Digital Twins
NICS Lab adapts the Digital Twin (DT) concept to its research portfolio in order to deepen the role and use of ‘simulation’ in the field of cybersecurity and from a dual perspective: (i) how to protect critical systems using DT technology and (ii) how to use such technology from a secure and reliable manner.
The challenge begins with SADECEI-4.0, corresponding to the Leonardo 2019 Grant for Researchers and Cultural Creators, which is one of the most prestigious and competitive at national level. Through this grant, NICS Lab produces its first DT model capable of concentrating all the situational awareness supported by related technologies (AI, edge-cloud, blockchain and virtualization) with the ability to favour the detection and traceability of anomalous events. Since then, the team has expanded its competences to participate in national and European R&D projects, collaborating intensively with private and public entities, and producing a number of relevant research results to demonstrate the real use of the technology for protection, but also its security risks that may affect various strategic sectors and organisations, including SMEs and those especially interconnected through DTs.
Thus, within the DT portfolio, we have broadened the concept of the technology to explore its effectiveness in various fields of application, such as manufacturing, corporative networks and communication systems. But we have also experienced the duality that DT adopts from a security point of view, which makes NICS Lab’s role in these R&D projects particularly versatile:
Research lines
- 5G Security
- Applied Cryptography
- Blockchain
- Cloud Computing Security
- Critical Infrastructures Protection
- Cyber Defense
- Cyber intelligence
- Digital Forensics and Malware Analysis
- Digital Twins
- Identity and Privacy Management
- Industrial Security
- Non-Repudiation
- Privacy Technologies
- RFID
- Secure Edge-Cloud Continuum
- Secure IoT
- Secure Software & Service Engineering
- Trust & Reputation Management
- Protect the DT against attacks: The research team has carried out several studies on the secure deployment of technology in critical domains and its access control, but also the design of an interconnection platform that allows secure and efficient communications between twins assuming the added difficulties and required by the new industrial paradigms like Industry 5.0. In particular, through SEGRES, NICS Lab has been involved in secure access between DT-based communities, facilitating the federation between systems via their respective DTs as well as the exchange of data to improve the transfer of digital models and intelligence between communities.
Access control is certainly relevant today, and is also reflected in the analytical studies carried out within Digital Aero. In this project, NICS Lab has contributed to the extraction of relevant security requirements, but also to the specification of tests to validate the security of the DT proposed within Digital Aero with application in aeronautical manufacturing systems. However, all of these analyses take a much more pragmatic view in SecTwin 5.0, where a set of security components are designed to be integrated into a common platform, which aims to interconnect twins without discarding the Industry 5.0 human-centricity and sustainability.
- Protect infrastructures through DTs: Here, NICS Lab models and experiments with some practical simulation-based approaches in order to demonstrate the actual utility of DT technology for situational awareness and resilience – both priority areas for active cyber defence. In AIAS, NICS Lab aims to demonstrate how simulation-based deception can be relevant for proactive defence, which can be supported by other related technologies such as virtual personas and high-interaction honeypots. The same is true for SecTwin 5.0, but concentrating the deception on a virtual copy of the interconnection platform, through which it is possible to validate security functions of each integrated component and their validity for defensive measures. This way of attracting attacks and learning from exploits, is also considered by OPTIMA-DONES where NICS Lab is responsible for automating, retraining and improving security automatic learning under deception and federation approaches.
The knowledge acquired is undoubtedly essential for improving all those monitoring and detection processes, useful for situational awareness and relevant to intensify cyber defense. This is the case of 5G+TACTILE and SADECEI-4.0, which have already demonstrated the effectiveness of simulation as a complementary tool to traditional detection systems to increase knowledge and anticipate appropriate responses. Preventive and corrective measures also contribute to mitigate the effects of possible attacks in real time and, consequently, to guarantee business continuity. Therefore, another major challenge for NICS Lab is also to explore the novelty of the ‘zero-touch’ response, both from a theoretical (5G+TACTILE) and practical perspective (SecTwin 5.0, OPTIMA-DONES).
NICS Lab’s involvement in these projects has enabled the deployment of DTs connected to industrial models within our own facilities. Among the models we highlight the deployment of an IIoT system, and the deployment of a simulated manufacturing line with connection to mock-ups and real cyber-physical systems, such as robots and controllers, all working together to represent the real world through 2D and 3D models. As it is evident, these realistic representations also enable the research team to meet new research challenges. In the field of cybersecurity, NICS Lab works on DT-assisted prediction and detection [1], where DT-supported detection should complement traditional detection processes (signature-based or anomaly-based) by considering all those anomalous states related to the functional processes of the operating systems themselves. This, in turn, adds value to the detection by allowing organisations not only to explore the anomalous conditions of their own technologies (IT/OT), but also to examine the functional processes of these technologies through simulation.
This type of protection requires addressing other integration issues to ensure a “comprehensive” protection with dynamic and valid access control policies [2] and “real-time” resilience through a suitable synchronisation of physical and digital spaces. Synchronisation is certainly a key process to maintain the security of the physical environment through the DT, but also the security of the DT itself if an acceptable level of protection and resilience must be ensured. DTs contain all the intellectual property of the physical environment they emulate and represent. Any threat posed to the technology, including its underlying infrastructures (edge/cloud, virtualisation systems) and digital models (related to AI/ML, CAD, mathematical formulations, graphics, etc.), may pose a serious impact to the physical environment, end-users, organisation(s) and the entire value chain [3].
