digital twins for industrial iotnetworking
TRANSCRIPT
![Page 1: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/1.jpg)
Digital twins for Industrial IoT networkingFranco Callegati, Chiara Grasselli, Chiara Contoli, Andrea Melis
Alma Mater Studiorum – Università di Bologna
IETF 112 – NMRG Session – Nov. 8, 2021
![Page 2: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/2.jpg)
I4S Project objectives
§ Innovative tools and methodologies for the analysis and objective measurement of the cyber risk level associated with connectedproduction plants
§ Analysis document related to the implementation of connectedindustrial plants characterized by a high level of resilience to cyber threats
§ Technological solutions to improve the cybersecurity of connected production plants
§ Implementation of an innovative system to emulate connectedproduction plants, evaluation of their cybersecurity level and testing of technological solutions for the cybersecurity
2
![Page 3: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/3.jpg)
Objective
§ Combine the principles of:• cyber-range
• Environment for cybersecurity training and technology validation and testing
• digital twin• Realistic virtual replica of a real system• The digital twin does not interfere with the «real twin»
§ Implement a digital twin of a typical industrial network architecture to be used as cyber-range environment for training, risk analysis and testing
3
![Page 4: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/4.jpg)
Principles
§ Virtualization technologies and NFV, SDN paradigms
§ ETSI Management and Orchestration (MANO)• Architecture design • «Building blocks» and topology description• Automated deployment process and configuration
4
![Page 5: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/5.jpg)
Digital twin reference architecture
5
![Page 6: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/6.jpg)
Digital twin lifecycle
§ Inspired by Network Slicing concept and principles• Defined by 3GPP for 5G networks
Preparation Commissioning Operation De-Commissioning
Design OnBoarding
Network Environment Preparation
Activation
Supervise Report
De-Activation
Modification
TerminateCreate
Lifecycle of a network slice instance
6
![Page 7: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/7.jpg)
Software platforms
§ Open Source MANO (OSM)• NFV-MANO platform
§ OpenStack• Cloud IaaS platform• Virtualized Infrastructure Manager
(VIM)
7
![Page 8: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/8.jpg)
Management and Orchestration
VNFdescriptors
NSdescriptors
Image Repo.
OrchestratorM
anagement
Cloud
8
![Page 9: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/9.jpg)
Digital twin components
§ Virtual Network Functions:• Deep Packet Inspector• IPS/IDS• Firewall• Traffic shaper• VPN server
§ Virtual applications:• CANopen gateway, OPC UA client• MQTT broker• Modbus traffic generator• LoRa simulator
9
![Page 10: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/10.jpg)
Current deployment
Internal RouterIoT analytics
IDS
Traffic generator
With
CorporateFirewall
Management Console
Internet
Attacker
With
10
![Page 11: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/11.jpg)
IEC 62443 model
Internal RouterIoT analytics
IDS
Traffic generator
With
CorporateFirewall
Management Console
Internet
Attacker
With
EnterpriseOperationField
11
![Page 12: Digital twins for Industrial IoTnetworking](https://reader031.vdocuments.site/reader031/viewer/2022022811/621b771585c5de246c6bff84/html5/thumbnails/12.jpg)
Time for demo!
https://drive.google.com/file/d/1AoLIp1p4AcUfWJPEyruYyUbWsuWeCAl2/view?usp=sharing
12