One of the areas that has fascinated us the most has been that of IT/OT and the convergence of these traditionally very separate worlds. For the unfamiliar, whilst IT is traditionally focused on providing information technology to the office-based workers, OT or Operational Technology provides sensors and control systems in the industrial domain. Historically, the OT domain was confined to specialized control engineers but as control systems have become data-rich and digital, more and more digital (or IT) technologies have been repurposed and integrated into the OT layer, driving convergence. Over the past couple of years, it has become my firm belief that the changes in this domain will have to accelerate in the coming years driven by growing cyber threats, increasingly capable edge devices and the accelerated development of AI.
Cybersecurity as a Key Driver for Accelerating IT/OT Integration
OT environments, once isolated and protected by “air gaps,” are now increasingly targeted by sophisticated cyberattacks that can breach these gaps. Recent high-profile incidents have demonstrated that attackers can exploit vulnerabilities in industrial control systems (ICS) and distributed control systems (DCS) through indirect vectors, such as compromised supply chains or removable media. For example:
- Critical vulnerabilities in ABB’s Cylon ASPECT building automation and energy management system (CVE-2023-0636 and CVE-2024-6209) have enabled attackers to remotely execute code and extract credentials, even when ABB claimed authentication was required. Hundreds of unpatched systems were found online, underlining the risk of leaving OT systems exposed and the necessity for regular, agile patching cycles. ABB now advises against exposing these systems online and has shifted towards more modular, patch-friendly architectures to address these threats.
- The Colonial Pipeline ransomware attack in May 2021 was the largest publicly disclosed cyberattack on critical infrastructure in the United States. The attack targeted the IT systems of Colonial Pipeline, which operates a 5,500-mile pipeline supplying about 45% of the East Coast’s fuel, including gasoline, diesel, and jet fuel. Hackers from the DarkSide group gained access through a compromised VPN password, which had been reused from another breach. They stole 100 gigabytes of data and deployed ransomware, crippling Colonial’s billing and business networks. Out of caution and to prevent the spread of the attack to operational technology, Colonial Pipeline proactively shut down all pipeline operations.
- The Ukraine power grid attack and recent ransomware campaigns demonstrate that attackers can breach OT environments through phishing, supply chain attacks, or by exploiting exposed devices using protocols like Modbus or Siemens S7.
- Crown Equipment, a major US-based forklift manufacturer, experienced a cyberattack that brought production at multiple sites-including facilities in Roding, Germany, and New Bremen, USA-to a standstill. The attack disrupted manufacturing operations, disabled phone systems, and took down the company’s website. The breach originated from unauthorized access to an employee’s device, underlining the risks posed by phishing and credential compromise in operational technology environments.
This threat evolution is compelling leading industrial automation vendors like ABB, Honeywell, Yokogawa and Emerson to adopt more agile and regular patching practices, moving away from monolithic update cycles to modular, rapidly deployable architectures. Open standard protocols such as OPC-UA, OPC-DA, and OPAS are facilitating this shift, enabling interoperability and more flexible system integration and also allowing mix-and-match deployment of DCS systems. For example, Emerson’s DeltaV SIS process safety system employs a modular, distributed architecture aligned with the Defense-in-Depth strategy (ISA/IEC 62443). This modularity not only enhances flexibility and scalability but also reduces single points of failure, making it harder for attackers to compromise the entire system. Emerson isolates safety-critical components and uses network segmentation to minimize attack surfaces, enabling more frequent and targeted updates. The trend is clear: cybersecurity is no longer a static, perimeter-based concern but requires continuous, agile adaptation and modular system design to avoid the potential disastrous consequences of a system-wide outage.
AI and Digital Twins: Enabling the Next Generation of Industrial Automation
If the cyber security necessity is driving change in industrial or distributed control systems to manage risk, AI and digital technologies are driving change because of the opportunities it can unlock. Companies such as Ansys, NVIDIA, and Dassault Systèmes are pioneering digital twin environments that combine AI with physics for advanced simulation and predictive analytics. These dynamic digital twins are already being adopted in sectors like aerospace, defence, healthcare, and manufacturing providing real-time insights and accelerating innovation. For example:
- Ansys integrates AI/ML, simulation, and reduced-order modeling (ROM) to create hybrid digital twins. These twins blend physics-based accuracy with data-driven insights, supporting real-time monitoring and predictive maintenance in industries such as aerospace, automotive, and energy. Ansys Twin Builder® and TwinAI™ adapt to changing environments, delivering precise insights for performance optimization.
- The NVIDIA Omniverse platform empowers organizations (e.g. NTT Data) to develop photorealistic 3D digital twins for AI training, simulation, and design optimization. In autonomous vehicles, Omniverse enables safe, efficient virtual testing across diverse scenarios. In healthcare, it supports surgical simulations, while in architecture, it aids in evaluating design impacts before construction.
- Dassault Systèmes offers Virtual Twin as a Service (VTaaS), used by clients like Saint-Louis Hospital to simulate and optimize airflow for infection control, and by Bouygues Construction to model low-carbon urban environments. Peugeot Sport uses virtual twins for hybrid hypercar development, demonstrating the technology’s versatility across sectors.
These examples highlight a broader industry trend – increasingly companies are no longer reliant on physics-based simulations embedded in controls systems but are increasingly combing physics with AI to develop sophisticated training regimes for improved automation.
Watch: Bridging the Physical and Digital Worlds in Energy
Explore how leading energy companies are leveraging IT/OT convergence, digital twins, and edge computing to unlock real-time operational intelligence, enhance performance, and drive sustainability at scale.
