1 Introduction

Natural hazard-related disaster events are not always isolated and static. A series of secondary disasters are often induced along with the development of the primary disaster, forming a disaster chain (Helbing 2013; Zheng et al. 2019). The massive casualties and devastation caused by disasters are usually the cumulative and amplified results of the spatiotemporal interactions among multiple disasters. In 2008, the freezing rain and snow disaster in southern China triggered serious secondary and derivative disasters, including traffic accidents, power grids collapse, and freezing damage, resulting in economic losses of USD 20.1 billion (Chen et al. 2011). In 2011, the earthquake-induced tsunami in Japan caused more than 20,000 deaths, and destroyed the Fukushima nuclear power plant, leading to a horrific radioactive material leakage accident, which brought a worldwide and long-term environmental impact (Murata 2021; Okada et al. 2011). In many cases, secondary and derivative disasters are even more destructive than the primary ones (Ha et al. 2016), and multiple risks are often interacted with each other and cannot be handled separately (Shi et al. 2010; Renn et al. 2018). Therefore, to better understand, estimate, and mitigate the negative impacts of disasters, it is of great significance to simulate the spatiotemporal evolution of disaster chains rather than a single hazard.

Disaster models simulate the development of disasters to assist emergency responders in estimating the scope and severity of damage (Fan 2007; Yuan 2016). Many disaster models have been developed for different types of natural hazards and disasters such as hurricanes (Miljkovic and Miljkovic 2014), earthquakes (Shuai et al. 2020), floods (Chen et al. 2022), tsunamis (Wang and Jia 2022), and wildfires (Jiang et al. 2021). These models are well suited for single-hazard scenarios but cannot simulate multi-hazard scenarios. Some studies have developed multi-hazard models by integrating different single-hazard models in a tightly coupled way, such as storm-flood model (Ding 2016) and post-earthquake fire model (Lee and Davidson 2010). The tightly coupled method can fit specific multi-hazard scenarios accurately with tailored hybrid models, but always requires a large amount of work and cannot be flexibly used for scenarios with different or more disaster types. To increase the flexibility of integrating different models, some studies adopt a loosely coupled method, which chains multiple models to a service chain by following certain software architecture principles (Weiser and Zipf 2007), such as bomb threat analysis system (Stollberg and Zipf 2007) and fire detection system (Samadzadegan et al. 2013). However, these studies mainly focus on decomposing a single-hazard model into several service-based sub-functions (for example, buffer analysis, path planning), and orchestrating them into a service chain to facilitate model execution. There is a paucity of research on coupling multiple single-hazard model services into a disaster model service chain (DMSC) for multi-hazard modeling.

The development of DMSCs requires high accessibility and interoperability of single-hazard services be efficiently coupled. However, existing disaster services are usually developed using different mechanisms and programming languages. Most of them have poor compatibility and interoperability due to the different data structures of the inputs and outputs, as well as the lack of a standard execution mode. There are few studies on service standardization to support multi-hazard modeling. Multi-hazard modeling is essential for disaster management system development. The concept of disaster management has been widely used in community resilience (Saja et al. 2021; Benekos et al. 2022; Chisty et al. 2022), emergency decision-making systems (Yi et al. 2012; Bang 2014; Shakeri et al. 2021), and other relevant domains. But developing disaster management systems with model service paradigms and interface specifications is still an area that has not been widely investigated. The Open Geospatial Consortium (OGC) has proposed the Web Processing Service (WPS) specification to standardize the process of publishing geospatial models as web services. The OGC WPS has been widely used in environmental and natural hazard and disaster modeling, such as hydrologic modeling (Qiao et al. 2019; Qiao et al. 2021), flood response modeling (Tan et al. 2016), and multi-hazard assessment (Bathrellos et al. 2017; Skilodimou et al. 2019). The OGC WPS has been demonstrated to enable models to be reused and chained to construct complex modeling workflows for decision-making systems. However, there are few studies leveraging OGC WPS in multi-hazard DMSC modeling. In addition, interface specification is the crucial component for WPS interoperability, but only a few specifications were proposed to standardize disaster model interface like FireML for fire models (Jiang et al. 2018), and EarthquakeML for earthquake models (Babaie and Babaei 2005). There is still a lack of unified interface specifications for more disaster models, especially in DMSC scenarios.

