Formal Integration of ISO/IEC Digital Twin Standards: A Layered Compliance Model with Uncertainty Quantification

Abstract

Digital Twin (DT) implementations in electrical and industrial systems are governed by fragmented ISO/IEC and IEC standards spanning terminology, architecture, interoperability, lifecycle management, and cybersecurity. This paper proposes a mathematical framework that integrates these standards into a unified compliance model. A layered DT architecture is defined as a finite set of functional abstractions, and standards are linked to layers through a multivalued mapping and an incidence matrix. Traceability, interoperability, fidelity, and security/governance indicators are normalized and aggregated through a bounded weighted functional to obtain a deterministic compliance score. The model is then extended by treating selected indicators as random variables, which enables probabilistic maturity classification and Monte Carlo-based robustness analysis. The resulting functional is bounded, monotone, and stable under bounded perturbations. Numerical experiments on a synthetic portfolio illustrate deterministic scoring and uncertainty effects. The framework provides a proof-of-concept basis for structured DT compliance assessment across heterogeneous electrical systems; however, broader empirical validation is still required before operational deployment.

1. Introduction

1.1. Digital Twin Standardization in Electrical and Industrial Systems

Digital Twin (DT) technologies in electrical and industrial systems are typically structured as layered cyber-physical architectures integrating physical assets, communication infrastructures, digital models, analytics, and lifecycle-management functions [1,2,3,4,5,6].

This architectural diversity is accompanied by a fragmented standards ecosystem. ISO/IEC 30173 defines DT terminology [7], the ISO 23247 series provides architectural principles [8,9,10,11,12,13,14], ISO/IEC 30186 addresses maturity assessment, IEC 62890 addresses lifecycle management [15,16], ISO/IEC 30141 provides IoT-oriented reference-architecture guidance [17], and ISO/IEC 20924 supports vocabulary harmonization [18]. In electrical systems, interoperability and data exchange rely strongly on IEC 61850 [19], while related standards such as IEC 61869 [20], IEC 60255 [21] and IEC 62443-4-2 [22] remain relevant for digital interfaces, protection functions, and cybersecurity in SCADA/ICS-connected environments [23,24,25,26,27,28].

Despite this broad normative landscape, DT standardization remains fragmented across partially overlapping committees and application domains, which makes integrated and comparable compliance assessment difficult in practice [29,30,31,32]. This motivates the need for a formal framework that maps standards to DT layers and supports structured compliance assessment and maturity evaluation.

1.2. Fragmentation of Compliance Indicators and Absence of Uncertainty-Aware Assessment

DT evaluation relies on heterogeneous indicators such as traceability coverage, interoperability levels, model-system fidelity metrics, and security/audit levels [1,2,24,33]. These quantities differ in scale and epistemic nature and are often aggregated through deterministic scorecards without explicit uncertainty modeling. However, uncertainty is intrinsic to electrical DTs due to degradation processes [34,35], cyber-physical threats [26,27], and measurement variability in monitoring and estimation [36]. Although DT research recognizes uncertainty quantification as essential for robust optimization and decision support [37], existing studies on DT uncertainty and reliability [26,28,34,35,37,38,39,40,41] do not integrate international standards into an uncertainty-aware compliance operator or maturity rule.

Accordingly, the gap addressed in this paper is twofold:

• Standards integration gap: the absence of a formal model that maps heterogeneous ISO/IEC and IEC standards to a layered DT architecture for electrical systems, with anchors in terminology, architecture, maturity assessment, lifecycle management, interoperability, and cybersecurity [14,19,20].
• Assessment gap: the absence of an uncertainty-aware compliance and maturity framework that normalizes heterogeneous indicators and supports bounded, monotone, and robustness-aware scoring.

1.3. Research Questions and Objectives

Based on the identified fragmentation and lack of mathematical integration, this work addresses the following research questions:

RQ1. How can varied DT standards applicable to electrical systems be formally mapped onto a layered architectural structure?

RQ2. How can diverse compliance indicators (traceability, interoperability, fidelity, cybersecurity) be normalized and aggregated into a mathematically well-defined compliance operator?

RQ3. How can deterministic maturity scoring be extended to incorporate uncertainty arising from measurement noise, audit subjectivity, and operating-regime variability?

RQ4. What analytical properties should such a compliance operator satisfy to ensure boundedness, monotonicity, and stability under bounded perturbations?

1.4. Contributions

This study contributes a mathematically structured framework for DT standard integration in electrical systems. First, it defines a five-layer DT architecture L = {L₀, L₁, L₂, L₃, L₄}, spanning the physical system, connectivity, digital modelling, analysis/simulation, and governance, thereby linking representative electrical-system DT implementations in the literature [1,2,42] to standards such as ISO/IEC 30173, ISO 23247, and IEC 61850.

Second, mixed ISO/IEC and IEC standards are formalized through a multivalued mapping μ: S → 2^Lw, which transforms descriptive standards alignment into a mathematically analysable relation for structural evaluation of normative coverage.

Third, a normalized deterministic functional aggregates traceability, interoperability, fidelity, and security/governance into a scalar DT compliance score. Unlike ISO/IEC 30186 and credibility approaches based on evidence theory, the proposed framework explicitly links standards to architectural layers and embeds this mapping into a bounded compliance functional.

Fourth, the deterministic formulation is extended to an uncertainty-aware model in which selected inputs are treated as random or bounded quantities, yielding expected scores, dispersion measures, and probabilistic maturity thresholds while preserving boundedness, monotonicity, and stability under bounded perturbations.

To position the present contribution more explicitly with respect to representative maturity- and credibility-oriented approaches,

Table 1. Comparative positioning of the proposed framework with respect to representative DT maturity and credibility approaches.

Approach	What It Provides	What the Present Study Adds	Remaining Limitation
ISO/IEC 30186	DT maturity assessment guidance	Explicit standards-to-layer mapping and formal compliance operator	Still requires broader empirical validation
Credibility/evidence-theory approaches	Credibility aggregation under uncertainty	Standards-integrated maturity scoring with architectural anchoring	Current validation remains proof-of-concept
Descriptive DT evaluation frameworks	Qualitative or semi-structured DT assessment criteria	Unified normalization and deterministic/uncertainty-aware scoring	Application-specific calibration may still be needed
Present study	Formal standards-integrated compliance and maturity framework	Combines mapping, normalization, scoring, and uncertainty propagation	Not yet a fully deployable cross-domain instrument

provides a concise comparative summary.

