Biblio

With the increasing number of distributed energy sources and the growing demand for free exchange of energy, Energy internet (EI) is confronted with great challenges of persistent connection, stable transmission, real-time interaction, and security. The new definition of metaverse in the EI field is proposed as a potential solution for these challenges by establishing a massive and comprehensive fusion 3D network, which can be considered as the advanced stage of EI. The main characteristics of the metaverse such as reality to virtualization, interaction, persistence, and immersion are introduced. Specifically, we present the key enabling technologies of the metaverse including virtual reality, artificial intelligence, blockchain, and digital twin. Meanwhile, the potential applications are presented from the perspectives of immersive user experience, virtual power station, management, energy trading, new business, device maintenance. Finally, some challenges of metaverse in EI are concluded.

This contribution provides the implementation of a digital twin-based assistance system to be used in future control rooms. By applying parameter estimation methods, the dynamic model in the digital twin is an accurate representation of the physical system. Therefore, a dynamic security assessment (DSA) that is highly dependent on a correctly parameterized dynamic model, can give more reliable information to a system operator in the control room. The assistance system is studied on the Cigré TB 536 benchmark system with an obscured set of machine parameters. Through the proposed parameter estimation approach the original parameters could be estimated, changing, and increasing the statement of the DSA in regard to imminent instabilities.

We present an online framework for learning and updating security policies in dynamic IT environments. It includes three components: a digital twin of the target system, which continuously collects data and evaluates learned policies; a system identification process, which periodically estimates system models based on the collected data; and a policy learning process that is based on reinforcement learning. To evaluate our framework, we apply it to an intrusion prevention use case that involves a dynamic IT infrastructure. Our results demonstrate that the framework automatically adapts security policies to changes in the IT infrastructure and that it outperforms a state-of-the-art method.

The (IoT) paradigm’s fundamental goal is to massively connect the “smart things” through standardized interfaces, providing a variety of smart services. Cyber-Physical Systems (CPS) include both physical and cyber components and can apply to various application domains (smart grid, smart transportation, smart manufacturing, etc.). The Digital Twin (DT) is a cyber clone of physical objects (things), which will be an essential component in CPS. This paper designs a systematic taxonomy to explore different attacks on DT-based CPS and how they affect the system from a four-layer architecture perspective. We present an attack space for DT-based CPS on four layers (i.e., object layer, communication layer, DT layer, and application layer), three attack objects (i.e., confidentiality, integrity, and availability), and attack types combined with strength and knowledge. Furthermore, some selected case studies are conducted to examine attacks on representative DT-based CPS (smart grid, smart transportation, and smart manufacturing). Finally, we propose a defense mechanism called Secured DT Development Life Cycle (SDTDLC) and point out the importance of leveraging other enabling techniques (intrusion detection, blockchain, modeling, simulation, and emulation) to secure DT-based CPS.

With the increasing complexity of the driving environment, more and more attention has been paid to the research on improving the intelligentization of traffic control. Among them, the digital twin-based internet of vehicle can establish a mirror system on the cloud to improve the efficiency of communication between vehicles, provide warning and safety instructions for drivers, avoid driving potential dangers. To ensure the security and effectiveness of data sharing in traffic control, this paper proposes a secure and privacy-preserving scheme for digital twin-based traffic control. Specifically, in the data uploading phase, we employ a group signature with a time-bound keys technique to realize data source authentication with efficient members revocation and privacy protection, which can ensure that data can be securely stored on cloud service providers after it synchronizes to its twin. In the data sharing stage, we employ the secure and efficient attribute-based access control technique to provide flexible and efficient data sharing, in which the parameters of a specific sub-policy can be stored during the first decryption and reused in subsequent data access containing the same sub-policy, thus reducing the computing complexity. Finally, we analyze the security and efficiency of the scheme theoretically.

Data are the basis in Digital Twin (DT) to set up bidirectional mapping between physical and virtual spaces, and realize critical environmental sensing, decision making and execution. Thus, trustworthiness is a necessity in data content as well as data operations. A dual blockchain framework is proposed to realize comprehensive data security in various DT scenarios. It is highly adaptable, scalable, evolvable, and easy to be integrated into Digital Twin Network (DTN) as enhancement.

