This paper proposes a digital twin (DT)-based framework for detecting cyber-attacks in cyber-physical manufacturing systems (CPMS). The framework addresses two key challenges: distinguishing expected anomalies from cyber-attacks and identifying cyber-attacks during the transient response of CPMS due to closed-loop controllers. The DT technology is leveraged to provide insights into the physical process by utilizing run-time data, models, and analytics. The proposed framework includes a DT architecture that supports cyber-attack detection through data-driven machine learning models, physics-based models, and subject matter expert knowledge. The framework is demonstrated using an experimental case study on off-the-shelf 3D printers to illustrate its effectiveness. The framework is designed to be extensible and modular, allowing for the integration of various components and the adaptation to different CPMS scenarios. The framework also includes a Cybersecurity DT that utilizes Detector DT and Consistency DT to analyze run-time and historical data for attack detection. The framework is capable of distinguishing cyber-attacks from expected anomalies and performing transient analysis for controlled processes between varying setpoints. The proposed framework provides a systematic and extensible approach to cyber-attack detection in CPMS, enabling the implementation of various methodologies from the literature. The framework is designed to be compatible with existing industrial control systems and can be extended to accommodate further developments. The contributions of this work include an extensible DT-based solution framework for cyber-attack detection in CPMS, a methodology to distinguish cyber-attacks from expected anomalies, and a novel experimental demonstration of the proposed DT-based method on an off-the-shelf 3D printer. The framework is capable of working with existing architectures for anomaly detection in industrial systems and enables scalability to multiple resources in a CPMS thanks to its DT-centric design.This paper proposes a digital twin (DT)-based framework for detecting cyber-attacks in cyber-physical manufacturing systems (CPMS). The framework addresses two key challenges: distinguishing expected anomalies from cyber-attacks and identifying cyber-attacks during the transient response of CPMS due to closed-loop controllers. The DT technology is leveraged to provide insights into the physical process by utilizing run-time data, models, and analytics. The proposed framework includes a DT architecture that supports cyber-attack detection through data-driven machine learning models, physics-based models, and subject matter expert knowledge. The framework is demonstrated using an experimental case study on off-the-shelf 3D printers to illustrate its effectiveness. The framework is designed to be extensible and modular, allowing for the integration of various components and the adaptation to different CPMS scenarios. The framework also includes a Cybersecurity DT that utilizes Detector DT and Consistency DT to analyze run-time and historical data for attack detection. The framework is capable of distinguishing cyber-attacks from expected anomalies and performing transient analysis for controlled processes between varying setpoints. The proposed framework provides a systematic and extensible approach to cyber-attack detection in CPMS, enabling the implementation of various methodologies from the literature. The framework is designed to be compatible with existing industrial control systems and can be extended to accommodate further developments. The contributions of this work include an extensible DT-based solution framework for cyber-attack detection in CPMS, a methodology to distinguish cyber-attacks from expected anomalies, and a novel experimental demonstration of the proposed DT-based method on an off-the-shelf 3D printer. The framework is capable of working with existing architectures for anomaly detection in industrial systems and enables scalability to multiple resources in a CPMS thanks to its DT-centric design.