• Open Access

Vulnerability-constrained multiple minimum cost paths for multi-source wireless sensor networks

Authors


Abstract

In wireless sensor networks, one of the primary requirements is that sensor data acquired from the physical world can be interchanged with all interested collaborative entities in a secure, reliable manner. Because of highly unpredictable nature of the environments caused by malicious attacks or potential threats, minimizing transmission cost between source and sink nodes with jointly considering the security of the whole network is a critical issue. This paper considers two optimization problems of deriving the minimum cost paths from multiple source nodes to the sink node under the guaranteed level of the vulnerability. The link or node vulnerability is defined as a metric, which characterizes the degree of link or node sharing among paths. With the defined link vulnerability, the link vulnerability-constrained minimum cost paths problem is first formulated, and two polynomial-time algorithms are developed for deriving the optimal paths. For the node-vulnerability-constrained minimum cost paths problem, we adopt the network conversion and then achieve the optimal solution with previous proposed algorithms. The necessary condition for solution existence, the optimality of the proposed algorithms, and the related properties of tree network are further theoretically analyzed. Extensive simulations show the significant performance improvements achieved by our proposed algorithms.Copyright © 2014 John Wiley & Sons, Ltd.

1 Introduction

Cyber-physical system (CPS) is a system featuring a tight combination of, and coordination between, the system's computational and physical elements [1-3] and gaining importance as one of the key enablers of emerging applications. It necessitates reliable, robust, and rapid validation and evaluation mechanisms for integrated communication, coordination, and control solutions [4]. So far, numerous works have been carried on various forms of CPSs in the fields of modeling, optimization, and secure data aggregation and dissemination [3-6]. As a special form of CPS, wireless sensor networks (WSNs) require the low cost and secure data exchange among sensor nodes under the conditions that sensor nodes may be deployed in insecure environments and may suffer from external attacks or unreliable and insecure data transmission caused by various reasons. For the applications of WSNs, transmission cost and security are two essential issues that are usually required to be elaborately considered. They have attracted a lot of attentions from researchers and practitioners because of the challenging tasks emerging from various application scenarios. So far, extensive research works have been carried out on transmission cost minimization or the related security issues of the networks by exploiting different approaches [7-12]. However, no research work has been conducted on the joint optimization of transmission cost and network security, especially for the vulnerability, which refers to the degree of node or edge sharing among selected paths derived for data delivery.

In this work, we aim at studying an optimization problem of deriving the minimum cost paths from the source nodes to the sink node for data delivery under the constraint that the network is running under the required vulnerability level. Our research has been driven by two following goals: (i) Vulnerability, sensor networks suffer from various vulnerabilities caused by various attacks, threats, or even defects of the network itself. We seek to minimize the vulnerability for the data transmission between any pair of nodes for information exchange. (ii) Optimality, most data transmission schemes are devised on the basis of a chosen optimality criterion. Our research work seeks to achieve the minima of the overall transmission cost of the collected data that are delivered from the source nodes to the sink node. Some popular cost criteria include hop count and energy consumption and delay.

Multi-hop path is usually adopted for delivering the collected data acquired from the physical world from source nodes to sink node. The selection of paths significantly affects the transmission cost and vulnerability of the whole network. For example, the link shared by multiple paths usually suffers from the high risk of compromising from malicious attackers. We here use an example illustrated in Figure 1 to emphasize the impact of path selection on network security. Labels on the links between two network nodes are the costs associated with them. The numbers in the rectangles are the numbers of packets that need to be delivered from source nodes S1, S2, and S3 to sink node D. In this figure, as for transmission cost, the optimal paths are S1 → A → D, S2 → A → D, and S3 → A → D for nodes S1, S2, and S3, respectively, by using the traditional routing algorithms, such as Dijkstra's algorithm [13]. With this scheme, link A → D is used with high frequency, which results in the high risk of compromising from malicious attackers. However, by allowing nodes S2 and S3 for transmitting a part or all of its collected data through node B to sink node D, the risk of compromising link A → D can be remarkably reduced. Therefore, how to minimize the transmission cost from multiple source nodes to the sink node by taking into account the network security, that is, the vulnerability in terms of the link sharing among paths, is the issue that will be addressed in this work.

