Security of Digital Twins in Manufacturing
Lead Research Organisation:
University of Sheffield
Department Name: Computer Science
Abstract
Increasing productivity in manufacturing is a critical economic goal of the UK government and digitisation has been proposed as the cornerstone of achieving that. The MadeSmarter review makes a case for widespread digitisation across sectors (including manufacturing) and indicates the economic benefits that would accrue to the UK in doing so. It also draws significant attention to the role to be played by so-called Digital Twins.
Gartner has defined a digital twin as "a software design pattern that represents a physical object with the objective of understanding the asset's state, responding to changes, improving business operations and adding value" and describing a DT as "a digital representation of a real-world entity or system." The implementation of a digital twin is an encapsulated software object or model that mirrors a unique physical object, process, organization, person or other abstraction." For advanced manufacturing a DT has been described by the AMRC as "a live digital coupling of the state of a physical asset or process to a virtual representation with a functional output." Functional output here means information sent to a system or human observer that is actionable to deliver value.
There are many views on the precise nature of Twins Twins. Loosely speaking, there is a physical system or sensors, actuators and other assets or entities of which a "digital mirror" is maintained. Essentially, this is some digital model of important aspects of the system. The AMRC definition draws attention to the real-time ("live") nature of Digital Twins in manufacturing. This digital model can serve many purposes, from acting as the vehicle for remote interaction with the system by its operators (and remote operation has acquired a new importance in the light of the need to develop resilience to pandemics) to being the prmiary reference model over which intrusions are detected. Digital Twins have been identified by Gartner as one of the major technologies of our time.
Since Digital Twins are perceived as fundamental to value generation by systems so it is no surprise that their security has arisen as a problem. They may encapsulate important IPR and provide the most up to reference for the system's state. That information itself may be confidential and its integrity is critical to the effectiveness of a system to deliver ts business goals.
Understanding of the security of Digital Twins is limited. There has hardly been any reseach in this area. In this proposal we advance a wide-ranging initial programme of work that will engage stakeholders and lead eventually to a comprehensive understanding of security priorities concerning Digital Twins. Our programme mixes concrete research with engagement and roadmapping. It fuses the use of formal mathematic approaches to specification of systems and proofs of their properties, through to exploiting machine learning to detect intrusions. Our proposal also brings to bear expertise in manufacturing, robtics and control engineering. It is significantly interdisciplinary.
At its conclusion we will have a community aware of the risks of Digital Twins and with a fully informed sense of priorities for research and innovation. We will initiate new areas of research but also seek to understand the potential for cross-pollination and transfer of research insights from other domains.
Gartner has defined a digital twin as "a software design pattern that represents a physical object with the objective of understanding the asset's state, responding to changes, improving business operations and adding value" and describing a DT as "a digital representation of a real-world entity or system." The implementation of a digital twin is an encapsulated software object or model that mirrors a unique physical object, process, organization, person or other abstraction." For advanced manufacturing a DT has been described by the AMRC as "a live digital coupling of the state of a physical asset or process to a virtual representation with a functional output." Functional output here means information sent to a system or human observer that is actionable to deliver value.
There are many views on the precise nature of Twins Twins. Loosely speaking, there is a physical system or sensors, actuators and other assets or entities of which a "digital mirror" is maintained. Essentially, this is some digital model of important aspects of the system. The AMRC definition draws attention to the real-time ("live") nature of Digital Twins in manufacturing. This digital model can serve many purposes, from acting as the vehicle for remote interaction with the system by its operators (and remote operation has acquired a new importance in the light of the need to develop resilience to pandemics) to being the prmiary reference model over which intrusions are detected. Digital Twins have been identified by Gartner as one of the major technologies of our time.
Since Digital Twins are perceived as fundamental to value generation by systems so it is no surprise that their security has arisen as a problem. They may encapsulate important IPR and provide the most up to reference for the system's state. That information itself may be confidential and its integrity is critical to the effectiveness of a system to deliver ts business goals.
