Digital twins and their potential for OT security

A digital twin is a virtual representation of a real system or device. It accompanies its physical counterpart during its entire life cycle. Tests, optimization procedures and bug hunting can be carried out on the twin first without involving the real device (that may not even exist at that moment). In this article, I want to give you some recommendations on how to harness that potential for improving upon the state of OT security (Operational Technology Security), e.g., within manufacturing or building automation.

A new hope for better and more secure OT systems

Ensuring security often means running security tests or rolling-out new security controls on a system. Maintaining a high or even sufficient level of security is challenging, especially when the protected system is required to operate in the field for a long period of time, for example up to 25 and more years in manufacturing. A digital twin may very well be the solution: It allows you to do a lot of security testing before even touching the real system [1]. This security testing can include automatic, periodical testing or penetration and system testing. A system can be checked for hardware and software misconfigurations. Running these tests on the digital twin gives you the benefit of a more realistic estimation on how the system might behave in real life. Furthermore, damage done to the digital twin does not affect operation as the twin can be easily reset. Another prominent use case for digital twins in OT security are intrusion detection and prevention systems that monitor networks for malicious activity. As large amounts of data are required for training their detection mechanisms, digital twins can produce that data and help in training the intrusion detection systems before deployment.

True digital twins are hard to find

Admittedly, the application of digital twins for improving security (and for general purposes) is currently limited. A proper digital twin requires a continuous stream of high-resolution data. This stream of data comes from multiple sources and is changing during the life cycle of the system. Initially, the data may stem from engineering and development tools; later, it may come from the deployed system during its operation in the field. Data of sufficiently high resolution and in adequate quantity (speaking of big data) is key for many use cases in digital twinning. In research, there are many testing environments that use simulation techniques to mimic a real-life counterpart [2]. However, it is hard to find an evaluation that really shows how closely they mimic their real-life counterpart [3]. Finding a method to achieve a sufficiently high level of data resolution (known as fidelity) is a research question that remains to be solved –  at least for the moment. This should be kept in mind when considering possible applications of digital twins for OT security. It appears to be a computer or network engineering challenge as well as an organizational challenge that needs to be tackled before talking about security in greater detail [4].

Fig. 1: Simulation of our production line at Fraunhofer AISEC used to study digital twins.

Future research directions - a step-by-step approach

Since digital twins are rare at this time, different methods can be considered when developing digital twins [5]. Our goal are developments towards digital twins that are beneficial to OT security. With this in mind, we outline a possible development roadmap.

As not all parts of a complex system, e.g., as seen in Figure 1, are equally relevant for studying a given use case, different levels of data resolution can be applied to different system components. An example for this is penetration testing of programmable logic controllers (PLCs) as seen in Figure 2. The twins of PLCs need to mimic the real device more accurately than device twins that are not directly the target of the test. This varying level of realism can be realized with a variety of techniques such as emulation or virtualization. Given further improvements in big data acquisition from industrial environments, digital twins can emerge from that in the future.

Fig. 2: OT equipment of our production line at Fraunhofer AISEC.

[1] Eckhart, M., & Ekelhart, A. (2019). Digital twins for cyber-physical systems security: State of the art and outlook. Security and Quality in Cyber-Physical Systems Engineering, 383-412.

[2] Ani, U. P. D., Watson, J. M., Green, B., Craggs, B., & Nurse, J. R. (2021). Design Considerations for Building Credible Security Testbeds: Perspectives from Industrial Control System Use Cases. Journal of Cyber Security Technology,5(2), 71-119.

[3] Kayan, H., Nunes, M., Rana, O., Burnap, P., & Perera, C. (2022). Cybersecurity of industrial cyber-physical systems: a review. ACM Computing Surveys (CSUR), 54(11s), 1-35.

[4] Giehl, A., Wiedermann, N., Gholamzadeh, M. T., & Eckert, C. (2020, August). Integrating security evaluations into virtual commissioning. In2020 IEEE 16th International Conference on Automation Science and Engineering (CASE)(pp. 1193-1200). IEEE.

[5] Jones, D., Snider, C., Nassehi, A., Yon, J., & Hicks, B. (2020). Characterisingthe Digital Twin: A systematic literature review.CIRP Journal of Manufacturing Science and Technology,29, 36-52.

Additional Information
Author
Autorenfoto_Giehl
Alexander Giehl

Alexander Giehl has worked at Fraunhofer AISEC since 2013, where he specializes in improving cybersecurity via modelling and simulation. He focuses on secure embedded systems, security in manufacturing and automotive, digital twins, as well as general cybersecurity and management systems. In addition, he supervised the research project »IUNO Insec« developing cybersecurity solutions for SMEs funded by the German Federal Ministry of Education and Research (BMBF).

Most Popular

Never want to miss a post?

Please submit your e-mail address to be notified about new blog posts.
 
Bitte füllen Sie das Pflichtfeld aus.
Bitte füllen Sie das Pflichtfeld aus.
Bitte füllen Sie das Pflichtfeld aus.

* Mandatory

* Mandatory

By filling out the form you accept our privacy policy.

Leave a Reply

You have to agree to the comment policy.

Other Articles

Digital twins and their potential for OT security

A digital twin is a virtual representation of a real system or device. It accompanies its physical counterpart during its entire life cycle. Tests, optimization procedures and bug hunting can be carried out on the twin first without involving the real device (that may not even exist at that moment). In this article, I want to give you some recommendations on how to harness that potential for improving upon the state of OT security (Operational Technology Security), e.g., within manufacturing or building automation.

Read More »

Post-quantum cryptography in practice

The threat posed by quantum computers to the asymmetric cryptography in use today has been well known in the scientific community for more than 25 years, since Peter Shor published a polynomial algorithm for prime factorization to solve the discrete logarithm on a quantum computer. In recent years, crypto experts have increasingly been warning of the progress that is being made in quantum computing and its relevance for cryptography.

Research on post-quantum cryptography (PQC) at the Fraunhofer Institute for Applied and Integrated Security AISEC aims to enable businesses, government bodies and citizens to continue to have access to usable cryptography that will remain secure in the long term so they can keep their data secure. This blog article provides a brief overview of four ongoing projects.

Read More »

Digital identities — a statement by our expert Marian Margraf for the German Federal Parliament’s Committee on Digital Affairs

On July 4, 2022, the Committee on Digital Affairs held a public hearing on “Digital identities” at the German Federal Parliament (Bundestag). Our expert Marian Margraf, Head of Secure Systems Engineering at Fraunhofer AISEC and Professor at Freie Universität Berlin, was invited to the event. He addressed in particular the use of the self-sovereign identity (SSI) principle in current solutions, for example in mobile end devices. In addition to the challenges presented by the widespread use of digital identities, he also outlined possible solutions for electronic trust services that are both secure and socially accepted. This blog article is an abridged transcript of his statement.

Read More »

Innovating with security: Fraunhofer AISEC launches its cybersecurity blog

The cybersecurity blog goes live: Fraunhofer AISEC’s new blog is presenting exciting topics from the IT security research world in a new format: Expect fascinating content from the areas of trusted AI, trusted electronics, quantum computing and much more. The mega-trend of digitalization is becoming increasingly important to both the economy and society. Networked infrastructures and sensitive data need to be protected, while attacks by cybercriminals must be detected and prevented. More than 100 experts at the Fraunhofer Institute for Applied and Integrated Security AISEC are developing cybersecurity concepts and solutions that are necessary to achieve this. This blog will

Read More »