Deriving a cost-effective digital twin of an ICS to facilitate security evaluation

Ron Bitton, Tomer Gluck, Orly Stan, Masaki Inokuchi, Yoshinobu Ohta, Yoshiyuki Yamada, Tomohiko Yagyu, Yuval Elovici, Asaf Shabtai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

16 Scopus citations


Industrial control systems (ICSs), and particularly supervisory control and data acquisition (SCADA) systems, are used in many critical infrastructures and are inherently insecure, making them desirable targets for attackers. ICS networks differ from typical enterprise networks in their characteristics and goals; therefore, security assessment methods that are common in enterprise networks (e.g., penetration testing) cannot be directly applied in ICSs. Thus, security experts recommend using an isolated environment that mimics the real one for assessing the security of ICSs. While the use of such environments solves the main challenge in ICS security analysis, it poses another one: the trade-off between budget and fidelity. In this paper we suggest a method for creating a digital twin that is network-specific, cost-efficient, highly reliable, and security test-oriented. The proposed method consists of two modules: a problem builder that takes facts about the system under test and converts them into a rules set that reflects the system’s topology and digital twin implementation constraints; and a solver that takes these inputs and uses 0–1 non-linear programming to find an optimal solution (i.e., a digital twin specification), which satisfies all of the constraints. We demonstrate the application of our method on a simple use case of a simplified ICS network.

Original languageEnglish
Title of host publicationComputer Security - 23rd European Symposium on Research in Computer Security, ESORICS 2018, Proceedings
EditorsJavier Lopez, Jianying Zhou, Miguel Soriano
PublisherSpringer Verlag
Number of pages22
ISBN (Print)9783319990729
StatePublished - 1 Jan 2018
Event23rd European Symposium on Research in Computer Security, ESORICS 2018 - Barcelona, Spain
Duration: 3 Sep 20187 Sep 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11098 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference23rd European Symposium on Research in Computer Security, ESORICS 2018


  • Industrial control systems
  • Non linear integer programming
  • Penetration test
  • Supervisory control and data acquisition

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science (all)


Dive into the research topics of 'Deriving a cost-effective digital twin of an ICS to facilitate security evaluation'. Together they form a unique fingerprint.

Cite this