The Adoption of Digital Twin Technology Comes with Cybersecurity Concerns 

By Jeff Schwartzentruber, PhD, CISSP, Sr. Machine Learning Scientist, eSentire

The global digital twin market is expected to grow to $110 billion by 2028 at a CAGR of nearly 61 percent, showing immense interest in this sector.  While the technology itself isn’t new (the concept of a digital twin has been used for years, mostly for product design and simulation by utilizing a data-driven 3D digital companion), most recently, data and advanced analytics have enabled digital twin technology to do more than simply mirror key processes within physical assets. Now a digital twin strategy uses machine learning to predict outcomes based on historical data and algorithms specific to parts and/or whole systems. This has led to the technology’s rapid proliferation into various markets, including the AEC industry.

Digital Twin Definition and Examples

A digital twin is a virtual model of a process, product, production asset, or service. Sensor-enabled and IoT-connected machines and devices, combined with machine learning and advanced analytics can be used to view the “twins” state in real-time and test how various external factors will affect the real-world model. Digital twin technology is extremely valuable as it enables organizations to not only monitor the health of their systems but also simulate the effects of potential changes, leading to improved decision-making, proactive fault detection, and innovative problem-solving strategies. Digital twin technology is extremely useful in the built world as it helps solve various industry-specific challenges, including cost optimization, safety, thorough planning, predictive modeling, and more. 

The Köhlbrand Bridge

Built in 1974, the Köhlbrand Bridge is Germany’s second-longest road bridge as well as one of its busiest. The cable-stayed bridge, which serves around 38,000 vehicles per day, has played a crucial role in the local economy for half a century. The age of the bridge and the amount of daily traffic it supported meant that continuous real-time monitoring was the best way to identify repairs and minimize disruption to traffic. Without this, issues could go undetected and lead to larger problems that could affect the safety and operation of the bridge. The Hamburg Port Authority created a digital twin of the bridge. Over 500 IoT sensors were connected to a digital sensor in the bridge model, providing real-time monitoring and automatically issuing alerts if problems are detected. Additionally, the digital twin “clone bridge” could be put to the test with various stress simulations, allowing the Hamburg Port Authority to test different solutions and scenarios digitally. For an infrastructure asset as essential as the Köhlbrand Bridge, these insights are vital for ensuring safety and minimizing disruption. 

Where There is Data There is Vulnerability

As the market grows and this technology is deployed on more and more projects, security concerns must be taken into consideration. Where two or more vectors of data meet, so does a “window” for bad actors in search of said valuable data. To be successful, a digital twin must be intelligent, collaborative, interactive, immersive, and fully contextual within the OEM’s enterprise—which means feeding it live data. Live data, and its possible leakage, is a real security vulnerability. 

The possibility of cyber-attacks in construction, in part, is amplified by the amount of confidential and proprietary information digitally stored and shared across projects and their long information technology chains. From planning through construction to the operation of a building, there are enormous amounts of data created by multiple stakeholders. Typically, these types of data connections are easily intercepted and its integrity vulnerable to actual modification by bad actors. Infrastructure, financial accounts, as well as the data of employees, projects, and business sensitive information may be at risk. 

For example, on January 30, 2020, French construction behemoth Bouygues announced that threat actors were holding 200GB of data ransom. Earlier, Bird Construction, a large Canadian construction company, suffered a similar ransomware attack in December 2019, where the threat actors were demanding $9,000,000 CAD in exchange for decrypting the 60GB of data they were holding ransom.

As digital twin technology becomes increasingly integrated with critical systems and infrastructure, the data connection between these physical and digital counterparts creates a considerable opportunity for threat actors and can expose significant risk to organizations and the public. 

Cybersecurity Considerations

Construction, design, and architecture companies implementing digital twin technology need to enact some clear cyber security protocols to keep bad actors out and infrastructure safe. 

The external sensors used in digital twins are commonly small computer devices that have network connectivity (e.g. wireless, ethernet, etc.). However, these IoT devices are ‘lightweight,’ relatively cheap, and such purpose-built devices typically sacrifice security for mobility, such as encryption or monitoring. 

