Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
97 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Digital Twins and the Future of their Use Enabling Shift Left and Shift Right Cybersecurity Operations (2309.13612v1)

Published 24 Sep 2023 in cs.CR and cs.ET

Abstract: Digital Twins (DTs), optimize operations and monitor performance in Smart Critical Systems (SCS) domains like smart grids and manufacturing. DT-based cybersecurity solutions are in their infancy, lacking a unified strategy to overcome challenges spanning next three to five decades. These challenges include reliable data accessibility from Cyber-Physical Systems (CPS), operating in unpredictable environments. Reliable data sources are pivotal for intelligent cybersecurity operations aided with underlying modeling capabilities across the SCS lifecycle, necessitating a DT. To address these challenges, we propose Security Digital Twins (SDTs) collecting realtime data from CPS, requiring the Shift Left and Shift Right (SLSR) design paradigm for SDT to implement both design time and runtime cybersecurity operations. Incorporating virtual CPS components (VC) in Cloud/Edge, data fusion to SDT models is enabled with high reliability, providing threat insights and enhancing cyber resilience. VC-enabled SDT ensures accurate data feeds for security monitoring for both design and runtime. This design paradigm shift propagates innovative SDT modeling and analytics for securing future critical systems. This vision paper outlines intelligent SDT design through innovative techniques, exploring hybrid intelligence with data-driven and rule-based semantic SDT models. Various operational use cases are discussed for securing smart critical systems through underlying modeling and analytics capabilities.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (43)
  1. Y. Wang, M. C. Vuran, and S. Goddard, “Cyber-physical systems in industrial process control,” SIGBED Rev., vol. 5, jan 2008.
  2. M. Jafari, A. Kavousi-Fard, T. Chen, and M. Karimi, “A review on digital twin technology in smart grid, transportation system and smart city: Challenges and future,” IEEE Access, vol. 11, pp. 17471–17484, 2023.
  3. T. E. U. A. for Cybersecurity (ENISA), “Enisa threat landscape 2022,” tech. rep., ENISA, 2022.
  4. J. Hajda, R. Jakuszewski, and S. Ogonowski, “Security challenges in industry 4.0 plc systems,” Applied Sciences, vol. 11, no. 21, 2021.
  5. C. R. Service, “Colonial pipeline: The darkside strikes,” 2021.
  6. S. Gupta, “Taxonomy of the attack on solarwinds and its supply chain,” 2020.
  7. M. Giles, “Triton is the world’s most murderous malware, and it’s spreading,” 2019.
  8. W. Duo, M. Zhou, and A. Abusorrah, “A survey of cyber attacks on cyber physical systems: Recent advances and challenges,” IEEE/CAA Journal of Automatica Sinica, vol. 9, no. 5, pp. 784–800, 2022.
  9. Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; emerging trends and recent developments,” Energy Reports, vol. 7, pp. 8176–8186, 2021.
  10. G. S. A. ISA, “Aan overview of isa/iec 62443 standards security of industrial automation and control systems,” tech. rep., Security of Industrial Automationand Control Systems, 2023.
  11. National Institute of Standards and Technology, “The NIST Cybersecurity Framework 2.0 ,” 2023.
  12. B. R. Barricelli, E. Casiraghi, and D. Fogli, “A survey on digital twin: Definitions, characteristics, applications, and design implications,” IEEE Access, vol. 7, pp. 167653–167671, 2019.
  13. M. Schluse and J. Rossmann, “From simulation to experimentable digital twins: Simulation-based development and operation of complex technical systems,” in 2016 IEEE international symposium on systems engineering (ISSE), pp. 1–6, IEEE, 2016.
  14. F. Pires, A. Cachada, J. Barbosa, A. P. Moreira, and P. Leitão, “Digital twin in industry 4.0: Technologies, applications and challenges,” in 2019 IEEE 17th International Conference on Industrial Informatics (INDIN), vol. 1, pp. 721–726, IEEE, 2019.
  15. D. Holmes, M. Papathanasaki, L. Maglaras, M. A. Ferrag, S. Nepal, and H. Janicke, “Digital twins and cyber security–solution or challenge?,” in 2021 6th South-East Europe Design Automation, Computer Engineering, Computer Networks and Social Media Conference (SEEDA-CECNSM), pp. 1–8, IEEE, 2021.
  16. T. J. Williams, “The purdue enterprise reference architecture,” Computers in Industry, vol. 24, no. 2, pp. 141–158, 1994.
  17. A. Alhariry, S. Brown, D. Eshenbaugh, N. Whitt, and A. F. Browne, “A survey of sensing methodologies in smart grids,” in SoutheastCon 2021, pp. 1–5, 2021.
  18. M. N. Nafees, N. Saxena, A. Cardenas, S. Grijalva, and P. Burnap, “Smart grid cyber-physical situational awareness of complex operational technology attacks: A review,” ACM Computing Surveys, vol. 55, no. 10, 2023.
  19. D. G. Pivoto, L. F. de Almeida, R. da Rosa Righi, J. J. Rodrigues, A. B. Lugli, and A. M. Alberti, “Cyber-physical systems architectures for industrial internet of things applications in industry 4.0: A literature review,” Journal of Manufacturing Systems, vol. 58, pp. 176–192, 2021.
  20. C. Scordino, I. M. Savino, L. Cuomo, L. Miccio, A. Tagliavini, M. Bertogna, and M. Solieri, “Real-time virtualization for industrial automation,” in 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), vol. 1, pp. 353–360, 2020.
