Digital Twins for Cyber-Physical Systems Security: State of the Art and Outlook

  • Matthias EckhartEmail author
  • Andreas Ekelhart


Digital twins refer to virtual replicas of physical objects that, inter alia, enable to monitor, visualize, and predict states of cyber-physical systems (CPSs). These capabilities yield efficiency gains and quality improvements in manufacturing processes. In addition, the concept of digital twins can also be leveraged to advance the security of the smart factory. More precisely, this concept can be applied as early as in the design phase by providing engineers the means to spot security flaws in the specification of the CPS. Security testing or intrusion detection are other security-enhancing technical use cases of digital twins that can be realized in systems engineering or during plant operation. In this chapter, we will discuss how digital twins can accompany their physical counterparts throughout the entire lifecycle and thereby strengthen the security of CPSs. The findings of this chapter indicate that the concept of digital twins will open up new paths to secure CPSs. However, efficiently creating, maintaining, and running digital twins still represents a major research challenge, as the overhead costs hinder the adoption of this concept. We believe that these insights are valuable to shape future research in this emerging research area at the intersection of digital twins and information security.


Digital twin Information security Cyber-physical systems Industrial control systems Digital thread 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



The financial support by the Christian Doppler Research Association; the Austrian Federal Ministry for Digital and Economic Affairs; and the National Foundation for Research, Technology, and Development and COMET K1, FFG—Austrian Research Promotion Agency is gratefully acknowledged. Furthermore, this work was supported by the Austrian Science Fund (FWF) and netidee SCIENCE under grant P30437-N31.


  1. Alam, K. M., & Saddik, A. E. (2017). C2PS: A digital twin architecture reference model for the cloud-based cyber-physical systems. IEEE Access, 5, 2050–2062.CrossRefGoogle Scholar
  2. Antonioli, D., Agrawal, A., & Tippenhauer, N. O. (2016). Towards high-interaction virtual ICS honeypots-in-a-box. In Proceedings of the 2Nd ACM Workshop on Cyber-Physical Systems Security and Privacy’, CPS-SPC ’16 (pp. 13–22). New York, NY: ACM.CrossRefGoogle Scholar
  3. Baheti, R., & Gill, H. (2011). Cyber-physical systems. The Impact of Control Technology, 12, 161–166.Google Scholar
  4. Bécue, A., Fourastier, Y., Praça, I., Savarit, A., Baron, C., Gradussofs, B., et al., (2018). Cyberfactory#1 — securing the industry 4.0 with cyber-ranges and digital twins. In 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS) (pp. 1–4)Google Scholar
  5. Bitton, R., Gluck, T., Stan, O., Inokuchi, M., Ohta, Y., Yamada, Y., et al., (2018). Deriving a cost-effective digital twin of an ICS to facilitate security evaluation. In J. Lopez, J. Zhou & M. Soriano (Eds.), Computer Security (pp. 533–554). Cham: Springer.CrossRefGoogle Scholar
  6. Boschert, S., & Rosen, R. (2016), Digital twin—the simulation aspect (pp. 59–74). Cham: Springer.Google Scholar
  7. Bracho, A., Saygin, C., Wan, H., Lee, Y., & Zarreh, A. (2018). A simulation-based platform for assessing the impact of cyber-threats on smart manufacturing systems. Procedia Manufacturing, 26, 1116–1127. 46th SME North American Manufacturing Research Conference, NAMRC 46, Texas, USA.Google Scholar
  8. Cárdenas, A. A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., & Sastry, S. (2011). Attacks against process control systems: Risk assessment, detection, and response. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’11 (pp. 355–366). New York, NY: ACM.Google Scholar
