A Cyber Digital Twin Framework to Support Cyber-Physical Systems Security

Abstract—Cyber-Physical Systems (CPSs) cybersecurity faces several challenges due to the complexity and interconnectedness of involved Information Technology (IT) and Operational Technology (OT) systems, the need to balance safety and security, and the rapid pace of technological change, requiring continuous risk assessment, monitoring, testing and mitigation to ensure their resilience against evolving cyber threats. Unfortunately, due to the criticality of involved systems, some security-related activities such as security testing or patch management may interfere with the correct system operation. Moreover, costs related to security are typically high which may complicate things further. The recent adoption of the emerging Digital Twin technology for cybersecurity purposes allows cybersecurity experts to identify vulnerabilities and develop strategies to prevent and respond to cyber threats in a safe and controlled environment, and in a cost-effective way. The so-called Cyber Digital Twin (CDT) is a cybersecurity-oriented virtual replica of a system, network, or device that can be used, for example, to simulate potential cyber attacks and test security measures. A comprehensive CDT framework for CPS systems is presented in this paper, designed to support multiple cybersecurity objectives by suitably extending the core functionalities offered by a generic Digital Twin. To show the effectiveness of our proposal, we discuss the implementation of a proof of concept leveraging the MiniCPS simulator as the core simulation engine and aimed at offering intrusion detection and security testing services.

Index Terms—Cyber Digital Twins, Sensors, Modelling, Attack simulations, security controls, Security Services