Due to this, all our efforts have been more focused on the insistent search for new and emerging technologies that, integrated with DT, can help to: (i) promote secure agile communication in DT-based environments, such as 6G, and render complex digital models through specialized computing infrastructures (edge-cloud) that, in turn, ensure context awareness and IA federation [4]; (ii) manage vulnerabilities to create dependable simulations, free of errors and uncertainty states [5]; and (iii) boost DT federation to create communities and consolidate cyber threat intelligence [6]. In this endeavour, we also advocate the idea of relying on specific standards for DTs. While it is true that some standards already exist with some initial security considerations, they are still insufficient to refocus all the needs mentioned above. In fact, in [7] we identified the most relevant standards on DTs and their security measures, and highlighted the priority of going deeper into the topic to find the best way to design useful DT-based approaches, which can also be beneficial for security of the future.
Moreover, the experience gained has crossed some frontiers that go beyond research, involving technological transfer. One of the NICS Lab members is currently Vice-Chair of the IEEE SIG ComSoc on Green Digital Twin Network, and has intensively cooperated with multiple entities and ECSO to produce the ECSO Technical Document on “Cybersecurity Scenarios and Digital Twins” in 2023, in addition to disseminating the use of DT for the protection of critical systems in multiple conferences (e.g., ICICS’24, ICISSP’24, RECSI’24, CPSS’23, ICCSA’22, CPS4CIP’20), webminars (e.g., ECCO) and summer schools (e.g., FOSAD’24, IPICS’23).
REF.
[1] Cristina Alcaraz, Javier Lopez, Digital Twin-assisted anomaly detection for industrial scenarios, International Journal of Critical Infrastructure Protection, vol. 47, pp. 100721, 2024, ISSN: 1874-5482.
[2] Javier Lopez and Juan E. Rubio and Cristina Alcaraz (2021): Digital Twins for Intelligent Authorization in the B5G-enabled Smart Grid. In: IEEE Wireless Communications, vol. 28, pp. 48-55, 2021, ISSN: 1536-1284.
[3] Cristina Alcaraz, Iman Hasnaouia Meskini, Javier Lopez, Digital twin communities: an approach for secure DT data sharing, In: International Journal of Information Security, vol. 24, no. 17, Forthcoming, ISSN: 1615-5270.
[4] Cristina Alcaraz and Javier Lopez (2023): Protecting Digital Twin Networks for 6G-enabled Industry 5.0 Ecosystems. In: IEEE Network Magazine, vol. 37, no. 2, pp. 302-308, 2023, ISSN: 0890-8044.
[5] Cristina Alcaraz and Javier Lopez (2022): Digital Twin: A Comprehensive Survey of Security Threats. In: IEEE Communications Surveys & Tutorials, vol. 24, no. thirdquarter 2022, pp. 1475 – 1503, 2022, ISSN: 1553-877X.
[6] Francesco Flammini, Cristina Alcaraz, Emanuele Bellini, Stefano Marrone, Javier Lopez, Andrea Bondavalli, Towards Trustworthy Autonomous Systems: Taxonomies and Future Perspectives, In: IEEE Transactions on Emerging Topics in Computing, 2022, ISSN: 2168-6750.
[7] Cristina Alcaraz, Javier Lopez, Digital Twin Security: a perspective of efforts from standardization bodies, IEEE Security & Privacy, in press.
[8] Cristina Alcaraz, “Cybersecurity scenarios and Digital Twins”, ECSO, May 2023.
[9] Javier Lopez and Cristina Alcaraz, “ECCO Community Group Webinar – Digital Twins architectures and security capabilities: a Game-Changer for Cybersecurity”, ECCC, powered by ECCO, WG 6, 2024.
References
- Cristina Alcaraz and Javier Lopez (2024): Digital Twin-assisted anomaly detection for industrial scenarios. In: International Journal of Critical Infrastructure Protection, vol. 47, pp. 100721, 2024, ISSN: 1874-5482.
- Javier Lopez and Juan E. Rubio and Cristina Alcaraz (2021): Digital Twins for Intelligent Authorization in the B5G-enabled Smart Grid. In: IEEE Wireless Communications, vol. 28, pp. 48-55, 2021, ISSN: 1536-1284.
- Cristina Alcaraz and Javier Lopez (2022): Digital Twin: A Comprehensive Survey of Security Threats. In: IEEE Communications Surveys & Tutorials, vol. 24, no. thirdquarter 2022, pp. 1475 – 1503, 2022, ISSN: 1553-877X.
- Cristina Alcaraz and Javier Lopez (2023): Protecting Digital Twin Networks for 6G-enabled Industry 5.0 Ecosystems. In: IEEE Network Magazine, vol. 37, no. 2, pp. 302-308, 2023, ISSN: 0890-8044.
- Francesco Flammini and Cristina Alcaraz and Emanuele Bellini and Stefano Marrone and Javier Lopez and Andrea Bondavalli (2022): Towards Trustworthy Autonomous Systems: Taxonomies and Future Perspectives. In: IEEE Transactions on Emerging Topics in Computing, 2022, ISSN: 2168-6750.
- Cristina Alcaraz and Iman Hasnaouia Meskini and Javier Lopez (2024): Digital twin communities: an approach for secure DT data sharing. In: International Journal of Information Security, vol. 24, no. 17, Forthcoming, ISSN: 1615-5270.