Exploiting Digital Twin technology for Cybersecurity Monitoring in Smart Grids

The adoption of Digital Twin technology has witnessed significant growth in various domains, enabling continuous monitoring and testing in diverse applications. In the context of safeguarding critical infrastructures, particularly smart grids, Digital Twin has emerged as a viable solution to meet the requirements outlined in the NIS2 directive issued by the European Commission. Additionally, the increasing trend in Europe towards establishing shared dataspaces, and fostering collaborative environments through data sharing, necessitates a heightened focus on cybersecurity risks. This study focuses on enhancing cybersecurity measures in critical infrastructure, with a specific emphasis on the energy sector and smart grids. To achieve this objective, a robust architecture is proposed for the cybersecurity monitoring of a smart power and distribution grid. The proposed approach involves the transformation of a system model, conforming to the Common Information Model standard for the power system domain, into a digital twin model powered by FIWARE, an open-source platform. The architecture incorporates a SIEM (Security Information and Event Management) solution built on open-source technologies. A comprehensive validation is conducted through a real-world case study, providing empirical evidence of the effectiveness of the proposed approach.