In addition, single-hazard models in a disaster management system are orchestrated following certain rules to form a DMSC. The rules to chain disasters are normally constructed based on the causal relationship between disasters (Wang et al. 2020). The concept of disaster chain rules has been used in emergency response to decompose tasks into phases, with different disaster models running in each phase (Shao et al. 2009). However, current research on disaster chain rules is mostly based on simulations or historical cases, relying heavily on expert experiences, and limited to a few types of disasters, such as earthquakes (Sakahira and Hiroi 2021) and typhoons (Purwar et al. 2020). Zheng et al. (2019) proposed a data-based method to summarize disaster chain patterns by extracting the relationship between disasters from academic publications and social media datasets. The constructed disaster chain network is complex and undirected, making it difficult to exactly relate each disaster node to single-hazard models. The physical chain for execution is built following the disaster chain rule and further optimized by the service quality of each single-hazard model. Quality of Service (QoS) has been widely used in many research areas for service quality evaluation, such as business (Jung 2011), supply chain (Cho et al. 2012), network GIS performance (Yang and Evans 2017), and Internet of Things (Said 2022). For disaster modeling, the QoS evaluation method with indicators has been proved to be effective in optimizing disaster model combination (Wang et al. 2020). However, current studies focused on conceptual design with less consideration of disaster system theory (Shi 2005; Shi et al. 2020) and spatiotemporal characteristics of disasters (Wang and Lv 2016).

To address the above research gaps in DMSCs, we developed a disaster management system that can design and build DMSCs to support interoperable multi-hazard modeling. In the system, we designed an OGC-based disaster management module to standardize the service paradigm and interface specification of single-hazard models for complex multi-hazard scenarios, an orchestration module to adaptively orchestrate DMSCs for diverse multi-hazard scenarios. An earthquake case study was conducted to demonstrate the multi-hazard modeling procedure with this system. The primary contributions of this work include but not limited to:

  1. (1)

    A disaster management system for DMSCs to support multi-hazard modeling, reducing design complexity, and improving model reusability.

  2. (2)

    A service management module to publish heterogenous models as standardized OGC WPS services with unified interface specifications, enabling efficient communication between models.

  3. (3)

    A service orchestration module to adaptively build and optimize DMSCs following disaster chain rules and QoS evaluation.

2 Methodology

The framework design of the disaster management system is critical for the implementation of interoperable multi-hazard modeling. Three primary components are first proposed to illustrate the interaction process between this system and remote users or providers. Then, two core system modules are defined to elaborate how to manage the distributed single-hazard models and orchestrate them into an executable disaster model service chain.

2.1 System Framework

The disaster management system consists of three primary components: disaster model user, disaster model provider, and disaster management platform (DMP). The disaster model users are people who send disaster analysis requests as descriptive text to execute the model services hosted on the DMP via the network. The disaster model providers are people who register distributed disaster models and publish them as web services on the platform via the network. The DMP accepts requests from model users and providers, processes the requests, and sends results back as responses. The DMP contains a model standardization engine, an emergency semantic engine, a disaster chain rule engine, and a QoS evaluation engine. The model standardization engine is used to verify the validity of the registered models from service paradigm and interface specification. The emergency semantic engine is used to extract disaster keywords from the description text in users’ requests. The disaster chain rule engine is used to classify disaster models and orchestrate them into the DMSC. The QoS evaluation engine is used to identify the optimal DMSC for execution. The interactions among these three system components are shown in Fig. 1.

Fig. 1
figure 1

Interactions among model users, model providers, and disaster management platform (DMP). QoS Quality of Service

2.1.1 Interactions Between Disaster Model Providers and DMP

Model providers need to prepare models following the service paradigm and the interface specification. After receiving a model registration request from the model provider, the DMP uses the model standardization engine to validate the model and then initiates execution requests to its qualified provider to obtain the model’s QoS value. Finally, the qualified disaster model is clustered by its disaster type and stored in the accessible disaster model cluster database.

2.1.2 Interactions Between Disaster Model Users and DMP

When a model user sends a request to use a multi-hazard modeling service hosted on the DMP, the DMP first calls the emergency semantic engine to extract disaster keywords from the request and then uses the disaster chain rule engine to adaptively orchestrate a DMSC. The orchestrated DMSC is a logical chain in this step, and it can be pruned by users to filter unimportant disaster nodes. The DMP then uses the QoS evaluation engine to choose the optimal model for each chain node and form a physical executable DMSC.

2.2 Disaster Model Management Module

The disaster model management module is the basis to enable single-hazard models to be accessible, reusable, and interoperable. The disaster system theory is adopted to analyze the spatiotemporal characteristics of disaster chains and divide them into three structural components. Based on this theory and the OGC standards, these single-hazard models are first defined as WPS-based services, and then a disaster model markup language (DMML) is designed to standardize the interface representation of these services. These methods allow single-hazard models to be accessed remotely and interact efficiently with each other.

