| Issue |
ITM Web Conf.
Volume 79, 2025
International Conference on Knowledge Engineering and Information Systems (KEIS-2025)
|
|
|---|---|---|
| Article Number | 01005 | |
| Number of page(s) | 8 | |
| DOI | https://doi.org/10.1051/itmconf/20257901005 | |
| Published online | 08 October 2025 | |
Securing the Convergence of IT and OT Networks in Cyber Physical System: Policy, Architecture and Implementation Challenges
1 Department of Electrical Engineering, Sardar Patel College of Engineering, Mumbai, India
2 Depatment of Artificial Intelligence, SVKM’s NMIMS, Mukesh Patel School of Technology Management & Engineering (MPSTME), Mumbai, India
* Corresponding author: raich.rajiv@gmail.com
The integration of Information Technology (IT) and Operational Technology (OT) within Cyber-Physical Systems (CPS) is reshaping critical infrastructure, driving improvements in efficiency, automation, and agile decision-making. However, this integration introduces significant cybersecurity challenges due to fundamental differences in priorities, protocols, and governance models. While IT systems emphasize data confidentiality and rapid updates, OT systems prioritize availability, reliability, and safety—often relying on legacy infrastructure less-equipped to handle modern threats. This paper explores the multifaceted challenges in securing IT-OT convergence within CPS, with a particular focus on critical infrastructure sectors such as energy, water, transportation, and manufacturing. The policy and regulatory gaps that hinder unified security strategies are analysed. The architectural models that support secure interoperability are examined, and key implementation challenges including segmentation, legacy system integration, and threat modelling are identified. A literature review of contemporary frameworks and case studies reveals a fragmented approach to security, with a need for further standardization, governance harmonization, and real-time risk assessment tools. This paper outlines general guidelines and checkpoints aligned of existing frameworks for a layered, defense-in-depth strategy aligned with zero-trust principles, supported by policy recommendations and architectural guidelines tailored to critical infrastructure protection. The findings aim to assist policymakers, engineers, and security professionals in building resilient and adaptive CPS environments to mitigate evolving cyber threats.
© The Authors, published by EDP Sciences, 2025
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.