Please use this identifier to cite or link to this item:
https://hdl.handle.net/10316/100876
Title: | ELEGANT: Security of Critical Infrastructures With Digital Twins | Authors: | Sousa, Bruno Arieiro, Miguel Pereira, Vasco Correia, João Lourenço, Nuno Cruz, Tiago |
Keywords: | Digital Twins; SCADA; pipelines; security; programmable logic controllers; DTaaS | Issue Date: | 2021 | Project: | Experiment Enabling Security with Digital Twin Units (ELEGANT) in the 7th Open Call of the Fed4FIRE Horizon 2020 Research and Innovation Program under Agreement 732638 Swiss State Secretariat for Education, Research and Innovation |
Serial title, monograph or event: | IEEE Access | Volume: | 9 | Abstract: | The past years have witnessed an increasing interest and concern regarding the development of security monitoring and management mechanisms for Critical Infrastructures, due to their vital role in ensuring the availability of many essential services. This task is not easy due to the speci c characteristics of such systems, and the natural resistance of Critical Infrastructures operators against actions implying downtime. Digital Twins, as accurate virtual models of physical objects or processes, can provide a faithful environment for security analysis or evaluation of potential mitigation strategies to be deployed in face of speci c situations. Nonetheless, their on-premises deployment can be expensive, implying a signi cant CAPEX whose return will depend on the ability to plan and deploy a suitable support infrastructure, as well as implementing ef cient and scalable data collection and processing mechanisms capable of taking advantage of the acquired resources. This paper presents an off-premises approach to design and deploy Digital Twins to secure critical infrastructures, developed in the scope of the ELEGANT project. Such Digital Twins are built using real-time, high delity replicas of Programming Logic Controllers, coupled with scalable and ef cient data collection processes, supporting the development and validation of Machine Learning models to mitigate security threats like Denial of Service attacks. The validation approach of ELEGANT, which leveraged from the capabilities of the Fed4Fire federated testbeds evaluated the feasibility of using cloudi ed Digital Twins, thus converting a signi cant part of the projected CAPEX for the in-premises model into ondemand, pay-as-you-go OPEX, eventually paving the way for the establishment of a DTaaS (Digital Twin as a Service) paradigm. The achieved results demonstrate that the data pipelines providing support for the ELEGANT Digital Twins have low impact in terms of resource usage in Denial of Service and Distributed Denial of Service attack scenarios, when higher volumes of data are generated. | URI: | https://hdl.handle.net/10316/100876 | ISSN: | 2169-3536 | DOI: | 10.1109/ACCESS.2021.3100708 | Rights: | openAccess |
Appears in Collections: | I&D CISUC - Artigos em Revistas Internacionais |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
ELEGANT_Security_of_Critical_Infrastructures_With_Digital_Twins.pdf | 1.81 MB | Adobe PDF | View/Open |
SCOPUSTM
Citations
5
checked on Nov 17, 2022
WEB OF SCIENCETM
Citations
6
checked on May 2, 2023
Page view(s)
123
checked on Oct 16, 2024
Download(s)
138
checked on Oct 16, 2024
Google ScholarTM
Check
Altmetric
Altmetric
This item is licensed under a Creative Commons License