A Digital Twin for Security Engineering

Turning a layered blueprints model into a secure protoype of your asset — with the help of inventory & detection tools

To be useful for security engineering, a digital twin does not need to be a perfect reflection of the original, just of its security-relevant features. The Layered Blueprints summarize everything security-relevant. — Photo by Dennis Buchner

Imagine you’d have a digital representation of your assets, or your critical functions, that summarized all security-relevant aspects in one model.

Not a perfect reflection at all, but perfect enough to do security engineering. Imagine you could compliance-check that representation against security frameworks. Adjust it if your assets used different protocols, had different users, or there were new known vulnerabilities. And push the “apply” button so you could transform your security configurations of choice into reality.

Imagine you’d have a digital twin for security engineering.

Almost two years ago, I introduced the concept of Layered Blueprints, a lighthouse-shaped procedure and system model for security engineering.

“I hope we’re not all sitting on our desks building our own lonesome lighthouses. Let’s not build single towers. Let’s aim for building skylines!”

You may or may not remember the last slide where I said I hoped we as a community would not build lonely security engineering lighthouses of our own, but entire skylines of lighthouses we could share and discuss.

I’m excited this is atually beginning to happen. Last week, Ron Brash picked up the Layered Blueprint concept in a blog post — in the most pragmatic manner I’ve seen to date. Taking a Blueprint for an HMI as an example, he walks his readers through the different lighthouse layers and, most importantly, poses the question how a blueprint can be maintained throughout its lifecycle. Taking this idea further, a skyline of blueprints could be created by taking a new lighthouse for each asset class — HMI, PLC, engineering PC, and so on — or for each associated function — operating through an HMI, programming a PLC, and so on.

Due to his position at Verve, whose product is an ICS inventory and detection tool for OT environments, it’s natural that Ron looks for ways

• how suchlike tools can help creating blueprints
• and how the layered blueprints in turn can help these tools.