2.2.1 Disaster System Theory

Disaster system theory is the key to managing and applying diverse disaster models. Existing disaster theories indicate that a disaster event is a structural system composed of hazard, the geographical environment, and exposed units (Shi 2005; Shi et al. 2020). A disaster chain can be described as a mathematical representation (Wang and Lv 2016). Based on the disaster system theory, the general process of the DMSC is defined as shown in Fig. 2. Single-hazard models can be chained together as an integrated multi-hazard model. A disaster model \({DM}_{i}\) in the chain can output disaster loss (DL) and hazards. These factors are crucial components to triggering the next disaster model \({DM}_{i+1}\). The enabling geographical environment and exposed units are two other indispensable input elements of the disaster model \({DM}_{i+1}\). When any of the above three elements are missing, the \({DM}_{i+1}\) will not be activated. Meanwhile, the DMSC is a more complex chain, as its nodes are independent single-hazard models generating spatiotemporal characteristics of the hazards. For instance, some models’ impacts are instantaneous (for example, earthquakes), while others are continuous (for example, wildfires). The hazards output by node models should contain the spatiotemporal attributes to ensure spatiotemporal consistency.

Fig. 2
figure 2

General process of the disaster model service chain (DMSC)

2.2.2 Disaster Model Specification

Most disaster models are tightly coupled in independent emergency systems to provide offsite model operations for remote users, making it impossible to be reused and integrated with other offsite modules. As described in this section, a disaster model management module is developed based on the OGC WPS and the disaster system theory, which adopts a service paradigm and interface specification to improve the interoperability of distributed heterogeneous single-hazard disaster models. In this system, we first extended the WPS to define the service paradigm for disaster models with GetCapabilities, DescribeProcess, and Execute to standardize the model query, model description, and model execution. The GetCapabilities operation requests metadata for the disaster model service, including the service name and function description, and so on. The DescribeProcess operation requests the detailed parameters required by the model service, including the data type, data constraint, data description, among others. The Execute operation runs the service and returns results.

The service paradigm improves model shareability and reusability based on the service-oriented architecture (SOA). However, there is still a lack of unified interface specifications to further improve the interoperability of distributed heterogeneous disaster models. Therefore, a disaster model markup language (DMML) is proposed to standardize the interface representation of disaster models in the WPS process, as shown in Fig. 3. The framework of DMML is designed based on the disaster system theory for better adaptation to various disaster models. The DMML consists of four key elements—hazard (HA), geographical environment (GE), exposed units (EU), and disaster loss (DL). The EU element is aimed at describing the concerned objects affected by the disaster and categorized as infrastructure, natural resources, and humans. Infrastructure contain human-made critical infrastructure, such as gas pipelines, power grids, buildings, roads, hazardous chemical tanks, and so on, while natural resources include atmosphere, water, forest, soil, among others. The HA may be a fire that ignites dry wood, which triggers disasters in the GE. Natural and human factors both are components of the HA element. Natural factors include powerful natural hazards (earthquakes, typhoons, droughts, landslides, and so on), able to damage the EU and even cause other hazards and disasters. Human factors are mainly concerned with urban facilities, such as traffic accidents, chemical accidents, electrical accidents, and gas accidents. The GE element describes the natural environment and urban environment of disaster evolution. The DL element is set to describe the disaster damage to the economy, casualties, infrastructure, and natural resources.

Fig. 3
figure 3

Framework of the disaster model markup language (DMML). EU Exposed Units, HA Hazard, GE Geographical Environment, DL Disaster Loss

To validate the output of the developed disaster model, a DMML-based XSD (XML Schema Definition) is implemented to define the structure and constrain the contents of the proposed DMML. The XSD uses schema components to constrain and document the meaning, usage, and relationships of their constituent parts: data type, element, content, attribute, and value (Gao et al. 2012). Therefore, the DMML-based XSD can be adopted to verify that the inputs and outputs of the model conform to the pre-defined interface specifications. This is the most fundamental component to ensuring model interoperability, and based on this, the disaster models in the DMSC can interact efficiently with each other.

