Methodology for information security threat analysis using digital twins

Authors

  • Igor V. Kotenko Saint Petersburg Federal Research Center of the Russian Academy of Sciences, 39, 14 th Line V. O., Saint Petersburg 199178, Russia
  • Igor B. Saenko Saint Petersburg Federal Research Center of the Russian Academy of Sciences, 39, 14 th Line V. O., Saint Petersburg 199178, Russia
  • Evgenii S. Mityakov MIREA – Russian Technological University, 78 Vernadskogo Avenue, Moscow 119454, Russia
  • Victar P. Kochyn Belarusian State University, 4 Niezaliezhnasci Avenue, Minsk 220030, Belarus

Keywords:

cyber-physical system, digital twin, information security, threat modelling, anomaly detection, machine learning, synthetic data, adaptive system, smart grid, threat analysis
Supporting Agencies
The study was carried out with the financial support of the Saint Petersburg Science Foundation (grant No. 23-RB-01-09).

Abstract

This paper presents a methodology for analysing information security threats in cyber-physical systems based on digital twins. The proposed approach involves formalising the system and threat space through a multi-layered structure, including technical, process, functional, organisational and sectoral layers. Next, dynamic threat modelling is conducted in a secure virtual environment of the digital twin, enabling the reproduction of attack scenarios and generation of synthetic data to train threat indicator detection algorithms. To identify anomalies, frequency analysis, machine learning and clustering methods are applied, ensuring adaptive and accurate detection of both known and previously unknown attacks. The methodology is verified using a smart grid example, demonstrating the effectiveness of training and testing algorithms on synthetic data that reflect normal and emergency operating modes. The results show the potential for creating self-adjusting information security systems with a high degree of adaptability and threat detection accuracy. The presented methodology provides iterative feedback between stages, enhancing the quality of threat modelling and detection.

 

Author Biographies

  • Igor V. Kotenko, Saint Petersburg Federal Research Center of the Russian Academy of Sciences, 39, 14 th Line V. O., Saint Petersburg 199178, Russia

    doctor of science (engineering), honoured scientist of the Russian Federation, full professor; chief researcher at the laboratory of computer security problems, Saint Petersburg Institute for Informatics and Automation, Russian Academy of Sciences

  • Igor B. Saenko, Saint Petersburg Federal Research Center of the Russian Academy of Sciences, 39, 14 th Line V. O., Saint Petersburg 199178, Russia

    doctor of science (engineering), full professor; chief researcher at the laboratory of computer security problems, Saint Petersburg Institute for Informatics and Automation, Russian Academy of Sciences

  • Evgenii S. Mityakov, MIREA – Russian Technological University, 78 Vernadskogo Avenue, Moscow 119454, Russia

    doctor of science (economics), academician of the Russian Academy of Natural Sciences and the A. M. Prokhorov Academy of Engineering Sciences, full professor; head of the department of KB-9 «Domain-oriented information systems», Institute of Cybersecurity and Digital Technologies

  • Victar P. Kochyn, Belarusian State University, 4 Niezaliezhnasci Avenue, Minsk 220030, Belarus

    PhD (engineering), docent; vice-rector for academic affairs and internationalisation of education