Figure 1.

The impact of path selection on network security.

With regard to vulnerability, because of the broadcast nature of transmission medium, WSNs are vulnerable to security attacks [14]. Moreover, WSNs may have an additional vulnerability because nodes may be placed in a hostile or dangerous environment where they are not physically protected. Attackers may devise different types of security threats to make the WSN system unstable. In [14], Kavitha and Sridharan proposed the layer-based classification of WSN threats and the capability of the attacker as (i) based on the capability of the attacker, for example, [7, 15], (ii) attackers on information in transit, for example, [8, 15], (iii) host based and network based, for example, [16], and (iv) based on protocol stack, for example, [9-12, 17]. To evaluate the vulnerability, many works have been carried out by adopting various approaches. Ten et al. [6] described the model of evaluating the system vulnerability, which is defined over a set of scenarios, by evaluating the vulnerability of the system. Wang et al. [18] introduced the concept of vulnerability to quantify the protection level from the source to a destination, which defines the vulnerability between two edge routers as the number of shared links between the two paths from the source to the two edge routers. In [19], Yang et al. further extended the concept of vulnerability to edge and node vulnerabilities so as to characterize the degree of edge and node sharing among different paths. Thus, this definition provides a new view of the vulnerability of the network in the topology perspective on the interactions among a set of minimum cost paths between the source nodes and the sink node, that is, if one link or node used by multiple paths, the other path should avoid using this path for data transmission, which provides the constraint for path selection.

Aside from vulnerability, the constrained minimum cost paths problem is to find a set of paths satisfying certain constraints, which is fundamental and arises in several applications. Because the wide range of applications in all the fields, numerous research works have been carried out on the minimum cost path problem and its variations, such as [13, 20-22]. Among these works, Yang et al. [19] investigated the problem of finding k paths with minimum edge/node vulnerability with the objective to protect a network against single link/node failure. However, in many scenarios, a more general problem is necessary to be considered for deriving the minimum cost paths from multiple source nodes to the sink node for data delivery while maintaining the network running under the required level of network vulnerability.

With the aforementioned concept of link and node vulnerability, in this work we consider the problem of deriving the minimum cost paths from multiple source nodes to the sink node under the constraint that the vulnerability of the whole network is under the required level. The main contributions of this work are (i) based on the link vulnerability, we mathematically formulate the link-vulnerability-constrained minimum cost paths problem and propose two polynomial-time algorithm for achieving the optimal solution with two proposed algorithms based on the max-flow theory; (ii) we formulate the node-vulnerability-constrained minimum cost paths problem, present the procedure of network conversion, and then achieve the optimal solution with previous two proposed algorithms; (iii) the necessary condition for the solution existence, the optimality of the proposed algorithms, and the related properties of the tree network are theoretically discussed; and (iv) extensive experiments are carried out to validate the effectiveness of our proposed method and show the performance enhancement by comparing with existing schemes. It is worthy to be mentioned that the proposed method is also applicable to deriving the minimum cost paths under the node vulnerability constraints.

The reminder of this paper is organized as follows: Section 2 mathematically introduces the network model and the vulnerability model. In Section 3, we mathematically formulate the link-vulnerability-constrained minimum cost paths problem, give the algorithms, and make the further discussions. Simulation results are shown in Section 5 for illustrating the significant performance enhancements achieved by our proposed scheme. Section 6 gives the concluding remarks.

