Threat Modeling and Attacks on Digital Twins of Vehicles: A Systematic Literature Review

Abstract

This systematic literature review pioneers the synthesis of cybersecurity challenges for automotive digital twins (DTs), a critical yet underexplored frontier in connected vehicle security. The notion of digital twins, which act as simulated counterparts to real-world systems, is revolutionizing secure system design within the automotive sector. As contemporary vehicles become more dependent on interconnected electronic systems, the likelihood of cyber threats is escalating. This comprehensive literature review seeks to analyze existing research on threat modeling and security testing in automotive digital twins, aiming to pinpoint emerging patterns, evaluate current approaches, and identify future research avenues. Guided by the PRISMA framework, we rigorously analyze 23 studies from 882 publications to address three research questions: (1) How are threats to automotive DTs identified and assessed? (2) What methodologies drive threat modeling? Lastly, (3) what techniques validate threat models and simulate attacks? The novelty of this study lies in its structured classification of digital twin types (physics based, data driven, hybrid), its inclusion of a groundbreaking threat taxonomy across architectural layers (e.g., ECU tampering, CAN-Bus spoofing), the integration of the 5C taxonomy with layered architectures for DT security testing, and its analysis of domain-specific tools such as VehicleLang and embedded intrusion detection systems. The findings expose significant deficiencies in the strength and validation of threat models, highlighting the necessity for more adaptable and comprehensive testing methods. By exposing gaps in scalability, trust, and safety, and proposing actionable solutions aligned with UNECE R155, this SLR delivers a robust framework to advance secure DT development, empowering researchers and industry to fortify vehicle resilience against evolving cyber threats.