A digital twin is a virtual representation or model of a real-world object, process or system that is informed by real time data. These integrated digital environments utilize both cutting age technology and human creativity. As a highly nuanced virtual model rooted in and responsive to real-time changes and developments, a digital twin “is used to digitally represent performance, identify inefficiencies, and design solutions to improve their physical counterparts.” What differentiates digital twins from simulations is the ability “to duplicate real-world assets,” with very specific, dynamic and therefore more accurate data, while simulations are exclusively virtual environments that receive no live time data or input from external sources. Utilizing AI and machine learning, digital twins have predictive abilities that make them better able to “forecast more accurate outcomes” than a simulation essentially operating as an abstraction.
With the input of accurate, real time and historical data, digital twins can be useful across a variety of sectors and industries, testing capabilities and vulnerabilities in cars, planes, hearts, medical devices, supply lines and more. On the military side, the ability to receive up to the minute information during military operations impacts the military’s ability to shift strategy if needed.
Digital twins are also not new in the space industry, making possible a constant monitoring of the landscape of outer space, which can help determine crucial timings for a vessel’s reentry into space. The most famous example is NASA’s Apollo 13 mission that was saved by an early digital twin, which was able to “diagnose, and solve” the problem of a failing physical asset 200,000 miles away.
There’s no doubt that building a digital twin has clear benefits in terms of strengthening the role and power of the United States in the realm of cyberspace diplomacy, which is increasingly important in a world where “adversarial nations work to use their own internet and telecom standards bodies to push what officials view as dangerous agendas that create geopolitical instability and plant seeds for cyberattacks.” While it’s possible that the use of a digital twin might preempt a hack or security breach, the challenge is to ensure that this model itself is secure. For example, in the military context, if a malicious actor gained access to the digital twin, they could have access to highly sensitive data, a breach with potentially disastrous consequences.
Because “cyberattacks remain a real time, war time tactic,” building coalitions with nation states will become even more important, which calls for more specific guidelines (and trained cybersecurity professionals) to stay on top of developments in this rapidly advancing area of growth in the field of cybersecurity.
A recent article by McKinsey and Company leads with this question: “What would you do if you had a copy of yourself?” The stakes are high when the answer to this applies to who has access to patient medical information, which in turn impacts delivery of care as well as treatment protocols and strategies. Creative product development leaders are increasingly enthusiastic about digital twins. McKinsey analysis indicates the global market for digital-twin technology will grow about 60 percent annually over the next five years, reaching $73.5 billion by 2027.
With the technological capabilities to collect highly accurate health data, digital twins may be able to predict individual health progressions and disease progressions, impacting the course and quality of an individual’s care. Using what is essentially a medical fingerprint of a patient’s current health status and/or health prognosis, medical professionals are in a better position to create “dynamic” solutions and refine unique and specific strategies for disease treatment or prevention. The innovative function of a digital twin could revolutionize medical care, making the delivery of care more cost effective and – given the very specific nature of the data - more likely to generate positive health outcomes for patients. Digital twins may hold the key to truly personalized medical care that people in rural areas could access as easily as those in urban centers. The cyber vulnerabilities are clear: because the information is so patient-specific and sensitive, any leak, hack, or malevolent alteration of personal data could have serious consequences for both patients and medical facilities and providers alike.
Currently, acquiring sufficient data is one of the main challenges faced by the medical industry in creating functional digital twins. In 2018, the U.S. National Institutes of Health gathered data from at least 1 million individuals to “create one of the largest and most diverse datasets on health and genomics.” Healthcare is clearly a global growth area for the application of digital twins.
A digital twin’s ability to replicate and dynamically respond to live time data provides a concrete, “live” link between the digital universe and the physical world and creates clear opportunities for many industries. Architects can use digital twins to enhance building transparency and efficiency, from the earliest stages of development, and create aesthetics and interactive components to buildings, using technology to make them, in fact, more integrated and “smart” about the physical world in which they stand.
Digital twins are used by engineers, architects, and facility managers to model situations, forecast results, and guide decision-making. They can test various design configurations and evaluate the effects of modifications. Additionally, they can optimize the building's performance in real-time by gaining access to this virtual duplicate.
