Interlocking IT/OT security for edge cloud-enabled manufacturing

After an initial push to outsource every single computation to remote data centers, the edge compute paradigm can now provide the necessary balance of scalability and timeliness for successful manufacturing deployments. By consolidating compute resources that were previously distributed across the shop floor, a major emphasis is being placed on the manufacturing network, which has adapted to its new role by converging the IT and OT domains into a scalable, timely, highly available, and secure network.This work centers around security mechanisms to secure virtualization-based manufacturing. Our proposed concept uses only measures in the network layer, where we see the greatest benefits, while providing the possibility to deploy it in brownfield environments today. Validation is performed by challenging it with known and emerging security threats, the cyber kill chain, and IEC 62443-3-3, improving the security level in most metrics in contrast to perimeter-based legacy architectures. In future work, the validated concept can be extended to the physical, host and application layers, providing holistic IT/OT security and enabling secure edge cloud-enabled manufacturing.