计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (6A): 240700068-7.doi: 10.11896/jsjkx.240700068

• 信息安全 • 上一篇    下一篇

基于数字孪生的系统安全测试方法研究

李维峰1, 谢江平2   

  1. 1 中国飞行试验研究院 西安 710089
    2 中国移动通信集团云南有限公司 昆明 650228
  • 出版日期:2025-06-16 发布日期:2025-06-12
  • 通讯作者: 李维峰(liweifengmis@aliyun.com)

Study on System Security Testing Method Based on Digital Twin

LI Weifeng1, XIE Jiangping2   

  1. 1 China Flight Test Establishment,Xi’an 710089,China
    2 China Mobile Communications Group Yunnan Co.,Ltd.,Kunming 650228,China
  • Online:2025-06-16 Published:2025-06-12
  • About author:LI Weifeng,born in 1986,master,senior engineer.His main research interests include IoT security,blockchain technology application,risk assessment of classified information systems,and pe-netration testing.

PDF (PC)

38

摘要: 文中探讨了基于数字孪生的系统安全测试方法,旨在通过数字孪生在系统生命周期早期进行安全设计,规避工业控制系统的潜在威胁。所提方法包括初步准备、四阶段渗透测试及报告生成,确保在系统构建前发现并验证漏洞。利用数字孪生模拟系统动态变化,提供数据保真度进行深入安全分析。通过模拟传感器与开关环境来验证所提方法有效性,识别并评估Modbus TCP/IP协议漏洞,提出改进建议。该研究为工业控制系统安全测试提供了新视角,展示了数字孪生在安全设计中的潜力,为未来系统安全分析与测试奠定了基础。

关键词: 数字孪生, 系统测试, 安全设计, 工业控制系统, 安全测试

Abstract: This paper explores a digital twin-based approach for system security testing,aiming to incorporate security design at the early stages of the system lifecycle through digital twins,thereby mitigating potential threats to industrial control systems(ICS).The methodology encompasses preliminary preparations,a four-phase penetration testing process,and report generation,ensuring that vulnerabilities are identified and validated prior to system construction.Leveraging digital twins to simulate system dynamics provides data fidelity for in-depth security analysis.The approach’s effectiveness is validated through simulations of sensor and switch environments,where Modbus TCP/IP protocol vulnerabilities are identified and assessed,leading to recommended improvements.This study offers a novel perspective on ICS security testing,demonstrating the potential of digital twins in security design,and lays a foundation for future system security analysis and testing.

Key words: Digital twin, System testing, Security design, Industrial control system, Security testing

中图分类号: 

