Digital Twin for Cyber Testing
Performing cyber testing on complex systems presents a number of challenges. One of the biggest is access to the systems to perform potentially destructive cyber testing. Another issue is providing the operationally relevant wrap around environment to the system under test (SUT) without compromising any of the systems with a cyber threat. One approach for this is to create a digital twin of the system. This is the only approach for single copy national systems, but is also useful for weapon systems.
The development of a digital twin begins with a Cyber Table Top (CTT). CTT is a process that brings operators, developers, and threat teams together to review the SUT for likely cyber threat vectors. The threat vectors identified in the CTT informs the development of the digital twin. While it preferable to create a complete hardware and software digital twin, this is not always possible due to availability or cost reasons. The CTT results can be used to determine which parts of the system have to be implemented with the real hardware and software and which parts can be emulated.
The second part of the digital twin is to provide all of the inputs to the SUT and have consumers for all the outputs. The CTT also helps define the required inputs and outputs to create the operationally realistic environment. Modeling and simulation is used to create the synthetic environment to wrap the system under test in. While creating the inputs is obvious, the need to consume the outputs may be less so. It is critical to have systems consume the outputs so that any mission impacts can be determined based on the cyber threat.
A goal of using a digital twin for cyber testing is to determine the mission impacts to the cyber threat. Providing the full operational wrap-around to the SUT will show the mission impacts to the cyber threats. This is critical to provide actionable information to the system owners to address the impacts of the cyber threat. Experience in applying the digital twin approach with synthetic environments has provided lessons learned in cyber weapon testing. These include the importance of the CCT, selection of components for the digital twin, and how to provide the synthetic environment wrap around.
This paper will describe the CTT process as it applies to using digital twins for cyber testing. Techniques and approaches for developing the operational wrap-around will be discussed. The paper will also cover lessons learned applying this process to cyber testing.