Security Considerations when Deploying a Digital Twin

The modern world is connected. Globalization has resulted in industries competing with counterparts in distant locations. Increased competition has led to a drive for efficiency and optimization in the race to remain profitable.

Digital Twins are one of the modern tools of trade available to finetune the manufacturing process for ever greater performance and profit. Today, Digital Twins are used to perform a huge variety of tasks and have entered into exciting new domains, use cases that are relied on every day to perform in a trustworthy manner.

At Irdeto, we recognize the importance of Digital Twins in the industrial space, so we have partnered with expert Digital Twin practitioners, fellow members of the Industrial Internet Consortium to co-author the “Digital Twins for Industrial Applications” white paper.

If you are exploring Digital Twins for the first time, this paper will give you an authoritative, vendor neutral, overview and introduction as you seek to find your way through the very complex connected smart manufacturing ecosystem.

As we get excited about what Digital Twins bring us, we tend to focus on the mechanics of the new optimization or the financial benefits. However, we tend to forget the risks that come from simply being connected.

No matter the nature of the digital twin, what is at stake and valuable is the data on the specific entity being modeled. It is therefore critical that all entities that make up the ecosystem can identify each other using sound cryptographic techniques and protocols. Further the enrolment of each member and their associated cryptographic identity is a critical aspects of system hygiene.

To help ensure the accuracy of any subsequent actions or calculations and the overall security of the system, it is critical that the Twin:

  • Only accepts data from authorized sources.
  • Only sends data to approved destinations.
  • Ensures that the data is not altered during transmission. The most up to date security protocols (such as TLS1.3) are used to secure the transfer of data between all entities in the ecosystem.
  • The data must be stored in a trustworthy manner and protected from being manipulated or deleted except by an authorized or approved person or entity. Data at rest requires the use of different cryptographic techniques, however this space is less standardized. The use of bit-locker (AES-XTS) is sound and widespread but this does not address this issue of authenticity, so the use of HMAC or CMAC is recommended to prevent the alteration of data at rest (even if it is encrypted).

However, by essence, Digital Twins provide some unique security problems.

Often the cryptographic identity of the Digital Twin is tied to the hardware root of trust of the server or environment on which the digital twin operates. This makes it hard to keep track of the provenance of data as the cryptographic identity used is not constant as it changes each time the hardware is exchanged.

Ideally Digital Twins should have their own unique cryptographic identity independent from the platform on which they operate. Irdeto’s Whitebox cryptography is well suited to provide a hardware independent solution to help solve this problem.

The term ‘Digital Twin’ is a very overloaded and hijacked word both in today’s technology and marketing agendas. The types of Digital Twins range from ‘simple’ repositories of telemetry and other run time information to those that contain valuable intellectual property and operate in an insecure environment. Such ‘specialist’ Digital Twins therefore contain valuable intellectual property that requires protection.

Digital twins operate in the wild in real world industrial situations and often in untrustworthy environments. Irdeto’s software Protection technology enables providers of Digital Twin technology to protect the ‘secret sauce’ that sets your solution apart. This can range from analytic techniques to those systems that simulate some important part of the device being twined functionality (sometimes by using software drawn from the source code repository of the device being twined).

These connected systems come under attack for various other reasons. Attackers who wish to alter the functionality of the system (including the Digital Twin) for some nefarious purposes have to understand the system they wish to attack prior to mounting the attack.

Software protection transforms the software being protected, thereby making it much more difficult to understand and far harder to implement stable functional modifications. Software protection is multi-dimensional in that it seeks to address both static and dynamic (or run time) risks.

One of the goals of software protection is to reduce the number of successful attacks by raising the knowledge bar required to implement a successful attack.

We hope that this blog has helped you to think through some more advances security problems and concepts associated with Digital Twins in conjunction with the IIC’s “Digital Twins for Industrial Applications” white paper as you seek to better understand the Digital Twin domain itself. We, at Irdeto, would love to be part of your digital success story whether you are one of the small select band of people who craft Digital Twins or those who consume them.