The remainder of the paper is organized as follows. Section 2 presents the layered architecture, standards mapping, normalization framework, deterministic compliance operator, and uncertainty-aware extension. Section 3 reports the numerical evaluation, including deterministic and probabilistic results, a worked example, and an illustrative IEC 61850-based application. Section 4 discusses the main findings, limitations, and future research directions.

2. Methods

2.1. Layered Digital Twin Architecture and Standards Mapping (L₀–L₄)

A DT system for electrical systems is modeled as a finite layered architecture given in (1).

$$L=\{L_0, L_1, L_2, L_3, L_4\}$$

(1)

Each element $L$ of denotes a functional abstraction of the DT system: $L_0$ corresponds to physical electrical assets and sensing elements, $L_1$ to communication and connectivity mechanisms enabling IT/OT integration, $L_2$ to digital modeling and semantic structures, $L_3$ to analysis and simulation capabilities, and $L_4$ to lifecycle governance, traceability, audit, and cybersecurity management. This abstraction is consistent with architectural discussions in [4,5,6] and normatively anchored in ISO/IEC 30173, ISO 23247-2, and IEC 61850.

To formalize the normative dimension of the architecture, we introduce the finite set of applicable international standards defined in (2).

$$S=\{s_1, s_2, \dots , s_n\}$$

(2)

The set $S$ is constructed from ISO and IEC documents relevant to DT conceptualization, interoperability, lifecycle integration, cybersecurity, and governance. For analytical clarity, $S$ is partitioned into the three disjoint subsets defined in (3), where $S_F$, $S_C$, and $S_R$ denote, respectively, the fundamental, complementary, and related standards.

$$\begin{gathered} S=S_F\cup S_C\cup S_R \\ {S}_F\cap S_C=S_F\cap S_R=S_C\cap S_F=\varnothing \end{gathered}$$

(3)

The functional composition of these subsets is summarized in

Table 2. Functional classification of standards.

Category	Description	Representative Standards
Fundamental (SF)	Define DT concepts, terminology, reference architectures	ISO/IEC 30173, ISO/IEC 30186, ISO 23247, ISO/IEC TR 30172, ISO/IEC TR 30138
Complementary (SC)	Regulate interoperability, industrial communication, lifecycle integration	IEC 61850, IEC 62890, IEC 63278-1, IEC 63283-1, ISO/IEC 30152, ISO/IEC 30141
Related (SR)	Address cybersecurity, governance, asset management, quality models	IEC 62443-4-2, ISO 55000, ISO/IEC 25010, ISO/IEC 38500

, which provides representative examples of standards associated with each category.

The integration of standards into the layered architecture is formalized by the multivalued mapping introduced in (4), where 2^L denotes the power set of L. For each s ∈ S, the subset μ(s) ⊆ L characterizes the layer membership of that standard. The relation defined by μ is non-bijective, allowing standards to span multiple layers and layers to aggregate multiple governing standards. The proposed mapping is reusable across DT implementations, while its instantiation may require limited application-specific adjustment when the dominant relevance of a standard depends on the target DT context.

$$\mu :S\to 2^L$$

(4)

A structured projection of this relation is given in

Table 3. Mapping standards to the layers of the Digital Twin architecture (L0–L4).

Layer	Description	Principal Standard
L0-Physical	Electrical equipment, sensors, drives, panels, switchboards	IEC 61850, IEC 62890
L1-Connectivity	Industrial protocols (CAN, Modbus, OPC UA, Ethernet)	ISO/IEC 30152, IEC 62443, ISO/IEC 30141
L2-Digital Modeling	Behavioral and structural models, semantic data, Asset Administration Shell	ISO/IEC 30173, IEC 63278-1
L3-Analysis and simulation	Data correlation, SiL/HiL validation, predictive analytics	ISO/IEC 30188, ISO/IEC 30138
L4-Management	Traceability, maturity, audit, security/governance	IEC 62890, ISO/IEC 30186, ISO 55000

, which identifies representative normative anchors associated with each architectural layer. Table 3 should be interpreted as a reduced visualization of structurally dominant assignments rather than as exhaustive or exclusive mapping.

The complete mapping μ admits an equivalent representation through the incidence matrix defined in (5), whose entries are specified by (6):

$$M\in \{0, 1{\}}^{n\times 5}$$

(5)

$$M_{ij}=\left\{\begin{array}{l}1, if L_j\in \mathsf{\mu } \left(s_i\right)\\ 0, otherwise\end{array}\right.$$

(6)

Each row of $M$ encodes the layer representation of a standard, while each column characterizes the normative coverage of a layer. Table 3 is therefore a reduced structural projection of dominant entries of $M$, whereas the full incidence structure captures the complete interaction between standards and architectural layers.

The structural coverage of layer $L_j$ is obtained through the column-wise aggregation defined in (7), which measures the number of standards influencing $L_j$ and provides an indicator of normative density and overlap.

$$cov\left(Lj\right)=\sum _{i=1}^n{M}_{ij}$$

(7)

Beyond simple coverage counts, the incidence structure also supports quantitative characterization of normative distribution across layers. The normative density of layer $L_j$ is defined in (8), while redundancy between two layers $L_j$ and $L_k$ is quantified through the Jaccard overlap coefficient in (9), where S_j = {s ∈ S: L_j ∈ μ(s)}.

$${\rho }_j={\displaystyle \frac{1}{n}}\sum _{i=1}^n{M}_{ij}$$

(8)

$$J_{jk}={\displaystyle \frac{\left|S_j\cap S_k\right|}{\left|S_j\cup S_k\right|}}$$

(9)

Together, Table 2 and Table 3, and the mapping $\mu$ transform descriptive standards association into a mathematically structured relation suitable for compliance modeling and uncertainty-aware analysis.

2.2. Compliance Framework: Criteria, Indicators, and Measurement Protocols

Existing DT maturity, credibility, and evaluation frameworks [33,37,41,43,44] are largely descriptive and rarely connect architectural layers, standards, and quantitative scoring within a single mathematical structure. The present study reformulates these dimensions within the layered framework defined in (1) and (2).

