Digital Twins: Understanding what they are and why they need to be protected
Because they help form a connection between the real world and the virtual, digital world, “digital twins” are quickly becoming vitally important business tools for every organization that makes any use of the Internet of things (IoT). And no wonder - they can help keep track of industrial processes, trigger preventive maintenance, explore new business opportunities, and develop new and enhanced connected products and services. They are particularly applicable to distributed networked systems such as physical security systems, where a single electronic system can be made up of hundreds, or even thousands, or IoT devices. In these settings, digital twins can help solve operational issues more quickly and effectively than trial-and-error field diagnostics.
But if they are not adequately protected, digital twins and their associated data can expose valuable business information to theft, vandalism, or misuse. In some cases, unprotected digital twins could expose sensitive design, operational, and security details to hackers and others that could be disastrous for your organization.
Moreover, as more businesses rely upon digital twins in their decision-making processes, the integrity of the information is critically important. In particular, how can businesses ensure that the data they are using has not been corrupted or modified by cyber attackers?
Digital Twin Technology
Before we address the protection of digital twins, let’s consider why they are so important for the future of connected businesses.
The basic idea is that a digital twin is a virtual model of a real-world, physical product or system. To be useful, the digital model needs to capture enough of the important factors of that product or system so that it can be used to understand its behavior, performance, and/or operation. Then, actions or changes that are being considered for the real system can be tested on the virtual system first, supporting faster, better decisions.
Of course, the idea of modeling a physical object is not new – engineers and architects have been doing their calculations that way for hundreds of years. But NASA scientists broke new ground in the 1960’s by using a model on the ground to solve a problem that was far away aboard a spacecraft – and saved lives in the process.
Since then, several important technical developments have built upon this idea, resulting in today’s understanding of the value of digital twins. One of these, for example, is the increasing ability to use sensors to capture real-world performance data and feed that back into the digital model, either to improve the model itself or to provide for real-time monitoring of the physical system. Another is the improved ability to gather, analyze, and share data over the Internet, which empowers economies of scale and allows for feedback and control over greater distances.
Today, it is clear that digital twins can be a solution to some very old challenges, such as: how to ensure you’re notified when problems occur on your system, how can you easily identify the cause of these problems, and how can you efficiently fix them when you’re operating remotely. As more and more devices are networked, and more data is available on the usage, maintenance, and functionality of these devices, digital twins can be more complex and accurate than ever before.
In practice, for example, technicians can collect data remotely from a system that is having some trouble, rather than traveling to the system to collect the data. With the data in hand, they can use the digital twin to narrow down the sources of the trouble and test possible fixes – all remotely. Once a solution is found and tested, it can be implemented on the system remotely, or if it requires physical work, the technician can arrive on the scene with all the required parts and tools to do the job – resulting in less time and effort on site.
Protecting Digital Twins
In one sense, the use of a digital twin itself can work in favor of protecting the security of your real system. This is because many firms have to outsource at least part of their field service function in areas apart from their home and field office locations. In those cases, the outside service team normally has to be granted physical access to the operating network, or at least VPN access to the network. By using a digital twin, there is no need to compromise security by providing access to the outside firm; all the necessary diagnostic data has already been provided by the system and the indicated repair actions are spelled out.
Once a digital twin has been created and improved by incorporating additional real data, it becomes even more valuable to potential hackers and competitors, and it should be protected with the same level of rigor as other valuable intellectual property. The fact that a large fraction of digital twins make use of cloud services for data collection and/or processing from IoT sensors means that the selection and management of these services must be accomplished with security in mind. Management must ensure that no software applications are used without careful pre-authentication, and that users should only be allowed data access in accordance with the minimum required level of access for their need. All collected data should be encrypted during storage and transmitted using secure, encrypted channels when accessed or monitored.
For an additional layer of security and data assurance, both physical security systems and their digital twins can be monitored using an automated verification service to make sure that the systems are operating as intended, and that no files have been accessed or changed without the knowledge of the system administrators. These assurance systems are designed to ensure compliance in regulated industries and to eliminate problems from inoperable systems and lost or altered video files.
With more security systems moving to fully digital IP networking, taking advantage of a digital twin is now a real possibility in the security industry. A digital twin, providing you with a digital facsimile of your physical system, allows you to run tests, perform fixes, and be alerted to issues in a manner that is cost-effective, time-efficient, and in-house. With a digital twin, there’s no need for iterative fixes that take your system down, and it’s easier to solve issues accurately as they arise. Taking proactive steps to protect digital twins is essential, not only to protect the valuable information they hold, but to prevent data corruption that could negatively affect the decision-making process.