April 24 – 29 , 2022, Dagstuhl Seminar 22171

Digital Twins for Cyber-Physical Systems Security


Mohammad Al Faruque (University of California – Irvine, US)
Alvaro Cárdenas Mora (University of California – Santa Cruz, US)
Simin Nadjm-Tehrani (Linköping University, SE)
Edgar Weippl (Universität Wien, AT)

For support, please contact

Simone Schilke for administrative matters

Michael Gerke for scientific matters


List of Participants
Shared Documents
Dagstuhl Seminar Schedule [pdf]


Cyber-physical systems (CPSs) may constitute an attractive attack target due to the increased networking of components that yields an expanded attack surface. If their physical control capabilities are compromised, safety implications may arise. Thus, it is vital that the CPSs being engineered are thoroughly tested and that adequate response measures can be realized upon detecting intruders during operation. However, security testing is hard to conduct due to expensive hardware, limited maintenance periods, and safety risks. Furthermore, the increased stealthiness of threat actors requires new intrusion detection and response methods. Interestingly, digital twins have become an important concept in industrial informatics to solve similar problems, yet with a non-security-related focus: Digital twins that virtually replicate the real systems provide cost-efficient modeling, testing, monitoring, and even predictive capabilities. However, until recently, the digital-twin concept has mainly focused on production optimizations or design improvements, without considering its potential for CPS security. The purpose of this Dagstuhl Seminar is therefore to investigate the benefits and challenges of applying this concept to improve the security of CPSs.

In this seminar, we will explore possible digital-twin security use cases, such as security testing, intrusion detection, and response and reconfiguration. We want to leverage a multi-disciplinary perspective to combine approaches from different domains, namely, information security, industrial informatics, production systems engineering, control theory, and data science. The aim of the seminar is to i) bridge the gap between disciplines, ii) reach consensus about the underlying terminology, and iii) investigate the strengths and limits of this novel concept. At the beginning of this 5-day event, we will dedicate an extended session to the discussion of specific vocabularies and terminologies in order to build a common ground. Subsequent seminar activities will address research challenges pertaining to the efficient creation and operation of security-aware digital twins, the implementation of physics-based and behavior-specification-based intrusion detection systems, and proactive and reactive intrusion response mechanisms. Toward this end, the participating academics and industry experts will discuss how specifications, engineering data, physical models, and process knowledge can be utilized to implement digital twins. Current topics of intrusion detection research will also be analyzed to assess how these virtual replicas can accurately identify attacks by detecting deviations in the behavior of the real CPS, which are manifested in the network traffic, control logic, sensor readings, or physical process. Further, we will investigate methods from the self-adaptive, self-healing CPS community to assess how the digital twins can be equipped with the capability to automatically determine suitable countermeasures, virtually test them, evaluate their effects, and finally apply the re-configurations to the corresponding real systems in order to fend off imminent cyber threats or at least mitigate their impact.

The seminar participants will be split into small working groups to foster more detailed discussions and strengthen interdisciplinary exchange. Plenary sessions will include lightning talks given by participants to motivate the group work. In this way, the seminar will serve as an open knowledge-sharing platform for individuals from diverse disciplines, which will ultimately shape this emerging research area.

Motivation text license
  Creative Commons BY 4.0
  Mohammad Al Faruque, Alvaro Cardenas, Simin Nadjm-Tehrani, and Edgar Weippl


  • Artificial Intelligence
  • Cryptography And Security
  • Systems And Control


  • Digital Twins
  • Cyber-Physical Systems
  • Information Security
  • SCADA & Industrial Control Systems
  • Production Systems Engineering


In the series Dagstuhl Reports each Dagstuhl Seminar and Dagstuhl Perspectives Workshop is documented. The seminar organizers, in cooperation with the collector, prepare a report that includes contributions from the participants' talks together with a summary of the seminar.


Download overview leaflet (PDF).

Dagstuhl's Impact

Please inform us when a publication was published as a result from your seminar. These publications are listed in the category Dagstuhl's Impact and are presented on a special shelf on the ground floor of the library.


Furthermore, a comprehensive peer-reviewed collection of research papers can be published in the series Dagstuhl Follow-Ups.