of $\mu =1$. If a failed node is repaired to a normal state in the $t$-th round, it will participate in network operations in the $t+1$ round in a normal state. The repair probability $p$ is set to 0.1, reflecting the severe conditions and resource scarcity in real-world scenarios when sudden attacks occur on the command and control network.

(5)

End of Cascading Failure

The end of the cascading failure is marked by the entire network falling into a failed state. Although the command and control network itself has a passive defense mechanism and an active defense mechanism with a node repair strategy is designed in this study to further enhance network resilience, the network will eventually fail in this context. This is for two reasons: first, the repair strategy can only mitigate the damage caused by cascading failures but cannot fundamentally prevent their occurrence; second, in the experiment, a continuous attack approach is used until the network completely fails.

3.2. Node State

In this chapter, the calculation formula for the initial load of a node is defined as follows:

$$L_i=\left(1+c\right){\left(s_i\cdot \sum _{m\in {\mathsf{\Gamma }}_i}\hspace{1em}{k}_m\right)}^{\delta }$$

(6)

In this formula, $c$ and $\delta$ are adjustable parameters, both of which have a value range of $\left[0,\mathrm{\infty }\right)$. Here, $c$ serves as a multiplication factor, while $\delta$ acts as an exponential factor, aiming to adjust the level of the initial load on the node. The strength of node $i$ is represented by $S_i$, while $k_m$ represents the degree of connectivity of node $m$. Additionally, ${\mathsf{\Gamma }}_i$ refers to the set of all same-layer neighboring nodes of node i. The specific calculation formula for the node strength $S_i$ is as follows:

$$\left\{\begin{array}{c}{s}_i={\displaystyle \sum _{j\in {\mathsf{\Gamma }}_i}}\hspace{1em}{\omega }_{ij}\\ {\omega }_{ij}=a_{ij}\cdot {\left(k_i\cdot k_j\right)}^{\theta }\end{array}\right.$$

(7)

Here, ${\omega }_{ij}$ is the weight of the edge, calculated through $a_{ij}$, $k_i$, and $k_j^{\theta }$. If there is a direct connection between node $i$ and node $j$, then $a_{ij}=1$n; if there is no connection, then $a_{ij}=0$. The set ${\mathsf{\Gamma }}_i$ includes all neighboring nodes of node $i$. The parameter $\theta$ is used to adjust the weight differences; the larger its value, the more pronounced the differences in edge weights within the network. Specifically, when $\theta =0$, ${\omega }_{ij}=1$, $s_i=k_i$, indicating that the network degenerates into an ordinary network without weights.

3.3. Node Capacity

In this chapter, the capacity of a node is determined by a nonlinear load-capacity model. The specific calculation method can be expressed by the following Formula (8):

$$C_i=L_i+\beta L_i^{\alpha }$$

(8)

Here, $C_i$ represents the capacity of the node, while $L_i$ refers to the load of the node. The parameter $\beta$ serves as a multiplication factor, and $\alpha$ is an exponential factor used to adjust the nonlinearity of the relationship between load and capacity. Specifically, when $\alpha =1$, this model simplifies to a linear relationship between load and capacity.

4. Optimal Repair Strategy

In actual warfare, command and control networks are prime targets for attacks. Given the real possibility of command and control network nodes being attacked, it is necessary to model and simulate the cascading failure propagation of these nodes. In real command and control networks, when a node fails due to the attack load exceeding its maximum tolerance, repairs and recovery are initiated to restore the node. After a failure, the node has a certain probability of returning to normal at each subsequent moment, or it may recover after a period of repair. Therefore, this section primarily focuses on establishing a cascading risk propagation model based on the emergency recovery mechanism of command and control networks, conducting simulations, proposing an optimal recovery strategy, and comparing the impact of this strategy with time-limited recovery and probabilistic recovery strategies on network cascading failures.