2 System Models

2.1 Network model

The WSN can be represented as an undirected graph math formula, where math formula is a finite set of nodes, with math formula, and math formula is the set of links among nodes. Link e = (u,v) exists if nodes u and v are within each other's transmission range. Node s represents the sink node. Let P1, P2, ⋯ , Pk be all the source nodes deployed in some place of interest, denoted by P = {P1, P2, ⋯ , Pk}. Besides the source nodes and sink node, the other sensor nodes relay the collected data from the source nodes in P to the sink node s. For data transmission, a path is discovered from the source node Pi to the sink node s, denoted by πi : (Pi,v1),(v1,v2), ⋯ ,(vj,s). Each link math formula is associated with a cost c(u,v). Here, it is worthy to be mentioned that cost is a generic concept, which may denote hop count, energy consumption, or message delay. Then, the cost c(πi) of this path can be written as

display math(1)

Energy dissipation is one of the critical issues usually required to be considered and provides a specific case for the cost of paths in the WSNs. To calculate energy consumption in the network, the first order radio model [23-25] is usually adopted. In this model, the consumed energy for the transmitter to transmit a math formulabit packet of distance math formula can be calculated as

display math(2)

where ϵelec is the energy/bit consumed by the transmitter electronics and ϵamp the energy dissipated in the transmit op-amp. γ is the power index for the channel path loss of the antenna, which depends on the radio frequency environment. On the receiving side, the amount of energy that is required to capture the incoming radio signal can be calculated as

display math(3)

where ϵele is the energy/bit consumed by the receiver electronics. In this paper, we adopt the truncated automatic repeat request protocol, which was utilized in [26, 27], to guarantee the quality of data transmission. Without losing generality, we assume that the average number of retransmission times between node u and v is math formula, and all data packets are with the same size of math formula bits. Thus, for link e = (u,v), the consumed energy for relaying a math formula-bit packet can be calculated on the basis of Equations (2) and (3) as

display math(4)

Then, as for path πi, the energy consumption of path πi for transmitting a math formula-bit packet through this path can be calculated as

display math(5)

It is worthy to be mentioned that this model of energy dissipation is also exploited in our simulation experiment in Section 5.

2.2 Vulnerability model

Various vulnerability models are built for securely maintaining the running of all kinds of fragile networks,for example, [6, 18, 19]. In WSNs, multiple paths are usually available between every pair of nodes. To protect the network against single link/node failure, multiple disjoint paths are needed between a pair of source and destination nodes. The paths may be node-disjoint or link-disjoint. However, finding link/node-disjoint paths may not be possible in practical network because of the sparsity of the network and the traffic oversaturation for some links or nodes. Thus, when disjoint paths do not exist, alternatively, paths from multiple source nodes to the sink node with minimum shared links/nodes should be found. In this paper, we study the minimum cost data transmission on the basis of the link and node vulnerabilities, which are firstly proposed in [19].

We first introduce the model of link vulnerability.

Definition 1. Let math formula be an undirected graph. Given source node Pi and sink node s, let Π = {π1,π2, ⋯ ,πk} be a set of paths in a graph math formula from Pi to s. Then, the number of times, which link e appears in Π, can be defined as

display math(6)

where

display math(7)

Thus, we define

display math(8)

β(Π) is named link vulnerability of the paths in Π. Clearly, if β(Π) = 0, then all paths in Π are link-disjoint.

Now, as for node vulnerability, we give the following definition.

Definition 2. For Π = {π1,π2, ⋯ ,πk}, we define the number of times that node v is shared among paths in Π as

display math(9)

where

display math(10)

Thus, we define the node vulnerability of Π as

display math(11)

Clearly, if τ(Π) = 0, then all paths in Π are node-disjoint.

It is worth noting that both link and node vulnerabilities are defined on the number of paths using the link and node for data transmission. Thus, in the following sections, the vulnerability reduction of each link or node in the network is guaranteed in a manner of restricting the number of paths using the link or node for data transmission.

3 Link-Vulnerability-Constrained Minimum Cost Paths

3.1 Problem formulation

To guarantee network security, the constraint for the vulnerability of each link e = (u,v) is set up to N0(e), which is a positive integer, according to the definition of link vulnerability. In math formula, nodes u and v are called connected if math formula contains a path between them. Otherwise, they are called disconnected.

