A perfect storm: Digital twins, cybersecurity, and general contracting firms

Erika Pärn, Nikdokht Ghadiminia, Borja García de Soto, Kwadwo Oti-Sarpong

Research output: Contribution to journalReview articlepeer-review


Amidst the architectural, engineering and construction (AEC) sector's transformation through policy-supported digitalization and digital twin (DT) advocacy, it remains unclear how general contracting firms (GCFs) will react to growing cyber-attack threats linked to DTs. Transformation initiatives around DTs scarcely consider the implications of how firms implementing such innovations (e.g., GCFs) could jeopardize the cybersecurity of the connected wider built environment and society. This paper unpacks the cybersecurity threat landscape of DT technologies for GCFs – as central organizations in the delivery of built infrastructure – through a critical synthesis of literature with emphasis on the cyber, physical, and social dimensions. It reviews common cyber vulnerabilities and threats linked to DTs and provides a cross-industry vulnerability analysis for GCFs in a sector known for a laissez-faire approach to cybersecurity. Vulnerabilities are categorized into a cyber, physical, and social taxonomy for construction, and four propositions for future considerations are developed.

Original languageEnglish (US)
Article number100466
JournalDevelopments in the Built Environment
StatePublished - Apr 2024


  • Cyber threats
  • Cyber vulnerabilities
  • Cybersecurity
  • Digital twins
  • General contracting firms

ASJC Scopus subject areas

  • Architecture
  • Civil and Structural Engineering
  • Building and Construction
  • Materials Science (miscellaneous)
  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design


Dive into the research topics of 'A perfect storm: Digital twins, cybersecurity, and general contracting firms'. Together they form a unique fingerprint.

Cite this