Compliance is evaluated through four criteria: traceability, interoperability, digital fidelity, and security/governance. In the remainder of the manuscript, compliance score denotes the aggregated quantitative output of the model, maturity class its threshold-based categorical interpretation, and robust maturity the probability-based stability of that classification under uncertainty. The fourth criterion is referred to consistently as security/governance throughout.

$$K=\{T, I, F, S\}$$

(10)

These criteria are consistent with lifecycle engineering [45], DT interoperability studies [30], uncertainty-oriented credibility models [37,41], and governance-oriented assessment approaches [43,44], but are here embedded in an explicit measurable functional.

For each criterion k ∈ K, a measurable indicator x_k is defined through an evaluation protocol. The measurement process induces the mapping ϕ(k) = x_k, where x_k is the raw, non-normalized measurement associated with criterion k, as stated in (11).

$$\varnothing :K\to R$$

(11)

Traceability measures consistency between requirements, digital models, and validation artifacts, while interoperability measures protocol-level and semantic integration across subsystems. Fidelity measures agreement between the physical system and its digital representation, whereas security and governance measure conformity with cybersecurity, lifecycle, and asset-management requirements.

Because the raw indicators are heterogeneous in scale and interpretation, they are normalized before deterministic aggregation and uncertainty-aware analysis.

2.3. Normalization of Heterogeneous Indicators

The raw measurements $x_k$, obtained through the mapping in (11), are heterogeneous in scale, domain, and interpretation. In the DT evaluation literature, maturity levels, credibility indices, and fidelity indicators are often treated independently or qualitatively [26,33,37,46]. These approaches do not provide a unified normalization structure compatible with deterministic aggregation in a layered, standards-anchored framework.

The raw indicators $x_k$ differ in scale, domain, and interpretation. To ensure comparability, each criterion $k\in K$ is transformed into a dimension less score in [0, 1] through a normalization function $s_k\left(x_k\right)$, as defined in (12).

$$s_k:R\to [0, 1]$$

(12)

Traceability is quantified through the coverage percentage $C$ between requirements, digital models, and validation artifacts. Its normalized score is defined in (13).

$$s_T=\min (1,{\displaystyle \frac{C}{100}})$$

(13)

Interoperability is represented by a discrete integration level L_I ∈ {0, 1, 2, 3, 4}, reflecting increasing degrees of protocol-level and semantic integration. Its normalized score is defined in (14).

$$s_I={\displaystyle \frac{L_I}{4}}$$

(14)

Digital fidelity is assessed using the Root Mean Square Error (RMSE) between the physical system and its digital counterpart. Since smaller deviations correspond to higher compliance, an inverse normalization is applied. Let ${RMSE}_{ref}$ denote the maximum acceptable error threshold. The normalized fidelity score is defined (15).

$$s_F=\max (0, 1-{\displaystyle \frac{RMSE}{{RMSE}_{ref}}})$$

(15)

This inverse normalization assigns maximal score to perfect agreement, decreases linearly within the admissible tolerance range, and vanishes beyond tolerance.

Although RMSE is adopted as a scalar indicator for analytical clarity, the normalization structure naturally extends to multidimensional error vectors e ∈ $R^m$:

$$RMSE=\sqrt{{\displaystyle \frac{1}{m}}·\sum _{i=1}^m{e}_i^2}$$

(16)

Correlation-aware fidelity measures can also be incorporated through covariance-weighted norms, as in (17).

$${RMSE}_{\mathsf{\Sigma }}=\sqrt{e^T{\mathsf{\Sigma }}^{-1}e}$$

(17)

Security and governance compliance is evaluated through a discrete audit level L_S ∈ {0, 1, 2, 3, 4}. The normalized security score is defined in (18).

$$s_S={\displaystyle \frac{L_S}{4}}$$

(18)

Equations (12)–(18) therefore place all criteria in a common bounded metric space suitable for deterministic aggregation and uncertainty propagation.

2.4. Deterministic Compliance Score and Maturity Classification

Let s_k ∈ [0, 1] denote the normalized compliance scores. Their deterministic aggregation is defined through the weighted linear functional in (20). The corresponding aggregation weights are introduced in (19).

$$w_k\ge 0, \sum _{k \in K}{w}_k=1$$

(19)

The deterministic DT compliance score is defined in (20).

$$S_{DT}=100·\sum _{k \in K}{w}_k·s_k$$

(20)

The linear form in (20) ensures convexity, monotonicity, and analytical tractability when criteria are interpreted as approximately independent and compensatory. When non-compensatory behavior or criterion interaction must be represented more explicitly, alternatives include the minimum-based operator in (21), the p-norm formulation in (22), or interaction-aware Choquet-type aggregation as in (23).

$$S_{min}=100·\underset{kϵK}{\min }{s}_k$$

(21)

$$S_P=100·{\left(\sum _{kϵK}{w}_k·s_k^p\right)}^{{\displaystyle \frac{1}{p}}}$$

(22)

The present work adopts the linear functional in (20) because it preserves interpretability and supports closed-form stability analysis.

$$S_C=100·\int s dv$$

(23)

Maturity Classification

Maturity classification is introduced through threshold partitioning of the interval [0, 100]. Let (24) define the maturity thresholds.

$${\mathsf{\tau }}_1<{\mathsf{\tau }}_2$$

(24)

The maturity level M is defined in (25).

$$M=\left\{\begin{array}{l}Incipient, S_{DT}<{\mathsf{\tau }}_1\\ Intermediate, {\mathsf{\tau }}_1\le S_{DT}<{\mathsf{\tau }}_2\\ Advanced, S_{DT}\ge {\mathsf{\tau }}_2\end{array}\right.$$

(25)

The thresholds may be determined according to regulatory requirements, industry best practices, or empirical benchmarking. In the present study, the thresholds at 40 and 70 are used as illustrative operational cutoffs on the [0, 100] compliance scale to separate low, intermediate, and advanced compliance regions in a transparent way. They are not intended as universal normative values and may be recalibrated in application-specific studies using regulatory constraints, expert elicitation, or empirical benchmarking.

2.5. Uncertainty-Aware Extension of the Compliance Model

The deterministic formulation in (20) assumes exact normalized inputs. In practice, however, the raw measurements are uncertain due to measurement noise, model approximation, audit subjectivity, and operating-regime variability [37,41,46].

