From IT Security to Reality Risk: Securing World-Model Digital Twins in Business Operations

Authors

  • Samuel Addington California State University Long Beach

DOI:

https://doi.org/10.1609/aaaiss.v9i1.42922

Abstract

World-model digital twins are rapidly evolving from passive “digital mirrors” into active AI decision engines that autonomously schedule production, route inventory, and coordinate logistics across complex business operations, reshaping how firms plan and execute work. As this shift unfolds, the dominant risk surface moves from classic IT incidents toreality risk: small adversarial or accidental manipulations of telemetry, models, or policies that quietly drive unsafe or financially disastrous real-world decisions while remaining invisible to traditional controls and governance. Building on NISTIR 8356, the NIST AI Risk Management Framework (AI RMF), the EU AI Act, and Industry 5.0 paradigms, we introduce a Reality Control Loop (RCL) that explicitly maps human decision rights and responsibilities onto the twin’s lifecycle across sensing, modeling, simulation, actuation, and monitoring. Using this loop, we derive a business-centric threat and governance model that reframes risks such as data poisoning, simulation hallucination, and governance bypass in terms of operational and financial impact. This study presents the contribution with four new empirical components: (1) a Python-based “toy” supply chain simulation demonstrating how the False Positive Freeze Rate(Rfreeze) changes as the risk thresholds (τlow , τmed) are tuned; (2) drift detection benchmarks on public IoT/Industry 4.0 datasets that empirically characterize the behavior of D(t) in the “Sense” phase; (3) an extended mathematical formalism of Telemetry Poisoning that shows how an attestation ledger would detect the SHA-256 mismatch described in our case studies; and (4) practitioner validation based on qualitative reviews from industry risk, OT security, and compliance leaders.
2026 AAAI Summer Symposium Proceedings Cover

Downloads

Published

2026-06-23

How to Cite

Addington, S. (2026). From IT Security to Reality Risk: Securing World-Model Digital Twins in Business Operations. Proceedings of the AAAI Symposium Series, 9(1), 171–178. https://doi.org/10.1609/aaaiss.v9i1.42922

Issue

Vol. 9 No. 1: Proceedings of the 2026 AAAI Summer Symposium Series

Section

AI in Business: Intelligent Transformation and Management (Full Papers)