research-article

A Specification-based State Replication Approach for Digital Twins

Authors:
Matthias Eckhart

TU Wien, Vienna, Austria

TU Wien, Vienna, Austria
View Profile

,
Andreas Ekelhart

SBA Research & JRC TARGET, Vienna, Austria

SBA Research & JRC TARGET, Vienna, Austria
View Profile

CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCyOctober 2018Pages 36–47https://doi.org/10.1145/3264888.3264892

Published:15 January 2018Publication History

CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy

Pages 36–47

ABSTRACT

Digital twins play a key role in realizing the vision of a smart factory. While this concept is often associated with maintenance, optimization, and simulation, digital twins can also be leveraged to enhance the security and safety of cyber-physical systems (CPSs). In particular, digital twins can run in parallel to a CPS, allowing to perform a security and safety analysis during operation without the risk of disrupting live systems. However, replicating states of physical devices within a CPS in functionally equivalent virtual replicas, so that they precisely mirror the internal behavior of their counterparts, is an open research topic. In this paper, we propose a novel state replication approach that first identifies stimuli based on the system's specification and then replicates them in a virtual environment. We believe that replicating states of CPSs is a prerequisite for a multitude of security and safety enhancing features that can be implemented on the basis of digital twins. To demonstrate the feasibility of the specification-based state replication approach, we provide a prototypical implementation and evaluate it in an experimental CPS test bed. The results of this paper show that attacks against CPSs can be successfully detected by leveraging the proposed state replication approach.