Understanding of the security of Digital Twins is limited. There has hardly been any reseach in this area. In this proposal we advance a wide-ranging initial programme of work that will engage stakeholders and lead eventually to a comprehensive understanding of security priorities concerning Digital Twins. Our programme mixes concrete research with engagement and roadmapping. It fuses the use of formal mathematic approaches to specification of systems and proofs of their properties, through to exploiting machine learning to detect intrusions. Our proposal also brings to bear expertise in manufacturing, robtics and control engineering. It is significantly interdisciplinary.
At its conclusion we will have a community aware of the risks of Digital Twins and with a fully informed sense of priorities for research and innovation. We will initiate new areas of research but also seek to understand the potential for cross-pollination and transfer of research insights from other domains.
Organisations
Publications
Das S
(2024)
AIDPS: Adaptive Intrusion Detection and Prevention System for Underwater Acoustic Sensor Networks
in IEEE/ACM Transactions on Networking
Gope P
(2021)
A Privacy-Aware Reconfigurable Authenticated Key Exchange Scheme for Secure Communication in Smart Grids
in IEEE Transactions on Smart Grid
Pasikhani A
(2022)
Adversarial RL-Based IDS for Evolving Data Environment in 6LoWPAN
in IEEE Transactions on Information Forensics and Security
Patel C
(2024)
User-empowered secure privacy-preserving authentication scheme for Digital Twin
in Computers & Security
Verma G
(2022)
CB-DA: Lightweight and Escrow-Free Certificate-Based Data Aggregation for Smart Grid
in IEEE Transactions on Dependable and Secure Computing
Wang W
(2024)
An AI-Driven Secure and Intelligent Robotic Delivery System
in IEEE Transactions on Engineering Management
| Description | [1] Digital Twin (DT) is a revolutionary technology changing how a smart manufacturing industry carries out its day-to-day activities. DT can provide numerous advantages such as real-time synchronised functioning, monitoring and data analysis. However, security and privacy issues in DT have not been thoroughly investigated. One of our papers "A user-empowerment-based privacy-preserving authentication protocol for a cloud-based Digital Twin using a Decentralised Identifier (DID) and Verifiable Credential (VC)" leverages user empowerment to provide full control to users over their identities, and with the help of VC, users can prove their authenticity and preserve their privacy. We have addressed some fundamental problems such as usability and auditability of existing approaches. Our approach allows engagers with the DT to be excluded where this is thought necessary (a concept generally referred to as revocation). A security analysis of the proposed scheme shows that it is secured against significant security threats. With the help of performance analysis, we prove that the proposed work effectively ensures security and privacy in DT. [2] Secure and timely communication between distributively interconnected entities and infrastructures of an Industrial Internet of Things (IIoT) system hinge on low latency data exchange and accurate time synchronisation within networks. However, temperature-induced clock drift in connected industry facilities constitutes a fundamental challenge for conventional synchronisation techniques due to dynamic industrial environments. Synchronisation plays a vital role in making the states of digital twins consistent with those of their physical counterparts. Therefore any attack on synchronisation may cause inconsistency between physical objects and their digital replica. In a paper to submitted by the end of March 2025 (the final current month of the project and the month of this entry) , we first propose a six-dimensional system model for the DT followed by a new type of synchronisation attack over the DT. We call this a "State synchronisation attack", where an adversary may try to disrupt state synchronisation by engaging in a Low-rate Denial of Service (LDoS) attack, or strategically deviating from physical entities' states. The adversary aims to hinder the reliability of time information exchange, leading to deteriorated state synchronisation performance in terms of synchronisation accuracy and network resource consumption. Subsequently, we propose a Digital Twin (DT) enabled Machine Learning (ML)-based intrusion detection system to detect synchronisation attacks against the DT. In this regard, we provide an in-depth analysis of the effectiveness and efficiency of the proposed scheme in terms of accuracy, false positives, false negatives and energy overhead. Our experimental outcomes show that our proposed scheme adequately detects and prevents synchronisation attacks. We think this is highly original and the most significant application of machine learning to system stressing in the context of DTs. [3] Digital Twins (DT) play a critical