IT-OT Convergence remains a top priority for most in smart manufacturing as networking and IT technologies are reshaping plants into more agile, efficient and data-driven ecosystems.

The push for greater levels of IT and OT connectivity has resulted in a push within industry to provide solutions for standardization of network operation, advances in security technology, software virtualization and containerization technologies and more effective system architectures.

For this special report, the Industrial Ethernet Book reached out to industry experts in this area. Their responses point to importance of innovative technologies that are continuing to break down the traditionally separate domains of factory floor and enterprise IT, creating a more unified data ecosystem.

Standardization of OT networks

The impact of network automation, software-defined networking and advanced cybersecurity frameworks.

“Achieving true IT/OT convergence is improbable and may even be undesirable in many cases because of fundamental differences between the two environments,” Vivek Bhargava, Product Marketing Manager, Cisco Industrial IoT, told IEB recently. “While IT focuses on Confidentiality, Integrity, and Availability, in that order, OT’s focus is reversed – Availability, Integrity, and Confidentiality. A more realistic and desirable approach is to bring proven IT principles and methods including network automation, software-defined networking, and advanced cybersecurity frameworks to standardization of OT networks.”

“IT‑OT convergence remains both highly important and an area where significant progress has been made — but it’s still a work in progress because of the inherent complexity of merging two worlds with very different priorities and constraints. Considerable progress has been made in bridging the gap between OT and IT. Common platforms such as Cisco IOS XE running on both ruggedized industrial and enterprise devices give teams a unified toolset. ,” — Vivek Bhargava, Product Marketing Manager, Cisco Industrial IoT.

Bhargava said that as organizations modernize their operations and invest in advanced robotics, software-defined industrial automation and AI, they are experiencing increased demands on their network. Allowed to grow unchecked, these networks are at risk of becoming complex and harder to scale, made flexible, and secure. Industrial companies are increasingly seeing IT/OT collaboration as a strategic way to simplify their processes, making them more efficient, profitable and innovative.

IT-OT convergence

“Three distinct technologies can help partnership between IT and OT. First, many OT systems having been built largely piecemeal over decades consist of a diverse array of devices, leading to inefficiencies and higher maintenance costs. Standardization simplifies these complexities by creating a unified framework,” Bhargava said. “Second, the vast majority of industrial companies have only deployed point security solutions and lack the skills and processes to actively manage threats. OT networks need the same level of security as enterprise IT systems. Extending IT cybersecurity practices and capabilities to OT environments offers a robust defense against these threats. Third, management and automation tools, long used in IT environments, are now transforming OT operations, bringing benefits such as automating the configuration and deployment of network devices with zero-touch provisioning, and automating proactive network issue detection and resolution.”

Four frequently seen user scenarios illustrate the need to choose a firewall solution that meets the needs of a particular network installation.

Technology benefits

Bhargava said that although industrial and enterprise networking equipment necessarily differ because of environmental needs, they can still be standardized when it comes to their networking functions and common operating systems. Deploying standardized networking equipment across IT and OT can benefit from consistency and predictability.

Extending IT cybersecurity practices and capabilities to OT environments improves defense against growing threats. Such defenses include zero-trust architectures that ensure that every device and user has access only to the resources it needs to perform its job, network segmentation that isolates different parts of OT stopping lateral movement of threats, early detection of threats, and integration of OT networks into centralized SOCs to respond to threats quickly.

Similarly, utilizing the same familiar platform, for example Cisco Catalyst Center, for both IT and OT means that OT teams can manage industrial switches with workflows they already know or can easily learn from IT colleagues, reducing the steep learning curve and the need to master multiple systems. With the same tools and policies as IT, modern enterprise best practices can be directly extended into OT.

“As I mentioned earlier, IT‑OT integration is challenging because they have traditionally been built, operated, and governed in very different ways — with different priorities, stakeholders, and technology stacks. While true convergence may not be completely feasible, a partnership between IT and OT can benefit the organization in very significant ways,” Bhargava said.

