Methodology for information security threat analysis using digital twins
Keywords:
cyber-physical system, digital twin, information security, threat modelling, anomaly detection, machine learning, synthetic data, adaptive system, smart grid, threat analysisAbstract
This paper presents a methodology for analysing information security threats in cyber-physical systems based on digital twins. The proposed approach involves formalising the system and threat space through a multi-layered structure, including technical, process, functional, organisational and sectoral layers. Next, dynamic threat modelling is conducted in a secure virtual environment of the digital twin, enabling the reproduction of attack scenarios and generation of synthetic data to train threat indicator detection algorithms. To identify anomalies, frequency analysis, machine learning and clustering methods are applied, ensuring adaptive and accurate detection of both known and previously unknown attacks. The methodology is verified using a smart grid example, demonstrating the effectiveness of training and testing algorithms on synthetic data that reflect normal and emergency operating modes. The results show the potential for creating self-adjusting information security systems with a high degree of adaptability and threat detection accuracy. The presented methodology provides iterative feedback between stages, enhancing the quality of threat modelling and detection.
References
- Sharma A, Kosasih E, Zhang J, Brintrup A, Calinescu A. Digital twins: state of the art theory and practice, challenges, and open research questions. Journal of Industrial Information Integration. 2022;30:100383. DOI: 10.1016/j.jii.2022.100383.
- Mezzour G, Benhadou S, Benhadou M, Haddout A. Unleashing the potential of digital twins: a new era with aeronautics 4.0. F1000Research. 2024;13:193. DOI: 10.12688/f1000research.144038.1.
- Котенко ИВ, Саенко ИБ, Скоробогатов СЮ, Лаута ОС, Кочин ВП. Методика оценки устойчивости программно-конфигурируемых сетей в условиях компьютерных атак. Журнал Белорусского государственного университета. Математика. Информатика. 2024;3:90–102. EDN: WFDUZG.
- Siddique S, Haque MA, Rifat RH, George R, Shujaee K, Gupta KD. Cyber security issues in the industrial applications of digital twins. In: Institute of Electrical and Electronics Engineers. 2023 IEEE symposium series on computational intelligence (SSCI); 2023 December 5–8; Mexico City, Mexico. [S. l.]: Institute of Electrical and Electronics Engineers; 2024. p. 873–878. DOI: 10.1109/SSCI52147.2023.10371850.
- Abdullahi SM, Zare A, Lazarova-Molnar S. Cybersecurity in distributed industrial digital twins: threats, defenses, and key takeaways. In: Degeler V, Dustegor D, Groefsema H, Lazovik E, editors. DiDiT-2024. 1st International workshop on distributed digital twins; 2024 June 17; Groningen, the Netherlands. [S. l.]: CEUR-WS; 2024. Paper 2 (CEUR workshop proceedings; volume 3755). DOI: 10.5445/IR/1000174715.
- Kotenko I. Active vulnerability assessment of computer networks by simulation of complex remote attacks. In: Institute of Electrical and Electronics Engineers. 2003 International conference on computer networks and mobile computing (ICCNMC-2003);2003 October 20–23; Shanghai, China. [S. l.]: Institute of Electrical and Electronics Engineers; 2003. p. 40–47. DOI: 10.1109/ICCNMC.2003.1243025.
- Homaei M, Mogollón-Gutiérrez O, Sancho JC, Ávila M, Caro A. A review of digital twins and their application in cybersecuritybased on artificial intelligence. Artificial Intelligence Review. 2024;57(8):201. DOI: 10.1007/s10462-024-10805-3.
- Jones D, Snider C, Nassehi A, Yon J, Hicks B. Characterising the digital twin: a systematic literature review. CIRP Journal of Manufacturing Science and Technology. 2020;29(part A):36–52. DOI: 10.1016/j.cirpj.2020.02.002.
- Stavropoulos P, Mourtzis D. Digital twins in industry 4.0. In: Mourtzis D, editor. Design and operation of production networks for mass personalization in the era of cloud technology. [S. l.]: Elsevier; 2022. p. 277–316. DOI: 10.1016/B978-0-12-823657-4.00010-5. 10. Novikova E, Kotenko I. Analytical visualization techniques for security information and event management. In: Kilpatrick P, Milligan P, Stotzka R, editors. Proceedings of the 2013 21st Euromicro International conference on parallel, distributed, and network-based processing (PDP-2013); 2013 February 27 – March 1; Belfast, United Kingdom. [S. l.]: Institute of Electrical and Electronics Engineers; 2013. p. 519–525. DOI: 10.1109/PDP.2013.84.
