ABSTRACT
Digital twins play a key role in realizing the vision of a smart factory. While this concept is often associated with maintenance, optimization, and simulation, digital twins can also be leveraged to enhance the security and safety of cyber-physical systems (CPSs). In particular, digital twins can run in parallel to a CPS, allowing to perform a security and safety analysis during operation without the risk of disrupting live systems. However, replicating states of physical devices within a CPS in functionally equivalent virtual replicas, so that they precisely mirror the internal behavior of their counterparts, is an open research topic. In this paper, we propose a novel state replication approach that first identifies stimuli based on the system's specification and then replicates them in a virtual environment. We believe that replicating states of CPSs is a prerequisite for a multitude of security and safety enhancing features that can be implemented on the basis of digital twins. To demonstrate the feasibility of the specification-based state replication approach, we provide a prototypical implementation and evaluate it in an experimental CPS test bed. The results of this paper show that attacks against CPSs can be successfully detected by leveraging the proposed state replication approach.
- AutomationML. 2014. Whitepaper: Communication . Technical Report V_1.0.0. AutomationML consortium.Google Scholar
- Radhakisan Baheti and Helen Gill. 2011. Cyber-physical systems. The impact of control technology , Vol. 12 (2011), 161--166.Google Scholar
- A. Carcano, A. Coletta, M. Guglielmi, M. Masera, I. Nai Fovino, and A. Trombetta. 2011. A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems. IEEE Transactions on Industrial Informatics , Vol. 7, 2 (May 2011), 179--186.Google ScholarCross Ref
- Justyna Joanna Chromik, Anne Katharina Ingrid Remke, and Boudewijn R.H.M. Haverkort. 2016. What's under the hood? Improving SCADA security with process awareness .IEEE.Google Scholar
- R. Drath, A. Luder, J. Peschke, and L. Hundt. 2008. AutomationML - the glue for seamless automation engineering. In 2008 IEEE International Conference on Emerging Technologies and Factory Automation. 616--623.Google Scholar
- David Duggan, Michael Berg, John Dillinger, and Jason Stamp. 2005. Penetration testing of industrial control systems. Sandia National Laboratories (2005).Google Scholar
- Matthias Eckhart and Andreas Ekelhart. 2018. Towards Security-Aware Virtual Environments for Digital Twins. In Proceedings of the 4th ACM Workshop on Cyber-Physical System Security (CPSS '18). ACM, New York, NY, USA, 61--72. Google ScholarDigital Library
- Manuel Egele, Theodoor Scholte, Engin Kirda, and Christopher Kruegel. 2008. A Survey on Automated Dynamic Malware-analysis Techniques and Tools. ACM Comput. Surv. , Vol. 44, 2, Article 6 (March 2008), bibinfonumpages42 pages. Google ScholarDigital Library
- R. R. Fontes, S. Afzal, S. H. B. Brito, M. A. S. Santos, and C. E. Rothenberg. 2015. Mininet-WiFi: Emulating software-defined wireless networks. In 2015 11th International Conference on Network and Service Management (CNSM). 384--389. Google ScholarDigital Library
- I. N. Fovino, A. Carcano, T. D. L. Murel, A. Trombetta, and M. Masera. 2010. Modbus/DNP3 State-Based Intrusion Detection System. In 2010 24th IEEE International Conference on Advanced Information Networking and Applications . 729--736. Google ScholarDigital Library
- Hamid Reza Ghaeini, Daniele Antonioli, Ferdinand Brasser, Ahmad-Reza Sadeghi, and Nils Ole Tippenhauer. 2018. State-Aware Anomaly Detection for Industrial Control Systems. In The 33rd ACM/SIGAPP Symposium On Applied Computing (SAC) . Google ScholarDigital Library
- Dina Hadvziosmanović , Robin Sommer, Emmanuele Zambon, and Pieter H. Hartel. 2014. Through the Eye of the PLC: Semantic Security Monitoring for Industrial Processes. In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC '14). ACM, New York, NY, USA, 126--135. Google ScholarDigital Library
- William Jardine, Sylvain Frey, Benjamin Green, and Awais Rashid. 2016. SENAMI: Selective Non-Invasive Active Monitoring for ICS Intrusion Detection. In Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC '16). ACM, New York, NY, USA, 23--34. Google ScholarDigital Library
- Henning Kagermann, Wolfgang Wahlster, and Johannes Helbig. 2013. Recommendations for Implementing the Strategic Initiative INDUSTRIE 4.0 -- Securing the Future of German Manufacturing Industry . Final Report of the Industrie 4.0 Working Group. acatech -- National Academy of Science and Engineering, München.Google Scholar
- M. Krotofil and D. Gollmann. 2013. Industrial control systems security: What is happening?. In 2013 11th IEEE International Conference on Industrial Informatics (INDIN). 670--675.Google Scholar
- Leslie Lamport. 1998. The Part-time Parliament. ACM Trans. Comput. Syst. , Vol. 16, 2 (May 1998), 133--169. Google ScholarDigital Library
