A Review of Digital Twins and their Application in Cybersecurity based on Artificial Intelligence

The potential of digital twin technology is yet to be fully realized due to its diversity and untapped potential. Digital twins enable systems' analysis, design, optimization, and evolution to be performed digitally or in conjunction with a cyber-physical approach to improve speed, accuracy, and efficiency over traditional engineering methods. Industry 4.0, factories of the future, and digital twins continue to benefit from the technology and provide enhanced efficiency within existing systems. Due to the lack of information and security standards associated with the transition to cyber digitization, cybercriminals have been able to take advantage of the situation. Access to a digital twin of a product or service is equivalent to threatening the entire collection. There is a robust interaction between digital twins and artificial intelligence tools, which leads to strong interaction between these technologies, so it can be used to improve the cybersecurity of these digital platforms based on their integration with these technologies. This study aims to investigate the role of artificial intelligence in providing cybersecurity for digital twin versions of various industries, as well as the risks associated with these versions. In addition, this research serves as a road map for researchers and others interested in cybersecurity and digital security.Comment: 60 pages, 8 Figures, 15 Table

Współczesny wielowarstwowy krajobraz cyberbezpieczeństwa i pojawiające się nano-zagrożenia. Przegląd

Presented article attempts to identify the key node located in the three-tier model of cyberspace, the node which is characterized by the greatest potential impact on the other elements essential for the functioning of the whole network, especially in the securitycontext. Based on the network analysis, it was proposed to place the ‘persona’ in the center of interest, in other words the human factor. In this way – regardless of the future direction of the further development of artificial intelligence – an individual adversaryis able to dispose the historically unprecedented ability to put an impact on the critical and – potentially – military infrastructure of the state. Thus, individual digitally-skilled person is capable of destabilizing the post-industrial society not only in the context of network/computer security, but also physical security (through the cyber-physical systems)

Co-design of Security Aware Power System Distribution Architecture as Cyber Physical System

The modern smart grid would involve deep integration between measurement nodes, communication systems, artificial intelligence, power electronics and distributed resources. On one hand, this type of integration can dramatically improve the grid performance and efficiency, but on the other, it can also introduce new types of vulnerabilities to the grid. To obtain the best performance, while minimizing the risk of vulnerabilities, the physical power system must be designed as a security aware system. In this dissertation, an interoperability and communication framework for microgrid control and Cyber Physical system enhancements is designed and implemented taking into account cyber and physical security aspects. The proposed data-centric interoperability layer provides a common data bus and a resilient control network for seamless integration of distributed energy resources. In addition, a synchronized measurement network and advanced metering infrastructure were developed to provide real-time monitoring for active distribution networks. A hybrid hardware/software testbed environment was developed to represent the smart grid as a cyber-physical system through hardware and software in the loop simulation methods. In addition it provides a flexible interface for remote integration and experimentation of attack scenarios. The work in this dissertation utilizes communication technologies to enhance the performance of the DC microgrids and distribution networks by extending the application of the GPS synchronization to the DC Networks. GPS synchronization allows the operation of distributed DC-DC converters as an interleaved converters system. Along with the GPS synchronization, carrier extraction synchronization technique was developed to improve the system’s security and reliability in the case of GPS signal spoofing or jamming. To improve the integration of the microgrid with the utility system, new synchronization and islanding detection algorithms were developed. The developed algorithms overcome the problem of SCADA and PMU based islanding detection methods such as communication failure and frequency stability. In addition, a real-time energy management system with online optimization was developed to manage the energy resources within the microgrid. The security and privacy were also addressed in both the cyber and physical levels. For the physical design, two techniques were developed to address the physical privacy issues by changing the current and electromagnetic signature. For the cyber level, a security mechanism for IEC 61850 GOOSE messages was developed to address the security shortcomings in the standard

Cybersecurity Awareness Platform with Virtual Coach and Automated Challenge Assessment

Over the last years, the number of cyber-attacks on industrial control systems has been steadily increasing. Among several factors, proper software development plays a vital role in keeping these systems secure. To achieve secure software, developers need to be aware of secure coding guidelines and secure coding best practices. This work presents a platform geared towards software developers in the industry that aims to increase awareness of secure software development. The authors also introduce an interactive game component, a virtual coach, which implements a simple artificial intelligence engine based on the laddering technique for interviews. Through a survey, a preliminary evaluation of the implemented artifact with real-world players (from academia and industry) shows a positive acceptance of the developed platform. Furthermore, the players agree that the platform is adequate for training their secure coding skills. The impact of our work is to introduce a new automatic challenge evaluation method together with a virtual coach to improve existing cybersecurity awareness training programs. These training workshops can be easily held remotely or off-line.Comment: Preprint accepted for publication at the 6th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS 2020

Resilient power grid for smart city

Modern power grid has a fundamental role in the operation of smart cities. However, high impact low probability extreme events bring severe challenges to the security of urban power grid. With an increasing focus on these threats, the resilience of urban power grid has become a prior topic for a modern smart city. A resilient power grid can resist, adapt to, and timely recover from disruptions. It has four characteristics, namely anticipation, absorption, adaptation, and recovery. This paper aims to systematically investigate the development of resilient power grid for smart city. Firstly, this paper makes a review on the high impact low probability extreme events categories that influence power grid, which can be divided into extreme weather and natural disaster, human-made malicious attacks, and social crisis. Then, resilience evaluation frameworks and quantification metrics are discussed. In addition, various existing resilience enhancement strategies, which are based on microgrids, active distribution networks, integrated and multi energy systems, distributed energy resources and flexible resources, cyber-physical systems, and some resilience enhancement methods, including probabilistic forecasting and analysis, artificial intelligence driven methods, and other cutting-edge technologies are summarized. Finally, this paper presents some further possible directions and developments for urban power grid resilience research, which focus on power-electronized urban distribution network, flexible distributed resource aggregation, cyber-physical-social systems, multi-energy systems, intelligent electrical transportation and artificial intelligence and Big Data technology

Autonomic computing architecture for SCADA cyber security

Cognitive computing relates to intelligent computing platforms that are based on the disciplines of artificial intelligence, machine learning, and other innovative technologies. These technologies can be used to design systems that mimic the human brain to learn about their environment and can autonomously predict an impending anomalous situation. IBM first used the term ‘Autonomic Computing’ in 2001 to combat the looming complexity crisis (Ganek and Corbi, 2003). The concept has been inspired by the human biological autonomic system. An autonomic system is self-healing, self-regulating, self-optimising and self-protecting (Ganek and Corbi, 2003). Therefore, the system should be able to protect itself against both malicious attacks and unintended mistakes by the operator

Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture