Cybersecurity Considerations for Digital Twin Implementations
features such as secure micro-controllers
which may not be available on the platform
running the twin. Such gaps, if not
addressed, can lead to threats to the system,
as well as the manufacturer’s business
model. These issues are also alluded to in a
2017 article by Enterprise IoT Insights which
identifies insufficient security configurability
and insecure software or firmware as two of
the top ten IIoT security vulnerabilities. 7
required for these backend systems and
possibly expose the twin’s access credentials
during authentication functions. It should be
noted that while code analysis (often called
reverse engineering) is a viable attack on all
platforms, software designed for Windows
or Linux platforms can often be more easily
reverse-engineered due to the common
availability and low price of reverse
engineering tools. Once these access points
are obtained, the hacker can then easily
spoof the behavior of the twin or even
access the physical system (spoofing the
twin), potentially providing access to
system-wide data.
A significant security concern with a digital
twin being such a close representation of an
actual system is that if the twin is obtained
by a hacker, it can then serve as a blueprint
to the real system, identifying components,
their behaviors and their interfaces. This
immediately gives the hacker an internal
view of the system to be attacked and will
help them to identify vulnerable attack
points. In this scenario, one can assume that
prior to a physical system attack, a hacker
would have an entire script mapped out
using the compromised digital twin, allowing
penetration of the actual system with
minimum detection or disruption. Digital
twins can also be used for penetration
testing of a physical system’s interfaces,
thereby allowing the attacker to fine-tune
their attack mechanisms.
IP is another area for diligence. Frequently, a
digital twin includes critical IP, often
innovative but also repurposed legacy,
which may be damaging to the IP owner if it
is reverse engineered. In today’s geopolitical
situation, adequate security must be put into
place to protect the investment that an
innovative company makes to gain market
share—market share that is at risk from
companies from other regions of the world.
For example, a company with a digital twin
of their industrial control system (ICS) may
utilize real-system code in their digital twin
to offer a more accurate twin experience.
However, such a situation increases business
risk further, as any theft of damage to the
twin would impact both the new twin as well
as the existing ICS components themselves.
If a digital twin is compromised by a hacker,
it also has the potential to expose the
organization to backend system attacks, as
these systems may be called directly by the
twin—this threat opens a map of backend
systems to a hacker. Code analysis by a
hacker can quickly identify the API calls
7
Blackman, IIoT security: The top 10 security vulnerabilities, Enterprise IoT Insights, November
https://enterpriseiotinsights.com/20171127/security/iiot-security-top-10-security-vulnerabilities-tag40-tag99
- 110 -
2017,
November 2019