Computer Science

Computer Science ›› 2025, Vol. 52 ›› Issue (6A): 240700068-7.doi: 10.11896/jsjkx.240700068

• Information Security • Previous Articles     Next Articles

Study on System Security Testing Method Based on Digital Twin

LI Weifeng1, XIE Jiangping2   

  1. 1 China Flight Test Establishment,Xi’an 710089,China
    2 China Mobile Communications Group Yunnan Co.,Ltd.,Kunming 650228,China
  • Online:2025-06-16 Published:2025-06-12
  • About author:LI Weifeng,born in 1986,master,senior engineer.His main research interests include IoT security,blockchain technology application,risk assessment of classified information systems,and pe-netration testing.

PDF (PC)

39

Abstract: This paper explores a digital twin-based approach for system security testing,aiming to incorporate security design at the early stages of the system lifecycle through digital twins,thereby mitigating potential threats to industrial control systems(ICS).The methodology encompasses preliminary preparations,a four-phase penetration testing process,and report generation,ensuring that vulnerabilities are identified and validated prior to system construction.Leveraging digital twins to simulate system dynamics provides data fidelity for in-depth security analysis.The approach’s effectiveness is validated through simulations of sensor and switch environments,where Modbus TCP/IP protocol vulnerabilities are identified and assessed,leading to recommended improvements.This study offers a novel perspective on ICS security testing,demonstrating the potential of digital twins in security design,and lays a foundation for future system security analysis and testing.

Key words: Digital twin, System testing, Security design, Industrial control system, Security testing

CLC Number: 

