Digital Twins and the Future of their Use Enabling Shift Left and Shift Right Cybersecurity Operations

TL;DR

This paper envisions Security Digital Twins (SDTs) that leverage real-time data and the Shift Left/Right paradigm to enhance cybersecurity in critical cyber-physical systems, addressing future challenges in data reliability and threat detection.

Contribution

It introduces the concept of SDTs with a Shift Left and Shift Right framework, integrating virtual components and data fusion for proactive and reactive cybersecurity operations.

Findings

Proposes a novel SDT design paradigm for cybersecurity.

Highlights the importance of data fusion from virtual CPS components.

Discusses operational use cases for SDTs in critical systems.

Abstract

Digital Twins (DTs), optimize operations and monitor performance in Smart Critical Systems (SCS) domains like smart grids and manufacturing. DT-based cybersecurity solutions are in their infancy, lacking a unified strategy to overcome challenges spanning next three to five decades. These challenges include reliable data accessibility from Cyber-Physical Systems (CPS), operating in unpredictable environments. Reliable data sources are pivotal for intelligent cybersecurity operations aided with underlying modeling capabilities across the SCS lifecycle, necessitating a DT. To address these challenges, we propose Security Digital Twins (SDTs) collecting realtime data from CPS, requiring the Shift Left and Shift Right (SLSR) design paradigm for SDT to implement both design time and runtime cybersecurity operations. Incorporating virtual CPS components (VC) in Cloud/Edge, data fusion to SDT models is enabled with high reliability, providing threat insights and enhancing cyber resilience. VC-enabled SDT ensures accurate data feeds for security monitoring for both design and runtime. This design paradigm shift propagates innovative SDT modeling and analytics for securing future critical systems. This vision paper outlines intelligent SDT design through innovative techniques, exploring hybrid intelligence with data-driven and rule-based semantic SDT models. Various operational use cases are discussed for securing smart critical systems through underlying modeling and analytics capabilities.