2.3 Adaptive Disaster Model Service Chain (DMSC) Orchestration Module

Service orchestration is a key step to combine single-hazard disaster models and form a specific DMSC. However, existing DMSC orchestration methods heavily rely on experts’ experiences and support limited specific disaster types. Therefore, they are not flexible and comprehensive enough for complex and diverse multi-hazard scenarios. Here, our system adopted a DMSC orchestration module based on disaster chain rules and the QoS evaluation method. This module can adaptively orchestrate single-hazard disaster models into a loosely coupled optimized DMSC according to user-provided description text through three steps: logical chain construction, physical chain construction and optimization, and dynamic adjustment for service failure.

2.3.1 Logical Chain Construction

The disaster keywords can be extracted from the user-provided description text based on a sematic-based keywords extraction algorithm (Wang and Huai 2012). These keywords consist of five important categories: time, location, disaster type, model function, and model constraints. To address the limitations of the experts’ experiences and cover more disaster types, we adopted a data-driven all-hazard disaster chain construction method proposed by Zheng et al. (2019) and further processed it to construct a disaster chain rule database. Then taking the disaster-type keyword as the initial node, a specific disaster logical chain with a finite number of nodes can be extracted through the depth-first traversal algorithm. Meanwhile, it is necessary to determine the chain association between different disaster nodes when there are multiple disaster-type keywords. Disaster chains with different disaster nodes as initial nodes are constructed separately, and then they will be merged if these are the same disaster nodes in the chain. Otherwise, they retain their respective complete chains. For instance, two specific logical chains can be generated when taking “earthquake” and “wildfire” as initial disaster nodes with the search depth as 2. The wildfire logical chain is merged into the earthquake logical chain when the fire disaster node is in the earthquake logical chain, as shown in Fig. 4.

Fig. 4
figure 4

Construction process of an earthquake logical chain

2.3.2 Physical Chain Construction and Optimization

The logical chain describes the disaster node types and their chain structure. There are multiple alternative disaster model services for each disaster node. Therefore, optimizing the best combination of disaster models is significant for modeling multi-hazard scenarios. The QoS evaluation method has been widely used in model service performance evaluation (Gui et al. 2009). Here, we adopt this method to quantitatively evaluate disaster model performance with evaluation indicators such as the response time (T), throughput (\(Tp\)), availability (\(A\)), reliability (R), reputation (Rp), and cost (C). \(T\) is time to receive a response, as defined in Eq. 1:

$$ T = \frac{1}{n}\mathop \sum \limits_{i = 1}^{n} \left[ {T_{i} \left( {tran} \right) + T_{i} \left( {process} \right)} \right] $$

where \(T_{i} \left( {tran} \right)\) is the transmission time, \(T_{i} \left( {process} \right)\) is the processing time. \(Tp\) is the number of processed requests per unit time, as defined in Eq. 2:

$$ Tp = \frac{1}{n}\mathop \sum \limits_{i = 1}^{n} \left[ {{\text{max}}(N_{i} \left( P \right)/T_{i} \left( m \right))} \right] $$

where \(T_{i} \left( m \right)\) is the test time, \(N_{i} \left( P \right)\) is the number of processed requests during \(T_{i} \left( m \right)\). \(A\) is the probability of service accessibility, as defined in Eq. 3:

$$ A = \frac{1}{n}\mathop \sum \limits_{i = 1}^{n} \left[ {T_{i} \left( u \right)/T_{i} \left( m \right)} \right] $$

where \(T_{i} \left( u \right)\) is the normal operating time during \(T_{i} \left( m \right)\). \(R\) is percentage of successful calls to the total number of calls, as defined in Eq. 4:

$$ R = \frac{1}{n}\mathop \sum \limits_{i = 1}^{n} \left[ {N_{i} \left( s \right)/N_{i} \left( k \right)} \right] $$

where \(N_{i} \left( s \right)\) is the number of successful responses, and \(N_{i} \left( k \right)\) is the number of requests. \(Rp\) is the model score given by users, as defined in Eq. 5:

$$ Rp = \frac{1}{n}\mathop \sum \limits_{i = 1}^{n} \left[ {Rp_{i} } \right] $$

In our system, Locust (Jonatan et al. 2021), an open model load testing software, is adopted to acquire \(T\), \(Tp\), and \(A\). \(Rp\), \(C\) (cost to call the service) are subjective indicators determined by disaster model users and disaster model providers respectively. If there are \(N\) nodes in the logical chain, \(S_{i } \left( {i = 1,2,3, \ldots ,N} \right)\) is the number of candidate models for the \(n^{i}\) disaster node, then the number of candidate physical chains can be calculated as \(\mathop \prod \limits_{i = 1}^{N} S_{i}\). Figure 5 presents one of the disaster model physical chains built from the merged chain shown in Fig. 4, where E2 in the earthquake node means the 2nd earthquake model in the disaster model cluster database.