Another field that exemplifies the viability of a digital twin is how it allows software developers to test vulnerabilities on a digital system before being utilized on the actual physical system. This improves testing and optimization. Instead of relying solely on theoretical models or physical prototypes, developers can create digital twins of software systems to mimic real-world usage. This allows for the testing of edge cases, identification of potential bugs, and optimization of performance metrics before actual deployment.
The American Society of Mechanical Engineers (ASME) reports that digital twins, while sharing the same vulnerabilities as other innovative technologies, carry the additional risk of true interface with the outside world. Current “cybersecurity hygiene” often includes relying on IoT devices to maintain systems and networks, but this isn’t sufficient in the case of digital twins. “Many IoT devices are vulnerable to attacks from entities ranging from bot nets to malware,” according to this report. “Because security is an afterthought for many IoT devices, it then falls to the security of the manufacturing network to protect digital twins.”
Digital twins are an exciting innovation, allowing data to flow back and forth between the digital landscape and the physical environment and they create a truly dynamic portal between worlds. Establishing the security of that link is therefore vital and should be the first item on the agenda in terms of cybersecurity. According to ASME, “Protecting your digital twin is as important as protecting the physical manufacturing line.”
When the digital twin of a system is created, the potential attack surface effectively doubles—adversaries can go after the systems themselves or attack the digital twin of that system.
Sometimes, when the underlying systems are not readily accessible from the outside, a digital twin can expose previously hidden parts of the enterprise. For example, in the past, a power supply in a data center might have only been accessible by a technician who is physically at a near-by control terminal. A digital twin of that infrastructure could allow the technician to monitor the device remotely—and “so could a hacker if they managed to get access.”
However, best practices can ensure that digital twins are as safe or safer than their physical counterparts. This includes a little pre-planning including having cybersecurity experts on the deployment team, following basic cybersecurity hygiene (knowing that this is always changing), and adopting zero-trust principles while minimizing risk and aligning with government and industry regulations.
In fact, digital twins aren’t just a security liability for companies. Some enterprises are using them to improve their cybersecurity—as an early-warning system of attack, a honey trap, and as a testing sandbox.
Digital twins can help organizations weed out vulnerabilities in systems by creating virtual clones, or “digital ghosts” to use for security testing. It will recognize that “something is wrong with the system because it won’t act as predicted and won’t match the information flowing from other sensors.” This allows cybersecurity to be enhanced, as the twin sees and reacts to cyber vulnerabilities in a way that mirrors an actual system.
“You can get that reaction in many ways, up to and including having your actual system software or firmware run on your digital twin,” says Kevin Coggins, vice president at consulting firm Booz Allen Hamilton.
At CYRIN, we understand digital twins, including the cybersecurity implications. We can create them for enterprise and ICS/OT environments, and we protect them as we would any physical environment. In fact, we can create a number of environments using CYRIN where you can train or test your employees or students. Personnel can be trained or evaluated as individuals or as a team. At the same time, you can use digital twins to help understand software and equipment failure modes, as well as to assess the impact of cyber intrusions — all within a safe, sandboxed environment. It is easy and quick to build systems using the CYRIN Exercise Builder (EB) tool. We can enable security testing as the CYRIN Performance Management system has an agent infrastructure that can launch attacks against the digital twin and monitor it to determine if the attacks have succeeded. Agents are well suited for testing with attack techniques that require more time than is typically available during testing: fuzzing, SQL injection, password cracking, etc.
CYRIN’s digital twin capability includes the ability to create realistic scenarios of enterprise or ICS OT systems. We have the potential to improve software testing using a digital twin. And we can use CYRIN’s digital twin capabilities to increase the readiness of personnel to handle cybersecurity incidents. Ask us about creating a digital twin, we’d be happy to show you how we do it.
If you happen to be at the Hacker Halted conference in Atlanta at the end of October, please stop in and see two friends of CYRIN who will be speaking in Atlanta. Kevin Cardwell, an internationally recognized expert, instructor, and consultant in the cybersecurity field, is expected to speak at the show. Kevin has been associated with CYRIN since the beginning, creating the framework for many of the labs currently in use today and creating his own series of instructional courses on CYRIN. Andrew Amaro, who represents CYRIN in Canada, will also be speaking at the conference. Andrew is a former Technical Operations Agent and Senior Manager of the Counter Terrorism/Proliferation Technology Group at the Canadian Security Intelligence Service (CSIS). If you get the chance, please stop in and see their sessions.