Definition 3. A s − P cut math formula is a set of links satisfying that, if these links are removed, nodes s and P are disconnected [28]. The weight of a sP link-cut math formula is defined as

display math(12)

Thus, the sP node-cut with the minimum weight can be denoted as math formula, simply called the minimum cut. This serves as the upper bound for the number of the source nodes in P that can be allowed for data transmission under the constraint N0(e) for each math formula, that is, math formula.

Here, we consider the problem of deriving the optimal paths from the source nodes to the sink node under the constraint N0(e) for each math formula. The optimization problem can be mathematically formulated as

display math(13)

3.2 The proposed algorithms

Before going further, we first introduce a strategy, which converts the undirected graph to the directed graph, with the objective to devise the algorithm with the help of the network flow theory [29]. For math formula, replace link (u,v) by two directed arcs math formula and math formula with cost math formula. Denote the arc set as math formula and the new network with arcs as math formula.

Now, for each math formula in math formula, we define f(u,v) as the current unit flow that can flow from node u to node v. First, we initialize f(u,v) = N0(u,v). The main idea of our algorithm is to update f(u,v) and f(v,u) constantly by f(u,v) = f(u,v) − 1 and f(v,u) = f(v,u) + 1, respectively. The details are described in Algorithm 1. Here, the minimum cost path πi is obtained using the Dijkstra's shortest path (DSP) algorithm. During the implementation of the DSP algorithm, we only consider the arcs math formula with f(u,v) ≠ 0.

image

In Algorithm 1, because the DSP algorithm runs math formula time to find the minimum cost path πi, the runtime of Algorithm 1 is bounded by math formula, where math formula is the number of nodes in math formula.

Further, for math formula, r(u,v) = | N0(u,v) − f(u,v) | is the number of paths that utilizes arc math formula for data transmission. Now, we can add weight r(u,v) on link (u,v) for each math formula. Based on that, we propose Algorithm 2 for finding the minimum cost paths from the source nodes in set P to the sink node s. The main idea is that repeatedly find the optimal paths and calculate the proper packet amount that will be imposed on this path and subtract the data amount from the results derived by Algorithm 1.

image

As for computation complexity, adding weight g(u,v) to link (u,v) in graph math formula takes math formula time. Further, finding the minimum cost path using the DSP algorithm takes math formula time. Because at least one link is deleted after one minimum cost path is found, the DSP algorithm runs at most math formula times. Thus, the computational complexity of searching for the optimal data transmission scheme is math formula.

3.3 Further discussions

Given network math formula and N0(e) for each link e, the optimal solution is the main concern in the aforementioned optimization problems. To guarantee the existence of the optimal solution, a necessary condition is first presented as follows.

Proposition 1. Given network math formula with the source node set math formula and the sink node s. If the optimal path between s and each Pi of P exists, then we have

display math(14)

where math formula.

Proof. We prove this proposition by contradiction. Suppose math formula for node cut math formula. There exists at least one link e0, in math formula, that undertakes the tasks of data transmission for more than N0(e0) source nodes in P. Otherwise, there must exist math formula source nodes that have no path to the sink node s because the node set math formula serves for at most math formula source nodes. This is contrary to that N0(e0) is the constraint imposed on link e0. Thus, the proposition holds.

As for the performance of Algorithms 1 and 2, the following proposition is given.

Proposition 2. Algorithms 1 and 2 achieve the optimal solution of Equation (13).

To prove the optimality of the proposed algorithms, we first need to recall the Min-Cost Max-Flow Theorem [29].

Theorem 3. (Min-Cost Max-Flow Theorem) Let f1 be an optimal flow of value v in an instance of min-cost flow. Let f2 be a flow of value 1 along an st augmentation path P in N ′ (f1) of least cost. Then, f1 + f2 is an optimal flow of value v + 1.

Proof. According to Min-Cost Max-Flow Theorem, because the minimum cost path, that is, the augmenting flow in the network flow theory, is found each time, Algorithms 1 and 2 achieve the minima of the cost after modifying the constraint information with the found path. Therefore, they achieve the optimal solution of Equation (13).