  • TN915.5
[1]LI J N.Current Situation and Development Considerations of Industrial Information Security Protection[J].New Industrialization,2021,11(10):118-120,125.
[2]ZHAO Y F,LI F Y,WEI K Y,et al.Research on the Security Monitoring of the Enterprise Side of the Industrial Internet[J].Internet of Things Technology,2021,11(8):18-21,25.
[3]LI P C,WANG H.Structured Risk Analysis under the Development Trend of Informatization of Industrial Control Systems[J].Brand & Standardization,2023(4):184-186,189.
[4]LIU W D,GUO Q J,CHAN Y D,et al.A Review of the Security Development of Industrial Control Systems[J].Information Studies,2021,47(1):1-9,24.
[5]A Historical Review of Cyberattacks by U.S.Intelligence Agencies-Based on the Analysis of Information Disclosed by the Global Cybersecurity Community[J/OL].Industrial Information Security,2023(2):87-93. https://kns.cnki.net/kcms2/article/abstract?v=LY1OVaQjltxZ6SoQA0w0bo7-KLHGkqe5Cvp4YtF_NGhendCbu4px0aJ-2qbknicK7ri-VaW-MWgEpOfY59yAcrDtvxt3teE6Rd_yoO15EZQeG-stOxcQ0fx096qt1iYHjtYSGrxKUz4H1bUNqhUXLgdqYrjAWzRATflxZ7OdSRMzgztkXl1ENA==&uniplatform=NZKPT&language=CHS.
[6]MILLER S,BRUBAKER N,KAPELLMANN Z D,et al.Custom Attack Tools,Detections,and ATT&CK Mapping[EB/OL].[2024-06-16].https://cloud.google.com/blog/topics/threat-intelligence/triton-actor-ttp-profile-custom-attack-tools-detections/.
[7]DIETZM L,ENGLBRECHT,PERNUL G.Enhancing industrial control system forensics using replication-based digital twins[M].Springer Nature Switzerland AG,2021:21-38.
[8]NEGRI E,FUMAGALLI L,MACCHI M,et al.A Review of the Roles of Digital Twin in CPS-Based Production Systems[M].Springer,Cham,2019:291-307.
[9]TAO F,ZHANG H,LIU A,et al.Digital Twin in Industry:State-of-the-Art[J].IEEE Transactions on Industrial Informatics,2018,15(4):2405-2415.
[10]DIETZ M,PERNUL G.Digital Twin:Empowering Enter- prises Towards a System-of-Systems Approach[J].Business & Information Systems Engineering,2020,62(2):179-184.
[11]EKELHARTM E A A.Digital Twins for Cyber-Physical Sys-tems Security:State of the Art and Outlook[M].Springer International,2019:383-412.
[12]BOSCHERT S,HEINRICH C,ROSENA R.Next GenerationDigital Twin[C]//Proceedings of the 12th International Symposium on Tools and Methods of Competitive Engineering.IFAC,2019.
[13]KAUR M J,MISHRA V P,MAHESHWARI A P.The Convergence of Digital Twin,IoT,and Machine Learning:Transforming Data into Action[M].Springer,Cham,2020:3-17.
[14]UHLEMANN T,LEHMANN C,STEINHILPER,et al.TheDigital Twin:Realizing the Cyber-Physical Production System for Industry 4.0[J].Procedia CIRP,2017(61):335-340.
[15]ERUBIO J,ROMAN R,LOPEZ J.Analysis of CybersecurityThreats in Industry 4.0:The Case of Intrusion Detection[M].Springer International Publishing,Cham,2018:119-130.
[16]EKELHART M E A A.Towards Security-Aware Virtual Environments for Digital Twins[C]//Proceedings of the 4th ACM Workshop on Cyber-Physical System Security(CPSS’18).CPSS,2018.
[17]MARIETHERES D,GÜNTHER P.Unleashing the DigitalTwin’s Potential for ICS Security[J].IEEE Security Privacy,2020,18(4):20-27.
[18]REN W,DI L Q,JIANG C Q,et al.Information Security Technology-Security Assurance Evaluation Framework for Information Systems-Part 1:Introduction and General Model:GB/T 20274.1-2023 [S].Beijing:[Publisher not specified],2023.
[19]ABEBE T,LALITHA B.A SCADA testbed for investigatingcyber security vulnerabilities in critical infrastructures[J].Automatic Control and Computer Sciences,2016(50):54-62.
[20]MURILLO A,COMBITA A,LUIS G,et al.A Virtual Environment for Industrial Control Systems:A Nonlinear Use-Case in Attack Detection,Identification,and Response[C]//Proceedings of the 4th Annual Industrial Control System Security Workshop(ICSS’18).ICSS,2018.
[21]KANG E,ADEPU S,JACKSON D,et al.Model-Based Security Analysis of a Water Treatment System[C]//2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems.IEEE,2016.
[22]EKELHART M E A A.Towards Security-Aware Virtual Environments for Digital Twins[C]//Proceedings of the 4th ACM Workshop on Cyber-Physical System Security.CPSS,2018.
[23]DANILCZYK W,SUN Y,HE H,et al.ANGEL:An Intelligent Digital Twin Framework for Microgrid Security[C]//2019 North American Power Symposium.NAPS,2019.
[24]DIETZ M,VIELBERTH M,GÜNTHER P.Integrating Digital Twin Security Simulations in the Security Operations Center[C]//Proceedings of the 15th International Conference on Availability,Reliability and Security(ARES).2020.
[25]ANGIN M A A P.A Digital Twins Approach to Smart Grid Security Testing and Standardization[C]//2020 IEEE InternationalWorkshop on Metrology for Industry 4.0 IoT.IEEE,2020.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发