Fig. 5
figure 5

A disaster model physical chain

The purpose of physical chain optimization is to provide users with the best DMSC. The optimization method is determined by both disaster node performance and the chain structure. The model node performance can be represented by the QoS indicators, while the chain structure is defined by the structure calculation rules. Different from common chains that consist of sequence, selection, and parallel, the DMSC has no selective structure since disasters under the same parent node rarely have complete mutual exclusivity, they are independent and only determined by three disaster trigger elements. In the sequential structure, QoS indicators \(T\), \(A\), and \(R\) for each physical chain can be defined as Eq. 6:

$$ T = \mathop \prod \limits_{i = 1}^{n} T_{i} ,A = \mathop \prod \limits_{i = 1}^{n} A_{i} ,R = \mathop \prod \limits_{i = 1}^{n} R_{i} $$

where \(n\) means the number of disaster nodes in the sequential structure. \(Tp\), \(Rp\), and \(C\) can be defined as Eq. 7:

$$ Tp = \min \left( {T_{{p_{i} }} \ldots ,T_{{p_{n} }} } \right),{ }Rp = \mathop \sum \limits_{i = 1}^{n} \frac{{R_{{p_{i} }} }}{n},C = \mathop \sum \limits_{i = 1}^{n} C_{i} $$

The parallel structure is taken as a child node of the sequential structure, and each branch of the parallel structure may contain only one node or another sequential structure, even a parallel structure. The parallel structure is iteratively decomposed into independent sequential branches. Each sequential branch can be evaluated by Eqs. 6 and 7. Then the QoS indicators \( A\), \(R\) of the parallel structure can be defined as Eq. 8:

$$ A = 1 - \mathop \prod \limits_{i = 1}^{n} \left( {1 - A_{i} } \right),R = 1 - \mathop \prod \limits_{i = 1}^{n} \left( {1 - R_{i} } \right) $$

where \(n\) means the number of branches in the parallel structure. \(T\), \(Tp\) can be defined as Eq. 9:

$$ T = {\text{max}}\left( {T_{i} \ldots ,T_{n} } \right),Tp = {\text{min}}\left( {T_{{p_{i} }} \ldots T_{{p_{n} }} } \right) $$

and \(Rp\), \(C\) can be defined as Eq. 10:

$$ Rp = {\raise0.7ex\hbox{${\mathop \sum \nolimits_{i = 1}^{n} R_{{p_{i} }} }$} \!\mathord{\left/ {\vphantom {{\mathop \sum \nolimits_{i = 1}^{n} R_{{p_{i} }} } n}}\right.\kern-\nulldelimiterspace} \!\lower0.7ex\hbox{$n$}},C = \mathop \sum \limits_{i = 1}^{n} C_{i} $$

The comprehensive QoS value for each physical chain is calculated using the weighted summation algorithm, as defined in Eq. 11. The physical chain with the highest QoS value is selected and recommended to users for execution.

$$ QoS = \omega_{0} \times T + \omega_{1} \times Tp + \omega_{2} \times A + \omega_{3} \times R + \omega_{4} \times Rp + \omega_{5} \times C $$

2.3.3 Dynamic Adjustment of the Disaster Model Service Chain (DMSC)

The disaster model physical chain has the possibility of service failure. The analysis of the causes of the service chain failure and the design of the corresponding dynamic adjustment strategies are critical for guaranteeing stable and reliable service chains. The causes for service failure can be summarized into the following two categories: failure of disaster model node, and missing model trigger elements. The Failure of the Disaster Model Node

The uncertainty of remote processing and network transmission is a common cause of physical chain failure. The disaster management platform (DMP) will periodically verify the accessibility of the distributed model, but this mechanism is difficult to completely avoid failures during chain operation. Therefore, when the DMP detected that a disaster node in the physical chain is unresponsive for a long time, it first removes this failed disaster node from the physical chain and sets it as a temporarily invalid model. Then, the DMP calls the QoS evaluation engine to reconstruct the physical chain. Different from initial construction, the disaster model nodes before the failed node have finished invoking, thus their outputs can be directly adapted to other alternative subsequent model nodes. Therefore, the front disaster model nodes are reserved and their QoS indicator values are temporarily adjusted to optimal values. Missing Model Trigger Elements

As mentioned in Sect. 2.2.1, a disaster model is triggered by three indispensable elements: hazard, geographical environment, and exposed units. For instance, Fig. 6 describes an earthquake DMSC with a hazardous chemical accident and tsunami as disaster nodes in the chain. However, the disaster scenario is limited in scope, and there may be no hazardous chemical storage tanks and seawater in the geographic region. Thus, there may be no environment for the hazardous chemical accident model or the hazard may be too weak to induce another disaster (that is, earthquakes of lower magnitude are difficult to induce the tsunami). In this case, the untriggered disaster node and its subsequent nodes in the chain are automatically deleted. The logical chain and the physical chain are both reconstructed.

