Home // CYBER 2025, The Tenth International Conference on Cyber-Technologies and Cyber-Systems // View article
Authors:
Ilinca-Laura Burdulea
Sonika Gogineni
Stamatios Kostopoulos
Evangelos K. Markakis
Kyriakos N. Manganaris
Fotis I. Lazarakis
Keywords: Digital Twin; Cybersecurity; Critical Infrastructure; Functional Requirements; NIS2 Directive.
Abstract:
Digital Twins (DTs) are a promising solution for enhancing the security and resilience of critical infrastructure. However, existing approaches rarely present systematic ways to capture stakeholder cybersecurity needs and map them to actionable functional requirements. This paper addresses that gap by presenting a user-centric methodology for deriving functional requirements for cybersecurity-focused digital twins in critical infrastructures. As part of the EU-funded Integrated Software Toolbox for Secure IoT-to-Cloud Computing (INTACT) project, we apply this approach to two distinct use cases, namely a healthcare facility and a nuclear reactor facility. Stakeholder cybersecurity objectives are mapped to user stories, categorized into scenarios according to a taxonomy aligned with the Network and Information Systems (NIS2) directive, and translated into functional requirements using the INTACT reference architecture. The process highlights that cybersecurity needs are driven more by stakeholder roles than infrastructure type, enabling reuse of core DT functions across domains. By integrating user needs early in the design phase, this methodology supports systematic, replicable DT functional design with a focus on cybersecurity and human-factor risks.
Pages: 18 to 23
Copyright: Copyright (c) IARIA, 2025
Publication date: September 28, 2025
Published in: conference
ISSN: 2519-8599
ISBN: 978-1-68558-295-1
Location: Lisbon, Portugal
Dates: from September 28, 2025 to October 2, 2025