Anticipating Disasters Through a Security Twin
摘要
A security twin is a specialization of a digital twin focused on the security and robustness properties of an ICT/OT infrastructure. By running adversary emulations that use a security twin, we can discover how a hybrid threat can exploit vulnerabilities to build intrusions to penetrate and control critical infrastructures. According to the target infrastructure, the control by a threat may result in a disastrous impact on the whole society. Information on possible intrusions is fundamental to anticipate potential disasters and to increase the resilience of a (digital) society. Due to the highly dynamic evolutions of both infrastructures and hybrid threats, we advocate that only adversary emulation using a security twin can convey the information to forecast intrusions and prevent social and economic disasters. We also discuss how to execute adversary emulations and how a security twin is built and updated.