  9. Caselli, M., Zambon, E., Amann, J., Sommer, R., & Kargl, F. (2016). Specification mining for intrusion detection in networked control systems (pp. 791–806), Berkeley: USENIX Association.Google Scholar
  10. Chabukswar, R., Sinopoli, B., Karsai, G., Giani, A., Neema, H., & Davis, A. (2010). Simulation of network attacks on SCADA systems. In First workshop on secure control systems, cyber physical systems week 2010.Google Scholar
  11. Chen, R., Dave, K., McAvoy, T. J., & Luyben, M. (2003). A nonlinear dynamic model of a vinyl acetate process. Industrial & Engineering Chemistry Research, 42(20), 4478–4487.CrossRefGoogle Scholar
  12. Chromik, J., Remke, A., & Haverkort, B. (2016). What’s under the hood? Improving SCADA security with process awareness. Piscataway: IEEE.CrossRefGoogle Scholar
  13. Cook, A., Smith, R., Maglaras, L., & Janicke, H. (2016). Measuring the risk of cyber attack in industrial control systems. In Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016’, ICS-CSR ’16 (pp. 1–11). Swindon, UK: BCS Learning & Development.Google Scholar
  14. Damjanovic-Behrendt, V. (2018a). A digital twin architecture for security, privacy and safety. ERCIM News, 2018(115).Google Scholar
  15. Damjanovic-Behrendt, V. (2018b). A digital twin-based privacy enhancement mechanism for the automotive industry. In Proceedings of the 9th International Conference on Intelligent Systems: Theory, Research and Innovation in Applications.Google Scholar
  16. Depamelaere, W., Lemaire, L., Vossaert, J., & Naessens, V. (2018). CPS security assessment using automatically generated attack trees. In Proceedings of the 5th International Symposium for ICS & SCADA Cyber Security Research 2018. London: British Computer Society (BCS).Google Scholar
  17. de Sá, A. O., d. C. Carmo, L. F. R., & Machado, R. C. S. (2017). Covert attacks in cyber-physical control systems. IEEE Transactions on Industrial Informatics, 13(4), 1641–1651.Google Scholar
  18. Downs, J., & Vogel, E. (1993). A plant-wide industrial process control problem. Computers & Chemical Engineering, 17(3), 245–255. Industrial challenge problems in process control.Google Scholar
  19. Dragos, Inc. (2018). Industrial Control Vulnerabilities: 2017 in Review, Tech report. Hanover: Dragos, Inc.Google Scholar
  20. Drath, R., Luder, A., Peschke, J., & Hundt, L. (2008). AutomationML – the glue for seamless automation engineering. In 2008 IEEE International Conference on Emerging Technologies and Factory Automation (pp. 616–623).Google Scholar
  21. Duggan, D., Berg, M., Dillinger, J., & Stamp, J. (2005). Penetration testing of industrial control systems. Albuquerque: Sandia National Laboratories.Google Scholar
  22. Durão, L. F. C. S., Haag, S., Anderl, R., Schützer, K., & Zancul, E. (2018). Digital twin requirements in the context of industry 4.0. In P. Chiabert, A. Bouras, F. Noël & J. Ríos, (Eds.), Product Lifecycle Management to Support Industry 4.0 (pp. 204–214). Cham: Springer.CrossRefGoogle Scholar
  23. Eckhart, M., & Ekelhart, A. (2018a). Securing cyber-physical systems through digital twins. ERCIM News, 2018(115).Google Scholar
  24. Eckhart, M., & Ekelhart, A. (2018b). A specification-based state replication approach for digital twins. In Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC ’18 (pp. 36–47). New York, NY: ACM.CrossRefGoogle Scholar
  25. Eckhart, M., & Ekelhart, A. (2018c). Towards security-aware virtual environments for digital twins. In Proceedings of the 4th ACM Workshop on Cyber-Physical System Security, CPSS ’18 (pp. 61–72). New York, NY: ACM.CrossRefGoogle Scholar
  26. European Parliament and the Council of the European Union (2016), Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union, Accessed 11 Feb 2019.