To incorporate uncertainty explicitly, the raw indicators associated with each criterion are modeled as random variables. Let (26) denote the vector of uncertain inputs corresponding to traceability coverage, interoperability level, fidelity error, and security audit level.

$$X=(C, L_I, RMSE, L_S)$$

(26)

Through the normalization functions defined in (12) to (18), the random vector X induces a random normalized compliance vector (27).

$$S\left(X\right)=(s_T, s_I, s_F, s_S)$$

(27)

Substituting (27) into the aggregation functional (20) yields a random compliance score

$$S_{DT}(X)=100·\sum _{k \in K}{w}_k·s_k(X)$$

(28)

The quantity defined in (28) is a real-valued random variable representing the uncertainty-aware compliance score.

2.5.1. Statistical Characterization

The uncertainty-aware model yields the statistical descriptors defined in (29), including expected value and variance.

$$\mathbb{E}\left[\mathrm{SDT}\right],\mathrm{Var}\left({\mathrm{S}}_{\mathrm{DT}}\right)$$

(29)

2.5.2. Probability of Advanced Maturity

To support decision-making under uncertainty, the probability of reaching the advanced maturity level is defined in (30), where τ₂ denotes the advanced maturity threshold introduced in (24).

$$p_{adv}=\mathbb{P}(S_{DT}\ge {\tau }_2)$$

(30)

Equation (30) quantifies classification robustness under uncertainty.

2.5.3. Uncertainty Propagation

The propagation of uncertainty from X to S_DT(X) may be performed using Monte Carlo simulation or analytical approximation techniques, depending on the assumed distributions and independence structure of the input variables.

2.6. Theoretical Properties

The deterministic compliance score in (20) is defined on the normalized domain induced by (12)–(18), with non-negative unit-sum aggregation weights as in (19). Under these assumptions, the functional satisfies boundedness, monotonicity, and stability under bounded perturbations. These properties support the interpretability and robustness of the maturity assessment framework.

Proposition 1 (Boundedness).

Because the normalization mappings in (12)–(18) produce scores in the unit interval, and because the aggregation operator in (20) is a convex weighted combination under the constraints of (19), the deterministic compliance score remains bounded on the percentage scale as stated in (31).

$${0\le S}_{DT}\le 100$$

(31)

Proof. 

From Equations (12)–(18), one has $0\le s_k\le 1$ for all $k\in K$. From Equation (19), $w_k\ge 0$ and ${\sum }_{kϵK}{w}_k=1$. Substitution into Equation (20) gives $0\le {\sum }_{kϵK}{w}_k{s}_k$, and multiplication by 100 yields (31). □

Proposition 2 (Monotonicity).

Let $s=(s_k{)}_{k\in K}$ and $s^{\prime }=(s_k^{\prime }{)}_{k\in K}$ be two normalized compliance vectors such that $s_k\le s_k^{\prime }$ for all $k\in K$. Then, under the aggregation rule defined in Equations (20) and (32).

$$S_{DT}\left(s\right)\le S_{DT}\left(s^{\prime }\right)$$

(32)

Proof. 

The result follows directly from (20) and the non-negativity of the weights in (19), since component wise improvement of the normalized scores cannot decrease their weighted sum. □

Proposition 3 (Stability Under Bounded Perturbations).

For any two normalized compliance vectors s and $s^{\prime }$, the aggregation functional defined in Equation (20) satisfies (33).

$$\left|S_{DT}\left(s\right)-S_{DT}\left(s^{\prime }\right)\right|\le 100\sum _{kϵK}{w}_k\left|s_k-s_k^{\prime }\right|\le 100‖s-{s^{\prime }‖}_{\infty }$$

(33)

Proof. 

Using the linear form of Equation (20), the difference in the two scores is a weighted sum of component wise deviations. The first inequality follows from the triangle inequality, while the second follows from Equation (19) and the bound $\left|s_k-s_k^{\prime }\right|\le 100‖s-{s^{\prime }‖}_{\infty }$.

The boundedness result in (31) guarantees that the compliance score remains interpretable on a fixed percentage scale. The monotonicity result in (32) ensures that improvement in any normalized compliance criterion cannot reduce the overall score. Finally, the stability bound in (33) shows that bounded perturbations in the normalized inputs induce proportionally bounded changes in the aggregated score, providing the analytical basis for the uncertainty-aware extension introduced in Section 2.5. □

3. Results

This section demonstrates the practical application of the compliance framework introduced in Section 2. The simulation pipeline follows the methodological stages defined previously: (i) definition of input indicators, (ii) normalization of heterogeneous criteria, (iii) deterministic aggregation, and (iv) uncertainty-aware propagation.

3.1. Validation Design and Uncertainty Model

This section instantiates the framework of Section 2 and evaluates the robustness of the resulting maturity classification.

Because no harmonized empirical dataset jointly reports traceability matrices, interoperability evidence, SiL/HiL validation logs, and cybersecurity audit records, the evaluation uses a controlled synthetic portfolio. The objective is methodological demonstration rather than full empirical validation. Accordingly, the numerical portfolio should be interpreted as a controlled benchmark for evaluating the analytical behavior of the proposed framework under heterogeneous compliance conditions, rather than as a substitute for an audit-grade empirical dataset.

Each DT instance is represented by the four raw indicators defined in Section 2.2 and collected in the input vector of (34).

$$X=\left(C, L_I, RMSE, L_S\right)$$

(34)

Each element of X, represents:

• C represents traceability coverage between requirements, models, and validation artifacts;
• L_I denotes the interoperability level defined in Section 2.3;
• RMSE measures the fidelity error between the physical system and its digital counterpart;
• L_S denotes the security and governance audit level.

The fidelity reference threshold is treated separately from X as the instance-specific normalization parameter in Equation (15).

For lighting-oriented DTs, the fidelity indicator condenses deviations between measured and simulated quantities such as luminous flux, correlated color temperature, chromaticity coordinates, spectral features, thermal states, and electrical driver variables into a scalar quantity compatible with Equation (15). Interoperability and security levels represent integration maturity in laboratory or industrial infrastructures and may reflect communication mechanisms, data-acquisition workflows, cybersecurity controls, and lifecycle-management procedures.