  • TN915.5
[1]LI J N.Current Situation and Development Considerations of Industrial Information Security Protection[J].New Industrialization,2021,11(10):118-120,125.
[2]ZHAO Y F,LI F Y,WEI K Y,et al.Research on the Security Monitoring of the Enterprise Side of the Industrial Internet[J].Internet of Things Technology,2021,11(8):18-21,25.
[3]LI P C,WANG H.Structured Risk Analysis under the Development Trend of Informatization of Industrial Control Systems[J].Brand & Standardization,2023(4):184-186,189.
[4]LIU W D,GUO Q J,CHAN Y D,et al.A Review of the Security Development of Industrial Control Systems[J].Information Studies,2021,47(1):1-9,24.
[5]A Historical Review of Cyberattacks by U.S.Intelligence Agencies-Based on the Analysis of Information Disclosed by the Global Cybersecurity Community[J/OL].Industrial Information Security,2023(2):87-93. https://kns.cnki.net/kcms2/article/abstract?v=LY1OVaQjltxZ6SoQA0w0bo7-KLHGkqe5Cvp4YtF_NGhendCbu4px0aJ-2qbknicK7ri-VaW-MWgEpOfY59yAcrDtvxt3teE6Rd_yoO15EZQeG-stOxcQ0fx096qt1iYHjtYSGrxKUz4H1bUNqhUXLgdqYrjAWzRATflxZ7OdSRMzgztkXl1ENA==&uniplatform=NZKPT&language=CHS.
[6]MILLER S,BRUBAKER N,KAPELLMANN Z D,et al.Custom Attack Tools,Detections,and ATT&CK Mapping[EB/OL].[2024-06-16].https://cloud.google.com/blog/topics/threat-intelligence/triton-actor-ttp-profile-custom-attack-tools-detections/.
[7]DIETZM L,ENGLBRECHT,PERNUL G.Enhancing industrial control system forensics using replication-based digital twins[M].Springer Nature Switzerland AG,2021:21-38.
[8]NEGRI E,FUMAGALLI L,MACCHI M,et al.A Review of the Roles of Digital Twin in CPS-Based Production Systems[M].Springer,Cham,2019:291-307.
[9]TAO F,ZHANG H,LIU A,et al.Digital Twin in Industry:State-of-the-Art[J].IEEE Transactions on Industrial Informatics,2018,15(4):2405-2415.
[10]DIETZ M,PERNUL G.Digital Twin:Empowering Enter- prises Towards a System-of-Systems Approach[J].Business & Information Systems Engineering,2020,62(2):179-184.
[11]EKELHARTM E A A.Digital Twins for Cyber-Physical Sys-tems Security:State of the Art and Outlook[M].Springer International,2019:383-412.
[12]BOSCHERT S,HEINRICH C,ROSENA R.Next GenerationDigital Twin[C]//Proceedings of the 12th International Symposium on Tools and Methods of Competitive Engineering.IFAC,2019.
[13]KAUR M J,MISHRA V P,MAHESHWARI A P.The Convergence of Digital Twin,IoT,and Machine Learning:Transforming Data into Action[M].Springer,Cham,2020:3-17.
[14]UHLEMANN T,LEHMANN C,STEINHILPER,et al.TheDigital Twin:Realizing the Cyber-Physical Production System for Industry 4.0[J].Procedia CIRP,2017(61):335-340.
[15]ERUBIO J,ROMAN R,LOPEZ J.Analysis of CybersecurityThreats in Industry 4.0:The Case of Intrusion Detection[M].Springer International Publishing,Cham,2018:119-130.
[16]EKELHART M E A A.Towards Security-Aware Virtual Environments for Digital Twins[C]//Proceedings of the 4th ACM Workshop on Cyber-Physical System Security(CPSS’18).CPSS,2018.
[17]MARIETHERES D,GÜNTHER P.Unleashing the DigitalTwin’s Potential for ICS Security[J].IEEE Security Privacy,2020,18(4):20-27.
[18]REN W,DI L Q,JIANG C Q,et al.Information Security Technology-Security Assurance Evaluation Framework for Information Systems-Part 1:Introduction and General Model:GB/T 20274.1-2023 [S].Beijing:[Publisher not specified],2023.
[19]ABEBE T,LALITHA B.A SCADA testbed for investigatingcyber security vulnerabilities in critical infrastructures[J].Automatic Control and Computer Sciences,2016(50):54-62.
[20]MURILLO A,COMBITA A,LUIS G,et al.A Virtual Environment for Industrial Control Systems:A Nonlinear Use-Case in Attack Detection,Identification,and Response[C]//Proceedings of the 4th Annual Industrial Control System Security Workshop(ICSS’18).ICSS,2018.
[21]KANG E,ADEPU S,JACKSON D,et al.Model-Based Security Analysis of a Water Treatment System[C]//2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems.IEEE,2016.
[22]EKELHART M E A A.Towards Security-Aware Virtual Environments for Digital Twins[C]//Proceedings of the 4th ACM Workshop on Cyber-Physical System Security.CPSS,2018.
[23]DANILCZYK W,SUN Y,HE H,et al.ANGEL:An Intelligent Digital Twin Framework for Microgrid Security[C]//2019 North American Power Symposium.NAPS,2019.
[24]DIETZ M,VIELBERTH M,GÜNTHER P.Integrating Digital Twin Security Simulations in the Security Operations Center[C]//Proceedings of the 15th International Conference on Availability,Reliability and Security(ARES).2020.
[25]ANGIN M A A P.A Digital Twins Approach to Smart Grid Security Testing and Standardization[C]//2020 IEEE InternationalWorkshop on Metrology for Industry 4.0 IoT.IEEE,2020.
[1] TANG Xin, SUN Yufei, WANG Yujue, SHI Min, ZHU Dengming. Three Layer Knowledge Graph Architecture for Industrial Digital Twins [J]. Computer Science, 2024, 51(6A): 230400153-6.
[2] WANG Wentong, ZHANG Zhijun, ZHANG Mingyang. Review of Key Technologies,Research Progress and Applications of Metaverse [J]. Computer Science, 2024, 51(12): 2-11.
[3] SUN Yunhe, WANG Yu, ZHAO Liang, YANG Dongsheng, GUAN Yunchong. Review of Digital Twin Based Satellite Network Mobile Edge Computing [J]. Computer Science, 2024, 51(12): 12-19.
[4] WANG Kewen, ZHANG Weiting, LIAO Peixi. Deterministic Transmission Scheduling Mechanism for Mixed Traffic Flows Towards Digital Twin Networks [J]. Computer Science, 2024, 51(12): 37-45.
[5] MA Zigang, MA Rongkuan, LI Beibei, XIE Yaobin, WEI Qiang, PENG Minwei. SSPN-RA:Security Integration Risk Assessment Method for ICS Based on SS-petri Net [J]. Computer Science, 2024, 51(10): 380-390.
[6] WANG Jing, ZHANG Miao, LIU Yang, LI Haoling, LI Haotian, WANG Bailing, WEI Yuliang. Study on Dual-security Knowledge Graph for Process Industrial Control [J]. Computer Science, 2023, 50(9): 68-74.
[7] ZHAO Mingmin, YANG Qiuhui, HONG Mei, CAI Chuang. Smart Contract Fuzzing Based on Deep Learning and Information Feedback [J]. Computer Science, 2023, 50(9): 117-122.
[8] YANG Yahui, MA Rongkuan, GENG Yangyang, WEI Qiang, JIA Yan. Black-box Fuzzing Method Based on Reverse-engineering for Proprietary Industrial Control Protocol [J]. Computer Science, 2023, 50(4): 323-332.
[9] LI Xiaohuan, CHEN Bitao, KANG Jiawen, YE Jin. Coalition Game-assisted Joint Resource Optimization for Digital Twin-assisted Edge Intelligence [J]. Computer Science, 2023, 50(2): 42-49.
[10] SHANG Yuye, YUAN Jiabin. Task Offloading Method Based on Cloud-Edge-End Cooperation in Deep Space Environment [J]. Computer Science, 2023, 50(2): 80-88.
[11] GUO Xian, WANG Yu-yue, FENG Tao, CAO Lai-cheng, JIANG Yong-bo, ZHANG Di. Blockchain-based Role-Delegation Access Control for Industrial Control System [J]. Computer Science, 2021, 48(9): 306-316.
[12] SUO Yan-feng, WANG Shao-jie, QIN Yu, LI Qiu-xiang, FENG Da-jun and LI Jing-chun. Summary of Security Technology and Application in Industrial Control System [J]. Computer Science, 2018, 45(4): 25-33.
[13] CHEN Ping, LIANG Qi-ming and SUN Wei. System Capability-oriented Approach for Formalized Software Requirements Analysing and Testing [J]. Computer Science, 2017, 44(Z6): 534-538.
[14] TU Ling, MA Yue, CHENG Cheng and ZHOU Yan-hui. Hybrid Protocol Deformation Based Web Security Fuzzy Testing and Utility Evaluation Approach [J]. Computer Science, 2017, 44(5): 141-145.
[15] CHEN Zhuang,HUANG Yong and ZOU Hang. Anomaly Detection of Industrial Control System Based on Outlier Mining [J]. Computer Science, 2014, 41(5): 178-181.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.