Digital Twin for Adaptive Adversary Emulation in IIoT Control Networks
Javier Parada, Cristina Alcaraz, Javier Lopez, and 2 more authors
In Computer Security – ESORICS 2025, 2026
The number of threats in industrial ecosystems is increasing, especially in critical sectors, which have become a particularly lucrative target. These ecosystems have evolved into very complex interconnected systems, driven by the need to adapt to new digitalization and automation trends which extend their attack surface. In addition, the criticality of these systems makes them particularly difficult to test. For these reasons, this paper covers the application of digital twins as the target of Adversary Emulation for the purpose of improving the security of industrial environments. This is done by involving automated and adaptive adversaries by means of reinforcement learning. Starting from an offensive strategy, these adversaries are able to adapt to the context, attacking the most critical parts of industrial systems. Adversarial attacks are driven by control theory and centrality techniques, providing a safe and efficient way to test critical industrial networks. The proposed methodology also includes the effective training and validation of adversaries by creating a probabilistic model from the analysis of digital twins. The paper provides relevant results on the development of adversarial adversaries and test models, and highlights the importance and opportunities of attack automation in virtualized environments.
Digital Twin for Adaptive Adversary Emulation in IIoT Control NetworksIn Computer Security – ESORICS 2025, 2026