4.1. Time-Limited Recovery Strategy

In the model, the state of a node is classified into normal, failure, and recovery states. In command and control networks, when a command node fails, it often needs to resume normal operation within a specified time, requiring the adoption of a time-limited recovery strategy for the network. Command and control network operations are often measured in hours, such as fault prediction, node arrival, and node repair. Typically, it takes several minutes to several hours for a command and control node to complete the processes of fault detection, troubleshooting, localization, arrival, and repair. Therefore, to maintain the overall performance of the command and control network and better serve the network, failed nodes need to be restored within a specified time limit. Considering that network nodes recover after a certain period following a failure, the parameter $T$ is used to represent the time-limited recovery period.

The recovery time limit $T$ is measured in minutes. After any node in the network fails, it requires $T$ minutes to recover, and at $T+1$ min, it resumes normal operation and enters the recovery state. At this point, the failed node can continue working in the network in a normal state, reestablishing the command and control relationship with the command nodes with which it had interactions.

4.2. Probabilistic Recovery Strategy

In practical command and control networks, when a node fails due to an attack exceeding its maximum tolerance, the control nodes will perform emergency repairs and recovery on the failed node. Recovery measures are taken so that the node has a certain probability of returning to normal operation at each moment after the failure. A recovery mechanism based on probability is added to the cascading failure model, effectively reflecting the phenomenon in command and control networks where the control nodes have a certain probability of being repaired and returning to normal operation at each moment after failure.

The recovery probability refers to the likelihood that a failed node in the network will be repaired and return to normal operation, denoted as $R$.

If a node is in the efficiency state $e_i\left(t\right)=0$ at time $t$, then at time $t+1$, the probability $R$ that the node’s efficiency state will recover to normal $e_i\left(t+1\right)=1$ represents the chance that due to emergency recovery measures, node $i$ will return to a normal state at the next moment. The state recovery transition rules are as follows:

$$e_i\left(t+1\right)=\left\{\begin{array}{c}{e}_i\left(t\right),g>0\\ e_i\left(t\right),g\le 0\end{array}\right.$$

(9)

The overline denotes negation. When $e_i\left(t\right)=0$, it refers to the negation of $e_i\left(t\right)=0$.

$g$ is the state transition judgment function used to determine if the node’s state has changed.

$$g=R-r$$

(10)

The formula is used to determine if the state of a node $i$, which is in a failure state at time $t$, changes after one discrete time step. $R$ represents the probability of the failed node returning to normal, while $r$ is a random number in the range $\left[\mathrm{0,1}\right]$ used for comparison with the probability $R$ to decide if node $i$ will recover. If $R$ is greater than $r$ (i.e., $R>r$), then node $i$ recovers, and the state changes to normal $e_i\left(t+1\right)=e_i\left(t\right)$. Conversely, if $R$ is less than or equal to r (i.e., $R \le r$), then node i does not recover and remains in the failure state $e_i\left(t+1\right)=e_i\left(t\right)$.

4.3. Optimal Recovery Strategy

Because of cascading failure risks in command and control networks, it is necessary to implement repair measures to restore the functionality of failed nodes and mitigate the negative impact of risk propagation. Given the limited recovery resources, it is often not possible to recover all failed nodes simultaneously; therefore, only a subset of nodes can be restored. It is crucial to explore which emergency recovery strategy can best suppress cascading failure propagation. To improve recovery effectiveness, this section proposes an optimal recovery strategy based on the node capacity and node degree. This strategy ranks the failed nodes according to their recovery importance and selects the top-ranked nodes for emergency recovery measures.

By observing the range of risk propagation and changes in network efficiency under this optimal recovery strategy and comparing it with the previous probabilistic recovery strategy, we can determine the emergency recovery strategy that best suppresses cascading failure propagation.