Standardization of networking equipment, not only within OT but also between IT and OT, removes a major source of friction, disparate technologies, management tools, and operational practices. When both IT and OT networks use the same switching, routing, and wireless platforms, teams work with the same interfaces, protocols, and diagnostics tools and eliminate the “two sets of playbooks” problem.

For example, all Cisco networking devices, industrial and enterprise, run the same operating system IOS XE. Having this common OS creates a common technical foundation that unifies operations (with the same CLI commands, automation APIs, telemetry, and troubleshooting workflows), simplifies training reducing the skills gap, streamlines management, and enables consistent security and policy enforcement.

Looking ahead

“From a technology perspective, IT‑OT convergence remains both highly important and an area where significant progress has been made — but it’s still a work in progress because of the inherent complexity of merging two worlds with very different priorities and constraints,” Bhargava said.

He added that considerable progress has been made in bridging the gap between OT and IT. Common platforms such as Cisco IOS XE running on both ruggedized industrial and enterprise devices give teams a unified toolset. Platforms like Cisco Catalyst Center now manage campus, branch, and industrial sites from one pane of glass. OT‑aware threat detection, network segmentation, and secure remote access are now built into network infrastructure.

But challenges still exist. Many OT assets have lifecycles of 20+ years and were not designed for IP networking. IT and OT teams still have different priorities with differences in refresh cycles and downtime windows.

“In summary, though, IT‑OT partnership is no longer optional. It is a critical enabler for modern industrial organizations,” Bhargava said. “We’ve seen strong progress through standardization, unified management, and integrated security, but the journey is ongoing.”

“First is getting useful data, second being able to interpret that data, and third quickly being able to validate that change you made is impacting the system they way expected, are how you are going to be successful leveraging the IT-OT Convergence. With that said, if it is not done in a secure way, it can lead to an entry point for compromising the process network, so security needs to be prioritized when working on your convergence journey.,” — Scott Reynolds, senior security and network engineering manager, Johns Manville.

Evolving technology solutions

Increased impact from new cloud computing solutions, security advances and AI.

According to Scott Reynolds, senior security and network engineering manager at Johns Manville and 2025 president of the International Society of Automation (ISA), “Let’s start with what IT-OT Convergence means to me. Ideally, it should mean leveraging the tools and knowledge from the IT stack and taking advantage of them in the OT space. With that definition, there are a few trends that are shaping this discussion. First, people are getting comfortable with the cloud, and we are seeing OT slowly leveraging the cloud when it makes sense. Second, security trends are having a heavy impact on both IT and OT: zero trust, identity is the new perimeter, and the password is dead all impact OT as well, and leveraging tools like this at an enterprise level makes them manageable to secure IT and OT. Finally, we can’t avoid talking about AI, especially learning language models (LLM), and it is finally giving us accessible information from the big data journey we talked about over 10 years ago.”

IT-OT technology solutions

Reynolds said that he believes the biggest impact on IT-OT technology solutions is private LLMs / MLs solutions (Enterprise Microsoft Co-Pilot, for example).

“OT has done a great job collecting lots of information, but the effort it takes from having a hunch, to observing a trend, to root cause is mostly spent figuring out where the data is and how the data relates to P&ID, functional specs, and control narratives, and quality control. What if I can just ask “if pH is on the higher end of the acceptable tolerance, how much does that impact the amount of solid waste generated vs the quality of the effluent stream?” What about “give me a report of these quality issues times and the environmental conditions of the site.” Those are some very powerful questions that we could see answered very quickly even if the person asking doesn’t know where to start looking for the data if the LLM can see where that data is,” Reynolds said.

New levels of enterprise/automation integration

“Going back to security. When I think of zero trust, I think it’s pretty much the same idea as zone and conduits in ISA/IEC 62443 series of standards,” Reynolds said. “The best part about this is that we can leverage the knowledge of IT cybersecurity and apply it to OT cybersecurity in this scenario. This is usually done with firewall rules in the OT network, and it is something the IT side is very comfortable with at this point. The other type of zero trust is around ZTNA, replacing traditional VPN with other more secure remote access solutions. These, again, can leverage the knowledge from IT security and apply them to the OT environment.”

