Originally published on Forbes, February 25th, 2021
In the space of just a few short years, many of the machines around us have become smarter than we are. Technology and progress wait for no one, and the widespread adoption of IoT has injected intelligent, autonomous capabilities into everything from vending machines and robots to refrigerators and cars.
A look under the hood reveals that this IoT technology is actually powered by CPUs, software and internet connectivity that drive the decision-making and performance of our smart machines. In fact, the most advanced smart machines, like the latest connected cars, can deploy over 100 different software components and often have more lines of code than an F-35 fighter jet.
Unfortunately, this intelligence doesn’t come without its risks. Malicious hackers are patiently and tirelessly investigating and dissecting the different software components that run our smart machines. Their purpose? To find vulnerabilities through which they can penetrate the internal system and hijack sensitive data for financial gain, or worse.
Cyber Digital Twins To The Rescue
But luckily for us, cybersecurity professionals are leveraging the latest disruptive technological trends and innovative digital concepts to stay one step ahead of the hackers and make sure that we remain safe and secure.
Named one of Gartner’s “Top 10 Strategic Technology Trends for 2019,” digital twins are one such example. These virtual bridges connect the physical and digital worlds by offering detailed representations of complex, real-world systems. The benefits derived from their use empower new, faster capabilities in the realms of analysis, productivity, production, delivery and more.
In the context of cybersecurity, digital twins are empowering exciting new possibilities across the entire value chain. Aptly named cyber digital twins, their use is extending new scales of efficiencies in everything from research, development, testing and analysis to IP protection and vendor management.
With cyber digital twins, cybersecurity professionals can create an online, digital replica for every physical device on the planet. This digital replica is used for simulation of cyberattacks, vulnerability exploitation and more to detect potential threats before the physical device leaves the production line.
A mandatory step before critical cybersecurity processes like attack chain analysis and vulnerability management, cyber digital twins enable a detailed, rich understanding of the inner workings of the software that powers the intelligence of our physical products. They mirror the characteristics of every software component, mapping out important data that cybersecurity professionals need to secure our smart machines.
Cyber digital twins are generated by analyzing firmware — software programmed within the hardware that dictates how the device operates — to extract information about the device hardware architecture, OSs and their versions, memory flow, compilation mode and more. This innovative approach accelerates every aspect of the cybersecurity process while empowering research and maintaining the integrity of the supplier’s core proprietary IP.
Let's take a look at three ways cyber digital twins are revolutionizing cybersecurity.
Standardizing And Harmonizing Firmware Variants
Even the simplest of smart machines is composed of numerous software components, each supplied by a different third-party vendor. Each vendor develops its software according to its own needs, using different operating systems, hardware architectures, frameworks and more.
With so many different components and technologies thrown into the mix, gaining the security analysis expertise and sourcing the right mix of tools to cover all grounds becomes an expensive, time-consuming challenge.
By providing standard, highly detailed representations of the firmware, cyber digital twins facilitate analysis by product security experts and via multiple analysis tools for multiple use cases such as CVE scanning, zero-day analysis and detecting privacy violations.
Eliminating IP Protection Concerns
Ensuring the integrity of the proprietary source code of the firmware embedded within each software component is of vital importance to the vendors who develop them. However, manufacturers still need access to the firmware code for security, testing, compliance and more.
With cyber digital twins, there's no need for vendors to share the actual firmware that contains their valuable IP. Instead, they can share the cyber digital twin, which includes all the critical information that cybersecurity professionals require to do their analysis. In this manner, vendors can safely share critical information about their products without having to worry about the integrity of their IP. This new reality empowers new levels of transparency throughout the entire supply chain.
Empowering Security Teams
Every software component used in our smart machines undergoes rigorous research and assessments for security and regulatory compliance purposes. As mentioned above, the extensive use of so many different technology variants by each supplier complicates matters.
Performing the required research and assessment calls for technical experts who understand each of the different technologies, configurations and variants in use. This means that the number of researchers needed to perform the required research and assessments grows in proportion to the number of components in use.
Cyber digital twins do the heavy lifting for the researchers. Instead of spending precious — and expensive — time analyzing the binary code to get to the info they need, researchers can focus on running their tests and assessments. In this manner, cyber digital twins enable a streamlined research and assessment process and minimize time to discovery and compliance without the need for advanced security research skills.
The benefits described in this article — IP protection, standardization/harmonization and streamlined research and assessment — are fundamental to ensuring properly managed, effective cybersecurity processes across your entire operation. They address many of the main security challenges across the manufacturing value chain while speeding up time to market and cutting down costs.
When evaluating a cyber digital twin solution, you should understand how it fits alongside your existing frameworks and processes and how it can help satisfy requirements of compliance standards and regulations. The centralized approach and visibility it provides should introduce efficiencies and optimization for vulnerability management and reduce the complexity of integrating with your existing systems and tools.
About the Author
Cybellum CTO and co-founder. An Entrepreneur, skilled in defensive and offensive cyber security, experienced in leading large scale R&D projects throughout all stages of design, development and deployment. Served as an officer in Israel’s elite intelligence corps for many years in various R&D and management positions, receiving Outstanding Officer Honor for my service.