Fig. 6
figure 6

Dynamic adjustment for model triggers

3 Results

To demonstrate the superiority of the disaster management system, an earthquake disaster chain is chosen as the study case to examine how this system performs the interoperable multi-hazard modeling. The details of the disaster model management service and the disaster model service chain (DMSC) orchestration service are elaborated step by step. The orchestrated DMSC is executed to simulate the complete evolutionary process of the earthquake disaster chain. The quantified simulation results of this chain are visualized comprehensively in the system’s map interface.

3.1 Experimental Area

In recent decades, there has been a rapid emergence of urbanized cities in China with a developed economy, high population density, and complex urban lifeline systems. Potential hazards and disasters in these cities, such as typhoons, floods, landslides, wildfires, traffic incidents, hazardous chemical accidents, and water pollution, pose a significant threat to risk governance. To better elaborate the interoperable multi-hazard modeling procedure of the disaster management system, we choose a real region as an experimental area with some simulated data, where there are woodlands, buildings, traffic networks, and underground gas networks, as shown in Fig. 7.

Fig. 7
figure 7

Experimental area

In the experimental area, frequently occurring earthquake is set as the primary disaster. The earthquake causes ground shaking and is very likely to induce a landslide in areas with loose geological structures. The landslide is destructive, bringing down a large amount of soil from the mountain to the neighboring space, which causes damage to the infrastructure and even threatens lives. For example, the roads near the landslide point are likely to be damaged, causing traffic accidents and resulting in traffic congestion. The gas pipeline and electricity facilities are equally vulnerable to traffic accidents and are susceptible to damage and sparks, which may further ignite nearby trees and shrubs. Modeling the multi-hazard scenario is essential to assist emergency managers to analyze the complex process of the disaster chain and therefore make early prevention or effective rescue.

3.2 Disaster Model Management Service

The disaster management system is aimed at providing flexible and stable multi-hazard modeling services to assist decision making for government emergency management. As one of the most critical modules of the system, the management module proposes a standardized management method to enhance accessibility, reusability, and interoperability of distributed disaster models and facilitate efficient model interaction in the DMSC. On the system management module page (Fig. 8), distributed disaster models from different model providers are clustered into a disaster node by their disaster type. Once a disaster node is clicked, the brief information of the clicked disaster node will be displayed in the information column, such as user identity document (UID), model name, disaster type, function type, provider name, URL address, QoS value, and model description. Through the URL address, users can adopt the WPS operations to refer to detailed model information, like model function, model interface, and others.

Fig. 8
figure 8

System page of a management module

3.3 Disaster Model Service Chain (DMSC) Orchestration Service

The orchestration module can adaptively orchestrate and optimize the DMSC with loosely coupled single-hazard disaster models. First, a disaster keyword extraction subpage is presented for users to describe the disaster scenario with critical model parameters, as shown in Fig. 9a. After clicking the “Next” button, the system emergency semantic engine extracts disaster keywords from the user-provided description text, including the time (9 April 2021 at 10:30 am), location (113.64456, 22.40927), disaster type (earthquake), and model function (disaster simulation). Then the disaster chain rule engine determines the initial disaster node “earthquake” and searches the all-hazard disaster chain rule database to generate the disaster model logical chain with disaster nodes (earthquake, landslide, tsunami, traffic, wildfire, flood, hazardous chemicals, and water pollution). The preliminary logical chain can be pruned by users to remove unimportant disaster nodes, such as tsunamis and floods, as Fig. 9b shows. Afterward, the QoS evaluation engine retrieves the optimal model combination among the candidate disaster model cluster and lists the physical chains with top QoS performance. Users can select a preferred physical chain and click the “Execute” button to run the physical chain.