The power grid is considered to be the most critical piece of infrastructure in the United States because each of the other fifteen critical infrastructures, as defined by the Cyberse-curity and Infrastructure Security Agency (CISA), require the energy sector to properly function. Due the critical nature of the power grid, the ability to detect anomalies in the power grid is of critical importance to prevent power outages, avoid damage to sensitive equipment and to maintain a working power grid. Over the past few decades, the modern power grid has evolved into a large Cyber Physical System (CPS) equipped with wide area monitoring systems (WAMS) and distributed control. As smart technology advances, the power grid continues to be upgraded with high fidelity sensors and measurement devices, such as phasor measurement units (PMUs), that can report the state of the system with a high temporal resolution. However, this influx of data can often become overwhelming to the legacy Supervisory Control and Data Acquisition (SCADA) system, as well as, the power system operator. In this paper, we propose using a deep learning (DL) convolutional neural network (CNN) as a module within the Automatic Network Guardian for ELectrical systems (ANGEL) Digital Twin environment to detect physical faults in a power system. The presented approach uses high fidelity measurement data from the IEEE 9-bus and IEEE 39-bus benchmark power systems to not only detect if there is a fault in the power system but also applies the algorithm to classify which bus contains the fault.

In dynamic control centers, conventional SCADA systems are enhanced with novel assistance functionalities to increase existing monitoring and control capabilities. To achieve this, different key technologies like phasor measurement units (PMU) and Digital Twins (DT) are incorporated, which give rise to new cyber-security challenges. To address these issues, a four-stage threat analysis approach is presented to identify and assess system vulnerabilities for novel dynamic control center architectures. For this, a simplified risk assessment method is proposed, which allows a detailed analysis of the different system vulnerabilities considering various active and passive cyber-attack types. Qualitative results of the threat analysis are presented and discussed for different use cases at the control center and substation level.

Autonomous systems have the potential to accomplish missions more quickly and effectively, while reducing risks to human operators and costs. However, since the use of autonomous systems is still relatively new, there are still a lot of challenges associated with trusting these systems. Without operators in direct control of all actions, there are significant concerns associated with endangering human lives or damaging equipment. For this reason, NATO has issued a challenge seeking to identify ways to improve decision-maker and operator trust when deploying autonomous systems, and de-risk their adoption. This paper presents the proposal of the winning solution to this NATO challenge. It approaches trust as a multi-dimensional concept, by incorporating the four dimensions of human-agent trust establishment in a digital twin context.

Throughout the life cycle of any technical project, the enterprise needs to assess the risks associated with its development, commissioning, operation and decommissioning. This article defines the task of researching risks in relation to the operation of a data storage subsystem in the cloud infrastructure of a geographically distributed company and the tools that are required for this. Analysts point out that, compared to 2018, in 2019 there were 3.5 times more cases of confidential information leaks from storages on unprotected (freely accessible due to incorrect configuration) servers in cloud services. The total number of compromised personal data and payment information records increased 5.4 times compared to 2018 and amounted to more than 8.35 billion records. Moreover, the share of leaks of payment information has decreased, but the percentage of leaks of personal data has grown and accounts for almost 90% of all leaks from cloud storage. On average, each unsecured service identified resulted in 33.7 million personal data records being leaked. Leaks are mainly related to misconfiguration of services and stored resources, as well as human factors. These impacts can be minimized by improving the skills of cloud storage administrators and regularly auditing storage. Despite its seeming insecurity, the cloud is a reliable way of storing data. At the same time, leaks are still occurring. According to Kaspersky Lab, every tenth (11%) data leak from the cloud became possible due to the actions of the provider, while a third of all cyber incidents in the cloud (31% in Russia and 33% in the world) were due to gullibility company employees caught up in social engineering techniques. Minimizing the risks associated with the storage of personal data is one of the main tasks when operating a company's cloud infrastructure.

Cyber-Physical Systems (CPSs) play an increasingly significant role in many critical applications. These valuable applications attract various sophisticated attacks. This paper considers a stealthy estimation attack, which aims to modify the state estimation of the CPSs. The intelligent attackers can learn defense strategies and use clandestine attack strategies to avoid detection. To address the issue, we design a Chi-square detector in a Digital Twin (DT), which is an online digital model of the physical system. We use a Signaling Game with Evidence (SGE) to find the optimal attack and defense strategies. Our analytical results show that the proposed defense strategies can mitigate the impact of the attack on the physical estimation and guarantee the stability of the CPSs. Finally, we use an illustrative application to evaluate the performance of the proposed framework.

Digital twins open up new possibilities in terms of monitoring, simulating, optimizing and predicting the state of cyber-physical systems (CPSs). Furthermore, we argue that a fully functional, virtual replica of a CPS can also play an important role in securing the system. In this work, we present a framework that allows users to create and execute digital twins, closely matching their physical counterparts. We focus on a novel approach to automatically generate the virtual environment from specification, taking advantage of engineering data exchange formats. From a security perspective, an identical (in terms of the system's specification), simulated environment can be freely explored and tested by security professionals, without risking negative impacts on live systems. Going a step further, security modules on top of the framework support security analysts in monitoring the current state of CPSs. We demonstrate the viability of the framework in a proof of concept, including the automated generation of digital twins and the monitoring of security and safety rules.