The complexity of cyberattacks in Cyber-Physical Systems (CPSs) calls for a mechanism that can evaluate critical infrastructures' operational behaviour and security without affecting the operation of live systems. In this regard, Digital Twins (DTs) provide actionable insights through monitoring, simulating, predicting, and optimizing the state of CPSs. Through the use cases, including system testing and training, detecting system misconfigurations, and security testing, DTs strengthen the security of CPSs throughout the product lifecycle. However, such benefits of DTs depend on an assumption about data integrity and security. Data trustworthiness becomes more critical while integrating multiple components among different DTs owned by various stakeholders to provide an aggregated view of the complex physical system. This article envisions a blockchain-based DT framework as Trusted Twins for Securing Cyber-Physical Systems (TTS-CPS). With the automotive industry as a CPS use case, we demonstrate the viability of the TTS-CPS framework in a proof of concept. To utilize reliable system specification data for building the process knowledge of DTs, we ensure the trustworthiness of data-generating sources through integrity checking mechanisms. Additionally, the safety and security rules evaluated during simulation are stored and retrieved from the blockchain, thereby establishing more understanding and confidence in the decisions made by the underlying systems. Finally, we perform formal verification of the TTS-CPS.
翻译:网络-物理系统中网络攻击的复杂性要求建立一种机制,能够评价关键基础设施的业务行为和安全,而不影响实时系统的运作。在这方面,数字双对通过监测、模拟、预测和优化CPS状态提供可操作的洞见。通过使用案例,包括系统测试和培训、发现系统不配置和安全测试,DT加强了CPS整个产品生命周期的安全。然而,DTS的这种好处取决于数据完整性和安全性的假设。数据可靠性变得更加关键,同时将不同利益攸关方拥有的不同DT的多个组成部分整合在一起,以提供复杂的物理系统的综合观点。这一文章设想了一个以块式链为基础的DT框架,作为确保网络-物理系统安全的可靠双对双双双(TTS-CPS-CPS)的利用,我们用CPS工业来证明TTS-CPS框架的可行性。我们利用可靠的系统规格数据化数据化数据化数据化数据化数据来建立过程知识,我们通过安全性安全性安全性安全性规则的升级来进行核查。