Fig. 9
figure 9

Disaster model service chain (DMSC) orchestration with user-provided description text. a Disaster keywords extraction; b Logical chain orchestration

After receiving the user’s “Next” request, the system sends the model execution request to each model provider according to the disaster model nodes in the physical chain. In this case study, there are no hazardous chemical elements in the experimental area, thus the hazardous chemical accident node fails to respond during the execution due to the mismatch between the disaster model and disaster scenario. Under the protection of the dynamic adjustment mechanism, the failed node and the subsequent disaster nodes will be removed. Then the logical and physical chains are dynamically reconstructed, providing stable DMSC for users.

3.4 Disaster Model Service Chain (DMSC) Result

The interfaces of each disaster model node in the physical chain comply with the DMML schema. As shown in Fig. 10, the disaster model interaction process of the reconstructed DMSC with earthquake (Shuai et al. 2020), landslide (Yang et al. 2020), traffic (Sanchez-Gonzalez et al. 2020), and wildfire (Jiang et al. 2021) is presented in four phases.

Fig. 10
figure 10

Interactions between disaster models in the disaster model service chain (DMSC). a Earthquake model. This model is the initial hazard node and able to calculate the spatial extent and impacted area of different hazard intensities; b Landslide model. It is triggered by the earthquake model and can predict the landslide geographic range and the risk level of the monitoring sites; c Traffic model. Affected by the landslide, this model is activated to simulate the traffic flow on each road and warn of impending congestion; d Wildfire model. Sparks can be generated in the multi-hazard scenario and can ignite plants of the woodland, and this model is able to simulate the spatiotemporal range of the wildfire. DMP Disaster management platform. DMML Disaster model markup language

3.4.1 The First Phase, Earthquake Model

The system extracts the input parameters (focus: [113.64456, 22.40927], magnitude: 3, depth: 5 km) for the primary earthquake disaster from the user-provided description text, encapsulates them in the DMML format, and sends them as a request to the earthquake model. The provider accepts the request, executes the model, and returns the geographic range of different intensity zone to the system. As shown in Fig. 10 (1), the impact area of intensity level 6, 7, and 8 are all approximately elliptical, with an area of 4248.85 km2, 794.69 km2, and 23.83 km2 respectively. The highest intensity has the smallest impact area but causes most serious damage to surface targets, such as buildings and mountainous areas with steep slopes.

3.4.2 The Second Phase, Landslide Model

In the second phase, the system extracts intensity results from the earthquake model output, integrates with required weather data, and encapsulates them as a DMML-based request to execute the landslide model. The model provider runs and returns the landslide geographic range and the risk level of the geological monitoring sites to the system. Three sites are evaluated in this case study and the result shows that the Shenzhen University Town site has the highest risk level of a landslide (Fig. 10 (2)). Besides, the predicted extent of the landslide (yellow zone) impacts adjacent roads, resulting in a high probability of traffic accidents.

3.4.3 The Third Phase, Traffic Model

In the third phase, a request with the impact area from the landslide model output is submitted to traffic model provider. The model is executed to obtain predictions for the impact on the traffic flow caused by the landslide. Figure 10 (3) shows the simulated results of 411 roads in the study area, with three states (free road: green; slow road: orange; and congested road: red) showing different traffic congestion level. Once the roads are damaged by landslide, the number of congested roads significantly increases with time. The simulated result shows that 50 roads are congested within 30 minutes.

3.4.4 The Fourth Phase, Wildfire Model

In the fourth phase, the system submits a request to the wildfire model provider with required inputs and data from the traffic model output. The wildfire model is executed and returns the spatiotemporal range of the wildfire to the system. As shown in Fig. 10 (4), the wildfire spreads from the center of the map (yellow polygon with red fill). The simulated result shows that the forest burned area gradually increases with time, reaching 66.27 acres after three hours. Figure 11 presents the simulated result of the earthquake DMSC with the disaster management system. These simulation results are crucial for comprehensive and accurate situational analysis for complex disaster scenarios, assisting emergency agencies to control the evolution of disaster chains in time and reduce disaster losses.