4 Node-Vulnerability-Constrained Minimum Cost Paths

Before going further, it is worthy to be mentioned that the problem that will be discussed in this section is distinctively different from the aforementioned problem addressed in Section 3. As shown in Figure 2, path π1 : 1 → 3 → 5 and path π2 : 1 → 2 → 3 → 4 → 5 are two link-disjoint but node-joint paths used for data transmission between nodes 1 and 5. With definition 1, the link vulnerability is calculated as β({π1,π2}) = 0, while the node vulnerability is calculated as τ({π1,π2}) = 1. It can be observed that link vulnerability cannot reflect the node vulnerability of the network. Thus, we first formulate the problem of node-vulnerability-constrained minimum cost paths and then propose the solution method for finding the optimal solution.

Figure 2.

Illustration of the relations with node-joint paths and link-joint paths.

4.1 Problem formulation

To transmitting data securely, a constraint is imposed on each node u as N0(u) that serves as the upper bound on the number of source nodes using node u for data transmission. According to Definition 2 of node vulnerability, N0(u) is an positive integer. Similar to Definition 3 of sP link cut, the sP node cut can be defined as follows.

Definition 4. A sP node-cut math formula is a set of nodes satisfying that, if they are removed from math formula, nodes s and P are disconnected [28]. The weight of a sP node-cut math formula is defined as

display math(15)

Thus, the sP node-cut with the minimum weight can be denoted as math formula. This serves as the upper bound for the number of source nodes in P that can be permitted by the network for data transmission under the constraint of node vulnerability, that is, math formula.

Here, we consider the problem of deriving the optimal paths, denoted as π1, π2, ⋯ , πk, from the source nodes in P to sink node s under the constraint of N0(u) for each math formula, which can be mathematically formulated as

display math(16)

4.2 The proposed algorithms

Similar to the method proposed in [25], the weights imposed on the node prevent the application of the max-flow algorithm directly. Hence, the procedure of network conversion is introduced to convert the undirected network math formula to the directed network math formula for using Algorithms 1 and 2. The details of this procedure is stated in Algorithm 3, where math formula represents a large positive number larger than math formula.

image

In Algorithm 3, we do the operations on each node and each link one time, respectively. Thus, the computational time-complexity of Algorithm 3 is math formula, where math formula denotes the number of nodes and math formula represents the number of links.

Upon implementing network conversion, Algorithms 1 and 2 can be directly applied for deriving the optimal paths from source nodes in P to sink node s under the constraint of N0(v) for each node v.

4.3 Further discussions

Conventional approaches for data aggregation or dissemination usually construct the tree-shaped network [30-32]. Now, with the help of the notions of the link and node vulnerability, we analyze the security property of this topology. In this topology, each leaf has, and only has, one path to sink node s. Here, the source nodes in P can be envisioned as the leaf nodes in the tree. To restrict the vulnerability of the network, a naive method is to restrict the degree of the nodes. As shown in Figure 3(a), given a tree in which the degree of each node is not more than 3, nodes 4, 5, 6, 7, 8, and 9 use link (s,3) or node 3 for data transmission. This provides the worst case for restricting the number of source nodes in the manner of restricting the degree of nodes due to the excessive data transmission tasks that will be taken by node 3. Thus, this implies that (i) the tree network suffers high risk under the criteria of the link and node vulnerabilities and (ii) restricting the link and node vulnerability cannot be achieved by simply restricting the degree of nodes in the tree.

Figure 3.

The conventional data aggregation topology for wireless sensor networks: (a) tree-shaped network and (b) s-rooted tree.

Here, it is worthy to be mentioned that the tree shown in Figure 3(a) can also be envisioned as a s-rooted tree (Figure 3(b)). The source nodes are thought as leaves in the tree because it is assumed that the source nodes do not transmit the data for other source nodes in the task-effective perspective. In Figure 3(b), each parent in every subtree has two sons, and root s has three sons. Let the direction be from the parent to the son. Then, the in-degree of the node is the number of links coming into it, while the out-degree of the node is the number of links going out of it. On the basis of this, we recall the following definition and lemma about m-ary tree, which are firstly addressed in [28, 33].

Definition 5. (m-ary Tree, Level Number, Tree Depth, Complete Regular m-ary Tree) Suppose T is a tree rooted with s and m is a positive integer.

  1. If the out-degree of each node in T is not larger than m, that is, deg  − (v) ≤ m for any v ∈ T, then T is called an m-ary tree.
  2. For each v ∈ T, the number of edges on the path from root s to node v is called the level number of node v. Obviously, the level number of root s is 0. The largest level number of all nodes is defined as the depth of T, simply denoted by δ(T).
  3. If the out-degree of each branch node is equal to m, that is, deg  − (v) = m for any v ∈ T, then T is called a full m-ary tree. An m-ary tree T with δ(T) levels is complete if all levels except possibly the last are completely full, and the last level has all its nodes to the left side.

Lemma 4. Suppose T is an m-ary tree with root s. Then, (a) the ith level of T has at most mi nodes; (b) T has at most math formula nodes; (c) if T is also a regular m-ary tree with b branch nodes, then T has (m − 1) ⋅ b + 1 leaf nodes and | T | = m ⋅ b + 1.

According to Lemma 4(a), for a δ(T)-depth m-ary tree T, to accommodate all source nodes in P, the number of leaf nodes on the δ(t)-level of T should satisfy mδ(T) ≥ | P | , that is, δ(T) ≥ log m | P | . In this paper, it is assumed scheme Π contains all paths from the leaf nodes to the root s. With Lemma  4(c), for each subtree T ′ in the m-ary tree T, if the root r of T ′ has b branch nodes, then according to Definition 2, the node vulnerability between the leaf nodes and the root r is (m − 1) ⋅ b under scheme Π. Obviously, this provides an effective method for computing the node vulnerability of scheme Π in the tree network. For accommodating | P | source nodes, an efficient way is to make sure that each branch node have m sons. Otherwise, much more nodes will be introduced to connect the source nodes and the sink node, which unavoidable increases the value of the node or link vulnerability of the network. This implies the full δ(T)-depth m-ary tree T provides the lower bound of the node or link vulnerability of the network. Thus, the following proposition is first given for node vulnerability of the network.

Proposition 5. Given a full and complete δ(T)-depth m-ary tree T with root s, Π is the scheme containing all paths from the leaf nodes to root s. Then, the node vulnerability of Π can be represented as

display math(17)

Proof. According to Definition 2, the root s and leaf nodes at depth δ(T) are not considered in the calculation of the node vulnerability of the network. Now, consider the m branch nodes at depth 1. According to Lemma 4, the node vulnerability value for each branch node is mδ(T) − 1 − 1 because each branch node connect to mδ(T) − 1 leaf nodes at the δ(T) level. Thus, the sum of the node vulnerability at depth 1 can be calculated as m ⋅ (mδ(T) − 1 − 1). For depth 2, the sum of the node vulnerability can be calculated as m2 ⋅ (mδ(T) − 2 − 1). Then, with the similar method, the node vulnerability for each level of the tree can be calculated. Therefore, the sum of all branch nodes at every level of the tree can be calculated as

display math(18)

In general, the values of link and node vulnerabilities of the network are different, as shown in Figure 2 with β({π1,π2}) = 0 ≠ τ({π1,π2}) = 1. However, for given tree T, we present the following proposition.

Proposition 6. For any arbitrary tree T with root s, Π is the scheme containing all paths from leaf nodes to root s. Then, the values of the link and node vulnerabilities are equal.

Proof. To prove this proposition, we only need to build the mapping between the link and node vulnerabilities. Given an arbitrary tree, for any branch node v, we have a link e from the father node to this branch node. Because the node v and link e share the same paths in the scheme Π. Therefore, the node vulnerability of node v and the link vulnerability of link e are equal. Because for any branch node, the mappings between the branch node and the corresponding link with the similar method, the node and link vulnerabilities of scheme Π are equal.

