Leveraging Digital Twin-as-a-Service Towards Continuous and Automated Cybersecurity Certification
By: Ioannis Koufos , Abdul Rehman Qureshi , Adrian Asensio and more
Potential Business Impact:
Checks computer safety without stopping work.
Traditional risk assessments rely on manual audits and system scans, often causing operational disruptions and leaving security gaps. To address these challenges, this work presents Security Digital Twin-as-a-Service (SDT-aaS), a novel approach that leverages Digital Twin (DT) technology for automated, non-intrusive security compliance. SDT-aaS enables real-time security assessments by mirroring real-world assets, collecting compliance artifacts, and creating machine-readable evidence. The proposed work is a scalable and interoperable solution that supports open standards like CycloneDX and Web of Things (WoT), facilitating seamless integration and efficient compliance management. Empirical results from a moderate-scale infrastructure use case demonstrate its feasibility and performance, paving the way for efficient, on-demand cybersecurity governance with minimal operational impact.
Similar Papers
Towards Federated Digital Twin Platforms
Software Engineering
Lets teams share and reuse digital copies of things.
Enabling Cyber Security Education through Digital Twins and Generative AI
Cryptography and Security
Teaches computer defense by faking real attacks.
A Virtual Cybersecurity Department for Securing Digital Twins in Water Distribution Systems
Cryptography and Security
Protects water systems from hackers cheaply.