Saved in:
Bibliographic Details
Main Authors: Koufos, Ioannis, Qureshi, Abdul Rehman, Asensio, Adrian, Abishek, Allen, Zaragkas, Efstathios, Vilalta, Ricard, Souvalioti, Maria, Xilouris, George, Kourtis, Michael-Alexandros
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2509.07649
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908527646212096
author Koufos, Ioannis
Qureshi, Abdul Rehman
Asensio, Adrian
Abishek, Allen
Zaragkas, Efstathios
Vilalta, Ricard
Souvalioti, Maria
Xilouris, George
Kourtis, Michael-Alexandros
author_facet Koufos, Ioannis
Qureshi, Abdul Rehman
Asensio, Adrian
Abishek, Allen
Zaragkas, Efstathios
Vilalta, Ricard
Souvalioti, Maria
Xilouris, George
Kourtis, Michael-Alexandros
contents Traditional risk assessments rely on manual audits and system scans, often causing operational disruptions and leaving security gaps. To address these challenges, this work presents Security Digital Twin-as-a-Service (SDT-aaS), a novel approach that leverages Digital Twin (DT) technology for automated, non-intrusive security compliance. SDT-aaS enables real-time security assessments by mirroring real-world assets, collecting compliance artifacts, and creating machine-readable evidence. The proposed work is a scalable and interoperable solution that supports open standards like CycloneDX and Web of Things (WoT), facilitating seamless integration and efficient compliance management. Empirical results from a moderate-scale infrastructure use case demonstrate its feasibility and performance, paving the way for efficient, on-demand cybersecurity governance with minimal operational impact.
format Preprint
id arxiv_https___arxiv_org_abs_2509_07649
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Leveraging Digital Twin-as-a-Service Towards Continuous and Automated Cybersecurity Certification
Koufos, Ioannis
Qureshi, Abdul Rehman
Asensio, Adrian
Abishek, Allen
Zaragkas, Efstathios
Vilalta, Ricard
Souvalioti, Maria
Xilouris, George
Kourtis, Michael-Alexandros
Cryptography and Security
Performance
Traditional risk assessments rely on manual audits and system scans, often causing operational disruptions and leaving security gaps. To address these challenges, this work presents Security Digital Twin-as-a-Service (SDT-aaS), a novel approach that leverages Digital Twin (DT) technology for automated, non-intrusive security compliance. SDT-aaS enables real-time security assessments by mirroring real-world assets, collecting compliance artifacts, and creating machine-readable evidence. The proposed work is a scalable and interoperable solution that supports open standards like CycloneDX and Web of Things (WoT), facilitating seamless integration and efficient compliance management. Empirical results from a moderate-scale infrastructure use case demonstrate its feasibility and performance, paving the way for efficient, on-demand cybersecurity governance with minimal operational impact.
title Leveraging Digital Twin-as-a-Service Towards Continuous and Automated Cybersecurity Certification
topic Cryptography and Security
Performance
url https://arxiv.org/abs/2509.07649