Going back to LLM, Reynolds said that the biggest challenge is securely getting data from the OT network and moving it to a location that is accessible to the enterprise or cloud environment. The simplest technical solution to accomplish this is a data diode. This is a firewall that physically only allows data to go in one direction. There are many advantages and disadvantages to using this method, so keep that in mind before going in this direction.

With that said, he added that users can leverage common communication protocols (such as SQL) to pass the data out from the OT network in a way that doesn’t allow for that network path to be used to get into the OT network. Once the data is on the enterprise or cloud side, it is easy to start using tools to gain insights from that information. One catch with many of these LLM solutions is the risk of the data being used for the LLM to learn. Make sure you work with a lawyer to understand the privacy in intellectual property risks and impacts of using different tools.

Challenges

“At the end of the day, being able to look at data and leverage data in an agile way gives your organization a competitive advantage,” Reynolds said. “Tools like LLM let people ask questions without know exactly how to get the information. Security tools help you get that information, while continuing to secure your industrial environment. Without being able to get data from the shop floor, it is very hard to make informed decisions, or to quickly validate hypothesis on industrial issues, or industrial performance improvements that you want to use to learn how you can become more effective at your process.”

“In summary, first getting useful data, second being able to interpret that data, and third quickly being able to validate that change you made is impacting the system they way expected, are how you are going to be successful leveraging the IT-OT Convergence,” he added. “With that said, if it is not done in a secure way, it can lead to an entry point for compromising the process network, so security needs to be prioritized when working on your convergence journey.”

“The technical benefits of IT-OT convergence, when properly applying the necessary technology, are based on a much more standardized and standards-based landscape – communication protocols, software management methods, cybersecurity capabilities, and many more — Georg Stoeger, Senior Principal Customer Solution Architect, TTTECH.

Intelligent, autonomous manufacturing systems

Led by hybrid cloud-edge architectures, software virtualization and containerization technologies.

“The industrial edge computing landscape is shifting towards intelligent, autonomous manufacturing systems. Real-time data processing directly at the edge reduces latency and cloud dependency and supports mission-critical operations as well as predictive maintenance and improved operational efficiency,” Georg Stoeger, Senior Principal Customer Solution Architect at TTTECH told IEB recently.

He said that hybrid cloud-edge architectures, also called the “edge-cloud continuum”, optimize bandwidth and enhance data privacy by processing information locally while selectively transmitting data to the cloud for applications such as digital twins and asset management.

Software virtualization and containerization technologies enable workload consolidation on single devices, improving resource utilization.

“Cybersecurity challenges are becoming even more complex due to IT-OT convergence, with IEC 62443 compliance ensuring secure communication and device integrity through hardware-based security features. Notably, the EU Cyber Resiliency Act (CRA) is expected to drive the industry towards even more comprehensive cybersecurity architectures and processes including supply chain security; organizations that currently provide digital products but cannot meet CRA requirements may drop out of the industrial market supply chain,” Stoeger said.

“Finally, AI-driven predictive analytics embedded at the edge leverage sensor telemetry and machine learning models for real-time anomaly detection, predictive maintenance, and process optimization, creating truly intelligent manufacturing ecosystems,” he added.

Potential solutions

Stoeger said that, whether custom-built or using standard products, industrial edge computing platforms which bring data processing and analytics closer to the source of data on the factory floor are certainly a key solution for IT-OT convergence. Running data processing of OT data directly at the edge minimizes latency and enables real-time decision-making, a critical requirement for optimized industrial processes. Complementing edge computing are open communication protocols like OPC UA and MQTT, which facilitate seamless and secure data exchange between disparate industrial assets and IT systems.