Obviously, Propositions 5 and 6 provide a method for computing the node and link vulnerabilities of Π in the tree network. Further, these conclusions are also helpful in designing the tree network for data aggregation and dissemination.

5 Performance Evaluation

During the simulations, we randomly distribute sensor nodes over a 100 × 100 m 2 area. Figure 4 shows the experimental topology of the WSN with the sink node, the source nodes distributed in the vicinity of the happening event and the relay nodes. The initial energy of each node is set equal to 2 J. The energy consumption for the transmitting is set equal to 50 nJ/bit, transmitting amplifier 100 pJ/bit/m 2 and the receiving circuitry 50 nJ/bit. Source node s generates 2000-bit packets of collected data and transits them to node t via the chosen multi-hop paths, where the packet size is fixed. Here, we generalize the concept of link cost, which can be anything ranging from expected delay to link quality. Random numbers in the range of [0,1] are generated to represent the cost of each link given the maximum cost of the links is normalized to 1. On the basis of the analytical results, the mathematical software MATLAB [34] (Natick, Massachusetts, USA) is adopted to realize the simulation experiments.

Figure 4.

The experimental topology of the wireless sensor network.

5.1 Validation of our proposed scheme

To validate the performance of the proposed scheme, we run the system with the optimal paths on the networks with 100, 150, and 200 relay nodes, respectively. The communication radius is set up to 30 m, and the given constraint of the using times of each link is in the range of [1,10] with step size 1. Here, the link vulnerability defined in Section 3 is adopted. As shown in Figure 5, we successfully restrict the vulnerability of P with the given constraint N0. In this figure, we observed that (i) the vulnerability of P gets smaller and smaller as the decrease of given constraint N0, which illustrates the effectiveness of our proposed method for guaranteeing the network running under the given vulnerability level, and (ii) the vulnerability of P in the network with much more relay nodes is smaller than that in the network of small number of node because more available paths can be found in the former network.

Figure 5.

Illustration of the vulnerability versus the given constraint N0 with the networks of 100, 150, and 200 relay nodes, respectively.

To illustrate the difference of link vulnerability and node vulnerability, we also carry out the experiments with the 100-relay-node network under the given constraint N0 in the range of [1,7] with step size 1. The 10 source nodes are distributed in some place of interest. The constraints are imposed on links and nodes, respectively, and then collect the data of the cost, link and node vulnerability. As shown in Figure 6(a), under the same network conditions, the costs with the link constraint and node constraint achieve the minima of the sum of costs of the optimal paths between the source node set P and the sink node s. Meanwhile, this implies the optimal scheme can be found with both the link and node constraint. Figure 6(b) is the result of the link and node vulnerability under the given constraints. It is observable that the link vulnerability of P is more sensitive to the varying of the given constraint. With the same derived scheme, in the case of link constraint, each shared links is adjective to two shared nodes in the case of node constraint. The other shared nodes decrease the sensitivity of the node vulnerability. Thus, the link constraint will be the preferred one for guaranteeing the running of the network under the required vulnerability level. In the following sections, link vulnerability is adopted to evaluate the performance enhancement of our proposed scheme.

Figure 6.

Performance evaluation on the sum of path costs and the node and link vulnerability under different given constraints with the 100 relay-node network: (a) the sum of path costs and (b) the node and link vulnerability.

5.2 Performance comparison

In the following, two sets of experiments are carried out for evaluating the performance enhancement of our proposed scheme by comparing with existing schemes: one set of experiments is conducted on the network with different number of relay nodes, and the other set of experiments aim to demonstrate the vulnerability change through the whole lifetime of the given network.

