Object Management Group
Industry IoT Consortium and Digital Twin Consortium Publish IoT Security Maturity Model for Digital Twins
Guidance to enable trustworthy digital twin systems
BOSTON, MA – JUNE 20, 2020 – The Industry IoT Consortium® (IIC™) and the Digital Twin Consortium® (DTC) announced the IoT Security Maturity Model (SMM) Digital Twin Profile. The SMM Digital Twin Profile extends guidance from the previously published IoT Security Maturity Model (SMM): Practitioner’s Guide for digital twin systems. It enables those who design and deploy digital twins to understand how to better evaluate and achieve appropriate security maturity for their systems.
“Digital twins are not simply software as they can be connected and synchronized with real critical assets,” said Ron Zahavi, IoT SMM co-author and DTC Executive Director. “This work is the result of collaboration between the IIC and DTC and explores what is unique to digital twins in the context of IoT security maturity.”
Digital twins are a virtual representation of real-world processes and entities synchronized in frequency and fidelity, thus raising unique security maturity concerns beyond the general considerations. The digital twin profile emphasizes the need to understand the nature of the digital twin system, including one or multiple digital twins and how they relate to assets and organizational boundaries, and the scope and function of the frequency and fidelity of synchronization.
“Digital twin technology is becoming central to digital transformation, so it is important to understand how to achieve security maturity when using it,” said Frederick Hirsch, co-author of the IoT Security Maturity Model and co-chair of the IIC Trustworthiness Task Group. “This profile will enable a better and faster understanding of the issues related to security maturity for digital twin systems.”
The profile highlights that maturity for the SMM security practices can range from considering twins and assets separately to pro-active considerations of the complete systems. The document guides the eighteen SMM practices ranging from security program management to data protection, remediation, and recovery related to this need range.
“Security and trustworthiness in connected systems depend just as much on people and process as they do technology,” said Jon Geater, co-author of the IoT SMM Digital Twin Profile and Chief Product Officer at RKVST (formerly Jitsuin). “The release of this detailed maturity model for vendors and users of digital twins is a huge step forward in enabling understanding and evaluation of trustworthiness of these systems in the real world.”
Organizations can combine the Digital Twin Profile with SMM mappings such as the industrial manufacturing 62443 mappings to relate concrete security controls requirements with maturity comprehensiveness levels for practices. They can also combine it with other SMM vertical industry profiles to provide digital twin guidance that is useful for various industries. In conjunction with the general guidance in the SMM practitioner’s guide, these guides can help practitioners achieve an appropriate level of security maturity for digital twin systems.
“The release of the digital twin security maturity models adds an important step to achieving safe and secure operation of connected systems of systems,” Dr. Detlev Richter, TÜV SÜD Product Service GmbH, Vice President, Global Head of Industrial and Energy Products.
Please download the IoT Security Maturity Model Digital Twin Profile from IIC and DTC websites for more information. You will also find a complete list of the contributing authors in the document.
Industry IoT Consortium
The Industry IoT Consortium delivers transformative business value to industry, organizations, and society by accelerating the adoption of a trustworthy internet of things. The Industry IoT Consortium is a program of the Object Management Group (OMG).
About Digital Twin Consortium
The Digital Twin Consortium is The Authority in Digital Twin. It coalesces industry, government, and academia to drive consistency in vocabulary, architecture, security, and interoperability of digital twin technology. It advances digital twin technology in many industries, from Aerospace to natural resources. Digital Twin Consortium is a program of Object Management Group. For more information, visit https://www.digitaltwinconsortium.org.
Note to editors: Industry IoT Consortium and Digital Twin Consortium are registered trademarks of OMG. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.