Time-sensitive networking is set to play a pivotal role in the evolution of modern industrial and 5G networks, enabling them to meet the strictest communication requirements for guaranteed low latency and high reliability. Given the critical and complex environments in which TSN will be deployed, such as industrial automation, autonomous systems, and mission-critical applications, ensuring robust protection against security threats becomes an essential design consideration. The inherent low-latency and deterministic characteristics of TSN, while beneficial for performance, also introduce unique vulnerabilities that attackers could exploit. Consequently, safeguarding time-sensitive networks is fundamental to their successful implementation and reliability in real-world applications. In this paper, we present a flexible and reconfigurable Digital Twin for TSN protocol validation and security testing. Its deployment in different and heterogeneous testing scenarios is fully automated via the Infrastructure as Code approach. Our proposed TSN Digital Twin employs advanced virtualization technologies and network emulation tools to replicate the stringent requirements of TSN. It also implements advanced Linux queuing disciplines to emulate TSN scheduling and traffic shaping. Finally, we assess the potential for adaptability of the proposed architecture for TSN security testing by simulating two attack scenarios derived from the TSN STRIDE threat model.
Melis, A., Giovine, A., Rinieri, L. (2025). Time-Sensitive Networking Digital Twin for STRIDE-based security testing. EURASIP JOURNAL ON INFORMATION SECURITY, 2025(1), 1-16 [10.1186/s13635-025-00213-7].
Time-Sensitive Networking Digital Twin for STRIDE-based security testing
Melis, Andrea;Giovine, Andrea;Rinieri, Lorenzo
2025
Abstract
Time-sensitive networking is set to play a pivotal role in the evolution of modern industrial and 5G networks, enabling them to meet the strictest communication requirements for guaranteed low latency and high reliability. Given the critical and complex environments in which TSN will be deployed, such as industrial automation, autonomous systems, and mission-critical applications, ensuring robust protection against security threats becomes an essential design consideration. The inherent low-latency and deterministic characteristics of TSN, while beneficial for performance, also introduce unique vulnerabilities that attackers could exploit. Consequently, safeguarding time-sensitive networks is fundamental to their successful implementation and reliability in real-world applications. In this paper, we present a flexible and reconfigurable Digital Twin for TSN protocol validation and security testing. Its deployment in different and heterogeneous testing scenarios is fully automated via the Infrastructure as Code approach. Our proposed TSN Digital Twin employs advanced virtualization technologies and network emulation tools to replicate the stringent requirements of TSN. It also implements advanced Linux queuing disciplines to emulate TSN scheduling and traffic shaping. Finally, we assess the potential for adaptability of the proposed architecture for TSN security testing by simulating two attack scenarios derived from the TSN STRIDE threat model.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
