Digital twins have been one of the big topics in Industry 4.0 for several years now. Virtual representations of physical industrial products that help optimize processes, reduce costs, and prevent downtime sound highly compelling—and they are. But the hard truth is that getting there can still be a difficult journey. One major reason is the lack of a standard that makes practical implementation and adoption easier. Or at least that used to be the case—before the Asset Administration Shell (AAS).
Everyone builds their own digital twin
Industry has high hopes for digital twins. As early as 2023, nearly 60 percent of German manufacturing companies saw the technology as an essential basis for sustainable development, according to Bitkom—not least because it can open up entirely new business models. And yes, the outlook is promising. Digital twins collect data from sensors, software, and processes in order to simulate, analyze, and optimize operations. In theory, that allows organizations to implement predictive maintenance, reduce costs, and improve productivity.
In practice, however, these benefits often still sound like something from the distant future. Without consistent standards, decision-makers are left facing unusable data silos. Every company develops its own models. Machines and software are barely compatible, and data has to be integrated manually—a process that is both expensive and error-prone. New systems can only be connected with significant effort because there is no common interface. Real-time analysis often fails because data from different sources cannot be brought together directly due to incompatible formats. As a result, the concept of the digital twin often falls short of what it could actually deliver.
The game changer: Asset Administration Shell
In reality, reaching the next level is not nearly as difficult as it may seem. With an innovative concept—the Asset Administration Shell (AAS)—companies can unlock the next stage. This digital shell, as the term is often translated, is the key to making digital twins not only storable, but standardized and truly usable.
It forms the backbone of the structural integration of a digital twin by acting as a standardized information layer between the physical asset and its digital representations. While many digital twins today are still isolated and difficult to integrate, the AAS ensures that machines, systems, and software all speak the same language. And that brings us a step closer to the benefits everyone has been hoping for.
AAS in brief
The AAS contains the digital identity of an asset—whether that asset is a machine, vehicle, or production system. It ensures that all relevant information is captured in a structured, interoperable, and secure way. Its structure follows a clear model:
- Metadata: stores identifying characteristics of the asset
- Submodels: contain all technical and operational properties of the asset
- Submodel elements: go into greater detail and record specific data such as sensor values, maintenance history, or operating parameters
Thanks to the Asset Administration Shell, digital twins can be represented consistently, information can be managed across the entire lifecycle, and secure access to data can be controlled.
To help shape a promising future for digital twins—and, by extension, for modern industry through the AAS—the Industrial Digital Twin Association (IDTA) is also actively involved. This alliance of technology leaders is working to establish industry standards. The result is that missing interoperability, difficult integration, and weak security mechanisms can give way to seamless, vendor-neutral integration, easy onboarding of new machines or software solutions, and protected digital identifications and identities.
Security measures for a trustworthy digital identity
And now we come to one of USO’s favorite keywords: digital identities. Because if you want to protect the data inside the Asset Administration Shell and ensure secure information exchange across plants and systems, the right safeguards are essential. Provided, of course, that the necessary expert know-how is in place. That is why, together with umbrella.associates GmbH—our partner company for strategic identity security consulting—we have also become a new member of the IDTA network.
Over the last two years, within the research project 6G-CampusSense, we have reached quite a few milestones. One highlight for us has been the requirements catalog for meaningful protective measures:
Cryptographic protection – building trust through digital certificates
Damit digitale Zwillinge sicher kommunizieren, benötigen sie eine verlässliche Identifikation und Authentisierung. Dies kann etwa durch eine Public-Key-Infrastruktur (PKI) unterstützt werden, die kryptografische Zertifikate für Verwaltungsschalen ausstellt. Jede Verwaltungsschale erhält ein einzigartiges X.509-Zertifikat, das regelmäßig auf seine Gültigkeit überprüft wird und mit dessen privaten Schlüssel die Identität des Assets geprüft werden kann. Das Zertifikat kann zudem genutzt werden, um mit TLS 1.3 auch die Session-Keys für die Transportverschlüsselung zu etablieren.