(1)

Recovery Importance

To select the most important failed nodes for optimal recovery, it is necessary to measure and rank the recovery importance of the failed nodes. From a topological perspective, nodes with more connections contribute more to network robustness after recovery and have stronger suppression capability against risk propagation. Thus, the node degree can be used as an indicator for selecting important nodes, with the normalized degree value serving as the metric.

$$k_i={\displaystyle \frac{k_i}{k_{max}}}$$

(11)

$k_{max}$ is the maximum degree value in the network.

From the perspective of network dynamics, failed nodes with higher attack tolerance have a greater likelihood of surviving after recovery. Restoring nodes with larger capacities will increase the total capacity of the network after recovery, enhancing the network’s tolerance to risk disturbances and reducing the probability of subsequent failures. Therefore, the attack tolerance (capacity) can be used as an indicator for selecting important nodes, with the normalized capacity value serving as the metric.

$${\overline{C}}_i={\displaystyle \frac{C_i}{C_{max}}}$$

(12)

Combining the above degree indicator and capacity indicator, this paper defines the formula for measuring the recovery importance of nodes in the network as follows:

$$S_i={\overline{k}}_i+{\overline{C}}_i$$

(13)

(2)

The process of node cascading failure propagation under the optimal recovery strategy is shown in Figure 1.

Figure 1 illustrates the risk cascading propagation process under the optimal recovery strategy. The figure depicts the dynamic evolution of failure propagation when a node in the network fails and the subsequent spread of failure to other nodes. Under the optimal recovery strategy, the system prioritizes the recovery of critical nodes, effectively containing the risk propagation during the failure spread, slowing down the cascading failure process, and minimizing the overall system damage. The figure shows the transitions of each node between failed, recovered, and normal operational states, visually demonstrating the effectiveness of the optimal recovery strategy in controlling failure propagation.

The key to the optimal recovery strategy is that when cascading failures occur in the network, the recovery importance $S$ is used to rank the failed nodes. Based on the recovery proportion $n$, the top-ranked failed nodes are selected for recovery, allowing some nodes in the network to return to normal and restore their original connections.

Since the impact of the recovery proportion $n$ and tolerance coefficient $\beta$ on cascading failure propagation in the network under the optimal recovery strategy is similar to that in the probabilistic recovery strategy, it will not be elaborated further.

5. Experiment

In all simulation experiments, to improve the reliability and accuracy of the results, the method of independent repeated experiments and averaging was adopted to eliminate random errors. Specifically, each group of experiments was independently repeated multiple times under the same conditions, and the results were averaged to reduce the impact of random factors on the experimental outcomes. This approach ensured better stability and reproducibility of the experimental data, thereby guaranteeing that the obtained conclusions had statistical significance and practical reference value. The network parameters used in the experiments were carefully designed and set to fully reflect the actual performance of the model, as shown in

Table 1. Network initialization parameters.

Parameter	Initial Value	Parameter	Initial Value
$\alpha$	0.1	$\mu$	0.4
$\beta$	0.8	${\theta }_1$	1/4
$\lambda$	0.5	${\mathsf{\theta }}_2$	1/4
$\gamma$	1.1	${\mathsf{\theta }}_3$	1/4
$\delta$	0.3	${\mathsf{\theta }}_4$	1/4

.

5.1. Impact of Load Capacity Parameters on Cascading Failures

The cascading failure model of command and control networks evaluates network robustness by considering the initial load and capacity of nodes, using a nonlinear model and relevant parameters (e.g., load distribution coefficient and tolerance coefficient) to describe node state characteristics. The model employs a random attack strategy to select target nodes and introduces a probabilistic repair mechanism to simulate real-world uncertainties, incorporating a certain degree of randomness. However, this randomness is modeled based on predefined parameters (e.g., node capacity, load, and repair probability) rather than being completely stochastic. Overall, node vulnerability and failure propagation are governed and assessed by network structural parameters and state transition probabilities.

