Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
UK: NCSC publishes blog on the secure design and development of digital twins
On September 2, 2024, the National Cyber Security Centre (NCSC) published a blog post discussing the secure design and development of 'digital twins.' The NCSC noted that digital twins are an emerging technology model that is expected to play a key role in sectors such as water, energy, health, and defense.
What is a digital twin?
According to the blog, a digital twin is defined by the UK Government as a virtual model of an object, system, or process, connected to its real-world counterpart through a two-way flow of real-time data. The blog highlighted that while digital twins offer benefits like enhanced efficiency and reduced costs, they also present significant cybersecurity risks. These risks stem from their constant connection to physical infrastructure, which expands the attack surface and could expose sensitive data. The NCSC noted that attackers could exploit the data exchanged between the digital and physical twins, as well as compromise the smart sensors involved in the system.
The blog emphasized that the full potential of digital twins is closely tied to artificial intelligence (AI), which introduces additional security concerns. The blog advised that digital twins, like any other cyber-physical system, must be designed securely from the outset to mitigate these risks.
The blog explained that whereas the NCSC has not yet published specific guidance on digital twins, several existing resources are directly applicable to their secure development. These include guidance on data security, cloud security, AI system development, connected places cybersecurity, and zero trust architecture design. The blog suggested that by referring to these documents, developers can enhance the security of digital twins and safely unlock the benefits of this promising technology.
You can read the blog post here.