IEEE Digital Reality: Digital Twins for Trustworthy Autonomy

The next generation of run-time risk models will act as Digital Twins to anticipate threats and enable novel paradigms, like proactive dependability and collaborative security, as support to prognostics and preventive maintenance in Industry 4.0 and other Smart-X applications (e.g.,smart-houses, smart-cities, smart-transportation, etc.).

The concept of risk is a combination of threat probabilities, vulnerabilities, and expected consequences. In traditional risk modeling and evaluation, during the design phase, analyses are performed and may be repeated periodically or at relevant system changes. With such an approach, there is no possibility to evaluate how the risk evolves over time as a condition of the actual system state and detected threats. One challenging objective, in the field of connected cyber-physical systems (CPS) and the Internet of Things (IoT), is to improve resilience by providing non-trivial mechanisms for run-time threat-detection, risk estimation, and system reconfiguration following Self-Xprinciples like self-diagnostics and self-healing. Threats include faults, errors, and failures, and can be either intentional (e.g. security attacks) or unintentional (e.g. random faults).

Developing model-based approaches, allowing for run-time risk evaluation accounting for uncertainties in a system itself and in the surrounding environment, is extremely important. Those models should account for the growing complexity (size, distribution, heterogeneity), and criticality of modern cyber-physical systems. Multi-paradigm modeling can combine probabilistic modeling languages, borrowed from Artificial Intelligence (e.g.Bayesian Networks), with formalisms like high-level Petri Nets, in order to find the optimal balance and trade-off between ease of use, expressive power, and solving efficiency.

Models used in static risk assessment during the design phase can be reused and integrated into appropriate frameworks. This will allow online monitoring of relevant system parameters, threat detection, and dynamic adaptation to respond to threats. In critical applications, the reuse of suitable models already employed for system certification together with run-time model-checking supports explainable Artificial Intelligence (XAI) that is required in order to build a trustworthy autonomous CPS, such as a self-driving vehicle.