Communication between assets and systems is one of the foundational principles of the Industry 4.0 paradigm, enabling increased automation, data exchange, and real-time decision-making across industrial environments. However, the growing integration between Operational Technology (OT) networks and core Information Technology (IT) infrastructures —and their progressive exposure to the Internet — introduces a broad spectrum of cybersecurity vulnerabilities. These threats range from unauthorized access and data exfiltration to lateral movement attacks and system-level disruptions, which can significantly impact safety, production continuity, and system integrity.Traditional security models often fall short in this context due to the many OT components’ unique constraints and legacy nature. This paper explores how Software-Defined Networking (SDN), with its centralized control and programmable architecture, offers a flexible and robust solution to improve the security posture of OT networks. By decoupling the control and data planes, SDN enables fine-grained traffic monitoring, dynamic policy enforcement, and rapid threat mitigation — essential in protecting heterogeneous industrial systems. The paper highlights the key advantages of SDN for OT-IT convergence. It discusses concrete use cases where SDN principles help detect, isolate, and respond to cybersecurity incidents in modern industrial environments.
Bacca, R., Melis, A., Rinieri, L., Girau, R., Callegati, F., Prandini, M. (2025). Empowering Operational Technology Cybersecurity with the Asset Administration Shell [10.1109/CAMAD67323.2025.11229901].
Empowering Operational Technology Cybersecurity with the Asset Administration Shell
Bacca R.;Melis A.;Rinieri L.;Girau R.;Callegati F.;Prandini M.
2025
Abstract
Communication between assets and systems is one of the foundational principles of the Industry 4.0 paradigm, enabling increased automation, data exchange, and real-time decision-making across industrial environments. However, the growing integration between Operational Technology (OT) networks and core Information Technology (IT) infrastructures —and their progressive exposure to the Internet — introduces a broad spectrum of cybersecurity vulnerabilities. These threats range from unauthorized access and data exfiltration to lateral movement attacks and system-level disruptions, which can significantly impact safety, production continuity, and system integrity.Traditional security models often fall short in this context due to the many OT components’ unique constraints and legacy nature. This paper explores how Software-Defined Networking (SDN), with its centralized control and programmable architecture, offers a flexible and robust solution to improve the security posture of OT networks. By decoupling the control and data planes, SDN enables fine-grained traffic monitoring, dynamic policy enforcement, and rapid threat mitigation — essential in protecting heterogeneous industrial systems. The paper highlights the key advantages of SDN for OT-IT convergence. It discusses concrete use cases where SDN principles help detect, isolate, and respond to cybersecurity incidents in modern industrial environments.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
