Critical infrastructures increasingly rely on interconnected and software-driven Cyber-Physical Systems (CPS), exposing operational processes to both accidental failures and sophisticated adversarial behavior. While Byzantine Fault Tolerant (BFT) protocols offer robustness against arbitrary faults, evaluating their behavior under realistic cyber-physical conditions remains challenging: traditional cyber ranges lack timing fidelity, and testing in production environments is unsafe. This paper introduces ByzTwin-Range, a dual-layer architecture that integrates a production-grade BFT deployment with a Digital Twin (DT) to enable controlled experimentation, stress testing, and Byzantine fault injection using live operational data. The DT mirrors real system state, executes "What-if" analyses through co-simulation and emulation, and identifies synchrony vulnerabilities, i.e., misconfigured timeouts, timing-sensitive false suspicions, and adversarial delay exploits, configuration weaknesses, and adversarial behaviors that may undermine BFT guarantees. Insights from the twin are fed back into the operational deployment through a secure advisory channel, supporting continuous validation and adaptive hardening. The proposed design leverages industry-standard technologies (Open Platform Communications Unified Architecture, Time-Sensitive Networking, Functional Mock-up Unit/High-Level Architecture, QUIC/mutual TLS) to maximize feasibility and compatibility with existing industrial workflows. ByzTwin-Range establishes a practical foundation for next-generation, BFT-aware cyber ranges and paves the way for more resilient CPSs through continuous testing, differential-privacy-enabled analytics, and future proof-of-concept implementations.

翻译：关键基础设施日益依赖互联且软件驱动的信息物理系统（CPS），这使得运行过程面临意外故障与复杂敌对行为的双重风险。尽管拜占庭容错（BFT）协议能对抗任意故障，但在现实信息物理条件下评估其行为仍具挑战性：传统网络靶场缺乏时序保真度，而在生产环境中测试则存在安全隐患。本文提出ByzTwin-Range——一种双层架构，通过将生产级BFT部署与数字孪生（DT）相结合，利用实时运行数据实现受控实验、压力测试及拜占庭故障注入。数字孪生镜像真实系统状态，通过共仿真与模拟执行"假设分析"，并识别同步漏洞（即配置不当的超时参数、时序敏感误判、对抗性延迟利用）、配置缺陷以及可能破坏BFT保证的敌对行为。从孪生系统获得的洞察通过安全咨询通道反馈至运行部署中，支持持续验证与自适应强化。本设计采用行业标准技术（OPC UA、TSN、FMU/HL-A、QUIC/mTLS），以最大化与现有工业工作流的兼容性及可行性。ByzTwin-Range为下一代BFT感知网络靶场奠定了实践基础，并通过持续测试、差分隐私分析及未来概念验证实现，为构建更具弹性的CPS铺平道路。