Digital Twins are set to revolutionize the way industry operates, moving from close physical management of assets to an increasingly automated, remote mode of working based on data. But great too are the risks if things go wrong: the threat of cyber attack, supply chain fraud, mistakes, missed maintenance and other issues all threaten the integrity of the system and erode trust in the data it produces and consumes. A twin that operates on false data is, after all, not a twin.
Digital Twin systems are fundamentally systems of systems – disparate hardware and software components, physical environments, actors – that communicate and share data in order to create a holistic understanding of the systems' operations and optimize decision making. This introduces the need for a way of thinking about security and trustworthiness where risk and responsibility are shared and actions by one will have impacts on others. In short, Digital Twin security is a team sport, and this plays out in both the technical and the commercial domain.
Digital Twin Consortium is developing and documenting an approach to Security and Trustworthiness as they relate to the specific and unique features of Digital Twin systems and their operation. Numerous other quality resources are available that cover general issues such as device security, network architecture, process management and so on. This project aims to introduce the concepts and types of thinking that are required for end-users and systems integrators to properly assess, adopt, and operate Digital Twin technologies and products that meet their business' security and trustworthiness needs from all perspectives: not just cyber threat management but also regulatory compliance, personal safety, and appropriate levels of investment.