Open Invited Track – Emerging IT/OT-Security Concepts

From Brownfield to Future Industrial Production Systems

Part of the IFAC World Congress 2026, Busan, South Korea

Submission Code: pqkr8

Submit Your Paper

About the Track

The increasing digitalization of industrial systems has profoundly transformed the automation landscape, enabling unprecedented levels of flexibility, connectivity, and efficiency. However, this convergence of Information Technology (IT) and Operational Technology (OT) exposes production environments to new vulnerabilities and threats that were traditionally confined to enterprise IT domains. Emerging cyber-criminal activities explicitly targeting industrial control systems (ICS) and critical infrastructure highlight that cybersecurity in automation is no longer a peripheral concern but a central requirement for operational continuity and resilience.

Recent high-profile attacks on manufacturing, energy, and process industries demonstrate that cyber incidents can disrupt production, compromise safety, damage reputations, and cause far-reaching economic and societal consequences. At the same time, regulatory frameworks such as the EU’s Network and Information Security Directive (NIS2), the Cyber Resilience Act (CRA), and sector-specific standards like IEC 62443 and ISO 27001 are setting a new baseline for industrial cybersecurity. Compliance with these directives requires organizations to move beyond ad-hoc measures and towards structured, holistic security strategies that integrate technical, organizational, and human factors.

In this context, IT/OT-security emerges as both a technological and sociotechnical challenge. It involves securing highly heterogeneous environments that span legacy systems, real-time communication protocols, cyber-physical production systems, and cloud-based industrial services. Resilience can only be achieved by embedding security across the lifecycle of automation systems - from design and engineering to operation, maintenance, and decommissioning. Furthermore, the human dimension of cybersecurity, including operator training, awareness, and organizational culture, is critical in shaping effective and sustainable defense mechanisms.

Advanced methods are needed to address these challenges. Artificial Intelligence and Machine Learning techniques promise to enable predictive threat detection and anomaly recognition. Secure-by-design architectures and zero-trust frameworks redefine how automation systems are conceived and protected. Digital twins for cybersecurity open new possibilities for proactive risk assessment, penetration testing, and continuous compliance monitoring. At the same time, new collaborative paradigms - such as cross-industry threat intelligence sharing and sector-wide incident response coordination - are gaining importance in defending against sophisticated adversaries.

This session will take on these pressing challenges by exploring cutting-edge methods, architectures, and practices for advancing IT/OT-security in industrial automation systems. It seeks to unite researchers, industry practitioners, and policymakers to discuss how technical innovation, regulatory compliance, and organizational maturity can converge to build robust and future-proof security frameworks for industrial ecosystems.

Topics of Interest

  • Threat detection, anomaly detection, and incident response in IT/OT environments.
  • Cyber risk assessment and resilience engineering for automation systems.
  • Secure communication protocols for industrial networks (OPC UA, TSN, 5G, etc.).
  • Role of Artificial Intelligence and Machine Learning in enhancing IT/OT security.
  • Securing emerging agentic AI based engineering workflows.
  • Digital twins and cyber ranges for security testing, training, and resilience validation.
  • Security-by-design and zero-trust approaches for industrial control systems.
  • Human factors, organizational culture, and training in cybersecurity practices.
  • Regulatory compliance strategies for NIS2, CRA, and IEC 62443.
  • Cross-sector collaboration, threat intelligence sharing, and cooperative defense models.
  • Integration of cybersecurity with safety and reliability in automation.

Key Dates

Milestone Date
Regular/survey papers, demonstration papers due November 26, 2025
Late-breaking/Discussion papers, dissemination papers due February 28, 2026
Notification of acceptance April 15, 2026
Final paper submission due May 15, 2026
IFAC World Congress August 23-28, 2026

Submission Instructions

Authors are invited to submit original contributions through the official IFAC submission portal. Please use the Open Invited Track code pqkr8 during the submission process.

Papers must follow the IFAC format and guidelines, and regular paper have an initial page limit of 8 (6 for the final submission). All submissions will be peer-reviewed according to IFAC standards.

For details, visit the official website: https://www.ifac2026.org

Organizers & Contact

  • M.Sc. Marwin Madsen, Institute of Control Systems, Karlsruhe Institute of Technology
  • Prof. Dr.-Ing. Mike Barth, Institute of Control Systems, Karlsruhe Institute of Technology