Threat Modeling for Digital Twins
component security tolerance to reverse engineering, authenticity of the system software updates and other specific examples of security objectives. This puts the traditional“ confidentiality, integrity, availability” triad far behind the current understanding of security in the context of trust.
This brings us to the following ideas:
• Importance of threat assessment, including threat modeling, for supporting trustworthiness of complex systems incorporating digital twins.
• Necessity of threat definition for digital twins in a wider context, consideration of possible system availability loss, safety impact or even physical damage.
1.2 THREAT MODELING APPROACH
Threat modeling is a structured, repeatable process used to gain actionable insights into the security characteristics of a particular system. Threat modeling analyzes a system from an adversarial perspective, focusing on ways in which an attacker can exploit a system.
There is no industry standard approach to threat modeling, nor is there a one-size-fits-all solution for all use cases. This is especially true for the Internet of Things, cyber-physical systems and fullfledged digital twins. Threat modeling considerations for these systems should include hardware / physical threats, interdependencies, scalability, and iterative processes throughout the system lifecycle.
To approach the issue of threat definition and further threat assessment, two viewpoints 4 on digital twin systems are needed. The first viewpoint is connected to the digital twin functional capabilities, according to which we determine possible damage from cyberattacks. Each capability may be either broken or abused because of cyberattack. This leads to the loss of expected outcome or causes the unexpected behavior which may not have the best effect for the whole system. This viewpoint helps with the assessment of possible damage to the digital twin system. The second viewpoint focuses on the digital twin architecture, components and technologies to reveal threat scenarios and evaluate attack likelihood. When combined, both viewpoints can help assess and mitigate cybersecurity risks.
The Platform Stack Architectural Framework [ 3 ]( further referred to as“ framework”) is suggested to form the base for the mentioned viewpoints. This framework is intended to provide a robust foundation for building secure, interoperable, and scalable digital twin systems and underscores the necessity of trustworthiness, system integration, and domain-specific customization to unlock transformative value.
4 https:// sebokwiki. org / wiki / Viewpoint _( glossary)
Journal of Innovation 19