- Suhail S, Iqbal M, Hussain R, Jurdak R. ENIGMA: an explainable digital twin security solution for cyber-physical systems. Computers in Industry. 2023;151:103961. DOI: 10.1016/j.compind.2023.103961.
- Mustofa R, Rafiquzzaman M, Ibne Hossain NU. Analyzing the impact of cyber-attacks on the performance of digital twinbased industrial organizations. Journal of Industrial Information Integration. 2024;41:100633. DOI: 10.1016/j.jii.2024.100633.
- Lucchese M, Salerno G, Pugliese A. A digital twin-based approach for detecting cyber-physical attacks in ICS using knowledge discovery. Applied Sciences. 2024;14(19):8665. DOI: 10.3390/app14198665.
- Nguyen TN. Toward human digital twins for cybersecurity simulations on the metaverse: ontological and network science approach. JMIRx Med. 2022;3(2):e33502. DOI: 10.2196/33502.
- Lopes PV, Silveira L, Guimaraes Aquino RD, Ribeiro CH, Skoogh A, Verri FAN. Synthetic data generation for digital twins: enabling production systems analysis in the absence of data. International Journal of Computer Integrated Manufacturing. 2024;37(10–11):1252–1269. DOI: 10.1080/0951192X.2024.2322981.
- Pärn E, Ghadiminia N, García de Soto B, Oti-Sarpong K. A perfect storm: digital twins, cybersecurity, and general contracting firms. Developments in the Built Environment. 2024;18:100466. DOI: 10.1016/j.dibe.2024.100466.
- Alshammari K, Beach T, Rezgui Y. Cybersecurity for digital twins in the built environment: current research and future directions. Journal of Information Technology in Construction (ITcon). 2021;26:159–173. DOI: 10.36680/j.itcon.2021.010.
- Rahman MH, Hamedani EY, Son Y-J, Shafae M. Taxonomy-driven graph-theoretic framework for manufacturing cybersecurity risk modeling and assessment. Journal of Computing and Information Science in Engineering. 2024;24(7):071003. DOI: 10.1115/1.4063729.
- Qureshi AR, Asensio A, Imran M, Garcia J, Masip-Bruin X. A survey on security enhancing digital twins: models, applications and tools. Computer Communications. 2025;238:108158. DOI: 10.1016/j.comcom.2025.108158.
- Acharya S, Khan AA, Päivärinta T. Interoperability levels and challenges of digital twins in cyber-physical systems. Journal of Industrial Information Integration. 2024;42:100714. DOI: 10.1016/j.jii.2024.100714.
- David I, Shao G, Gomes C, Tilbury D, Zarkout B. Interoperability of digital twins: challenges, success factors, and future research directions. In: Margaria T, Steffen B, editors. Leveraging applications of formal methods, verification and validation. Application areas. Proceedings of the 12th International symposium, ISoLA-2024; 2024 October 27–31; Crete, Greece. Part 5. Cham: Springer; 2025. p. 27–46 (Lecture notes in computer science; volume 15223). DOI: 10.1007/978-3-031-75390-9_3.
- Voas J, Mell P, Laplante P, Piroumian V. Security and trust considerations for digital twin technology. Gaithersburg: National Institute of Standards and Technology; 2025 February. Report No.: NIST IR 8356. DOI: 10.6028/NIST.IR.8356.
- Кочергин СВ, Артемова СВ, Бакаев АА, Митяков ЕС, Вегера ЖГ, Максимова ЕА. Повышение безопасности смарт-сетей: спектральный и фрактальный анализ как инструменты выявления кибератак. Russian Technological Journal. 2025;13(1):7–15. DOI: 10.32362/2500-316X-2025-13-1-7-15.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Journal of the Belarusian State University. Mathematics and Informatics

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
The authors who are published in this journal agree to the following:
- The authors retain copyright on the work and provide the journal with the right of first publication of the work on condition of license Creative Commons Attribution-NonCommercial. 4.0 International (CC BY-NC 4.0).
- The authors retain the right to enter into certain contractual agreements relating to the non-exclusive distribution of the published version of the work (e.g. post it on the institutional repository, publication in the book), with the reference to its original publication in this journal.
- The authors have the right to post their work on the Internet (e.g. on the institutional store or personal website) prior to and during the review process, conducted by the journal, as this may lead to a productive discussion and a large number of references to this work. (See The Effect of Open Access.)



