References

AutomationML. 2014. Whitepaper: Communication . Technical Report V_1.0.0. AutomationML consortium.Google Scholar
Radhakisan Baheti and Helen Gill. 2011. Cyber-physical systems. The impact of control technology , Vol. 12 (2011), 161--166.Google Scholar
A. Carcano, A. Coletta, M. Guglielmi, M. Masera, I. Nai Fovino, and A. Trombetta. 2011. A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems. IEEE Transactions on Industrial Informatics , Vol. 7, 2 (May 2011), 179--186.Google ScholarCross Ref
Justyna Joanna Chromik, Anne Katharina Ingrid Remke, and Boudewijn R.H.M. Haverkort. 2016. What's under the hood? Improving SCADA security with process awareness .IEEE.Google Scholar
R. Drath, A. Luder, J. Peschke, and L. Hundt. 2008. AutomationML - the glue for seamless automation engineering. In 2008 IEEE International Conference on Emerging Technologies and Factory Automation. 616--623.Google Scholar
David Duggan, Michael Berg, John Dillinger, and Jason Stamp. 2005. Penetration testing of industrial control systems. Sandia National Laboratories (2005).Google Scholar
Matthias Eckhart and Andreas Ekelhart. 2018. Towards Security-Aware Virtual Environments for Digital Twins. In Proceedings of the 4th ACM Workshop on Cyber-Physical System Security (CPSS '18). ACM, New York, NY, USA, 61--72. Google ScholarDigital Library
Manuel Egele, Theodoor Scholte, Engin Kirda, and Christopher Kruegel. 2008. A Survey on Automated Dynamic Malware-analysis Techniques and Tools. ACM Comput. Surv. , Vol. 44, 2, Article 6 (March 2008), bibinfonumpages42 pages. Google ScholarDigital Library
R. R. Fontes, S. Afzal, S. H. B. Brito, M. A. S. Santos, and C. E. Rothenberg. 2015. Mininet-WiFi: Emulating software-defined wireless networks. In 2015 11th International Conference on Network and Service Management (CNSM). 384--389. Google ScholarDigital Library
I. N. Fovino, A. Carcano, T. D. L. Murel, A. Trombetta, and M. Masera. 2010. Modbus/DNP3 State-Based Intrusion Detection System. In 2010 24th IEEE International Conference on Advanced Information Networking and Applications . 729--736. Google ScholarDigital Library
Hamid Reza Ghaeini, Daniele Antonioli, Ferdinand Brasser, Ahmad-Reza Sadeghi, and Nils Ole Tippenhauer. 2018. State-Aware Anomaly Detection for Industrial Control Systems. In The 33rd ACM/SIGAPP Symposium On Applied Computing (SAC) . Google ScholarDigital Library
Dina Hadvziosmanović , Robin Sommer, Emmanuele Zambon, and Pieter H. Hartel. 2014. Through the Eye of the PLC: Semantic Security Monitoring for Industrial Processes. In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC '14). ACM, New York, NY, USA, 126--135. Google ScholarDigital Library
William Jardine, Sylvain Frey, Benjamin Green, and Awais Rashid. 2016. SENAMI: Selective Non-Invasive Active Monitoring for ICS Intrusion Detection. In Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC '16). ACM, New York, NY, USA, 23--34. Google ScholarDigital Library
Henning Kagermann, Wolfgang Wahlster, and Johannes Helbig. 2013. Recommendations for Implementing the Strategic Initiative INDUSTRIE 4.0 -- Securing the Future of German Manufacturing Industry . Final Report of the Industrie 4.0 Working Group. acatech -- National Academy of Science and Engineering, München.Google Scholar
M. Krotofil and D. Gollmann. 2013. Industrial control systems security: What is happening?. In 2013 11th IEEE International Conference on Industrial Informatics (INDIN). 670--675.Google Scholar
Leslie Lamport. 1998. The Part-time Parliament. ACM Trans. Comput. Syst. , Vol. 16, 2 (May 1998), 133--169. Google ScholarDigital Library
Bob Lantz, Brandon Heller, and Nick McKeown. 2010. A Network in a Laptop: Rapid Prototyping for Software-defined Networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks (Hotnets-IX). ACM, New York, NY, USA, Article 19, bibinfonumpages6 pages. Google ScholarDigital Library
D. G. Luenberger. 1964. Observing the State of a Linear System. IEEE Transactions on Military Electronics , Vol. 8, 2 (April 1964), 74--80.Google ScholarCross Ref
T. Macaulay and B.L. Singer. 2016. Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS .CRC Press. Google ScholarDigital Library
S. McLaughlin, C. Konstantinou, X. Wang, L. Davi, A. R. Sadeghi, M. Maniatakos, and R. Karri. 2016. The Cybersecurity Landscape in Industrial Control Systems. Proc. IEEE , Vol. 104, 5 (May 2016), 1039--1057.Google ScholarCross Ref
Bill Miller and Dale Rowe. 2012. A Survey of SCADA and Critical Infrastructure Incidents. In Proceedings of the 1st Annual Conference on Research in Information Technology (RIIT '12). ACM, New York, NY, USA, 51--56. Google ScholarDigital Library
Robert Mitchell and Ing-Ray Chen. 2014. A Survey of Intrusion Detection Techniques for Cyber-physical Systems. ACM Comput. Surv. , Vol. 46, 4, Article 55 (March 2014), bibinfonumpages29 pages. Google ScholarDigital Library
Andrew Nicholson, Helge Janicke, and Antonio Cau. 2014. Position Paper: Safety and Security Monitoring in ICS/SCADA Systems. In Proceedings of the 2nd International Symposium on ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014). BCS, UK, 61--66. Google ScholarDigital Library
Jeyasingam Nivethan and Mauricio Papa. 2016. A SCADA Intrusion Detection Framework That Incorporates Process Semantics. In Proceedings of the 11th Annual Cyber and Information Security Research Conference (CISRC '16). ACM, New York, NY, USA, Article 6, bibinfonumpages5 pages. Google ScholarDigital Library
Roland Rosen, Georg von Wichert, George Lo, and Kurt D. Bettenhausen. 2015. About The Importance of Autonomy and Digital Twins for the Future of Manufacturing. IFAC-PapersOnLine , Vol. 48, 3 (2015), 567 -- 572. 15th IFAC Symposium onInformation Control Problems inManufacturing.Google ScholarCross Ref
Fred B. Schneider. 1990. Implementing Fault-tolerant Services Using the State Machine Approach: A Tutorial. ACM Comput. Surv. , Vol. 22, 4 (Dec. 1990), 299--319. Google ScholarDigital Library
Jill Slay and Michael Miller. 2008. Lessons Learned from the Maroochy Water Breach. In Critical Infrastructure Protection , , Eric Goetz and Sujeet Shenoi (Eds.). Springer US, Boston, MA, 73--82.Google Scholar
Prem Uppuluri and R. Sekar. 2001. Experiences with Specification-Based Intrusion Detection .Springer Berlin Heidelberg, Berlin, Heidelberg, 172--189.Google Scholar
David I. Urbina, Jairo Giraldo, Alvaro A Cardenas, Junia Valente, Mustafa Faisal, Nils Ole Tippenhauer, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016b. Survey and new directions for physics-based attack detection in control systems . Technical Report. NIST.Google Scholar
David I. Urbina, Jairo A. Giraldo, Alvaro A. Cardenas, Nils Ole Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016a. Limiting the Impact of Stealthy Attacks on Industrial Control Systems. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, New York, NY, USA, 1092--1105. Google ScholarDigital Library
Matei Zaharia, Mosharaf Chowdhury, Tathagata Das, Ankur Dave, Justin Ma, Murphy McCauley, Michael J. Franklin, Scott Shenker, and Ion Stoica. 2012. Resilient Distributed Datasets: A Fault-tolerant Abstraction for In-memory Cluster Computing. In Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation (NSDI'12). USENIX Association, Berkeley, CA, USA, 2--2. Google ScholarDigital Library

