1. Introduction 

As vehicles become smarter with connected systems, self-driving features, and advanced safety technologies, the need for TARA at the system and vehicle levels is more important than ever. However, conducting TARA directly on a vehicle is challenging if the system is not properly modeled, requiring engineers to revisit and update the assessment as the system or vehicle evolves. While TARA for individual components is straightforward, it becomes more complex at the system or vehicle level. To handle this complexity, we analyze the TOE from two perspectives: Cyberspace and Physical space. The Digital Twin exists in cyberspace as a virtual representation of the vehicle, replicating its electronic systems and communication networks. The real vehicle, on the other hand, exists in physical space, consisting of hardware components, sensors, and actuators. With a Digital Twin, we can perform cybersecurity assessments in cyberspace, simulating real-world threats, identifying vulnerabilities, and testing security measures more efficiently. By bridging the gap between cyberspace and physical space, we enhance security while saving time and resources. The Digital Twin creates a virtual copy of the vehicle, reducing guesswork and rework leading to a smoother risk assessment during development. It also follows ISO/SAE 21434 and UNECE WP.29 by automating TARA, security testing, and monitoring while making compliance easier with automated reports and risk checks.

2. Digital Twin for TARA

2.1 What is a Digital Twin in Cybersecurity?

A Digital Twin is a real-time virtual model of a physical system that replicates its behavior, interactions, and vulnerabilities. In vehicle cybersecurity, a Digital Twin mirrors the:

• ECUs, their software and may even contain information regarding the SBOM
• In-vehicle networks (CAN, Ethernet, FlexRay)
• External communication interfaces (V2X, Bluetooth, cellular, etc)
• Security controls (firewalls, IDS, encryption mechanisms)

This virtual environment allows security engineers to test cyber threats and evaluate countermeasures without exposing real vehicles to risk.

2.2 Enhancing TARA with Digital Twin

Traditional TARA methods involve identifying threats based on static system architecture and predefined attack paths. However, vehicle cybersecurity threats are constantly evolving, making static assessments insufficient. Using a Digital Twin in the TARA process helps automate tasks and keep risk assessments up to date.

• Automated and Updated TARA – A Digital Twin can constantly monitor vehicle parts, detect new threats, and update TARA based on real-world data, reducing manual work.
• Engineering-Driven Automation – Instead of relying on the TARA team, the engineering team can use a Digital Twin to automate threat detection, simulate cyberattacks, and test security controls, allowing them to conduct TARA independently, faster, and with greater accuracy.
• Better Risk Assessment – By analyzing real and simulated attack data, the Digital Twin improves risk evaluation and helps develop better security strategies.

3. Simulating a TARA in a Digital Twin Environment

To perform a simulated TARA using a Digital Twin, we follow these steps:

Step 1: Asset Identification

To conduct a TARA using a Digital Twin, we begin by defining key vehicle components within a virtual environment. Digital Twin technology varies in complexity and integration, categorized into four primary types:

1. Component Twins: Represent individual components, such as a brake sensor or actuator, for monitoring performance and predicting failures.
2. Asset Twins: Digital replicas of complete physical assets, like a vehicle or an engine, providing a holistic view of their operation.
3. System Twins: Simulate interconnected assets working together, such as an entire braking system, to analyze interactions and optimize performance.
4. Process Twins: Capture entire workflows, such as vehicle manufacturing or supply chain logistics, for efficiency optimization.

For our simulation, we can use a System Twin of a vehicle’s braking system, though it is not strictly necessary. This involves employing Python and CARLA to model critical components such as the Brake ECU, ABS, actuators, and communication links (e.g., CAN bus). The System Twin enables:

• Baseline Behavior Simulation: Assessing normal braking performance under different driving conditions.
• Cyberattack Simulation: Injecting malicious CAN messages to override or disable braking functions, mimicking real-world attacks.
• Impact Assessment & Countermeasure Testing: Evaluating system response and implementing security measures.

A System Twin gives us a clearer picture of how cyber threats impact a vehicle’s braking system, helping us improve security. But simpler Asset Twins can also work well, depending on the project.

Step 2: Threat Identification

• Model potential attack vectors:
  • Remote Attacks (wireless injection, OTA message spoofing)
  • Network Attacks (CAN bus spoofing, DoS attacks)
  • Sensor Attacks (LiDAR blinding, GPS spoofing)
• Simulate these attacks within the Digital Twin and observe system responses.

Step 3: Damage Scenario Analysis

After identifying threats, we check how they could harm the braking system. For example, a CAN bus attack might cause brake failure or sudden stops, leading to accidents, which we test in the Digital Twin.

