Abstract
The digitisation leveraging technologies in the Internet of Things (IoT) and Cyber-Physical Systems (CPS) has been largely adopted together with the Digital Twin (DT) paradigm. However, the distributed and heterogeneous nature of IoT or CPS poses significant challenges in safeguarding against diverse attack surfaces, including physical devices, network infrastructures, and third-party integration. Furthermore, the evolving security threats and potential cascading effects from cyber attacks add another layer of complexity to the security landscape. Therefore, in this paper, we propose a digital twin-based security orchestration automation and response framework, striving for the business continuity (SOAR4BC). Leveraging system contexts from the DT in combination with security intelligence from the security tools gives us a holistic context for SOAR, which has not been seen in the existing approaches. By subjecting tampered data and distributed denial of service (DDoS) detection to rigorous experimental evaluation, we substantiate the efficacy and reliability of the SOAR4BC framework in detecting and responding to security policy violations within simulated digital twin environments. This validation serves as a compelling proof of concept, highlighting the SOAR4BC framework’s robustness in addressing cyber threats. Our work offers novel insights into the convergence of digital twin technology and cybersecurity, illuminating the unique challenges and opportunities inherent in DT-based IoT and CPS systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alcaraz, C., Lopez, J.: Digital twin: a comprehensive survey of security threats. IEEE Commun. Surv. Tutor. 24(3), 1475–1503 (2022)
Allison, D., Smith, P., Mclaughlin, K.: Digital twin-enhanced incident response for cyber-physical systems. In: Proceedings of the 18th International Conference on Availability, Reliability and Security, pp. 1–10 (2023)
Alwarafy, A., Al-Thelaya, K.A., Abdallah, M., Schneider, J., Hamdi, M.: A survey on security and privacy issues in edge-computing-assisted internet of things. IEEE Internet Things J. 8(6), 4004–4022 (2020)
Bartwal, U., Mukhopadhyay, S., Negi, R., Shukla, S.: Security orchestration, automation, and response engine for deployment of behavioural honeypots. In: 2022 IEEE Conference on Dependable and Secure Computing (DSC), pp. 1–8 (2022)
Bellavista, P., Di Modica, G.: Iotwins: implementing distributed and hybrid digital twins in industrial manufacturing and facility management settings. Future Internet 16(2), 65 (2024)
Bharatee, A., Ray, P.K., Subudhi, B., Ghosh, A.: Power management strategies in a hybrid energy storage system integrated AC/DC microgrid: a review. Energies 15(19) (2022). https://doi.org/10.3390/en15197176. https://www.mdpi.com/1996-1073/15/19/7176
Chowdhury, N., Gkioulos, V.: Cyber security training for critical infrastructure protection: a literature review. Comput. Sci. Rev. 40, 100361 (2021)
Empl, P., Schlette, D., Zupfer, D., Pernul, G.: Soar4iot: securing IoT assets with digital twins. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, pp. 1–10 (2022)
Fischertechnik: Training Factory Industry 4.0 24V. https://www.fischertechnik.de/en/products/industry-and-universities/training-models/554868-training-factory-industry-4-0-24v. Accessed 16 June 2024
Goknil, A., et al.: A systematic review of data quality in CPS and IoT for industry 4.0. ACM Comput. Surv. 55(14s) (2023). https://doi.org/10.1145/3593043
Isaja, M., et al.: A blockchain-based framework for trusted quality data sharing towards zero-defect manufacturing. Comput. Ind. 146, 103853 (2023)
Islam, C., Babar, M.A., Nepal, S.: A multi-vocal review of security orchestration. ACM Comput. Surv. 52(2) (2019). https://doi.org/10.1145/3305268
Islam, C., Babar, M.A., Nepal, S.: Architecture-centric support for integrating security tools in a security orchestration platform. In: Jansen, A., Malavolta, I., Muccini, H., Ozkaya, I., Zimmermann, O. (eds.) ECSA 2020. LNCS, vol. 12292, pp. 165–181. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-58923-3_11
Microsoft Security: What is SOAR? https://www.microsoft.com/en-us/security/business/security-101/what-is-soar. Accessed 16 June 2024
Neupane, K., Haddad, R., Chen, L.: Next generation firewall for network security: a survey. In: SoutheastCon 2018, pp. 1–6 (2018). https://doi.org/10.1109/SECON.2018.8478973
Nguyen, H.H., Phung, P.H., Nguyen, P.H., Truong, H.L.: Context-driven policies enforcement for edge-based IoT data sharing-as-a-service. In: 2022 IEEE International Conference on Services Computing (SCC), pp. 221–230 (2022). https://doi.org/10.1109/SCC55611.2022.00041
Nguyen, P., et al.: Towards smarter security orchestration and automatic response for CPS and IoT. In: 2023 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pp. 298–302 (2023). https://doi.org/10.1109/CloudCom59040.2023.00055
Nguyen, P.H., et al.: Software engineering and AI for data quality in cyber- physical systems - sea4dq’21 workshop report. SIGSOFT Softw. Eng. Notes 47(1), 26–29 (2022). https://doi.org/10.1145/3502771.3502781
Nguyen, T., Lam, A.N., Nguyen, P., Truong, L.: Security orchestration with explainability for digital twins-based smart systems. In: IEEE Annual Computer Software and Applications Conference (2024)
Rajmohan, T., Nguyen, P.H., Ferry, N.: A decade of research on patterns and architectures for IoT security. Cybersecurity 5(1), 2 (2022)
Riggs, H., et al.: Impact, vulnerabilities, and mitigation strategies for cyber-secure critical infrastructure. Sensors 23(8), 4060 (2023)
Rios, E., et al.: The dynabic approach to resilience of critical infrastructures. In: Proceedings of the 18th International Conference on Availability, Reliability and Security. ARES 2023. Association for Computing Machinery, New York (2023). https://doi.org/10.1145/3600160.3605055
Sen, S., Husom, E.J., Goknil, A., Tverdal, S., Nguyen, P., Mancisidor, I.: Taming data quality in AI-enabled industrial internet of things. IEEE Softw. 39(6), 35–42 (2022). https://doi.org/10.1109/MS.2022.3193975
Sheikh, Z.A., Singh, Y., Singh, P.K., Ghafoor, K.Z.: Intelligent and secure framework for critical infrastructure (CPS): current trends, challenges, and future scope. Comput. Commun. 193, 302–331 (2022)
Technicaldada: Pentbox. https://github.com/technicaldada/pentbox. Accessed 16 June 2024
Tigli, J.Y., Lavirotte, S., Rey, G., Hourdin, V., Riveill, M.: Context-aware authorization in highly dynamic environments. arXiv preprint arXiv:1102.5194 (2011)
Acknowledgments
The research leading to this publication has received funding from the European Union’s Horizon Europe research and innovation programme under Grant Agreement 101070455 (DYNABIC).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 IFIP International Federation for Information Processing
About this paper
Cite this paper
Nguyen, P.H., Rauniyar, A., Niemi, T.V. (2025). Digital Twin-Based Security Orchestration, Automation and Response for IoT and CPS. In: Rey, G., Tigli, JY., Franquet, E. (eds) Internet of Things. IFIPIoT 2024. IFIP Advances in Information and Communication Technology, vol 737. Springer, Cham. https://doi.org/10.1007/978-3-031-81900-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-81900-1_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-81899-8
Online ISBN: 978-3-031-81900-1
eBook Packages: Computer ScienceComputer Science (R0)