Index Terms

A Specification-based State Replication Approach for Digital Twins
1. Computer systems organization
  1. Embedded and cyber-physical systems
2. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems

Recommendations

Towards Security-Aware Virtual Environments for Digital Twins
CPSS '18: Proceedings of the 4th ACM Workshop on Cyber-Physical System Security

Digital twins open up new possibilities in terms of monitoring, simulating, optimizing and predicting the state of cyber-physical systems (CPSs). Furthermore, we argue that a fully functional, virtual replica of a CPS can also play an important role in ...
Read More
Digital twins: An analysis framework and open issues
Abstract
The concept of twinning an operational physical system with a functional replica is not new, having been practiced in the space sector for over 50 years. Advances in digitalisation have created opportunities to extract data, obtain ...
Highlights
- Limitations of existing digital twin literature reviews.
- Functional ...
Read More
Capturing Autonomy in its Multiple Facets: A Digital Twin Approach
SAT-CPS '21: Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems

Autonomy has been touted to be a major asset of Cyber-Physical Systems (CPS) and its components. By intertwining non-physical and physical processes they seamlessly integrate interdependent computational and physical components. In this contribution we ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy
October 2018
114 pages
ISBN:9781450359924
DOI:10.1145/3264888
General Chairs:
David Lie
University of Toronto, Canada
,
Mohammad Mannan
Concordia University, Canada
,
Program Chairs:
Awais Rashid
University of Bristol, UK
,
Nils Ole Tippenhaeur
CISPA Helmholtz-Zentrum I.G., Saarbrücken, Germany
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 15 January 2018
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
automationml
cyber-physical systems
digital twin
industrial control systems
intrusion detection systems
state replication
Qualifiers
- research-article
Conference

Acceptance Rates
CPS-SPC '18 Paper Acceptance Rate22of10submissions,220%Overall Acceptance Rate53of66submissions,80%
More
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 47
  Total Citations
  View Citations
- 923
  Total Downloads
- Downloads (Last 12 months)141
- Downloads (Last 6 weeks)7
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A Specification-based State Replication Approach for Digital Twins

CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy

ABSTRACT

References

Cited By

Index Terms

Recommendations

Towards Security-Aware Virtual Environments for Digital Twins

Digital twins: An analysis framework and open issues

Capturing Autonomy in its Multiple Facets: A Digital Twin Approach