References

  1. Sharma A, Kosasih E, Zhang J, Brintrup A, Calinescu A. Digital twins: state of the art theory and practice, challenges, and open research questions. Journal of Industrial Information Integration. 2022;30:100383. DOI: 10.1016/j.jii.2022.100383.
  2. Mezzour G, Benhadou S, Benhadou M, Haddout A. Unleashing the potential of digital twins: a new era with aeronautics 4.0. F1000Research. 2024;13:193. DOI: 10.12688/f1000research.144038.1.
  3. Котенко ИВ, Саенко ИБ, Скоробогатов СЮ, Лаута ОС, Кочин ВП. Методика оценки устойчивости программно-конфигурируемых сетей в условиях компьютерных атак. Журнал Белорусского государственного университета. Математика. Информатика. 2024;3:90–102. EDN: WFDUZG.
  4. Siddique S, Haque MA, Rifat RH, George R, Shujaee K, Gupta KD. Cyber security issues in the industrial applications of digital twins. In: Institute of Electrical and Electronics Engineers. 2023 IEEE symposium series on computational intelligence (SSCI); 2023 December 5–8; Mexico City, Mexico. [S. l.]: Institute of Electrical and Electronics Engineers; 2024. p. 873–878. DOI: 10.1109/SSCI52147.2023.10371850.
  5. Abdullahi SM, Zare A, Lazarova-Molnar S. Cybersecurity in distributed industrial digital twins: threats, defenses, and key takeaways. In: Degeler V, Dustegor D, Groefsema H, Lazovik E, editors. DiDiT-2024. 1st International workshop on distributed digital twins; 2024 June 17; Groningen, the Netherlands. [S. l.]: CEUR-WS; 2024. Paper 2 (CEUR workshop proceedings; volume 3755). DOI: 10.5445/IR/1000174715.
  6. Kotenko I. Active vulnerability assessment of computer networks by simulation of complex remote attacks. In: Institute of Electrical and Electronics Engineers. 2003 International conference on computer networks and mobile computing (ICCNMC-2003);2003 October 20–23; Shanghai, China. [S. l.]: Institute of Electrical and Electronics Engineers; 2003. p. 40–47. DOI: 10.1109/ICCNMC.2003.1243025.
  7. Homaei M, Mogollón-Gutiérrez O, Sancho JC, Ávila M, Caro A. A review of digital twins and their application in cybersecuritybased on artificial intelligence. Artificial Intelligence Review. 2024;57(8):201. DOI: 10.1007/s10462-024-10805-3.
  8. Jones D, Snider C, Nassehi A, Yon J, Hicks B. Characterising the digital twin: a systematic literature review. CIRP Journal of Manufacturing Science and Technology. 2020;29(part A):36–52. DOI: 10.1016/j.cirpj.2020.02.002.
  9. Stavropoulos P, Mourtzis D. Digital twins in industry 4.0. In: Mourtzis D, editor. Design and operation of production networks for mass personalization in the era of cloud technology. [S. l.]: Elsevier; 2022. p. 277–316. DOI: 10.1016/B978-0-12-823657-4.00010-5. 10. Novikova E, Kotenko I. Analytical visualization techniques for security information and event management. In: Kilpatrick P, Milligan P, Stotzka R, editors. Proceedings of the 2013 21st Euromicro International conference on parallel, distributed, and network-based processing (PDP-2013); 2013 February 27 – March 1; Belfast, United Kingdom. [S. l.]: Institute of Electrical and Electronics Engineers; 2013. p. 519–525. DOI: 10.1109/PDP.2013.84.
  10. Suhail S, Iqbal M, Hussain R, Jurdak R. ENIGMA: an explainable digital twin security solution for cyber-physical systems. Computers in Industry. 2023;151:103961. DOI: 10.1016/j.compind.2023.103961.
  11. Mustofa R, Rafiquzzaman M, Ibne Hossain NU. Analyzing the impact of cyber-attacks on the performance of digital twinbased industrial organizations. Journal of Industrial Information Integration. 2024;41:100633. DOI: 10.1016/j.jii.2024.100633.
  12. Lucchese M, Salerno G, Pugliese A. A digital twin-based approach for detecting cyber-physical attacks in ICS using knowledge discovery. Applied Sciences. 2024;14(19):8665. DOI: 10.3390/app14198665.
  13. Nguyen TN. Toward human digital twins for cybersecurity simulations on the metaverse: ontological and network science approach. JMIRx Med. 2022;3(2):e33502. DOI: 10.2196/33502.
  14. Lopes PV, Silveira L, Guimaraes Aquino RD, Ribeiro CH, Skoogh A, Verri FAN. Synthetic data generation for digital twins: enabling production systems analysis in the absence of data. International Journal of Computer Integrated Manufacturing. 2024;37(10–11):1252–1269. DOI: 10.1080/0951192X.2024.2322981.
  15. Pärn E, Ghadiminia N, García de Soto B, Oti-Sarpong K. A perfect storm: digital twins, cybersecurity, and general contracting firms. Developments in the Built Environment. 2024;18:100466. DOI: 10.1016/j.dibe.2024.100466.
  16. Alshammari K, Beach T, Rezgui Y. Cybersecurity for digital twins in the built environment: current research and future directions. Journal of Information Technology in Construction (ITcon). 2021;26:159–173. DOI: 10.36680/j.itcon.2021.010.
  17. Rahman MH, Hamedani EY, Son Y-J, Shafae M. Taxonomy-driven graph-theoretic framework for manufacturing cybersecurity risk modeling and assessment. Journal of Computing and Information Science in Engineering. 2024;24(7):071003. DOI: 10.1115/1.4063729.
  18. Qureshi AR, Asensio A, Imran M, Garcia J, Masip-Bruin X. A survey on security enhancing digital twins: models, applications and tools. Computer Communications. 2025;238:108158. DOI: 10.1016/j.comcom.2025.108158.
  19. Acharya S, Khan AA, Päivärinta T. Interoperability levels and challenges of digital twins in cyber-physical systems. Journal of Industrial Information Integration. 2024;42:100714. DOI: 10.1016/j.jii.2024.100714.
  20. David I, Shao G, Gomes C, Tilbury D, Zarkout B. Interoperability of digital twins: challenges, success factors, and future research directions. In: Margaria T, Steffen B, editors. Leveraging applications of formal methods, verification and validation. Application areas. Proceedings of the 12th International symposium, ISoLA-2024; 2024 October 27–31; Crete, Greece. Part 5. Cham: Springer; 2025. p. 27–46 (Lecture notes in computer science; volume 15223). DOI: 10.1007/978-3-031-75390-9_3.
  21. Voas J, Mell P, Laplante P, Piroumian V. Security and trust considerations for digital twin technology. Gaithersburg: National Institute of Standards and Technology; 2025 February. Report No.: NIST IR 8356. DOI: 10.6028/NIST.IR.8356.
  22. Кочергин СВ, Артемова СВ, Бакаев АА, Митяков ЕС, Вегера ЖГ, Максимова ЕА. Повышение безопасности смарт-сетей: спектральный и фрактальный анализ как инструменты выявления кибератак. Russian Technological Journal. 2025;13(1):7–15. DOI: 10.32362/2500-316X-2025-13-1-7-15.

Downloads

Published

2026-01-04

Issue

Section

Theoretical Foundations of Computer Science

How to Cite

[1]
Kotenko, I.V. et al. 2026. Methodology for information security threat analysis using digital twins. Journal of the Belarusian State University. Mathematics and Informatics. 3 (Jan. 2026), 76–91.