To represent variability in validation and auditing, the raw compliance vector is modeled as a random vector with probabilistic or discrete components. Traceability coverage is modeled as a normal variable around its assessed value, as in (35), and fidelity as in (36), capturing measurement noise, calibration variability, and operating-condition changes. Interoperability and security are treated as bounded discrete variables centered at the assessed audit level, as in (37).

$$C~N\left(C_0,{\sigma }_C\right)$$

(35)

$$RMSE~N\left({RMSE}_0,{\sigma }_F\right)$$

(36)

$$L_I, L_S \in \left\{0, 1, 2, 3, 4\right\}$$

(37)

Each realization of X is normalized and aggregated through Equation (20), yielding the random compliance score defined in (28). Uncertainty is propagated by Monte Carlo simulation. For each DT instance, M random samples are generated to obtain an empirical score distribution. The numerical study uses:

• M = 30,000 Monte Carlo samples per DT instance;
• traceability standard deviation ${\sigma }_C$ = 5%;
• fidelity error standard deviation ${\sigma }_F$ = 0.05.

These values represent were selected as illustrative moderate-variability settings for proof-of-concept uncertainty propagation; they are not presented as universally calibrated parameters. The resulting distributions provide expected scores, dispersion measures, quantile intervals, and probabilities of exceeding maturity thresholds.

3.2. Synthetic Portfolio: Deterministic Inputs (Lighting, Industrial, Automotive)

A synthetic portfolio is constructed to apply the compliance framework and uncertainty model to heterogeneous DT implementations.

Table 4. Synthetic portfolio (deterministic raw indicators and fidelity reference thresholds).

DT	Domain	C0 (%)	LI0	RMSE0	RMSEref	LS0
DT-01	lighting	42	2	0.85	1.6	2
DT-02	lighting	55	3	0.70	1.6	2
DT-03	lighting	68	3	0.55	1.6	3
DT-04	industrial	35	2	1.00	1.4	1
DT-05	industrial	60	2	0.65	1.4	2
DT-06	industrial	75	3	0.50	1.4	3
DT-07	automotive	50	2	0.90	1.2	2
DT-08	automotive	65	3	0.60	1.2	2
DT-09	automotive	80	4	0.45	1.2	3
DT-10	lighting	90	4	0.30	1.6	4
DT-11	industrial	72	4	0.80	1.4	3
DT-12	automotive	30	1	1.10	1.2	1

lists, for each instance, the four raw compliance indicators and the fidelity reference threshold used in Equation (15).

The portfolio is not intended as a one-to-one transcription of twelve published case studies; rather, it is a controlled synthetic benchmark assembled to span low, medium, and high-maturity configurations across the selected domains.

Each DT instance is therefore described by a four-dimensional compliance vector together with an instance-specific fidelity tolerance parameter. The portfolio spans three representative domains:

• lighting systems, representing laboratory validation environments and photometric modeling pipelines;
• industrial automation systems, where DTs are typically integrated with supervisory control and industrial communication infrastructures;
• automotive cyber–physical systems, where DT models interact with distributed electronic control architectures and simulation-based validation platforms.

For lighting-oriented DTs, the fidelity indicator summarizes deviations between measured and simulated photometric, chromatic, spectral, thermal, or electrical variables. In industrial and automotive settings, the same indicator captures model-system mismatch in dynamic behavior, sensor signals, or system responses.

The next subsection normalizes these inputs and computes deterministic compliance scores.

3.3. Deterministic Compliance Scores and Maturity Labels

Using the deterministic inputs defined in Table 4, the evaluation follows the normalization and aggregation framework introduced in Section 2. For each DT_i ∈ D, the raw compliance vector is transformed into normalized compliance scores through the mappings of Section 2.3.

3.3.1. Traceability Normalization

Traceability measures coverage between requirements, digital models, and validation artifacts and is quantified through the percentage C.

The normalized traceability score is computed using the normalization mapping defined in Equation (13), namely $s_T={\displaystyle \frac{C}{100}}$. This transformation ensures that the traceability score remains bounded in the interval [0, 1] while preserving proportional interpretation. For example, a DT implementation with C = 60% yields $s_T=0.66$.

Within the synthetic portfolio introduced in Table 4, traceability coverage ranges from low documentation completeness (C = 30%) to highly documented implementations (C = 90%) enabling the evaluation framework to capture different stages of DT lifecycle maturity.

3.3.2. Interoperability Normalization

Interoperability quantifies the degree of communication and data integration across subsystems participating in the DT architecture. As described in Section 2.3, interoperability levels are evaluated using a discrete maturity scale $L_I\in \left\{0, 1, 2, 3, 4\right\}$ representing increasing levels of protocol and semantic integration.

The normalized interoperability score is obtained using the normalization defined in Equation (14). This formulation maps the discrete maturity levels into the normalized interval [0, 1].

Within the dataset of Table 4, interoperability values vary from limited integration (L_I = 1) to fully standardized communication infrastructures (L_I = 4), reflecting typical integration levels encountered in DT implementations deployed in laboratory or industrial environments.

3.3.3. Fidelity Normalization

Fidelity expresses the behavioral agreement between the physical system and its DT representation. In the proposed framework, fidelity is quantified using the Root Mean Square Error (RMSE) between measured and simulated quantities.

Following the normalization formulation introduced in Equation (15), the fidelity score is defined as where RMSE_ref represents the maximum admissible error threshold for acceptable DT accuracy.

This formulation ensures that:

• $s_F$ = 1 corresponds to perfect agreement;
• increasing deviations progressively reduce the compliance score;
• values exceeding the admissible tolerance are truncated to zero.

For lighting-oriented Digital Twins, the RMSE indicator may represent aggregated deviations between measured and simulated quantities such as luminous flux, correlated color temperature (CCT), chromaticity coordinates, spectral power distribution features, and electro-thermal behavior of LED modules.

3.3.4. Security and Governance Normalization

Security and governance compliance is evaluated through structured audit levels reflecting cybersecurity controls and lifecycle management practices.

As defined in Section 2.3, the security maturity indicator is expressed on a discrete scale $L_S\in \left\{0, 1, 2, 3, 4\right\}$. The normalized score is obtained using Equation (18). This transformation converts discrete audit levels into a continuous compliance score compatible with the aggregation functional.

Within the dataset of Table 4, security levels range from basic cybersecurity practices (L_S = 1) to mature governance structures supported by standardized security controls (L_S = 4).

3.3.5. Deterministic Aggregation of Compliance Scores

After normalization, each DT instance is represented by a normalized compliance vector. The overall DT compliance score is obtained by the deterministic aggregation functional in Equation (20), with weights satisfying Equation (19). For the deterministic dataset, this yields the instance-wise scores reported in (38).

$$S_{DT}(X_i)=\sum _{k \in K}{w}_k·s_k(X_i)$$

(38)

In the present study, equal weights are adopted to avoid domain-specific preference bias in the absence of a harmonized regulatory or application-specific weighting scheme. This choice preserves transparent interpretation and balanced contribution of the four compliance dimensions. Alternative weighting strategies may be used in application-specific audits.