- Bob Lantz, Brandon Heller, and Nick McKeown. 2010. A Network in a Laptop: Rapid Prototyping for Software-defined Networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks (Hotnets-IX). ACM, New York, NY, USA, Article 19, bibinfonumpages6 pages. Google ScholarDigital Library
- D. G. Luenberger. 1964. Observing the State of a Linear System. IEEE Transactions on Military Electronics , Vol. 8, 2 (April 1964), 74--80.Google ScholarCross Ref
- T. Macaulay and B.L. Singer. 2016. Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS .CRC Press. Google ScholarDigital Library
- S. McLaughlin, C. Konstantinou, X. Wang, L. Davi, A. R. Sadeghi, M. Maniatakos, and R. Karri. 2016. The Cybersecurity Landscape in Industrial Control Systems. Proc. IEEE , Vol. 104, 5 (May 2016), 1039--1057.Google ScholarCross Ref
- Bill Miller and Dale Rowe. 2012. A Survey of SCADA and Critical Infrastructure Incidents. In Proceedings of the 1st Annual Conference on Research in Information Technology (RIIT '12). ACM, New York, NY, USA, 51--56. Google ScholarDigital Library
- Robert Mitchell and Ing-Ray Chen. 2014. A Survey of Intrusion Detection Techniques for Cyber-physical Systems. ACM Comput. Surv. , Vol. 46, 4, Article 55 (March 2014), bibinfonumpages29 pages. Google ScholarDigital Library
- Andrew Nicholson, Helge Janicke, and Antonio Cau. 2014. Position Paper: Safety and Security Monitoring in ICS/SCADA Systems. In Proceedings of the 2nd International Symposium on ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014). BCS, UK, 61--66. Google ScholarDigital Library
- Jeyasingam Nivethan and Mauricio Papa. 2016. A SCADA Intrusion Detection Framework That Incorporates Process Semantics. In Proceedings of the 11th Annual Cyber and Information Security Research Conference (CISRC '16). ACM, New York, NY, USA, Article 6, bibinfonumpages5 pages. Google ScholarDigital Library
- Roland Rosen, Georg von Wichert, George Lo, and Kurt D. Bettenhausen. 2015. About The Importance of Autonomy and Digital Twins for the Future of Manufacturing. IFAC-PapersOnLine , Vol. 48, 3 (2015), 567 -- 572. 15th IFAC Symposium onInformation Control Problems inManufacturing.Google ScholarCross Ref
- Fred B. Schneider. 1990. Implementing Fault-tolerant Services Using the State Machine Approach: A Tutorial. ACM Comput. Surv. , Vol. 22, 4 (Dec. 1990), 299--319. Google ScholarDigital Library
- Jill Slay and Michael Miller. 2008. Lessons Learned from the Maroochy Water Breach. In Critical Infrastructure Protection , , Eric Goetz and Sujeet Shenoi (Eds.). Springer US, Boston, MA, 73--82.Google Scholar
- Prem Uppuluri and R. Sekar. 2001. Experiences with Specification-Based Intrusion Detection .Springer Berlin Heidelberg, Berlin, Heidelberg, 172--189.Google Scholar
- David I. Urbina, Jairo Giraldo, Alvaro A Cardenas, Junia Valente, Mustafa Faisal, Nils Ole Tippenhauer, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016b. Survey and new directions for physics-based attack detection in control systems . Technical Report. NIST.Google Scholar
- David I. Urbina, Jairo A. Giraldo, Alvaro A. Cardenas, Nils Ole Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016a. Limiting the Impact of Stealthy Attacks on Industrial Control Systems. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, New York, NY, USA, 1092--1105. Google ScholarDigital Library
- Matei Zaharia, Mosharaf Chowdhury, Tathagata Das, Ankur Dave, Justin Ma, Murphy McCauley, Michael J. Franklin, Scott Shenker, and Ion Stoica. 2012. Resilient Distributed Datasets: A Fault-tolerant Abstraction for In-memory Cluster Computing. In Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation (NSDI'12). USENIX Association, Berkeley, CA, USA, 2--2. Google ScholarDigital Library
Index Terms
- A Specification-based State Replication Approach for Digital Twins
Recommendations
Towards Security-Aware Virtual Environments for Digital Twins
CPSS '18: Proceedings of the 4th ACM Workshop on Cyber-Physical System SecurityDigital twins open up new possibilities in terms of monitoring, simulating, optimizing and predicting the state of cyber-physical systems (CPSs). Furthermore, we argue that a fully functional, virtual replica of a CPS can also play an important role in ...
Digital twins: An analysis framework and open issues
AbstractThe concept of twinning an operational physical system with a functional replica is not new, having been practiced in the space sector for over 50 years. Advances in digitalisation have created opportunities to extract data, obtain ...
Highlights- Limitations of existing digital twin literature reviews.
- Functional ...
Capturing Autonomy in its Multiple Facets: A Digital Twin Approach
SAT-CPS '21: Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical SystemsAutonomy has been touted to be a major asset of Cyber-Physical Systems (CPS) and its components. By intertwining non-physical and physical processes they seamlessly integrate interdependent computational and physical components. In this contribution we ...
Comments