“Nearly in all conferences, fairs or technology events, everybody is talking about the same topics: cyber-physical systems, digital twins, trusted digital systems, AI-enabled smart cyber-physical systems, and automated solutions. Nearly all stakeholders agree that these new generation technologies should be monitorable, verifiable, safe, secure and privacy-aware. This is where the keyword ‘trustworthiness’ comes to the ground” says Prof. Salih Ergün, CTO of ERARGE and having 25+ years of experience in cyber-physical systems and published or demonstrated many innovations in worldwide flagship scientific conferences like IEEE International Symposiums on Circuits and Systems (ISCAS, LASCAS, NEWCAS, HOST) or Systems, Man and Cybernetics (SMC).
Digital Twins (DT) have come forward especially in the last decade as a promising paradigm for run-time modelling, monitoring, prediction of cyber-physical systems (CPS) and enabling actuation and response in case of a problem occurs and even while such systems are operating in the loop. As addressed in the VALU3S project, funded under the H2020-ECSEL Programme, DTs provide an effective and efficient way of verifying and validating the automated solutions in various domains like automotive, Industry 4.0, health, aerospace, transportation and smart cities, etc.
The digital systems have evolved to “System of systems” which present an ecosystem as a complex set of many cyber-physical systems, sub-systems, modules, devices, and entities actuating, operating and interacting with each other in the loop. Either isolated or connected operational technologies such as industrial control systems (ICS), SCADA systems, sensor stations, robotic infrastructures and actuator systems need to work in perfect harmony. The entire System of Systems should be resilient to operational failures, malfunctioning components, human error, accidents and intended cyber, physical and/or cyber-physical attacks against the vulnerable chains within the entire set of operating nodes and services.
ERARGE has conducted joint work with VALU3S partners within Task 1.4, to identify the potential privacy, security and safety vulnerabilities and their mapping with the well-known and renowned ENISA threat taxonomy . During this joint work, it has been identified once again that privacy, security and safety threats are inter-related and one may trigger the other if effective countermeasures are not applied. For instance, a cyberattack against the authentication mechanism in a cyber-physical system may cause privacy leakages and then security vulnerabilities. Or an unintended failure that occurred due to a human error or a system misconfiguration may cause safety problems like accidents in robotic systems. Thus, Verification and Validation of underlying components in any typical DT (or in general cyber-physical system) play a critical role in assuring the trustworthiness, reliability and accountability for more resilient automated systems.
In VALU3S, ERARGE has proposed an active cyber-physical resilience solution based on verification and validation of hardware-based cryptographic tools. This solution enables the privacy and security assessments applied within the DT of a system rather than the active physical twin. The proposed approach relies on assuring security and privacy protection starting from the physical layer where the data is generated. For instance, in one of the use cases of VALU3S (led by Otokar), cyber-physical protection is applied at end nodes where the data is generated and captured by cameras installed on robotic arms are secured. The proof-of-concept use case is based on an automated robot inspection cell used for the automotive body-in-white tests. Contributing partners are working on the trajectory planning of robotic arms and the optimisation of the inspection processes in terms of accuracy and time. ERARGE has a different approach to identifying potential attack surfaces and vulnerabilities that may be originated from cyber-physical threats. The solution idea is based on implementing the secure DT of the existing actual system and enhancing the end-to-end security between the nodes and services within the system topology. The DT counterpart of the actual system also presents the potential protective countermeasures that can be applied to prevent cyber-attacks targeting the low-level hardware-based components within the cyber-physical system.
The proposed solution is advanced with a vulnerability analysis scheme to verify and validate the cryptographic components utilised within the cyber-physical system. The innovation here is to assure that true random number generation is realised by assuring the non-deterministic randomness, unpredictability, reliability and robustness criteria presenting a fully-trusted cryptographic key and secret generation. This approach has been realised over hardware-based cryptographic devices, like PRIGM, a high-throughput hardware security module, and Senstation, a high-performance sensor station strengthened with the secure gateway. These hardware-based cryptographic solutions cordially enable point-to-point security between any node pairs (systems, edge devices, service, users’ applications, sensors, actuators, etc.) in any smart automated cyber-physical system. Senstation, at peripherals (client-side), and PRIGM at operation control centres (server-side), are paired to apply cryptographic functions where data is generated. Thus, many trusted digital channels can be established without interrupting or impeding the working systems. Therefore, the verification and validation of the system can be employed over the DT of the physical system.
ERARGE’s CEO Mr Salih Halit Ergün, who had recently participated in a big technology fair in Munich on 23-24th of November 2021, namely BIM-World  (BIM: Building Information Model) say that “We see the same thing here in Munich even in a very dedicated area of architecture and construction sector. Although the digitalisation level is generally quite low in the Architecture-Engineering-Construction (AEC) sector, there is an increasing demand for trusted, easy-to-use and easy-to-verify cyber-physical systems in emerging areas of smart buildings and smart cities. I’m glad to see that the VALU3S vision is also applicable for other sectors, including the AEC, where IoT-enabled distributed systems, digital building twins, and automated solutions are getting indispensable and even mandatory by law.”
 Kanak, A., Ergun, S., Ozkan, M., Çokünlü, G., Yayan, U., Karaca, M., & Arslan, A. T. (2021). Verification and validation of an automated robot inspection cell for automotive body-in-white: a use case for the VALU3S ECSEL project. Open Research Europe, 1(115), 115.