  27. Fan, W., Du, Z., & Fernández, D. (2015). Taxonomy of honeynet solutions. In 2015 SAI Intelligent Systems Conference (IntelliSys) (pp. 1002–1009).Google Scholar
  28. Fichtner, H.-P., & Krammel, M. (2015). Project HoneyTrain, Techreport. Saarbrücken: Koramis GmbH.Google Scholar
  29. Giraldo, J., Urbina, D., Cardenas, A., Valente, J., Faisal, M., Ruths, J., et al. (2018). A survey of physics-based attack detection in cyber-physical systems. ACM Computing Surveys, 51(4), 76:1–76:36.Google Scholar
  30. Glaessgen, E. H., & Stargel, D. (2012). The digital twin paradigm for future NASA and U.S. air force vehicles. In 53rd AIAA/ASME/ASCE/AHS/ASC Structures, Structural Dynamics and Materials Conference (pp. 1–14).Google Scholar
  31. Glavach, D., LaSalle-DeSantis, J., & Zimmerman, S. (2017). Applying and assessing cybersecurity controls for direct digital manufacturing (DDM) systems (pp. 173–194). Cham: Springer.Google Scholar
  32. Gockel, B., Tudor, A., Brandyberry, M., Penmetsa, R., & Tuegel, E. (2012). Challenges with structural life forecasting using realistic mission profiles. In 53rd AIAA/ASME/ASCE/AHS/ASC Structures, Structural Dynamics and Materials Conference. Reston: American Institute of Aeronautics and Astronautics.Google Scholar
  33. Grieves, M., & Vickers, J. (2017). Digital twin: mitigating unpredictable, undesirable emergent behavior in complex systems (pp. 85–113). Cham: Springer.Google Scholar
  34. Grinshpun, G., Cichon, T., Dipika, D., & Rossmann, J. (2016). From virtual testbeds to real lightweight robots: Development and deployment of control algorithms for soft robots, with particular reference to industrial peg-in-hole insertion tasks. In Proceedings of ISR 2016: 47st International Symposium on Robotics (pp. 1–7).Google Scholar
  35. Guarnizo, J. D., Tambe, A., Bhunia, S. S., Ochoa, M., Tippenhauer, N. O., Shabtai, A., et al. (2017). Siphon: Towards scalable high-interaction physical honeypots. In Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, CPSS ’17 (pp. 57–68). New York, NY: ACM.CrossRefGoogle Scholar
  36. Haag, S., & Anderl, R. (2018). Digital twin – proof of concept. Manufacturing Letters, 15, 64–66. Industry 4.0 and Smart Manufacturing.Google Scholar
  37. Hahn, A. (2016). Operational Technology and Information Technology in Industrial Control Systems (pp. 51–68). Cham: Springer.Google Scholar
  38. Hribernik, K. A., Rabe, L., Thoben, K., & Schumacher, J. (2006). The product avatar as a product-instance-centric information management concept. International Journal of Product Lifecycle Management, 1(4), 367–379.CrossRefGoogle Scholar
  39. Hribernik, K., Wuest, T., & Thoben, K.-D. (2013). Towards product avatars representing middle-of-life information for improving design, development and manufacturing processes. In G. L. Kovács & D. Kochan (Eds.), 6th Programming Languages for Manufacturing (PROLAMAT), Digital Product and Process Development Systems (Vol. AICT-411, pp. 85–96). Dresden, Germany: Springer. Part 2: Digital Product- and Process- Development.Google Scholar
  40. ICS-CERT (2013), Year in review 2012, Technical report, Department of Homeland Security.Google Scholar
  41. ICS-CERT (2015), Year in review 2014, Technical report, Department of Homeland Security.Google Scholar
  42. ICS-CERT (2017), Year in review 2016, Technical report, Department of Homeland Security.Google Scholar
  43. IEC (2009). 62443: Industrial communication networks – network and system security. International Standard, First Edition, International Electrotechnical Commission, Geneva, 1, 170.Google Scholar
  44. Jaensch, F., Csiszar, A., Scheifele, C., & Verl, A. (2018), Digital twins of manufacturing systems as a base for machine learning. In 2018 25th International Conference on Mechatronics and Machine Vision in Practice (M2VIP) (pp. 1–6).Google Scholar