role in real-time monitoring and synchronising digital and cyber-physical systems in manufacturing environments. However, their reliance on security protocols like WPA2/WPA3 for safeguarding Wi-Fi communication and MQTT for managing data exchange exposes these systems to advanced cyber-attacks. In a paper to be submitted to the Journal of Computer Security by the end of March 2025 - "Leveraging Security Vulnerabilities in WPA2 and WPA3 within the Digital Twin Industrial Infrastructure": Soumadeep Das, Prosanta Gope, and John A Clark) - we investigate how AI-enabled adversaries exploit these vulnerabilities to compromise the availability of DT services. Leveraging passive network reconnaissance techniques, we extract metadata from encrypted communications, utilise machine learning algorithms to model and benchmark MQTT communication and execute low-rate de-authentication attacks to degrade the Quality of Service (QoS) of DT systems. Our experiments, conducted on the Advanced Manufacturing Research Centre (AMRC) robotic arms testbed with 21 interconnected nodes, reveal up to 9.3% QoS degradation and critical protocol vulnerabilities. Our findings emphasise the pressing need for stronger security measures in designing DT infrastructures to mitigate the risks posed by these advanced threats. [4] Another strand of work has engaged the AMRC (part of the High Value Manufacturing Catapult) and is concerned with a 'cobot' demonstrator.. So far we have: - Identified key cobot security threats, generated a threat catalogue for this case study - Mapped security threats to the OSI model, defining how vulnerabilities affect different layers to assist with development of security rules and logging requirements - Defined preliminary safety and security rules for behavioural hazard detection in the industrial demonstrator process - Extended the RAS SF assurance case to include security claims and alignment with existing safety structure This is a significant industrial demonstrator on model security for a critical class of system. Will produce further paper cover the next year or so. Progress will depend on whether a sought extension is granted. |
| Exploitation Route | The ML aspects can be taken further, either with more advanced ML, or by attempting case studies on different systems. This applies to both attack and defensive aspects. Work on integration of security and safety aspects in robots and their models (as part of a demonstrator at the AMRC) will likely find its way into practice. We will engage in further discussion at the end of this award. We intend to pursue further opportunities in the Defence Sector in the moderately near-term. |
| Sectors | Aerospace Defence and Marine Digital/Communication/Information Technologies (including Software) Manufacturing including Industrial Biotechology |
| Title | IoT based test environment for Digital Twin Security Assessment |
| Description | This is still being developed. We will alter this to a full description when the work is complete. We have developed an IoT based development environment that allows us to run a robot over the net with feedback to a digital twin being maintained. This will allows us to carry out various forms of attacks and to collect data from such attacks via the digita twin. This will allow us to instantiate a digital twin based intrusion detection system, allowing various attacks to be detected. It also allows us to execute attacks in a controlled environment. (We cannot carry out attacks in a live networking environment. ) |
| Type Of Material | Improvements to research infrastructure |
| Year Produced | 2024 |
| Provided To Others? | No |
| Impact | [Is the 120000 char limit erroneous?] This is basically a reseearch enabler. As indicated above it allows us to attack a system in a controlled environment. It is being used for that purposes right now. It is not publically available since it requires access to our internal resources. The principal wider benefit will arise from teh research outputs it enable.s |
| Title | Threat Modeling Approacch |
| Description | We may change where this appears in the final write up. We are developing a threat model for digital twins that seeks to bring threat analysis for digital twins right up to date. We are firstly defining the threat modelling approach, drawing on extant frameworks, e.g. MIT's ATAK and also the 5D IoT model. We are investigating possible tool support for using the technique. This is not yet certain. The primary goal short term will be to publish the threat model and analysis approach. If developing tool support looks feasible in the period then we will leave it as infrastructure enhancement and report it fully here. Otherwise, the work will be primarily reported under research outputs. [Is 120000 char limit an error?] |
| Type Of Material | Improvements to research infrastructure |
| Year Produced | 2023 |
| Provided To Others? | No |
| Impact | None as yet. We are still refinng and writing up. |