Background: Digital twins (DTs) are increasingly used in critical infrastructure to link operational technology with cyber-physical systems. Their feedback loops data collection, modeling, and actuation make them highly vulnerable to cyber threats.
Objective: This review aimed to identify cybersecurity and privacy risks specific to DTs in industrial control systems (ICS) and to map current defenses against established security frameworks.
Methods: We conducted a systematic review following PRISMA 2020 guidelines. Five databases (PubMed, IEEE Xplore, ACM Digital Library, Scopus, Web of Science) and grey literature sources were searched up to June 2024. Studies were screened in duplicate using predefined inclusion criteria, and methodological quality was assessed with a 10-point rubric.
Results: From 1,276 records, 124 studies met inclusion. Common risks included data poisoning, model inversion, drift, and unsafe actuation. Mitigation strategies included adversarial training, secure middleware, anomaly detection, and compliance with IEC 62443 and NIST guidelines. A crosswalk analysis showed limited alignment between proposed defenses and existing frameworks.
Conclusions: DTs introduce unique vulnerabilities beyond conventional ICS systems. Existing standards only partly address these risks. Sector-specific extensions, simulation-based adversarial testing, and new trust metrics are urgently needed.