Small business research projects use technology to help detect cyber threats > Defense Logistics Agency > News Article View
FORT BELVOIR, Va. –
Researching the use of digital twins that leverages artificial intelligence and zero trust principles is helping the Defense Logistics Agency safeguard its operational technology systems against cyber intrusions.
Through two related Small Business Innovation Research phase I contracts, DLA is exploring the creation of digital twins for its OT systems which use hardware and software to monitor and control processes and devices, such as heating, ventilation and air conditioning systems. Digital twins are virtual models that replicate their physical counterparts with real-time and historical data to help identify potential vulnerabilities.
The SBIR program encourages small businesses to engage in federal research and development projects with the potential for commercialization. Phase I awards demonstrate the feasibility of technologies that can benefit DLA’s mission.
Logistics Technology Research Program Manager Barry Humphrey and Defense Logistics Information Research Program Manager Senthil Arul initiated and lead the projects. They are working closely with experts in DLA’s cybersecurity directorate to find ways to leverage the technology, including Anthony Cotonio, an information systems security manager.
The first contract ended in September and incorporated AI in the cyber digital twins to detect anomalies that could indicate potential cyber threats. The twins provided DLA with insights into possible weaknesses in the OT system by baselining system behavior and employing machine learning algorithms to automatically detect abnormal patterns, trigger alerts and provide predictive insights into potential vulnerabilities.
“By continuously analyzing this operational data, AI can recognize deviations and alert DLA personnel to unusual activities that may suggest a cyberattack in real time,” Humphrey said.
In addition to detection capabilities, the digital twins provide DLA with insights into possible weaknesses in the OT system. Simulating various attack scenarios allows DLA to better understand the potential impacts of cyber threats and devise strategies to bolster system resilience.
“Digital twins are excellent additions to our toolset by allowing us to monitor and test systems without unnecessarily exposing them to outside threats,” Cotonio said.
This capability not only enhances the immediate response to incidents, but by collecting and aggregating attack data and patterns from cyber intrusion attempts, DLA gains a better understanding of threat landscapes to develop more effective countermeasures, Humphrey added.
The subsequent SBIR contract that runs through September 2025 is integrating zero trust into the cyber digital twins. Through the use of continuous monitoring, least privilege access and network segmentation, DLA will maintain better control over data flows which could reduce unauthorized access and data breaches. This safeguards the digital twin itself and enhances the overall OT systems security.
Additionally, DLA can integrate risk management framework controls which provide dynamic risk assessments and enable the agency to select appropriate security controls, Cotonio said.
“The insights we learn from cyber digital twins can help DLA continuously strengthen security measures for the agency and our partners,” Humphrey said. “This helps us build a more resilient cybersecurity posture.”
The proactive approach of combining cyber digital twin and zero trust principles could provide DLA with a robust framework for ensuring the integrity and availability of critical operational technologies which ultimately enhances mission readiness, he added.
link