Through the analysis of the cascading failure model in the command and control network mentioned above, it is evident that when other parameters are given, a larger $\mathsf{\beta }$ means that the load capacity of the nodes is sufficient to handle additional load, preventing cascading failures caused by a single node failure. In this case, $B\approx 1$. Conversely, as $\mathsf{\beta }$ decreases, the network is more likely to experience cascading failures triggered by a single node failure, leading to $B\approx 0$. There exists a critical value ${\mathsf{\beta }}_{\mathrm{c}}$ in the relationship between $\mathsf{\beta }$ and $B$, such that when $\mathsf{\beta }>{\mathsf{\beta }}_c$, $B\approx 1$, and when $\mathsf{\beta }<{\mathsf{\beta }}_c$, $B<1$. Therefore, ${\mathsf{\beta }}_c$ can serve as another metric for measuring the robustness of the command and control network against cascading failures—the smaller the ${\mathsf{\beta }}_c$, the better the network’s robustness. The following sections analyze the impact of various parameters on $B$ and ${\mathsf{\beta }}_c$.

According to the command and control network generation algorithm, the network was initialized with $N=200$, $M=3$, $R=5$, $K=0$, and $P=0$ for robustness analysis. When $\mathsf{\alpha }=1$, the load capacity model exhibited a linear relationship. The impact of load parameters $\mathsf{\theta }$ and $\mathsf{\gamma }$ on the network’s robustness against cascading failures was analyzed, and the simulation results were obtained as the average of 200 experiments.

Figure 2 shows the curve of network robustness as a function of the parameter $\mathsf{\theta }$. The figure illustrates the trend of network robustness under different values of $\mathsf{\theta }$, revealing the impact of $\mathsf{\theta }$ on the network’s resilience. As $\mathsf{\theta }$ increased, the network robustness exhibited specific variation patterns, which intuitively reflected the network’s capability to withstand failures under different conditions. By analyzing this curve, one can better understand the role of the $\mathsf{\theta }$ parameter in enhancing network stability and failure recovery capabilities, as well as its optimization strategies. In Figure 2, with $\mathsf{\gamma }=0.6$, it can be seen that for a given $\mathsf{\theta }$, as $\mathsf{\beta }$ increases, the scale of cascading failures $B$ increases, indicating that the network’s robustness against cascading failures improves. The critical value ${\mathsf{\beta }}_c$ first decreases and then increases as $\mathsf{\theta }$ increases, reaching its minimum when $\mathsf{\theta }=1$.

Figure 3 shows the curve of network robustness as a function of the parameter $\mathsf{\gamma }$. The figure depicts the trend of network robustness under different values of $\mathsf{\gamma }$, revealing the impact of $\mathsf{\gamma }$ on network resilience. As $\mathsf{\gamma }$ increases, the network robustness changes accordingly. This curve intuitively reflects the network’s ability to withstand cascading failures under different conditions. By analyzing the curve, one can gain deeper insights into the influence of the parameter $\mathsf{\gamma }$ on network structure and performance, providing a reference for optimizing network design. In Figure 3, as $\mathsf{\beta }$ increases, the scale of cascading failures $B$ increases, and the critical value ${\mathsf{\beta }}_c$ first decreases and then increases as $\mathsf{\gamma }$ increases, reaching its minimum when $\mathsf{\gamma }=0.6$.

Since $\mathsf{\alpha }$ indicated the hierarchical nature of the load distribution in the command and control network, it led to an uneven distribution of load, thereby affecting the network’s response to cascading failures. The impacts of different values of $\mathsf{\alpha }$ on the scale of cascading failures and the phase transition critical value $\mathsf{\beta }$ was analyzed. The experimental statistical results are shown in the figure, with each curve obtained by averaging the results of 200 independent experiments.

Figure 4 shows the relationship curve between the average size of cascading failures and load capacity parameters. The figure illustrates the variation trend of the average size of cascading failures under different load capacity parameters, revealing the impact of the node load capacity on network resilience. As the load capacity parameters changed, the average size of cascading failures exhibited specific regular fluctuations. By analyzing this curve, one can intuitively understand how load capacity parameters affect the scope and propagation speed of cascading failures, providing a theoretical basis and design reference for enhancing network robustness.