Step 4, 5: Risk Assessment & Quantification and Risk Treatment & Mitigation Testing

• Implement security countermeasures in the Digital Twin (firewalls, encryption, intrusion detection).
• Simulate post-mitigation attack scenarios in the Digital Twin to validate their effectiveness.
• Iterate and refine the TARA model based on real-time Digital Twin findings.

 In table below we showed the performance of digital twin in TARA by comparing the TARA process for a braking system, both with and without Digital Twin:

TARA Steps	Without Digital Twin	With Digital Twin
1. Asset Identification	Identify braking system components (ECU, sensors, CAN bus).	Model braking system components virtually (EBCU, sensors, CAN bus).
2. Damage Scenario Analysis	Assess damage scenarios (e.g., loss of braking).	Simulate and see how attacks affect braking performance.
3. Impact Rating	Estimate the consequences of an attack	Simulate and calculate the real-time impact of the attack on braking.
4. Threat Identification	Identify threats (e.g., CAN spoofing, sensor tampering).	Simulate threats (e.g., spoofing attack) in the virtual model.
5. Feasibility Rating	Estimate how likely an attack is based on experience.	Rate how likely an attack is based on real-time simulations.
6. Risk Assessment	Assess risks based on past data	Continuously assess risks with real-time data from the digital model.
7. Risk Treatment & Mitigation	Propose and apply solutions (e.g., encryption for CAN bus).	Test and improve solutions in real-time using the digital model.

4. Pros and Cons of Using Digital Twin in TARA

Pros:

1. Saves Money
   Digital Twin allows testing without needing physical parts or expensive hardware. This makes it cheaper, especially during early development when parts might not be available or are too costly.
2. Early Issue Detection
   By simulating vehicle systems, a Digital Twin helps identify weaknesses or security vulnerabilities early in the development process. You can test different attacks on the system in a virtual world before they happen in real life.
3. Safe Testing
   You can test dangerous scenarios, like a hacker attacking the vehicle’s braking system, without putting anyone at risk. This is much safer than testing in real life.
4. Real-Time Testing
   Digital Twin can simulate how the vehicle’s systems react in real-time to cyber-attacks. This gives a more realistic and up-to-date view of how the system performs in changing conditions.
5. Reusable and Scalable
   Once you create a Digital Twin, you can use it for many different tests and scenarios. It’s also easy to test new systems and features without building new physical models every time.

Cons:

1. Difficult to Set Up
   Building a Digital Twin requires time and expertise to accurately model a vehicle’s systems. However, Machine Learning can help automate and simplify the process.
2. Potential Inaccuracies
   A Digital Twin may not perfectly replicate real-world vehicle behavior, which can lead to less precise results.
3. Requires Reliable Data
   The accuracy of a Digital Twin depends on high-quality, up-to-date data. Incorrect or missing data can lead to unreliable outcomes.
4. Integration Challenges
   Connecting a Digital Twin with existing vehicle software can be difficult, especially for older systems.
5. Privacy Concerns
   If a Digital Twin incorporates personal or sensitive data, strong security measures must be in place to prevent privacy risks and unauthorized access.

5. Conclusion

Digital Twin technology is revolutionizing TARA in automotive cybersecurity by enabling real-time, automated risk assessments. By digitally simulating threats and security responses, it enhances threat detection, compliance, and risk management while reducing costs and testing risks.

At Block Harbor, we are able to utilize Digital Twin technology within VSEC’s Garage Module to bridge the gap between virtual simulations and real-world testing.

• Virtual-to-Physical Integration: The Digital Twin automates TARA and seamlessly connects to the Garage Module in VSEC, enabling a smooth transition between cybersecurity simulations and physical validation on actual vehicle components.
• Comprehensive Cybersecurity Assessments: The Digital Twin creates a virtual replica of the vehicle, reducing guesswork and ensuring more accurate, data-driven risk assessments during development.
• Real & Simulated Testing in Garage Module: The Garage Module within VSEC provides a dedicated environment for testing security measures on both real and simulated vehicle components, improving accuracy, efficiency, and reliability in cybersecurity evaluations.
• Automated Compliance & Risk Monitoring: Digital Twin technology aligns with ISO/SAE 21434 and UNECE WP.29, streamlining TARA, security testing, and risk monitoring with automated reports and compliance checks.

Block Harbor is here to help with any automotive cybersecurity-related activities. Block Harbor now offers a TARA package that includes guidance and template documentation. Contact us here for more information.