METHODS AND TOOLS FOR PROTECTING DIGITAL TWINS IN INDUSTRY 4.0 CYBER-PHYSICAL SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2026.33.1152Keywords:
digital twin, cyber-physical system, Industry 4.0, cyber protection, model-based monitoring, telemetry, anomaly detection, MQTTAbstract
This article presents an integrated approach to the analysis, design, and practical implementation of digital twin protection in Industry 4.0 cyber-physical systems. The relevance of the study is determined by the fact that, in a modern industrial environment, a digital twin acts not only as a monitoring and analytics tool but also as a functional component of the digital loop, the compromise of which may lead to violations of telemetry integrity and reliability, loss of synchronization between physical and digital states, service degradation, and hazardous effects on the production process. The paper systematizes the main threats and vulnerabilities of digital twins in CPS environments, including telemetry tampering, replay attacks, model interference, unauthorized access, availability attacks, compromise of communication channels, administrative services, and event logs. Cryptographic, network, organizational, and application-level protection mechanisms are analyzed, and the need for their integration into a multilayer security architecture based on the principles of defense-in-depth and Zero Trust is substantiated. The proposed model combines transport channel protection, verification of message integrity and authenticity, replay-attack mitigation, access control, secure logging with log-integrity control, limitation of message arrival intensity, telemetry validation, and model-based monitoring of the digital twin state through the assessment of consistency between the measured and predicted states. The practical implementation is presented in the form of a software prototype based on Python, MQTT, and Node-RED. Within the experimental evaluation, controlled scenarios of normal operation and typical threats were reproduced, which made it possible to assess the system’s response to message modification, packet replay, anomalous telemetry values, inconsistency with the model state, excessive message flow, and attempts at unauthorized administrative access. The obtained results showed that the proposed approach provides detection of typical violations, correct rejection of anomalous or modified messages, maintenance of controlled service availability, and additional verification of telemetry reliability at the model level, which confirms the practical applicability of the developed model for building secure digital twins in Industry 4.0 context.
Downloads
References
El‐Hajj, M., Itäpelto, T., & Gebremariam, T. (2024). Systematic literature review: Digital twins’ role in enhancing security for Industry 4.0 applications. Security and Privacy. https://doi.org/10.1002/spy2.396
Voas, J., Mell, P., Laplante, P., & Piroumian, V. (2025). Security and trust considerations for digital twin technology (NIST IR 8356). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.IR.8356
Zemskov, A. D., Fu, Y., Li, R., Wang, X., Karkaria, V., Tsai, Y.-K., Chen, W., Zhang, J., Gao, R., Cao, J., Loparo, K. A., & Li, P. (2024). Security and privacy of digital twins for advanced manufacturing: A survey [Preprint]. arXiv. https://doi.org/10.48550/arXiv.2412.13939
Alhumam, N., Rahman, M. M. H., & Aljughaiman, A. (2025). A comprehensive review on cybersecurity of digital twins: Issues, challenges, and future research directions. IEEE Access. https://doi.org/10.1109/access.2025.3545004
Suárez-Román, M., Sanz-Rodrigo, M., Marín-López, A., & Arroyo, D. (2025). A digital twin threat survey. Big Data and Cognitive Computing, 9(10), Article 252. https://doi.org/10.3390/bdcc9100252
Zhang, H., Peng, S., Liu, L., Su, S., & Cao, Y. (2020). Review on GPS spoofing-based time synchronisation attack on power system. IET Generation, Transmission & Distribution, 14(20), 4301-4309. https://doi.org/10.1049/iet-gtd.2020.0253
Pilakkat, D., Balasubramanian, K., & Rajendran, S. R. (2025). Towards intelligent digital twins for PV systems: A unified framework for control, forecasting, and grid integration. IEEE Access. https://doi.org/10.1109/access.2025.3644889
Fereidouni, H., Fadeitcheva, O., & Zalai, M. (2025). IoT and man-in-the-middle attacks. Security and Privacy, 8(2). https://doi.org/10.1002/spy2.70016
Zhang, Z., Fang, M., Chen, M., Li, G., Lin, X., & Liu, Y. (2024). Securing distributed network digital twin systems against model poisoning attacks. IEEE Internet of Things Journal. https://doi.org/10.1109/jiot.2024.3421895
Homaei, M., Morales, V. G., Mogollon-Gutierrez, O., & Caro, A. (2025). The dark side of digital twins: Adversarial attacks on AI-driven water forecasting [Preprint]. arXiv. https://doi.org/10.48550/arXiv.2504.20295
Savchenko, T., Lutska, N., Vlasenko, L., Sashnova, M., Zahorulko, A., Minenko, S., Ibaiev, E., & Tytarenko, N. (2025). Risk analysis and cybersecurity enhancement of digital twins in dairy production. Technology Audit and Production Reserves, 2(2(82)), 37-49. https://doi.org/10.15587/2706-5448.2025.325422
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Тетяна Савченко, Софія Лапіна
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