As shown in Figure 4, under different values of the overload failure adjustment parameter $\gamma$, the initial load parameter $\mathsf{\alpha }$ and the average scale of cascading failures in the network consistently exhibited a negative correlation. This indicated that the stronger the hierarchical nature of the load distribution in the command and control network, the smaller the average scale of cascading failures. The reason for this was that as the hierarchical nature of the load distribution in the command and control network became stronger, a smaller number of high-command-level nodes bore a larger portion of the load, while a larger number of low-command-level nodes bore less load. Consequently, only when high-command-level nodes fail will a large-scale cascading failure be triggered, resulting in a smaller average scale of cascading failures in the network.

5.2. Comparison of Optimal Recovery and Probabilistic Recovery Strategies

The probabilistic recovery strategy can also be described as performing random recovery under a certain recovery proportion. For example, if the recovery probability $R=0.3$, then it is essentially the same as random recovery with a recovery proportion of 0.3. Therefore, probabilistic recovery can be compared with optimal recovery, and this section focuses on comparing the two and observing their impact on the network. As shown in Figure 5, Figure 6 and Figure 7, regardless of the recovery probability or the recovery proportion, the optimal recovery strategy consistently outperformed the probabilistic recovery strategy and could better suppress the propagation of cascading risks. The higher the recovery probability or recovery proportion, the more effectively the scope of cascading failures could be reduced.

Therefore, in command and control networks, when cascading failures occur, it is essential to screen and rank the failed nodes according to the recovery importance proposed in this paper and select the more critical failed nodes for optimal recovery. It is advisable to prioritize the recovery of nodes with more cooperative relationships and higher load capacity within the network. This optimal selection of recovery nodes offers greater benefits to the network compared with random recovery, allowing the cascading failure range to be quickly controlled at a lower level and effectively suppressing the propagation of cascading failures. From these results, it is clear that the negative impact of cascading failures on command and control networks is substantial. Even with recovery strategies in place, the harm caused by cascading risk propagation cannot be entirely mitigated, emphasizing the necessity of preventing cascading risk propagation.

Under sustained attacks, the overall network resilience gradually decreases with the increasing number of attacks. The experiments revealed that when attacks were concentrated on high-importance nodes, the network connectivity and functionality rapidly deteriorated, resulting in command chain disruption and ineffective transmission of commands. Without timely repair, the failure of critical nodes could trigger a cascading effect, leading to large-scale network failure.

Although the priority-based recovery strategy proposed in this paper could enhance the resilience of command and control networks, its implementation was subject to the following technical constraints: (1) Real-time monitoring and dynamic evaluation: Efficient monitoring systems are required to continuously collect the node status (e.g., load, degree centrality, etc.) and quickly assess failure conditions, which is a prerequisite for strategy implementation. (2) Computational and data processing capacity: The strategy relies on complex network topology analysis and node importance assessment, necessitating robust computational resources and efficient algorithms to support real-time analysis and decision-making. (3) Reliability of communication links: Communication links may be disrupted under attack, so redundant communication paths are needed to ensure that repair instructions can be effectively transmitted, and repair operations can be coordinated through a centralized or distributed decision-making center. (4) Resource allocation and recovery priority: Repair resources need to be allocated reasonably, and repair priorities must be clearly defined to maximize recovery effectiveness. Therefore, the implementation of this strategy must meet multiple technical requirements to enhance network resilience in complex and dynamic environments.

5.3. Analysis of the Average Number of Attacks the Network Can Withstand

This section calculates the average number of attacks each network undergoes across 200 experiments, referred to as the “average number of attacks”. As shown in Figure 8a, in the context of systems engineering theory and practice, using a repair strategy during the cascading failure process in command and control networks can increase the number of attacks the network can withstand, thereby enhancing its robustness. To mitigate the impacts of scale advantages on assessing network robustness, this section also calculates the average attack scale each network can withstand. This is performed by dividing the average number of attacks by the original number of nodes in the network, yielding the corresponding average attack scale.