Um die Sicherheit der Zertifikate auf dem physischen Device zu gewährleisten, sollten diese in den Trusted Platform Modules (TPM) oder einer „Secure Enclave“ hinterlegt werden. Für die Kommunikation virtueller Abbilder kann und soll zukünftig auf moderne Token-basierte Verfahren gesetzt werden, die aufgrund ihrer kurzen Gültigkeitsdauer weniger anfällig für Kompromittierung und Manipulation sind.
Access control and authentication – who is allowed to do what?
Nicht jeder Nutzer oder jede Maschine darf auf alle Daten einer Verwaltungsschale zugreifen. Deshalb kommt ein rollenbasiertes Zugriffskontrollmodell (RBAC) zum Einsatz. Jede Anfrage auf ein Submodell wird überprüft – nur Nutzer mit den passenden Berechtigungen erhalten Zugriff.
Darüber hinaus kann durch eine Kombination attributbasierter (ABAC) und kontextbezogener (CBAC) Zugriffskontrollen für eine noch feinere Abstimmung gesorgt werden. Neben Rollen werden Faktoren wie Standort, Zeitstempel oder Geräteeigenschaften in die Entscheidungsfindung einbezogen.
Dieses Konzept der fein-granularen Zugriffsteuerung (FGA – Fine Granular Authorization) wird durch die Kollegen der umbrella.associates seit mehreren Jahren vorangetrieben und wurde unter anderem für die Sicherung des Zugriffs auf große industrielle Elektromotoren eines deutschen Industriegiganten umgesetzt.
Integrity and tamper protection – securing data against attacks
Um sicherzustellen, dass die Daten innerhalb der AAS nicht verändert wurden, werden digitale Signaturen eingesetzt. Jedes Submodell erhält eine individuelle Signatur, die über eine signierte Hash-Kette (Merkle-Tree) überprüft werden kann.
Zusätzlich werden kryptografische Hashes (SHA-3 oder BLAKE2) verwendet, um Metadaten abzusichern. Diese Prüfsummen sorgen dafür, dass jede noch so kleine Veränderung im System sofort erkannt wird.
Network security – keeping the gates closed
Die Verwaltungsschalen tauschen Daten über das Netzwerk aus – was sie anfällig für Cyber-Angriffe macht. Deshalb muss jede Verbindung mit TLS 1.3 und Mutual TLS (mTLS) abgesichert sein. Dies verhindert Man-in-the-Middle-Angriffe, bei denen sich ein Angreifer unbemerkt zwischen zwei kommunizierende Systeme schaltet.
Kritische Komponenten wie Identitätsserver werden on top in isolierte Netzwerke (VLANs) oder Mikrosegmentierungen verschoben. So können Angriffe im Ernstfall nicht auf das gesamte System zugreifen.
Fault tolerance and recovery – what happens in an emergency?
Auch mit den besten Sicherheitsmaßnahmen bleibt ein Restrisiko – sei es durch technische Fehler oder gezielte Angriffe. Deshalb müssen Schlüsselwiederherstellungsmechanismen existieren. Backup-Schlüssel werden in verteilten Schlüsselsystemen in einem sicheren HSM oder Shamir’s Secret Sharing gespeichert, sodass sie sich im Notfall wiederherstellen lassen.
Um Datenverluste zu vermeiden, werden regelmäßige Backups von Identitäts- und Zugriffskontrollsystemen erstellt. Diese werden offline gesichert, um sie vor Cyber-Angriffen zu schützen.
Secure element – a hardware shield for digital twins
Ein Secure Element schafft eine isolierte, hochsichere Umgebung zur Speicherung von kryptografischen Schlüsseln und digitalen Identitäten. In Kombination mit FIDO (Fast Identity Online) ermöglicht es eine passwortlose, manipulationssichere Authentifizierung in industriellen IoT-Systemen.
Durch den kombinierten Einsatz von Secure Elements und der Asset Administration Shell werden Maschinen und ihre digitalen Abbilder eindeutig verifiziert. Nur autorisierte Software wird ausgeführt und sämtliche Datenübertragungen sind authentifiziert und verschlüsselt.
