The ongoing convergence of IT and OT, accelerated by software-defined automation, is fundamentally reshaping automation architectures. Modern OT environments increasingly adopt IT-native paradigms such as containerization, virtualization, agile/DevOps practices, and cloud/edge architectures, while also bringing IT applications to the field level and moving traditional OT applications into the cloud. 
    
This rapid “IT-ification” of OT raises a critical but insufficiently researched question: which IT security concepts are truly transferable to OT in a software-defined automation context, and under what conditions?

GOALS:

• Systematically analyze the fit, limitations, and necessary adaptations of IT security principles for software-defined automation
• Evaluate standards and regulation like IEC 62443 and CRA for this trend
• Evaluate considerations and approaches through one or more case studies

HELPFUL PRIOR KNOWLEDGE:

• Basic Understanding of Industrial Automation
• Good Understanding of virtualization technologies
• Interest to get familiar with emerging security concepts