Fig. 11
figure 11

Simulated result of the earthquake-induced multi-hazard disaster model service chain (DMSC)

4 Discussion

A natural hazard-related disaster event often contains multiple hazards and induces a series of secondary disasters. Besides, the spatiotemporal evolution of a multi-hazard disaster event is complicated and uncertain. A small change can trigger different secondary disasters then form different disaster chains. Multi-hazard modeling and simulation play a key role in disaster management decision making. However, traditional tightly coupled method of multi-hazard modeling is not capable to adjust to the changes in complex multi-hazard scenarios or flexible to integrate different types of disaster. To meet the needs of risk reduction and urban resilience under diverse disaster scenarios, we develop a disaster management system with the concept of DMSC to support multi-hazard modeling. The system provides a management module to publish diverse single-hazard models as standardized OGC WPS services with unified service paradigms and interface specifications, facilitating efficient model communication in DMSCs. In addition, the system provides a service orchestration module to build and optimize DMSCs following disaster chain rules and the QoS evaluation method. In this work, we conducted a case study of an earthquake-induced multi-hazard event in China. The system orchestrates, optimizes, and executes a loosely coupled DMSC with an earthquake as the primary disaster based on user-provided disaster descriptions. The case study elaborates the multi-hazard disaster modeling process in the system and demonstrates the benefits of using DMSC in multi-hazard modeling.

Compared with traditional multi-hazard modeling approaches with specific disaster types and fixed chain structures, the system provides more flexibility to simulate diverse multi-hazard scenarios and addresses web service chain stability issues, significantly lowering the barrier to multi-hazard modeling and risk assessment. For each simulation, the system first calls the disaster chain rule engine to generate the logical chain, and then optimizes the logical chain through the QoS evaluation engine to generate the optimized physical chain for final execution. The logical chain is created by a data-driven disaster network instead of experts’ experience, allowing more types of disaster to be considered and providing flexibility on chain orchestration. The tightly coupled multi-hazard chains always fail when the trigger element of a disaster node is missing or incomplete. For example, the experimental area of the earthquake case in this study has no chemical storage tank, which means that the crucial trigger element and exposed units are lacking to invoke the hazardous chemical model. The chain would fail to execute if models were coupled in the traditional tight way. Due to the loosely coupled method, our system can adaptively reconstruct the disaster chain to remove the hazardous chemical node.

Besides, the single-hazard model services in the system can be reused and adaptively orchestrated to form different DMSCs to support diverse scenario simulation. Each disaster node in a DMSC is a standardized OGC WPS and these disaster nodes communicate with each other in unified interface specification DMML. Besides, this system can reduce significant repetitive model development efforts by publishing existing single-hazard models as OGC WPS in the system without needing to change any codes in them, enabling simpler service maintenance. Moreover, with the benefits of the OGC WPS, hazard models with different programming languages over different computational platforms can communicate with each other and be connected to form a model chain.

Last, quantitative multi-hazard modeling provides comprehensive and accurate situational analysis for complex disaster scenarios, assisting emergency agencies with controlling the spatiotemporal evolution of disaster chains in time, and reducing damages and losses caused by disasters. In addition to multi-hazard modeling and simulation, the system provides interactive graphic user interfaces to visualize data and simulation results on a map. The system can effectively assist emergency agencies for pre-disaster preparedness, disaster impact assessment, and post-disaster recovery. For instance, the protection facilities in high-risk landslide monitoring sites need to be enhanced to avoid soil sliding onto roads and causing traffic congestion. Potential fire sources near forests need to be monitored and even eliminated. The traffic accident-prone roads should be given more attention and traffic design should be further improved.

5 Conclusion

Existing disaster modeling research mainly focuses on single-hazard modeling or integrating models for specific scenarios, and seldom considers developing a unified system to flexibly chain heterogeneous disaster models for multi-hazard scenarios. In this study, with the concept of DMSC, we leverage the OGC WPS specification and develop a disaster management system to support multi-hazard modeling and simulation and interactive graphical user interfaces for results visualization. With a case study of an earthquake-induced multi-hazard event, we demonstrate the potential contributions of this system in assisting decision making for government emergency agencies to take accurate rescue actions and reduce disaster losses.

The next step of this study is to improve the DMSC-based disaster management system by including more disaster models to fully demonstrate the utility and understand the limitations of this system. First, the current system provides four types of disaster (earthquake, landslide, traffic, and wildfire) with a single-hazard model for each disaster type. We plan to integrate more disaster types with more model options for each type of disaster in the system to support various multi-hazard disaster scenarios. Second, the DMML schema is designed based on the disaster system theory to standardize model interfaces. However, it is still difficult to fully describe the inputs and outputs of different disaster models due to their diversity and complexity. It is necessary to further optimize the DMML schema with consideration of its application in other disaster domains. Third, QoS evaluation is essential for DMSC orchestration and optimization. The QoS evaluation method used in this study focuses on network performance without considering indicators of model accuracy or other aspects. This is mainly due to the difficulty in defining unified benchmarks for model accuracy among different disaster domains. Improving the QoS evaluation method by considering more indicators to better assess the superiority of different disaster models is also one of our future research directions.