  45. Kagermann, H., Helbig, J., Hellinger, A., & Wahlster, W. (2013). Recommendations for implementing the strategic initiative industrie 4.0 – securing the future of german manufacturing industry, Final report of the industrie 4.0 working group, acatech. München: National Academy of Science and Engineering.Google Scholar
  46. Kissel, R. L., Regenscheid, A. R., Scholl, M. A., & Stine, K. M. (2014). Guidelines for media sanitization. NIST Special Publication, 800(88r1).Google Scholar
  47. Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Rockland: Syngress.Google Scholar
  48. Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber security management in industrial control systems. International Journal of Critical Infrastructure Protection, 9, 52–80.CrossRefGoogle Scholar
  49. Kritzinger, W., Karner, M., Traar, G., Henjes, J., & Sihn, W. (2018). Digital twin in manufacturing: A categorical literature review and classification. IFAC-PapersOnLine, 51(11), 1016–1022. 16th IFAC Symposium on Information Control Problems in Manufacturing INCOM 2018.Google Scholar
  50. Krotofil, M., & Cárdenas, A. A. (2013). Resilience of process control systems to cyber-physical attacks. In H. Riis Nielson & D. Gollmann (Eds.), Secure IT Systems (pp. 166–182). Berlin: Springer.CrossRefGoogle Scholar
  51. Krotofil, M., Isakov, A., Winnicki, A., Gollmann, D., Larsen, J., & Gurikov, P. (2015). Rocking the pocket book: Hacking chemical plants for competition and extortion, resreport, Black Hat.Google Scholar
  52. Langner, R. (2013). To kill a centrifuge: A technical analysis of what stuxnet’s creators tried to achieve. Arlington: The Langner Group.Google Scholar
  53. Lantz, B., Heller, B., & McKeown, N. (2010). A network in a laptop: Rapid prototyping for software-defined networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, Hotnets-IX (pp. 19:1–19:6). New York, NY: ACM.Google Scholar
  54. Lee, J., Lapira, E., Bagheri, B., & an Kao, H. (2013). Recent advances and trends in predictive manufacturing systems in big data environment. Manufacturing Letters, 1(1), 38–41.Google Scholar
  55. Lee, R. M., Assante, M. J., & Conway, T. (2016). Analysis of the cyber attack on the ukrainian power grid, techreport, SANS Institute.Google Scholar
  56. Lemaire, L., Vossaert, J., Jansen, J., & Naessens, V. (2017). A logic-based framework for the security analysis of industrial control systems. Automatic Control and Computer Sciences, 51(2), 114–123.CrossRefGoogle Scholar
  57. Lubell, J., Frechette, S. P., Lipman, R. R., Proctor, F. M., Horst, J. A., Carlisle, M., et al. (2013). Model based enterprise summit report, Technical Report 1820, National Institute of Standards and Technology.Google Scholar
  58. Lüder, A., Schmidt, N., Hell, K., Röpke, H., & Zawisza, J. (2017). Fundamentals of artifact reuse in CPPS (pp. 113–138). Cham: Springer.Google Scholar
  59. Macaulay, T., & Singer, B. (2016). Cybersecurity for industrial control systems: SCADA, DCS, PLC, HMI, and SIS. Boca Raton: CRC Press.CrossRefGoogle Scholar
  60. Maybury, M. T. (2013). Global horizons: Final report, resreport AF/ST TR 13-01; Air Force/Small Business Technology Transer 13-01, United States Air Force.Google Scholar
  61. McLaughlin, S., Konstantinou, C., Wang, X., Davi, L., Sadeghi, A. R., Maniatakos, M., et al. (2016). The cybersecurity landscape in industrial control systems. Proceedings of the IEEE, 104(5), 1039–1057.CrossRefGoogle Scholar
  62. Mitchell, R., & Chen, I.-R. (2014). A survey of intrusion detection techniques for cyber-physical systems. ACM Computing Surveys, 46(4), 55:1–55:29.Google Scholar