The importance of these technologies lies in their ability to break down the traditionally separate domains of factory floor and enterprise IT, creating a more unified data ecosystem. This integration helps businesses to improve operational efficiency, agility, and innovation. By harnessing real-time data from the OT environment, companies can optimize production processes, predict maintenance needs, and develop new data-driven services. Similarly, being able to manage OT and edge software assets from a secure cloud-based platform, leveraging common IT services such as role-based user account management and repositories and orchestration of containerized software improves operational efficiency of the IT related processes in a converged IT-OT infrastructure.

Technical benefits

“The technical benefits of IT-OT convergence, when properly applying the necessary technology, are based on a much more standardized and standards-based landscape – communication protocols, software management methods, cybersecurity capabilities, and many more,” Stoeger said.

He added that the resulting advantages include enhanced operational efficiency e.g. through:

• real-time data analytics and monitoring, which allows for expedited responses and more precise decision-making, or
• transparent management of deployed software versions and patches to maintain consistency and security.

Cost reduction is another significant (although less “technical”) benefit, achieved through predictive maintenance capabilities that preemptively identify potential issues, reducing downtime and maintenance expenses.

For automation integration, this means moving from rigid, pre-programmed systems to more adaptive and intelligent automation. This new level of integration allows for dynamic adjustments to production processes, optimized resource allocation, and the creation of a truly agile and responsive manufacturing environment.

Multi-layered approach

On a technical level, Stoeger said that IT-OT convergence requires a multi-layered approach.

At the base is the edge computing platform, which typically consists of industrial-grade servers, industry PCs (IPCs) and/or gateway computers located at the machinery or on the factory floor. These computers run a specialized software stack that includes a real-time operating system and a hypervisor, allowing for the simultaneous execution of both OT and IT workloads. The hypervisor supports “virtual machines” or software containers that can run both legacy control applications (the “OT” side) and modern data processing and analytics applications (the “IT” side) on the same hardware.

Furthermore, various networking capabilities including industrial field bus networks (mostly Ethernet-based), LAN connectivity and potentially also WAN/internet connectivity are supported by most edge computing devices. Data from industrial assets is collected using a variety of protocols, such as OPC UA, PROFINET, EtherCAT and Modbus/TCP, and is then processed at the edge. This edge processing allows for immediate analysis and action, such as triggering a maintenance alert or adjusting a machine’s parameters. Raw and/or processed OT data can also be securely transmitted to the cloud or an on-premise data center for further analysis, training AI models, and other types of integration with enterprise systems. This architecture provides a scalable and secure way to bridge the IT-OT divide, enabling a new class of data-driven industrial applications.

Challenges for IT-OT Convergence

“Despite the challenges, mastering IT-OT convergence is essential to get the optimum benefits from digitalization. Industry 4.0 is not possible without this convergence. Cybersecurity is clearly a primary concern; it should be addressed not by creativity, but only by the adoption of standards like IEC 62443 and the development of secure-by-design edge platforms,” Stoeger said. “The complexity of integrating legacy systems is being mitigated by the development of flexible and open platforms that can communicate with a wide range of industrial protocols.”

He added that the continued development of edge computing, artificial intelligence, and machine learning will accelerate this trend, resulting in even more capable but also more complex IT-OT systems. We clearly believe that IT-OT convergence is a fundamental and irreversible shift in how industrial enterprises will operate. Especially in the EU, where strict normative cybersecurity frameworks such as the EU Cyber Resiliency Act are coming into force in these years, the overarching need for comprehensive design and management of the entire digital infrastructure including all IT and OT systems will require organizations to become very competent in all aspects of IT-OT convergence, from designing the infrastructure to managing the entire lifecycle in a centralized and platform-oriented way.

“The importance of industrial Ethernet communication interoperability is increasing in automation as the number of device connections, driven by IT-OT convergence, continues to grow. Interoperability is key to successfully running an automation facility that can be efficiently run for decades to come.” — Steve Fales, Director of Marketing, ODVA.

OT and IT connectivity

Effective technology for data transport to the edge and cloud for analysis to optimize processes.