In this first set of experiments, we randomly distribute 100, 150, 200, 250, and 300 relay nodes in the 100 × 100 m 2 area, respectively. We compare our proposed scheme with the routing algorithms of minimum cost forwarding (MCF) [13] and the energy aware routing (EAR) [21], which occasionally use the suboptimal paths for data transmission with the objective to protect the optimal path and thereby prolong the lifetime of the network. Our proposed method aims to find the Vulnerability-Constrained Minimum Cost Paths (VCMCP).

We keep running the system until all the paths between the source node set P and the sink node s are found and utilized for data delivery. Then, we collect the link vulnerability of P and the sum of the costs of all the paths, as shown in Figure 7. To simplify the simulation but not lose the generality, we give the same constraint for all the relay nodes as N0 = 2,3. It can be observed from the figure that our proposed scheme achieves significant performance improvement. For the vulnerability, compared with the MCF and EAR, our proposed scheme reduces up to 57.49% and 41.26%, respectively, for N0 = 2, while achieves the reduce of 44.08% and 22.37%, respectively, for N0 = 3 as shown in Figure 7(a). As for transmission cost, the MCF achieves the minima of the sum of path costs. Here, the MCF can be considered as a special case of our proposed method with N0 = | P | . As N0 decreases, the sum of path costs increases gradually, while the vulnerability of P decreases gradually, as shown in Figure 7(a) and (b). Thus, a proper trade-off between the vulnerability of P of the network and the overall transmission cost is necessary to be determined when designing the schemes for data delivery.

Figure 7.

Performance evaluation on the vulnerability of P and the sum of paths in the wireless sensor networks with different number of relay nodes: (a) the link vulnerability of P and (b) the sum of path costs.

The second set of experiments is carried out on the WSN with 100 relay nodes. The lifetime of the network is defined as the duration of the network in which all source nodes in P can successfully transmit the data to the sink node s, that is, the network lifetime expires when one or more source nodes cannot transmit the collected data to the sink node s due to the deplete energy. Here, we assume all the source nodes send one packet per second to the sink node s. As shown in Figure 8, the vulnerabilities of P are collected during the whole lifetime of the network under the MCF, EAR, and our proposed scheme with N0 = 2,3. At first, as shown in this figure, during the whole network lifetime, our proposed scheme outperforms the others. Even though the EAR achieves the minima, with β(P) = 7, from time t = 1 to 546 s, it performs worse and worse as the time goes. From the security-effective perspective, the network running above the given security level is unacceptable. Also, the MCF achieves the shortest network lifetime among three schemes, while the EAR and our proposed scheme make the larger network lifetime. This is because some critical relay nodes undertake too heavy data transmission tasks under the MCF, while, in the EAR and our proposed schemes, the data transmission tasks are effectively allocated to much more relay nodes so as to protect these critical nodes. Second, with the given N0, in this figure, our proposed method achieves the largest network lifetime. Therefore, the trade-offs among the security, the overall lifetime, and the overall transmission cost of the network are three major considerations for managing the running of the network.

Figure 8.

Comparison of the vulnerability of P over the whole lifetime of the network under the minimum cost forwarding, energy aware routing, and our proposed scheme.

6 Conclusion

One of the major challenges in WSNs is to minimize the overall transmission cost by taking into account the security of the whole network. In this paper, on the basis of the link vulnerability, we have investigated the minimum cost paths problem between multiple source nodes and the sink node under the vulnerability constraints, with which the link or node sharing can be effectively restricted. Then, for the problem restricted by the link vulnerability, two polynomial algorithms have been proposed for deriving the optimal paths based on the max-flow theory. For the problem restricted by the node vulnerability, the procedure of network conversion has been presented, and the optimal solution has been achieved with previous two proposed algorithms. Further, we have theoretically analyzed the necessary condition for the solution existence, the optimality of the proposed algorithms and the related properties of the tree network. Extensive experiments have been carried out to illustrate the effectiveness and efficiency of the proposed algorithms. The results show that the significant performance enhancements have been achieved by our proposed method.

Acknowledgements

This work was supported in part by the National Science Foundation under grant nos. 1145596 and 0830493 and the National Natural Science Foundation of China under grant no. 61302031.

Ancillary