Reliability and risk assessment methodologies for cyber-physical systems that heavily rely on historical failure data and public vulnerability databases are increasingly ineffective against "zero-day" threats-unknown vulnerabilities for which no data or signatures exist. This paper proposes to quantify the system resilience against these vulnerabilities through a what-if analysis based on a stochastic simulation framework using a security twin. A security twin enriches a digital twin with information to discover the possible actions for a threat actor in an intrusion, effectively generating the search space for these intrusions. To assess the system resilience, our what-if analysis systematically injects hypothetical zero-day vulnerabilities into the system modules. Only the security twin is affected by the injection, while the cyber-physical system is unaffected. Our framework runs extensive Monte Carlo simulations using the security twin to discover possible intrusions. Then, we measure the resulting degradation of resilience using metrics such as Mean Time to Compromise and Intrusion Success Percentage. Our results show that the topological centrality of the target of the injection is a more significant predictor of systemic failure than the intrinsic vulnerability severity. If the zero-day compromises internal "pivot points" of the system, the time-to-compromise reduces by up to 88 % compared to perimeter breaches. These findings provide a quantitative basis for optimizing network segmentation and enhance resilience.
Quantifying Resilience of Cyber-Physical Systems to Zero-Day Threats: A Digital Twin-Based What-If Analysis
Fabrizio Baiardi
;Vincenzo Sammartino
2026-01-01
Abstract
Reliability and risk assessment methodologies for cyber-physical systems that heavily rely on historical failure data and public vulnerability databases are increasingly ineffective against "zero-day" threats-unknown vulnerabilities for which no data or signatures exist. This paper proposes to quantify the system resilience against these vulnerabilities through a what-if analysis based on a stochastic simulation framework using a security twin. A security twin enriches a digital twin with information to discover the possible actions for a threat actor in an intrusion, effectively generating the search space for these intrusions. To assess the system resilience, our what-if analysis systematically injects hypothetical zero-day vulnerabilities into the system modules. Only the security twin is affected by the injection, while the cyber-physical system is unaffected. Our framework runs extensive Monte Carlo simulations using the security twin to discover possible intrusions. Then, we measure the resulting degradation of resilience using metrics such as Mean Time to Compromise and Intrusion Success Percentage. Our results show that the topological centrality of the target of the injection is a more significant predictor of systemic failure than the intrinsic vulnerability severity. If the zero-day compromises internal "pivot points" of the system, the time-to-compromise reduces by up to 88 % compared to perimeter breaches. These findings provide a quantitative basis for optimizing network segmentation and enhance resilience.| File | Dimensione | Formato | |
|---|---|---|---|
|
Paper_What_If__ESREL2026_.pdf
accesso aperto
Tipologia:
Documento in Pre-print
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
213.96 kB
Formato
Adobe PDF
|
213.96 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.