Use case: smart maintenance
Thanks to the Asset Administration Shell (AAS) and a digital twin, machines are no longer simply operated—they are monitored intelligently. One use case makes this particularly clear.
Electric motor in a productoin environment
As early as the development stage, the manufacturer stores technical data such as torque or shaft height in the AAS. Once the motor is commissioned, the digital twin continuously collects real-time data—such as temperature and vibration.
Early warning system in action
Has vibration suddenly increased unexpectedly? The Asset Administration Shell detects the deviation, automatically sends a maintenance request to the manufacturer, and the bearing is replaced before the machine experiences unplanned downtime.
The result
Less downtime, lower maintenance costs, and maximum efficiency. Predictive maintenance has rarely been easier.
USO in the playroom
Is the Asset Administration Shell a complex topic? Absolutely. But we would not be ourselves if we had not come up with a brilliant way to simplify it: the AAS rollercoaster.
It is a bit like being back in a child’s playroom. The carts race along the rollercoaster while everyone watches with excitement. The only difference is that the AAS rollercoaster teaches people something along the way—namely, just how differently digital twins can create value in practice.
Each of our carts represents an industrial truck in one of three stages of development: a Manual Legacy Cart, a Basic Security Cart, and the 6G CampusSense Cart.
Manual Legacy Cart
The existing vehicle is already registered in the central database.
❌ No status query or login is possible for operator or manufacturer.
❌ The device does not provide real-time data.
❌ A query of the manually entered database information reveals only limited data such as serial number and general performance values.
Basic Security Cart
The vehicle has not yet been registered.
❌ A very sparse web user interface requires a great deal of manual effort to enter numerous mandatory fields.
❌ Configuration involves a high degree of manual work.
❌ Login for operator or manufacturer is not possible.
6G CampuSense Cart
The vehicle is delivered to the company and automatically recognized in the 6G network.
✔️ Configuration effort is virtually zero: a secure web interface (HTTPS) opens up. Through early binding with Infineon’s secure element, the cart is added to the database fully automatically.
✔️ Extensive information is detected and imported, including serial number, performance data, sensors, real-time parameters, and temperature readings.
✔️ Operator and manufacturer can use a secure connection to access live vehicle data in real time and plan as well as perform maintenance work.
It quickly becomes obvious which cart wins the race.
What we can also simulate is the digital nameplate. In industry, every missing piece of information causes delays, costs, and unnecessary extra effort. Anyone who has ever searched for an operating manual or had to manually piece together technical specifications for a machine knows how inefficient this can be. This is exactly where the digital nameplate comes in: a central digital source of information that provides all relevant asset data at the push of a button. Combined with the Digital Product Passport (DPP), which contains up-to-date maintenance information, specifications, and regulatory evidence, it enables consistent digital documentation throughout the entire lifecycle of a device.
Instead of laboriously searching through printed documentation, safety certificates, or maintenance manuals, all it takes is a simple scan of a QR code or NFC tag directly on the machine. Instantly, all information stored in the Asset Administration Shell becomes available—from technical data and operating instructions to maintenance history.
Conclusion
What we can also simulate is the digital nameplate. In industry, every missing piece of information causes delays, costs, and unnecessary extra effort. Anyone who has ever searched for an operating manual or had to manually piece together technical specifications for a machine knows how inefficient this can be. This is exactly where the digital nameplate comes in: a central digital source of information that provides all relevant asset data at the push of a button. Combined with the Digital Product Passport (DPP), which contains up-to-date maintenance information, specifications, and regulatory evidence, it enables consistent digital documentation throughout the entire lifecycle of a device.
Instead of laboriously searching through printed documentation, safety certificates, or maintenance manuals, all it takes is a simple scan of a QR code or NFC tag directly on the machine. Instantly, all information stored in the Asset Administration Shell becomes available—from technical data and operating instructions to maintenance history.
Would you like to see it with your own eyes? Perfect timing: from March 17 to 18, 2025, we will be in Berlin at the National Conference for IT Security Research, where we will present the possibilities of digital twins in combination with the AAS in a playful, hands-on way.