The resulting compliance score is expressed on a percentage scale $S_{DT}^{\%}=100·S_{DT}$.

3.3.6. Deterministic Maturity Classification

The scalar score is interpreted using the three-level maturity partition introduced in Section Maturity Classification and summarized in

Table 5. Deterministic maturity level.

Score Interval	Maturity Level
SDT < 40	incipient
40 ≤ SDT < 70	intermediate
SDT ≥ 70	advanced

.

Under this choice, moderate shifts in the threshold values would primarily affect borderline cases near the class boundaries, whereas clearly low or high scoring instances remain qualitatively stable. In this sense, the thresholds are used here as an interpretable proof-of-concept partition rather than as fixed cross-domain acceptance criteria.

3.3.7. Deterministic Evaluation Results

Applying the normalization mappings and aggregation functional to the deterministic data set defined in Table 4 yields the compliance scores summarized in

Table 6. Deterministic scoring results.

DT	SDT (Det.)	Deterministic Class
DT-01	47.22	intermediate
DT-02	59.06	intermediate
DT-03	70.91	advanced
DT-04	34.64	incipient
DT-05	53.39	intermediate
DT-06	72.32	advanced
DT-07	43.75	intermediate
DT-08	60.00	intermediate
DT-09	79.38	advanced
DT-10	92.81	advanced
DT-11	72.46	advanced
DT-12	22.08	incipient

.

These results provide a baseline maturity ranking across the evaluated portfolio. Low-traceability, weakly integrated, and high-error instances remain incipient, whereas better documented, better integrated, and better calibrated systems reach advanced maturity. For lighting DTs, these classes correspond respectively to partial, stable, and highly integrated validation workflows.

These deterministic results from the baseline for the uncertainty-aware analysis of Section 3.4.

3.4. Uncertainty-Aware Results: Score Distributions and Maturity Probabilities

The deterministic compliance scores of Section 3.3 are single-point estimates derived from normalized indicators and the aggregation functional in Equation (20). Once uncertainty is introduced according to the stochastic model of Section 3.1, each DT instance is characterized by a score distribution rather than by a single value.

For each instance, the analysis reports:

• expected score $E\left[S_{DT}\right]$
• dispersion (standard deviation) $SD\left(S_{DT}\right)$
• score interval $\left[Q_{0.05},Q_{0.95}\right]$

Maturity is also evaluated probabilistically through the class probabilities defined in (39), which quantify classification robustness.

$$\begin{gathered} p_{inc}=P\left(S_{DT}<40\right) \\ {p}_{adv}=P\left(S_{DT}\ge 70\right) \\ {p}_{int}=1-p_{inc}-p_{adv} \end{gathered}$$

(39)

For lighting-oriented DTs, this probabilistic view is relevant because measurement conditions and operating regimes may vary with thermal stabilization, dimming, aging, driver ripple, or sensor positioning, while interoperability and security assessments retain expert uncertainty. A deterministic label alone may therefore be insufficient when results are used for validation or deployment decisions.

3.4.1. Probabilistic Behavior of the Lighting Subset

Within the lighting subset, uncertainty does not affect all DT instances in the same way. DT-03 is deterministically advanced, but part of its simulated outcomes shifts into the intermediate class. In contrast, DT-10 retains a robust advanced classification, with a narrow score interval indicating stable behavior, strong traceability, reliable calibration, standardized communication, and mature security controls. DT-01 remains deterministically intermediate but still has a non-negligible probability of falling into the incipient class under uncertainty.

3.4.2. Uncertainty-Aware Evaluation Results

The statistical results obtained from Monte Carlo propagation with M = 30,000 samples are summarized in

Table 7. Uncertainty-aware scoring result (Monte Carlo, M = 30,000).

DT	E_S_DT	SD	${\mathit{Q}}_{0.05}$	${\mathit{Q}}_{0.95}$	${\mathit{p}}_{\mathit{i}\mathit{n}\mathit{c}}$	${\mathit{p}}_{\mathit{i}\mathit{n}\mathit{t}}$	${\mathit{p}}_{\mathit{a}\mathit{d}\mathit{v}}$	Most Probable Class
DT-01	47.25	6.31	36.88	57.71	0.127	0.873	0.000	intermediate
DT-02	59.06	6.29	48.73	69.35	0.001	0.959	0.041	intermediate
DT-03	70.91	6.30	60.69	81.35	0.000	0.440	0.560	advanced
DT-04	34.66	6.44	24.17	45.30	0.794	0.206	0.000	incipient
DT-05	53.45	6.50	42.79	64.13	0.018	0.977	0.005	intermediate
DT-06	72.37	6.46	61.77	83.07	0.000	0.356	0.644	advanced
DT-07	43.78	6.61	32.78	54.61	0.283	0.717	0.000	intermediate
DT-08	60.05	6.65	49.07	71.01	0.001	0.931	0.068	intermediate
DT-09	78.06	5.88	68.12	87.59	0.000	0.090	0.910	advanced
DT-10	89.90	4.42	81.90	96.16	0.000	0.000	1.000	advanced
DT-11	71.25	5.64	61.70	80.45	0.000	0.399	0.601	advanced
DT-12	22.58	6.33	12.49	33.17	0.997	0.003	0.000	incipient

.

To improve readability, the tabulated uncertainty-aware results are complemented by a graphical summary. Figure 1 shows the deterministic compliance scores together with the uncertainty-aware score intervals across the synthetic DT portfolio. This representation makes the relation between nominal score level, uncertainty spread, and proximity to the maturity thresholds more immediately visible.

3.4.3. Interpretation of Uncertainty-Aware Maturity

The probabilistic analysis highlights three points. First, borderline classifications become explicit: for DT-03, 56% of simulated outcomes remain above the advanced threshold, whereas 44% move into the intermediate class. Second, robust advanced implementations are clearly identifiable: DT-10 exhibits a narrow score interval [81.90, 96.16], indicating highly stable classification. Third, the framework quantifies compliance risk directly: DT-01 is deterministically intermediate but still retains a measurable probability of incipient behavior.