  63. Mourtzis, D., Doukas, M., & Bernidaki, D. (2014). Simulation in manufacturing: Review and challenges. Procedia CIRP, 25, 213–229. 8th International Conference on Digital Enterprise Technology – DET 2014 Disruptive Innovation in Manufacturing Engineering towards the 4th Industrial Revolution.Google Scholar
  64. Negahban, A., & Smith, J. S. (2014). Simulation for manufacturing system design and operation: Literature review and analysis. Journal of Manufacturing Systems, 33(2), 241–261.CrossRefGoogle Scholar
  65. Negri, E., Fumagalli, L., & Macchi, M. (2017). A review of the roles of digital twin in CPS-based production systems. Procedia Manufacturing, 11, 939–948. 27th International Conference on Flexible Automation and Intelligent Manufacturing, FAIM2017, 27–30 June 2017, Modena, Italy.Google Scholar
  66. Nivethan, J., & Papa, M. (2016). A SCADA intrusion detection framework that incorporates process semantics. In Proceedings of the 11th Annual Cyber and Information Security Research Conference, CISRC ’16 (pp. 6:1–6:5). New York, NY: ACM.Google Scholar
  67. Panetta, K. (2018). Gartner top 10 strategic technology trends for 2019, Accessed 12 Dec 2018.Google Scholar
  68. Plumley, E., Rice, M., Dunlap, S., & Pecarina, J. (2017). Categorization of cyber training environments for industrial control systems. In M. Rice & S. Shenoi (Eds.), Critical Infrastructure Protection XI (pp. 243–271). Cham: Springer.CrossRefGoogle Scholar
  69. Polenghi, A., Fumagalli, L., & Roda, I. (2018). Role of simulation in industrial engineering: Focus on manufacturing systems. IFAC-PapersOnLine, 51(11), 496–501. 16th IFAC Symposium on Information Control Problems in Manufacturing INCOM 2018.Google Scholar
  70. Rajkumar, R., Lee, I., Sha, L., & Stankovic, J. (2010). Cyber-physical systems: The next computing revolution. In Design Automation Conference (pp. 731–736).Google Scholar
  71. Reifsnider, K., & Majumdar, P. (2013). Multiphysics stimulated simulation digital twin methods for fleet management. In 54th AIAA/ASME/ASCE/AHS/ASC Structures, Structural Dynamics, and Materials Conference. Reston: American Institute of Aeronautics and Astronautics.Google Scholar
  72. Ríos, J., Hernández, J. C., Oliva, M., & Mas, F. (2015). Product avatar as digital counterpart of a physical individual product: Literature review and implications in an aircraft. In ISPE CE (pp. 657–666).Google Scholar
  73. Rist, L., Vestergaard, J., Haslinger, D., Pasquale, A., & Smith, J. (2019). Conpot ICS/SCADA Honeypot. Accessed 11 Feb 2019.Google Scholar
  74. Rosen, R., von Wichert, G., Lo, G., & Bettenhausen, K. D. (2015). About the importance of autonomy and digital twins for the future of manufacturing. IFAC-PapersOnLine, 48(3), 567–572. 15th IFAC Symposium on Information Control Problems in Manufacturing INCOM 2015.Google Scholar
  75. Rubio, J. E., Alcaraz, C., Roman, R., & Lopez, J. (2017). Analysis of intrusion detection systems in industrial ecosystems. In 14th International Conference on Security and Cryptography (SECRYPT 2017).Google Scholar
  76. Schleich, B., Anwer, N., Mathieu, L., & Wartzack, S. (2017). Shaping the digital twin for design and production engineering. CIRP Annals, 66(1), 141–144.CrossRefGoogle Scholar
  77. Schluse, M., & Rossmann, J. (2016). From simulation to experimentable digital twins: Simulation-based development and operation of complex technical systems. In 2016 IEEE International Symposium on Systems Engineering (ISSE) (pp. 1–6).Google Scholar
  78. Schroeder, G., Steinmetz, C., Pereira, C. E., Muller, I., Garcia, N., Espindola, D., & Rodrigues, R. (2016). Visualising the digital twin using web services and augmented reality. In 2016 IEEE 14th International Conference on Industrial Informatics (INDIN) (pp. 522–527).Google Scholar
