Digital Twins (DTs) can be conceptualized as a technology that improves processes, predicts failures, and spots abnormal situations. For these reasons, DTs are becoming pivotal players in the global digitalisation trend that is affecting our economy, industry and society. Capable of virtualizing and simulating physical world assets to empower innovative optimization actions in many of today's application domains, the adoption of DT devices brings resilience and cybersecurity benefits in various application scenarios. Through its offline and online simulation capabilities, DT devices provide attractive services, particularly: predictive maintenance, real-time monitoring, remote control, process optimization, security management, failure analysis and tracking, strategy evaluation, health monitoring, risk management, training, and cybersecurity. In line with the above, this ECSO technical paper explores the definition of Digital Twin, its limitations and technical dependencies, presenting challenges that the technology is currently encountering, in primis in the area of cybersecurity. First and foremost, this ECSO WG6 Paper analyses discusses four different use cases covering the applications of DTS, intended as cyber-physical synergy, across a broad variety of sectors, inter alia: business, education and skills, collaborative industries, industrial cybersecurity. Later, emphasis will be placed on the DT architectures and frameworks designed largely by academic organizations and entities. In addition, to fully understand the relevance of DTs, two crucial aspects of the aforementioned technology are examined: on the one hand, the simulation capabilities of DTs as a resource for cybersecurity solutions, and on the other hand, the virtualization of DTs as a one-stop laboratory to develop, validate and test security approaches to lead mitigation and preventive actions. Given the breadth of the attack surface that characterizes DTs, the second part of the research aims to bring to light a set of recommendations and best practice guidelines to be considered in the near future in order to configure and implement reliable and secure DTs. Specifically, the paper outlines security requirements, in line with the cybersecurity framework provided by National Institute of Standards and Technology (NIST), that both practitioners and IT/OT security experts should consider in order to avoid potential attack scenarios. Finally, ECSO WG6 provides a set of recommendations to assist various stakeholders in governing the intricate and dynamic nature of DTs. Overall, it is safe to state that this ECSO technical paper outlines the current state of the technology and its demand from the perspective of research, industry and society.
Cristina Alcaraz (University of Malaga), A.S. (2023). ECSO Technical Paper on Digital Twin Security. Brussels : European Cyber Security Organisation (ECSO).
ECSO Technical Paper on Digital Twin Security
Andrea MelisMembro del Collaboration Group
;Franco CallegatiMembro del Collaboration Group
;Marco PrandiniMembro del Collaboration Group
;
2023
Abstract
Digital Twins (DTs) can be conceptualized as a technology that improves processes, predicts failures, and spots abnormal situations. For these reasons, DTs are becoming pivotal players in the global digitalisation trend that is affecting our economy, industry and society. Capable of virtualizing and simulating physical world assets to empower innovative optimization actions in many of today's application domains, the adoption of DT devices brings resilience and cybersecurity benefits in various application scenarios. Through its offline and online simulation capabilities, DT devices provide attractive services, particularly: predictive maintenance, real-time monitoring, remote control, process optimization, security management, failure analysis and tracking, strategy evaluation, health monitoring, risk management, training, and cybersecurity. In line with the above, this ECSO technical paper explores the definition of Digital Twin, its limitations and technical dependencies, presenting challenges that the technology is currently encountering, in primis in the area of cybersecurity. First and foremost, this ECSO WG6 Paper analyses discusses four different use cases covering the applications of DTS, intended as cyber-physical synergy, across a broad variety of sectors, inter alia: business, education and skills, collaborative industries, industrial cybersecurity. Later, emphasis will be placed on the DT architectures and frameworks designed largely by academic organizations and entities. In addition, to fully understand the relevance of DTs, two crucial aspects of the aforementioned technology are examined: on the one hand, the simulation capabilities of DTs as a resource for cybersecurity solutions, and on the other hand, the virtualization of DTs as a one-stop laboratory to develop, validate and test security approaches to lead mitigation and preventive actions. Given the breadth of the attack surface that characterizes DTs, the second part of the research aims to bring to light a set of recommendations and best practice guidelines to be considered in the near future in order to configure and implement reliable and secure DTs. Specifically, the paper outlines security requirements, in line with the cybersecurity framework provided by National Institute of Standards and Technology (NIST), that both practitioners and IT/OT security experts should consider in order to avoid potential attack scenarios. Finally, ECSO WG6 provides a set of recommendations to assist various stakeholders in governing the intricate and dynamic nature of DTs. Overall, it is safe to state that this ECSO technical paper outlines the current state of the technology and its demand from the perspective of research, industry and society.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.