The uncertainty-aware formulation therefore adds confidence information that is not available from deterministic scoring alone. In decision-oriented use, nominal maturity should be complemented by robust information. Deterministically advanced but probabilistically fragile cases are best interpreted as borderline advanced and may justify conditional release or additional validation, whereas cases with both advanced nominal score and high advanced-class probability are more robust deployment candidates.

Figure 2 complements Table 7 by summarizing the probabilities of incipient, intermediate, and advanced maturity across the evaluated DT instances. The stacked representation makes classification robustness and borderline behavior immediately visible.

3.5. Worked Example

A worked example based on DT-11 illustrates the full evaluation pipeline of Section 2.3, Section 2.4 and Section 2.5 on a borderline advanced case.

DT-11 is selected from Table 4 because its deterministic score lies close to the advanced threshold and therefore clearly shows the difference between deterministic and probabilistic assessment. For DT-11, the deterministic input vector is given by the values of Table 4, with the fidelity reference threshold defined by Equation (15).

3.5.1. Normalization of the Input Indicators

Applying the normalization mappings of Section 2.3 gives the four criterion scores for DT-11:

• traceability $s_T=0.72$;
• interoperability $s_I=1.00$;
• fidelity $s_T=0.42$;
• security and governance $s_S=0.75$.

Hence, the normalized compliance vector associated with DT-11 is $s\left(X_{11}\right)=(0.72, 1.00, 0.42, 0.75)$.

3.5.2. Deterministic Aggregation

The deterministic compliance score is computed using the weighted linear aggregation functional introduced in Equation (20). Under the equal-weight assumption $w_T=w_I=w_F=w_S=0.25$, the aggregated score becomes $S_{DT}\left(X_{11}\right)=0.25(s_T+s_I+s_F+s_S)$.

Substituting the normalized values obtained above yields $S_{DT}\left(X_{11}\right)=0.25\left(0.72+1.00+0.42+0.75\right)=0.72$.

Expressed on the percentage scale used throughout Section 3, the deterministic score is $S_{DT}^{\%}=72.46$, which coincides with the value reported in Table 6.

According to the maturity thresholds introduced in Section Maturity Classification, this score satisfies $S_{DT}^{\%}\ge 70$ and therefore DT-11 is deterministically classified as advanced.

3.5.3. Uncertainty-Aware Formulation

The deterministic calculation assumes exact inputs. In the uncertainty-aware formulation, the raw indicators are treated as uncertain quantities.

For DT-11, the uncertain inputs are modeled around the deterministic baseline as follows:

• $C~N\left(72,{\sigma }_C\right)$
• $RMSE~N\left(0.80,{\sigma }_F\right)$

The same uncertainty parameters used elsewhere in numerical study are adopted, while interoperability and security remain bounded discrete variables centered at their assessed levels.

After normalization through (13)–(18), these uncertain inputs generate the random compliance score of Equation (28).

3.5.4. Statistical Interpretation of the Worked Example

Monte Carlo propagation with M = 30,000 samples yields the DT-11 score distribution summarized in Table 7:

• $E\left[S_{DT}\right]=71.25$;
• $SD\left(S_{DT}\right)=5.64$;
• $[Q_{0.05},Q_{0.95}]=[61.70,80.45]$.

Although DT-11 is deterministically advanced, the classification is not fully robust: approximately 60.1% of realizations remain advanced, whereas about 39.9% fall into the intermediate class. DT-11 is therefore a borderline advanced DT: the deterministic score exceeds the threshold, but the uncertainty-aware analysis reveals classification fragility.

From an engineering viewpoint, this occurs because DT-11 combines strong interoperability and relatively high traceability with only moderate fidelity margin relative to the admissible tolerance. An analogous situation would arise in lighting DTs with good documentation and integration but model calibration close to the admissible validation error. In such cases, a deterministic label may overstate maturity robustness.

3.6. Sensitivity and Robustness Findings

Beyond the numerical results of Section 3.3, Section 3.4 and Section 3.5, Equation (20) also supports analytical interpretation of score sensitivity with respect to the underlying compliance indicators.

Because the aggregation operator is linear in the normalized scores, the contribution of each criterion can be expressed explicitly.

3.6.1. Sensitivity to Fidelity Error

The fidelity score is defined by Equation (15). Substitution into the aggregation functional (20) yields the fidelity contribution to the global compliance score. Under equal weights, the sensitivity with respect to fidelity error is expressed in (40).

$${\displaystyle \frac{\partial S_{DT}}{\partial RMSE}}=-{\displaystyle \frac{w_F}{{RMSE}_{ref}}}$$

(40)

The compliance score therefore decreases linearly with increasing model-system deviation, with sensitivity inversely proportional to the admissible tolerance. For lighting-oriented DTs, this corresponds to stricter agreement requirements for luminous flux, correlated color temperature, spectral distribution, or thermal behavior.

3.6.2. Influence of Traceability Coverage

Using Equation (13) in the aggregation functional gives (41).

$${\displaystyle \frac{\partial S_{DT}}{\partial C}}={\displaystyle \frac{w_T}{100}}$$

(41)

Under equal weighting, each percentage-point increase in traceability coverage produces a linear increase in the global score. Improved requirement-model-test traceability therefore raises DT maturity independently of fidelity or interoperability.

3.6.3. Stepwise Effects of Interoperability and Security Levels

Interoperability and security are defined on discrete maturity scales, so their normalized scores induce stepwise variations in the aggregated score. Each increase in one maturity level produces a fixed increment in the global score. In practice, these increments correspond to discrete structural transitions such as migration to standardized communication protocols, adoption of secure communication infrastructures, or introduction of structured lifecycle governance and cybersecurity certification.

3.6.4. Robustness of the Compliance Functional

The bounded and linear structure of the compliance function ensures predictable behavior under moderate perturbations of the input indicators. As shown in Section 2.6, the aggregation operator satisfies a stability inequality that bounds the effect of variations in the individual criteria on the global score. This provides the theoretical basis for the uncertainty-aware analysis of Section 3.4.

The sensitivity analysis highlights two main points. First, fidelity tolerance strongly affects maturity robustness: under strict tolerances, small DT-model deviations can materially change the compliance score and class. Second, improvements in interoperability or security can induce discrete maturity jumps because they correspond to structural changes such as standardized communication or certified cybersecurity controls. Together with the probabilistic analysis, these results show that the framework provides not only maturity scores but also interpretable information on how engineering decisions affect robustness.

