Threat Modeling for Digital Twins
The framework considers and systematizes the capabilities of the digital twin ecosystem. This systematization along with description of the elements and sub-systems of digital twin, may help to evaluate the possible damage of cyberattacks.
Also, the framework describes the architecture approach and highlights how this approach relates to other architecture approaches. This helps to assess the attack surface more comprehensively, from multi-view perspective.
1.3 THREAT MODELING METHOD
A fairly good overview of threat modeling methods is presented in [ 5 ] and in order to focus on digital twins, it will not be repeated here. Typical threat assessment processes are as follows:
• Considering possible targets of threats / objects of further assessment
• Determining the consequences of the threat implementation
• Assuming about the sources of threats
• Assessing possible threat methods based on the attack surface
• Evaluating attacking techniques, vulnerabilities based on the system-related details, and
• Assessing possible attack scenarios by summarizing all details above.
A good threat modeling method focuses on an object of assessment with particular capabilities and well-defined attack surface. According to the level of maturity defined for digital twins defined in McKee’ s white paper [ 3 ] and the appropriate technology readiness level( TRL) 5, the range of capabilities may vary drastically. Similarly, as a digital twin becomes a digital twin system, its attack surface becomes wider and much more complex. The adversary may have significantly different goals when attacking digital twins of varying degrees of maturity.
Thus, we have to determine threat modeling goals and objectives depending on the different technology readiness levels, as they apply to digital twins( Table 1-1).
TRL
Threat Modeling Goals
1-3( Research) • Protect the data used for research and development of digital twin from leakage
• Protect the data and algorithms used for research and development of digital twin from manipulation
• Avoid inaccuracies and logical errors in models and algorithms, which may be used to abuse digital twin scenarios
5
Technology Readiness Levels which help to understand technical maturity of a system are used here in the same way as they used in the framework. More about TRL scale: https:// www. nasa. gov / directorates / somd / space-communications-navigation-program / technologyreadiness-levels /
20 May 2025