As shown in Figure 8b, whether before or after using a repair strategy, the average attack scale that the network can withstand decreases as $N$ increases. As shown in Figure 8e, although using a repair strategy does help the network withstand a larger attack scale, the benefit brought by the repair strategy diminishes as $N$ increases. As shown in Figure 8f, the benefit to network robustness from the repair strategy increases gradually as $K$ increases. This result confirms a conclusion: increasing $K$ helps improve network robustness.

However, using a repair strategy does not help all networks withstand more attacks. For example, as shown in Figure 8c,d, when $K=3$ and $K=4$, the average number of attacks and average attack scale that the network can withstand after using a repair strategy are lower than when no repair strategy is used.

Overall, using a repair strategy can help most networks withstand more attacks. Moreover, the parameters $N$ and $K$ have a significant moderating effect on the implementation effectiveness of the repair strategy.

The paper examines the effectiveness of different repair strategies (e.g., probabilistic repair and priority-based recovery) under sustained attack conditions. The results indicate that the priority-based recovery strategy can significantly delay the degradation of network performance. Especially under limited repair resources, by prioritizing the restoration of important nodes, this strategy effectively reduces the spread of failures and enhances the overall network recovery capacity over multiple attack rounds. However, as the attack intensity increases and the duration extends, even with the priority-based recovery strategy, the overall network resilience will inevitably decline.

5.4. Analysis of the Probability of Network Failure Due to a Single Attack

In this section, we discuss the probability of a command and control network failing due to a single attack. If a network completely collapses after just one attack, it indicates insufficient robustness to some extent. As shown in Figure 9, when $N=39$ and $K<9$, using a repair strategy can only help reduce the probability of failure due to a single attack for networks with certain values of $K$(complexity), and it may even increase the probability of such failures. However, when $K \ge 9$, the network almost never experiences a complete collapse due to a single attack. For example, when $K=2$ and $K=7$, the probability of network collapse after a single attack is reduced after using a repair strategy. This suggests that networks with higher $K$ values have significantly stronger robustness.

As shown in Figure 10, for networks with the same $K$, the probability of failure due to a single attack in medium-sized networks can be significantly reduced by using a repair strategy. For instance, when $N=21$, the probability of network failure due to a single attack is significantly reduced by using a repair strategy. This indicates that the repair strategy can effectively improve the robustness of medium-sized networks by reducing the probability of failure due to a single attack. However, in small and large networks, the probability of such failures increases with the use of a repair strategy. For example, when $N=12$ or $N=36$, the probability of network failure due to a single attack is significantly higher with the repair strategy compared with the probability without it. Additionally, the probability of failure due to a single attack is notably higher in small networks than in large networks. For example, without using a repair strategy, the probability of this occurring in a network with $N=9$ is 0.265, whereas for a network with $N=36$, the probability is 0.155, showing a significant difference between the two.

Overall, the discussion on the probability of network collapse due to a single failure reveals that such incidents are significantly less likely in networks with higher $K$ values, indicating that networks with higher $K$ have considerably stronger robustness. Although the use of a repair strategy does not help all networks with lower complexity reduce the probability of such failures, it can significantly lower the probability of these incidents in medium-sized networks, highlighting the dual nature of the repair strategy.

5.5. Performance Fluctuation Rate Analysis

The existing literature indicates that the network performance can fluctuate during the cascading failure process [6]. To compare the performance of a set of networks and to highlight the volatility of network performance, this chapter calculates the average performance fluctuation rate for each network. Taking the average performance fluctuation rate of a specific network as an example, the performance fluctuation rate is first calculated using the performance values obtained after two consecutive iterations, and then the average of all fluctuation rates is determined. The result is the average performance fluctuation rate for the current network. A higher average performance fluctuation rate indicates greater volatility in network performance during the iterations, implying that the network performance is more unstable. This chapter discusses the robustness of command and control networks from the perspectives of efficacy and efficiency based on network performance.