  79. Schroeder, G. N., Steinmetz, C., Pereira, C. E., & Espindola, D. B. (2016). Digital twin data modeling with AutomationML and a communication methodology for data exchange. IFAC-PapersOnLine, 49(30), 12–17. 4th IFAC Symposium on Telematics Applications TA 2016.Google Scholar
  80. Shafto, M., Conroy, M., Doyle, R., Glaessgen, E., Kemp, C., LeMoigne, J., et al. (2010). Draft modeling, simulation, information technology & processing roadmap. Technology Area, 11. NASAGoogle Scholar
  81. Shi, J., Wan, J., Yan, H., & Suo, H. (2011). A survey of cyber-physical systems. In 2011 International Conference on Wireless Communications and Signal Processing (WCSP) (pp. 1–6).Google Scholar
  82. Singh, V., & Willcox, K. E. (2018). Engineering design with digital thread. AIAA Journal, 56(11), 4515–4528.CrossRefGoogle Scholar
  83. Smith, R. S. (2015). Covert misappropriation of networked control systems: Presenting a feedback structure. IEEE Control Systems Magazine, 35(1), 82–92.MathSciNetCrossRefGoogle Scholar
  84. Sommestad, T., & Hallberg, J. (2012). Cyber security exercises and competitions as a platform for cyber security experiments. In A. Jøsang & B. Carlsson (Eds.), Secure IT Systems (pp. 47–60). Berlin: Springer.CrossRefGoogle Scholar
  85. Spitzner, L. (2002). Honeypots: tracking hackers. Boston, MA: Addison-Wesley Longman Publishing.Google Scholar
  86. Tauber, M., & Schmittner, C. (2018). Enabling security and safety evaluation in industry 4.0 use cases with digital twins. ERCIM News, 2018(115).Google Scholar
  87. Tuegel, E. J., Ingraffea, A. R., Eason, T. G., & Spottswood, S. M. (2011). Reengineering aircraft structural life prediction using a digital twin. International Journal of Aerospace Engineering, 2011, 14. Article ID 154798.Google Scholar
  88. Uhlemann, T. H.-J., Lehmann, C., & Steinhilper, R. (2017). The digital twin: Realizing the cyber-physical production system for industry 4.0. Procedia CIRP, 61(Supplement C), 335–340. The 24th CIRP Conference on Life Cycle Engineering.Google Scholar
  89. Vachálek, J., Bartalskỳ, L., Rovnỳ, O., Šišmišová, D., Morháč, M., & Lokšík, M. (2017). The digital twin of an industrial production line within the industry 4.0 concept. In 2017 21st International Conference on Process Control (PC) (pp. 258–262).Google Scholar
  90. Vasilomanolakis, E., Srinivasa, S., Cordero, C. G., & Mühlhäuser, M. (2016). Multi-stage attack detection and signature generation with ICS honeypots. In NOMS 2016 – 2016 IEEE/IFIP Network Operations and Management Symposium (pp. 1227–1232).Google Scholar
  91. Wei, D., & Ji, K. (2010). Resilient industrial control system (RICS): Concepts, formulation, metrics, and insights. In 2010 3rd International Symposium on Resilient Control Systems (pp. 15–22).Google Scholar
  92. West, T. D., & Blackburn, M. (2017). Is digital thread/digital twin affordable? A systemic assessment of the cost of dod’s latest manhattan project. Procedia Computer Science, 114, 47–56. Complex Adaptive Systems Conference with Theme: Engineering Cyber Physical Systems, CAS October 30 – November 1, 2017, Chicago, Illinois, USA.Google Scholar
  93. West, T. D., & Pyster, A. (2015). Untangling the digital thread: The challenge and promise of model-based engineering in defense acquisition. INSIGHT, 18(2), 45–55.CrossRefGoogle Scholar
  94. Zhao, C., & Qin, S. (2017). A research for high interactive honepot based on industrial service. In 2017 3rd IEEE International Conference on Computer and Communications (ICCC) (pp. 2935–2939).Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Christian Doppler Laboratory for Security and Quality Improvement in the Production System Lifecycle (CDL-SQI), Institute of Information Systems EngineeringTechnische Universität WienViennaAustria
  2. 2.SBA ResearchViennaAustria

Personalised recommendations