Emerging IT/OT-Security concepts from Brownfield to Future Industrial Production Systems

Call for Paper IFAC World Open Invited Track, Submission Code: pqkr8

The increasing digitalization of industrial systems has profoundly transformed the automation landscape, enabling unprecedented levels of flexibility, connectivity, and efficiency. However, this convergence of Information Technology (IT) and Operational Technology (OT) exposes production environments to new vulnerabilities and threats that were traditionally confined to enterprise IT domains. Emerging cyber-criminal activities explicitly targeting industrial control systems (ICS) and critical infrastructure highlight that cybersecurity in automation is no longer a peripheral concern but a central requirement for operational continuity and resilience.

Recent high-profile attacks on manufacturing, energy, and process industries demonstrate that cyber incidents can disrupt production, compromise safety, damage reputations, and cause far-reaching economic and societal consequences. At the same time, regulatory frameworks such as the EU’s Network and Information Security Directive (NIS2), the Cyber Resilience Act (CRA), and sector-specific standards like IEC 62443 and ISO 27001 are setting a new baseline for industrial cybersecurity. Compliance with these directives requires organizations to move beyond ad-hoc measures and towards structured, holistic security strategies that integrate technical, organizational, and human factors.

In this context, IT/OT-security emerges as both a technological and socio-technical challenge. It involves securing highly heterogeneous environments that span legacy systems, real-time communication protocols, cyber-physical production systems, and cloud-based industrial services. Resilience can only be achieved by embedding security across the lifecycle of automation systems - from design and engineering to operation, maintenance, and decommissioning. Furthermore, the human dimension of cybersecurity, including operator training, awareness, and organizational culture, is critical in shaping effective and sustainable defense mechanisms.

Advanced methods are needed to address these challenges. Artificial Intelligence and Machine Learning techniques promise to enable predictive threat detection and anomaly recognition. Secure-by-design architectures and zero-trust frameworks redefine how automation systems are conceived and protected. Digital twins for cybersecurity open new possibilities for proactive risk assessment, penetration testing, and continuous compliance monitoring. At the same time, new collaborative paradigms - such as cross-industry threat intelligence sharing and sector-wide incident response coordination - are gaining importance in defending against sophisticated adversaries.

This session will take on these pressing challenges by exploring cutting-edge methods, architectures, and practices for advancing IT/OT-security in industrial automation systems. It seeks to unite researchers, industry practitioners, and policymakers to discuss how technical innovation, regulatory compliance, and organizational maturity can converge to build robust and future-proof security frameworks for industrial ecosystems.

We welcome contributions to the following research topics, but not limited to:

  • Threat detection, anomaly detection, and incident response in IT/OT environments.
  • Cyber risk assessment and resilience engineering for automation systems.
  • Secure communication protocols for industrial networks (OPC UA, TSN, 5G, etc.).
  • Role of Artificial Intelligence and Machine Learning in enhancing IT/OT security.
  • Securing emerging agentic AI based engineering workflows.
  • Digital twins and cyber ranges for security testing, training, and resilience validation.
  • Security-by-design and zero-trust approaches for industrial control systems.
  • Human factors, organizational culture, and training in cybersecurity practices.
  • Regulatory compliance strategies for NIS2, CRA, and IEC 62443.
  • Cross-sector collaboration, threat intelligence sharing, and cooperative defense models.
  • Integration of cybersecurity with safety and reliability in automation.