(1)

Robustness Analysis from the Efficacy Perspective:

As shown in Figure 11, comparing the scenarios of $N=12$ and $N=39$, it is observed that after applying a repair strategy, the average performance fluctuation rate for the network with $N=12$ shows a noticeable change, while the network with $N=39$ is almost unaffected by the repair strategy. However, for the network with $N=12$, the repair strategy does not always have a positive impact. For example, when $N=12$ and $K=4$, using the repair strategy increases the average performance fluctuation rate, indicating greater volatility in performance changes during the iterations and exacerbating the network instability. The change in network performance is attributed to changes in node status and load distribution. The results suggest that under the influence of the repair strategy, newly recovered nodes that are restored to normal operation and reintegrated into the network may disrupt the current operational order, leading to negative impacts on the network.

To more intuitively demonstrate the performance changes in the command and control network, this section further explores the three different cases of performance fluctuation rates. This chapter analyzes the changes in the proportion of the three types of performance fluctuation rates in the command and control network before and after applying the repair strategy. The three types of performance fluctuation rates are as follows: a positive fluctuation rate, where the current network performance is higher than the performance at the end of the previous iteration; a negative fluctuation rate, where the current network performance is lower than the performance at the end of the previous iteration; and zero fluctuation rate, where the current network performance is the same as the performance at the end of the previous iteration.

As shown in Figure 12, for networks with $N=12$, the impact of the repair strategy varies depending on the value of $K$, although it is generally noticeable. For instance, when $K=2$, after applying the repair strategy, the negative fluctuation rate increases, the proportion of cases with zero fluctuation decreases, and the proportion of positive fluctuation remains nearly unchanged. This indicates that the network performance becomes more volatile, and as attacks continue, the overall trend of the network performance declines. Increased volatility in performance suggests decreased stability in network operations, and a downward trend in network performance indicates weakened robustness against attacks.

Conversely, when $K=4$, the situation is different from that with $K=2$. After applying the repair strategy, the positive fluctuation rate increases, the proportion of cases with zero fluctuation decreases, and the proportion of negative fluctuation remains nearly unchanged. This means that while the network performance volatility increases, the overall trend in the network performance improves. Although the stability of the command and control network’s operations decreases, its robustness against attacks strengthens.

When $N$ is larger, the effect of the repair strategy on the network efficacy becomes more complex. As shown in Figure 13, when $N=39$, the use of the repair strategy significantly impacts the average efficacy fluctuation rate in only a few networks, and the situations in these networks are quite complicated.

For example, when $K=19$, the proportion of cases with zero fluctuation rate significantly decreases, while the proportions of both positive and negative fluctuation rates increase, with the increase being nearly equal for both. This indicates not only that the network’s volatility is increasing but also that both the upward and downward trends in network performance are becoming more pronounced. Compared with the enhancement of a single trend, this situation suggests even poorer network stability.

(2)

Robustness Analysis from the Efficiency Perspective

As shown in Figure 14, cases where the efficiency fluctuation rate is zero are rare both before and after implementing the repair strategy. When the proportion of cases with zero fluctuation rate is zero, it means that only positive and negative fluctuation rates exist, and the proportions of these two cases cannot change in the same direction, indicating that the repair strategy can only have a single effect on the network’s efficiency. For example, when $N=12$ and $K=3$, after applying the repair strategy, the proportion of positive fluctuation rates decreases, while the proportion of negative fluctuation rates increases, with both changing by the same magnitude. This suggests that the downward trend in network performance is becoming more pronounced, indicating weaker robustness in the command and control network.

As shown in Figure 15, for networks with low or high $K$ values, the repair strategy may either exacerbate the downward trend in network performance or enhance the upward trend. However, for networks with moderate $K$ values, the effect of the repair strategy is more consistent, typically increasing the proportion of negative fluctuation rates and thus exacerbating the downward trend in performance.