3.7. Illustrative Application to a Published IEC 61850-Based Substation DT

To complement the synthetic portfolio, the framework is applied to the IEC 61850-based distribution-substation DT reported in [24].

3.7.1. Extraction of Compliance Inputs

Traceability is approximated from the documented relation between physical IED (Intelligent Electronic Device) configurations, IEC 61850 logical nodes, and the reported configuration-validation procedures. The available evidence supports a partial-to-substantial traceability assessment.

Interoperability is supported by standardized IEC 61850 information models and demonstrated GOOSE (Generic Object Oriented Substation Event) communication, which justifies assignment to the highest interoperability category defined in Section 2.3.

Fidelity is inferred from the reported validation of protection responses and communication timing. Although no explicit RMSE is reported, the documented behavioral agreement supports a representative approximation within acceptable operational margins.

Security and governance are only partially documented. In the absence of explicit IEC 62443-4-2 certification or IEC 62890 lifecycle evidence, the security maturity input is conservatively assessed.

This application should therefore be interpreted as an illustrative secondary use scoring exercise rather than as a direct empirical audit.

3.7.2. Deterministic Compliance Score

Using the normalization mappings introduced in Section 2.3, the normalized compliance scores are obtained as (42).

$$\begin{gathered} s_T=0.70, s_I=1.00 \\ {s}_F=1-{\displaystyle \frac{{RMSE}_0}{{RMSE}_{ref}}}=1-{\displaystyle \frac{0.45}{1.2}}=0.62 \\ {s}_S={\displaystyle \frac{L_{S0}}{4}}=0.75 \end{gathered}$$

(42)

The deterministic DT compliance score is computed using the aggregation functional introduced in Section 2.4. In general form, the compliance score is defined as (20), where K denotes the compliance criteria set and the weights satisfy $w_k\ge 0$, $\sum w_k=1$.

In the present evaluation equal weights are adopted $w_T=w_I=w_F=w_S=0.25$.

Substituting the normalized scores obtained above yields $S_{DT}=100·0.25\left(0.70+1.00+0.625+0.75\right)=76.9$.

Allowing the maturity thresholds introduced in Section Maturity Classification, this value corresponds to advanced maturity. The resulting classification reflects high interoperability and a representative level of behavioral agreement between the digital and physical system.

3.7.3. Uncertainty-Aware Assessment

To evaluate classification robustness, the uncertainty model defined in Section 3.1 is applied. Traceability and fidelity are modeled as normally distributed variables around their assessed values according to (43), while interoperability and security levels are treated as bounded discrete variables centered at the assigned categories.

$$C~N(70, 5^2), RMSE ~ N(0.45, {0.05}^2)$$

(43)

Propagation of uncertainty through the compliance functional using Monte Carlo simulation with M = 30,000 samples yields the random score S_DT(X). The resulting statistical descriptors are $\mathbb{E}$[S_DT] ≈ 77.1, SD(S_DT) ≈ 5.4, with a 90% interval approximately given by [68.3, 85.2].

The probability of maintaining advanced maturity is defined in (30) and is evaluated for the present case in (44).

$${\mathrm{p}}_{\mathrm{adv}}=\mathrm{P}({\mathrm{S}}_{\mathrm{DT}}\ge 70)\approx 0.88)$$

(44)

The uncertainty-aware assessment therefore indicates that the IEC 61850-based substation DT exhibits not only deterministic advanced maturity but also a robust advanced-maturity profile under moderate variability in traceability completeness, fidelity estimation, and audit interpretation. In probabilistic terms, the score distribution remains predominantly above the advanced threshold, distinguishing this implementation from borderline synthetic instances analyzed previously.

4. Discussion

The results confirm that the proposed framework provides a consistent and interpretable basis for DT compliance assessment across heterogeneous electrical-system implementations. The deterministic analysis separates incipient, intermediate, and advanced DT instances in a manner consistent with the engineering meaning of traceability, interoperability, fidelity, and security maturity. In particular, the scores reported in Table 6 show that low-maturity instances are associated with limited traceability, weaker integration, and larger model-system deviations, whereas advanced instances combine stronger documentation links, standardized communication, improved fidelity, and more mature governance practices.

The uncertainty-aware results also show that deterministic classification alone is not always sufficient for robust interpretation. Table 7 highlights that some DTs located near the maturity thresholds remain sensitive to moderate perturbations in the input indicators. This is visible for DT-03 and DT-11, which are deterministically classified as advanced but retain advanced maturity only with probability of about 0.56 and 0.601, respectively, whereas DT-10 preserves advanced maturity with probability of 1.000 and a narrow score interval. The framework therefore distinguishes between nominal maturity and robust maturity, which is particularly relevant when compliance results support engineering decisions related to validation, deployment readiness, or controlled operation.

The illustrative IEC 61850-based substation application provides a preliminary literature-based demonstration of how the model can be instantiated beyond the synthetic portfolio. Although the published source does not provide a complete audit-grade dataset, the extracted inputs lead to deterministic advanced maturity and a probability of advanced classification of approximately 0.88 under uncertainty. This suggests that the proposed formulation can be applied in a plausible and structurally consistent way not only to synthetic portfolios, but also to selected DT implementations documented in the literature. At the same time, the example shows that secondary-use scoring should be interpreted cautiously when complete empirical evidence is unavailable.

Several limitations remain. The numerical study is mainly based on a synthetic portfolio, the uncertainty model assumes moderate and simplified input variability, and equal weights were adopted to preserve neutrality in the absence of a domain-specific weighting scheme. Future work should therefore focus on validation using real DT case studies, refinement of application-specific weighting strategies, and extension toward richer uncertainty formulations, including dependent variables, probabilistic updating, or dynamic lifecycle-based compliance assessment. For lighting-oriented DTs in particular, future developments may expand the fidelity component beyond a single RMSE indicator to include multidimensional photometric, chromatic, thermal, and electrical validation measures.

Accordingly, the conclusions presently supported by this study are primarily methodological rather than fully generalizable. The manuscript establishes that the proposed framework is mathematically coherent, analytically interpretable, and capable of distinguishing nominal from robustness-sensitive maturity under controlled uncertainty assumptions. By contrast, broader claims of cross-domain operational validity should still be regarded as preliminary until supported by larger empirical studies on real DT deployments.