  21. M. Cinque, D. Cotroneo, L. De Simone, and S. Rosiello, “Virtualizing mixed-criticality systems: A survey on industrial trends and issues,” Future Generation Computer Systems, vol. 129, pp. 315–330, 2022.
  22. P. Empl, D. Schlette, D. Zupfer, and G. Pernul, “Soar4iot: Securing iot assets with digital twins,” in Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES ’22, (New York, NY, USA), Association for Computing Machinery, 2022.
  23. R. Khan, K. McLaughlin, D. Laverty, and S. Sezer, “Stride-based threat modeling for cyber-physical systems,” in 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), pp. 1–6, 2017.
  24. Cham: Springer International Publishing, 2020.
  25. W. Tärneberg, P. Skarin, C. Gehrmann, and M. Kihl, “Prototyping intrusion detection in an industrial cloud-native digital twin,” in 2021 22nd IEEE International Conference on Industrial Technology (ICIT), vol. 1, pp. 749–755, 2021.
  26. P. Empl and G. Pernul, “Digital-twin-based security analytics for the internet of things,” Information, vol. 14, no. 2, 2023.
  27. A. Patel, T. Schenk, S. Knorn, H. Patzlaff, D. Obradovic, and A. B. Halblaub, “Real-time, simulation-based identification of cyber-security attacks of industrial plants,” in 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 267–272, 2021.
  28. M. Eckhart and A. Ekelhart, “Towards security-aware virtual environments for digital twins,” in Proceedings of the 4th ACM Workshop on Cyber-Physical System Security, CPSS ’18, (New York, NY, USA), p. 61–72, Association for Computing Machinery, 2018.
  29. Q. Xu, S. Ali, and T. Yue, “Digital twin-based anomaly detection in cyber-physical systems,” in 2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST), pp. 205–216, 2021.
  30. S. A. Varghese, A. D. Ghadim, A. Balador, Z. Alimadadi, and P. Papadimitratos, “Digital twin-based intrusion detection for industrial control systems,” in 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), IEEE, mar 2022.
  31. M. Vielberth, M. Glas, M. Dietz, S. Karagiannis, E. Magkos, and G. Pernul, “A digital twin-based cyber range for soc analysts,” in Data and Applications Security and Privacy XXXV (K. Barker and K. Ghazinour, eds.), (Cham), pp. 293–311, Springer International Publishing, 2021.
  32. E. C. Balta, M. Pease, J. Moyne, K. Barton, and D. M. Tilbury, “Digital twin-based cyber-attack detection framework for cyber-physical manufacturing systems,” IEEE Transactions on Automation Science and Engineering, pp. 1–18, 2023.
  33. M. Austin, P. Delgoshaei, M. Coelho, and M. Heidarinejad, “Architecting smart city digital twins: Combined semantic model and machine learning approach,” Journal of Management in Engineering, vol. 36, no. 4, p. 04020026, 2020.
  34. G. Apruzzese, P. Laskov, E. Montes de Oca, W. Mallouli, L. Brdalo Rapa, A. V. Grammatopoulos, and F. Di Franco, “The role of machine learning in cybersecurity,” Digital Threats, vol. 4, mar 2023.
  35. A. Kucharavy, Z. Schillaci, L. Maréchal, M. Würsch, L. Dolamic, R. Sabonnadiere, D. P. David, A. Mermoud, and V. Lenders, “Fundamentals of generative large language models and perspectives in cyber-defense,” 2023.
  36. OpenAI, “ChatGPT: A Language Model for Conversational AI,” tech. rep., OpenAI, 2023.
  37. X. Zheng, J. Lu, and D. Kiritsis, “The emergence of cognitive digital twin: vision, challenges and opportunities,” International Journal of Production Research, vol. 60, no. 24, pp. 7610–7632, 2022.
  38. M. McDonald, J. Mulder, B. Richardson, R. Cassidy, A. Chavez, N. Pattengale, G. Pollock, J. Urrea, M. Schwartz, W. Atkins, et al., “Modeling and simulation for cyber-physical system security research, development and applications,” Sandia National Laboratories, Tech. Rep. Sandia Report SAND2010-0568, 2010.
  39. M. M. Yamin, B. Katt, and V. Gkioulos, “Cyber ranges and security testbeds: Scenarios, functions, tools and architecture,” Computers & Security, vol. 88, p. 101636, 2020.
  40. T. Debatty and W. Mees, “Building a cyber range for training cyberdefense situation awareness,” in 2019 International Conference on Military Communications and Information Systems (ICMCIS), pp. 1–6, 2019.
  41. S. Suhail, R. Hussain, R. Jurdak, and C. S. Hong, “Trustworthy digital twins in the industrial internet of things with blockchain,” IEEE Internet Computing, vol. 26, no. 3, pp. 58–67, 2022.
  42. D. Arp, E. Quiring, F. Pendlebury, A. Warnecke, F. Pierazzi, C. Wressnegger, L. Cavallaro, and K. Rieck, “Dos and don’ts of machine learning in computer security,” in 31st USENIX Security Symposium (USENIX Security 22), pp. 3971–3988, 2022.
  43. Z. Zhang, H. Al Hamadi, E. Damiani, C. Y. Yeun, and F. Taher, “Explainable artificial intelligence applications in cyber security: State-of-the-art in research,” IEEE Access, 2022.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (4)
  1. Ahmad Mohsin (7 papers)
  2. Helge Janicke (38 papers)
  3. Surya Nepal (115 papers)
  4. David Holmes (36 papers)
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now