The paper further explores network performance fluctuations under long-term attacks. The experiments show that after multiple rounds of attacks and repairs, performance metrics (such as network efficiency and connectivity) exhibit noticeable fluctuations. In particular, when repair resources are insufficient, repair operations may destabilize the network structure, leading to increased performance volatility. Additionally, the paper measures the network’s resilience in terms of the average number of attacks it can withstand across 200 experiments for different repair strategies. The results show that under sustained attacks, the average number of attacks the network can endure decreases as the attack intensity increases, and once the intensity surpasses a critical threshold, the network can hardly maintain its normal functionality.

Overall, the exploration of network performance fluctuations reveals that the impact of using a repair strategy on efficiency volatility is more significant than its impact on efficacy volatility. From the perspective of efficacy, smaller networks $\left(N\right)$ still have some room for improvement in achieving optimal performance levels, whereas larger networks tend to exhibit a relatively stable state in terms of optimal performance levels. From the perspective of efficiency, using a repair strategy significantly affects the volatility of the network’s current performance. Notably, when $K$ is at a moderate level, the use of a repair strategy increases the proportion of negative performance fluctuation rates, resulting in a significant negative impact on the robustness of the command and control network.

6. Conclusions

This paper focuses on analyzing the resilience performance of command and control (C2) networks under various attack strategies and experimentally validates the effectiveness and applicability of multiple recovery strategies. The results show that the selection of recovery strategies is critical for mitigating cascading failures after an attack. In the comparison between probabilistic repair and priority-based recovery strategies, the latter demonstrates a more significant advantage. Its superiority mainly lies in its ability to prioritize the restoration of key nodes with high structural importance and functional value, effectively blocking the failure propagation chain and significantly enhancing the overall recovery capacity and system resilience under resource constraints.

Through in-depth exploration of event prevention, response, and recovery capabilities, this study finds that the nonlinear load-capacity model can identify potential vulnerable nodes before cascading failures occur and implement early intervention through node repair strategies, demonstrating strong event prevention capability. When addressing node failures, the model optimizes the load distribution and dynamically adjusts the allocation during the initial stages of failure propagation, thereby preventing chain reactions caused by single node failures and maintaining the overall functionality of the network. Especially in terms of recovery capabilities, the priority-based recovery strategy can accurately identify high-value nodes and prioritize their restoration during dynamic repair, enabling the network to restore critical functions in the shortest possible time and significantly reduce the spread and impact of failures.

Overall, the priority-based recovery strategy can better balance resource allocation and recovery efficiency while ensuring the integrity of network functionality, showing greater adaptability, particularly in complex and dynamic environments. The successful application of this strategy provides new research ideas and methods for enhancing the resilience of complex network systems. Compared with traditional random recovery strategies, the priority-based recovery strategy not only effectively identifies and repairs high-importance nodes but also exhibits better robustness in scenarios involving high-intensity attacks and multi-node failures.

However, this study also has certain limitations. First, the parameters used in the model are based on the initial configuration of a static network, while in real-world applications, the structure of C2 networks may dynamically adjust according to environmental changes and task requirements. Future research could consider incorporating dynamic network characteristics to further explore the evolution of node importance under different scenarios. Second, although the priority-based recovery strategy has shown good performance in experiments, real C2 networks may face complex situations such as limited repair resources and disrupted communication links, which could impact the practical effectiveness of the strategy. Future research should further introduce multi-dimensional resource constraints and complex factors from real-world scenarios to comprehensively improve the practical feasibility and application value of the strategy.

In conclusion, the proposed priority-based recovery strategy provides an effective solution for enhancing the resilience of C2 networks in complex and dynamic environments. Theoretical and experimental results verify its significant advantages under resource-constrained conditions. Future research will continue to focus on the application and optimization of this strategy in dynamic environments to further enhance the robustness and recovery capability of C2 networks in response to complex situations.