The Challenge of Data in OT: How Technology Is Closing the Gap
So why has this not happened already? Why has the OT sector remained so separate for so long? The traditional barrier to entry for real digital transformation in these operational technology domains is the sparcity, sensivity, accuracy requirements and complexity of the data sets involved in this domain. Industrial data sets represent real world assets with real world risks associated with them and as such operators of these assets have been reluctant to make them available. These traditional barriers are rapidly disappearing:
- Cloud technology has matured dramatically in previous years and the security requirements driven by a combination of government contracts and growing cyber threats has led to massive improvements and increased confidence on the part of operators. Furthermore, the availability of machine learning frameworks in the cloud has led companies to liberate large volumes of time-series data to support use cases in the domains of asset optimisation and reliability. It is this that has been at the heart of the success of companies such as Palantir, Databricks and C3.ai, and open-source frameworks such as RTDIP.io are simply helping to accelerate this trend.
- Data quality and coverage is improving driven by low-cost internet-based sensing approaches. Where previously the cost of sensors combined with the cost of integrating them with control systems made full coverage of industrial assets prohibitive, sites are now able to retrofit low-cost internet-based sensors using LoRaWAN, and simply connect the data feeds from these sensors directly to the cloud.
- It is also increasingly possible to add intelligence to these feeds to enhance the quality of the data. The Edge2LoRa architecture demonstrates how edge processing can be incorporated into LoRaWAN networks, reducing latency, bandwidth usage, and improving scalability and security. This approach is being adopted for both sensing and control, supporting high-density IoT deployments in industrial settings, and the development of open-source projects like LF Edge, EdgeX Foundry, and EVE-OS are driving standardization and interoperability at the industrial edge. LF Edge’s FLEDGE project advances industrial edge adoption, while EdgeX Foundry enables two-way data transformation between edge devices and enterprise/cloud applications. All of this points to the ability to capture massive industrial data sets at low cost and even more certain processing, traditionally confined to the control system to low-cost edge devices.
- Perhaps most importantly, the development of simulation platforms (like NVIDIA Omniverse) is enabling the construction of high-fidelity digital twins constrained by a robust physics engine. As such the opportunity to develop massive synthetic data sets for AI model training is already being deployed in areas such as self-driving cars, robotics and logistics. It can be assumed that the application of these approaches will be broadened in the coming years.
These developments underscore a key trend: cloud-based big data processing, low cost sensors, edge computing, open standards and open-source frameworks, and advanced simulation environments point towards a world in which an AI-based landscape, powered by the edge, can enable distributed control, making industrial operations more responsive, resilient, and secure.
Key Trends Shaping the Future of IT/OT Systems and Architecture
Whether we look at the world from the perspective of security or AI-based opportunity, the direction of travel seems similar. We have tried to summarise these changes in a few key beliefs:
- Cloud for AI training, Edge for Control: AI model training will increasingly move to the cloud, while real-time control will shift to the edge for resilience and latency reduction.
- All Data will be Real Time: Decision making needs to be increasingly real-time, underpinned by simplification of the end-to-end processes. Enterprise Data Platforms and the associated tooling can no longer be based on batch jobs. Real-time streaming information should be considered the norm and enterprise tooling needs to support this.
- Perimeter-based to Zero Trust: The tiered model will be simplified to a modular, zero-trust based approach to security which looks more like the modern internet. Control systems will become cloud-centric and control functions migrate closer to the field.
- Centralized Data, Modular Systems: Centralized, open-standard data storage is essential for effective AI model training and analytics. Distributed control systems will become more modular and edge-based, with the cloud orchestrating frequent patching and rapid adaptation to emerging threats.
- AI-Enabled Automation: Control systems will be AI-enabled, and dynamic digital twins will become the industry standard for automation, supporting not just process control but also integration with robotics and autonomous systems.
- Usage of Agentic-AI: Will be the norm whereby agents will be developed for specific tasks and therefore workflows increasingly will include the execution of multiple Agentic-AI agents in defined order linked to the type of workflow.
- Sensing Networks Become Control Networks: IT-based sensing networks will evolve to support control functions, leveraging open protocols and edge intelligence.
- De–manning: All the above developments will further reduce manning levels in production sites with robots and drones replacing many traditional human tasks as the costs of these capabilities continue to decrease.
Preparing for IT/OT Convergence: Strategic Actions for Industrial Leaders
You may or not agree with us – and that’s ok, much of this is looking ahead and predicting the direction of travel, but for those that agree with our argument, we wanted to share a few thoughts on how you can get ready for these changes:
- Invest in Data Infrastructure: Build open, standards-based data platforms based on open-source technology that treat data as a strategic asset. Prioritize interoperability and ensure robust data governance to support AI initiatives and cross-domain analytics.
- Adopt Modular, Open Architectures and Focus on Interoperability Standards: Transition to modular control systems based on open standards. This approach enhances cybersecurity, supports regular patching, and enables rapid integration of new technologies.
- Develop Dynamic Digital Twins and Edge Control: Invest in dynamic digital twin technologies and selectively deploy edge-based control solutions. Explore hybrid AI/physics models to maximize the value of both simulation and real-time data. Experiment with converting sensing systems to control systems. This will position organizations to leverage AI for both reliability and advanced automation while maintaining operational resilience.
- Determine where Agentic-AI agents can make a difference: Agentic AI has the ability to radically automate business processes. Get ready in a stepwise approach by experimenting with these capabilities in non-critical processes and extend the capability as the technology matures.
Johan Krebbers is the Chief Technology Officer in Acuvate, with a rich multi-industry background he is instrumental at Acuvate in spearheading cost-effective and impactful solutions. His expertise ensures exceptional client value and satisfaction, underpinning Acuvate’s dedication to innovation and excellence.
Dan Jeavons is the President at Applied Computing. With a strong background in data science and digital transformation, he brings deep expertise in leading advanced technology initiatives. His experience supports the development of effective and forward-looking computing solutions.