Based on the environments in which they are deployed and their inherent vulnerabilities, there are three key cybersecurity considerations to keep in mind when utilizing digital twins:

• Understanding and managing the risks of OT/IoT devices. IoT devices are resource constrained and purpose-built for a specific function such as monitoring temperature, motion, video, etc. The main resource constraint is power, such that they can be easily manufactured to be cheap, reliable and efficient to their specific utility. However, unlike personal computers which have much more computing power and perform a myriad of security functions in the background (e.g. antivirus, encryption, monitoring, etc.), many of these security functions get stripped away for OT/IoT devices so that they can dedicate their computations to their specific function. Of course, this opens up several security vulnerabilities within the devices and, in most cases, “backdoor access” to the broader network on which attackers transverse their access. 
• Data Protection. As mentioned, these lightweight devices sacrifice security measures so that sensors that support digital twins can be deployed en masse and send their data over the network. Depending on the environment in which they are deployed, an attractive solution for data transfer is to use a wireless communication protocol (e.g. wifi, bluetooth, etc.). It is well known, however, that these protocols are overtly susceptible to interception and manipulation. Understanding the vulnerabilities when using these methods for data transfer is essential for security.
• Vulnerabilities of Legacy Systems. Many OT legacy systems were not designed for open, interconnected communication, including many of the existing sensors, actuators, and devices in the OT ecosystem. Connecting these devices directly or via an IoT device to a broader network has many operational advantages such as improved monitoring, remote access control, and fault detection, especially within the realm of digital twins. However, this interface between legacy systems and IoT devices presents several security challenges (e.g. network infiltration via the legacy system, DDoS on the sensor or IoT device, etc.) and may even introduce new vulnerabilities. Assessing the cyber risks associated with retrofitting such systems against their opportunity costs is an important consideration to manage the security concerns. 

An Example: Back to The Köhlbrand Bridge

Before we begin, we must level-set on two fundamental concepts of cyber security: risk assessment and the CIA Triad. Risk assessment allows security practitioners to understand the criticality of systems and prioritize their mitigations, while aligning itself with the mission objective. In the case of the Köhlbrand Bridge, the mission objective of implementing a digital twin was to improve maintenance and while reducing delays—which has obvious safety and economic outcomes. The risk assessment compares the opportunity cost of the modeling capability vs the additional threat exposure of implementing such a digital twin system—which the leadership of the project deemed acceptable. During this risk assessment process, it is of the utmost importance to consider all the potential vulnerabilities introduced by such a system and prioritize their mitigations without severely inhibiting the benefits of the mission objective. However, in case of construction projects, which are often considered as critical infrastructure, this risk assessment must be scrutinized at the same level of the project’s catastrophic failure. In the case of the Köhlbrand Bridge, altered or improper sensor readings can lead to physical damage and/or injury—which is typically outside the digital sphere cyber-security. 

The second concept—the CIA Triad—refers to the notion of maintaining Confidentiality, Integrity and Availability of these digital systems and goes hand-in-hand with cyber-risk assessment. When thinking about these in the context of the Köhlbrand Bridge digital twin and its criticality, several obvious questions become apparent:  What are the implications of leaking the sensor data to a nefarious party?  What if the sensor readings are altered or become inaccurate?  How do we track and ensure the sensors remain operational? 

These questions spark a plethora of additional security conversations between SMEs, business leaders and security practitioners that ultimately lead to the prioritization of many cyber security controls and system architectures. These controls and design decisions are crucial in ensuring that maximal benefit is achieved from the digital twin while mitigating the additional risks they present.

Manage, Detection, and Response (MDR) Adaptation

With the unique security environment that comes with the promise of digital twin technology, adaptations need to be made to an AEC organization’s cybersecurity plan. A proactive approach to cybersecurity includes integrating security at every stage of a digital twin’s lifecycle. This includes a zero-trust security architecture, which grants minimal access to the data and verification of every request before granting use privileges. 

The best providers of Managed Detection and Response (MDR) services offer advanced detection, 24/7 threat hunting, deep investigation, and reliable, swift response. In other words, you should trust your MDR provider to detect attacks on your sensitive data and stop threats on your behalf before they disrupt your business – full stop. By addressing these challenges head-on, the built industry can unlock the full potential of digital twins while ensuring they remain secure and resilient in the face of evolving threats.

Dr. Jeff Schwartzentruber holds the position of Sr. Machine Learning Scientist at eSentire – a Canadian cyber-security company specializing in Managed Detection and Response (MDR). Dr. Schwartzentruber’s primary academic and industry research has been concentrated in solving problems at the intersection of cyber-security and machine learning (ML).