“The fundamental concept of interoperability has increased in importance with the continued rise in connectivity between OT and IT networks. Industrial Ethernet networks contain vast amounts of data that are critical to the performance of automation in process, hybrid, and discrete facilities globally. This data can be transported to the edge and cloud for analysis to optimize processes to improve quality, throughput, and uptime,” Steve Fales, ODVA Director of Marketing, told IEB.

“It’s necessary for the plant floor OT data to be available with the proper context, semantics, and format to be both easily transportable and usable with higher level IT systems. Additionally, it’s important for network devices to be able to be interchangeable with similar devices from other manufacturers in the event of an unplanned failure or device obsolescence. Network coexistence is another advantage for end users to ensure that different industrial communication networks don’t negatively interfere with each other,” Fales said. “A significant amount of work has been done since the advent of industrial Ethernet to ensure interoperability can be achieved by end users through adherence to IEEE and IEC specifications, independent conformance testing, and collaboration between standards development organizations resulting in consistent data models and other collaborative specifications.”

IT-OT Convergence solutions

Fales said that industrial communication networks, such as EtherNet/IP, support solutions such as the Process Automation Device Information Model (PA-DIM) and the OPC UA information model to make sure that data from the factory floor can be easily understood and used by edge and cloud applications.

While most data can be used for analysis, the time and cost required to provide the proper formatting, labels, and consistent scaling can make optimization projects unfeasible. PA-DIM is a specification that allows for protocol agnostic communication of common instrument parameters, including semantic IDs as defined by IEC 61987, using OPC UA information modelling techniques.

PA-DIM is specifically targeted at the process automation sectors. OPC UA enables reliable, secure diagnostic communications between industrial control system devices and the cloud as well as to enable common cloud gateway and device management tasks across a wide variety of industries. Both data models ensure that the proper data context and metadata are available to be able to best use the information with database tools like SQL.

Process device profile specifications

ODVA has also released process device profile specifications that address level, temperature, flow and pressure measurement devices. Process device profiles for EtherNet/IP network capable devices help end users more easily commission new instruments in critical environments, replace sensors regardless of vendor, and support a harmonized data structure. Process device profiles provide a standard format for process variables and diagnostics, with semantics and scaling that align with PA-DIM, across an array of devices for easier DCS and PLC data integration from EtherNet/IP-enabled field devices.

One of the driving factors behind the advent of Standards Development Organizations (SDOs) was enabling interoperability to provide end users with alternatives if vendors went out of business or stopped supporting a given product line.

As time has gone on, SDOs, such as ODVA with EtherNet/IP, have achieved a significant number of installed nodes globally, strong multivendor support, independent conformance testing, and continued specification enhancements to address the latest technologies while still retaining backwards compatibility.

Engineering challenges

“Industrial communication SDOs have been cooperating globally for many years now for the benefit of the technology end users. An example of this can be seen with the interface standard for the acquisition of energy consumption data in industrial manufacturing being co-developed by ODVA, OPC Foundation, PROFIBUS & PROFINET International, and VDMA based on OPC UA,” Fales said.

Further cooperative efforts include the Industrial Security Harmonization Group (IESHG) between FieldComm Group, ODVA, OPC Foundation, and PROFIBUS & PROFINET International. The IESHG is working to harmonize cybersecurity strategies and concepts so that end users do not face unnecessary complexity when using security concepts in their automation systems. Also, a single conformance test plan for the IEEE/IEC 60802 Time Sensitive Networking (TSN) profile for Industrial Automation is being worked on by the Avnu Alliance, comprised of the CC-Link Partner Association, ODVA, OPC Foundation, and PROFIBUS & PROFINET International.

“The importance of industrial Ethernet communication interoperability is increasing in automation as the number of device connections, driven by IT-OT convergence, continues to grow,” Fales said. “Whether it’s the need to quickly and easily move data from the factory floor to the cloud and back for process optimization with the aid of data models like PA-DIM and OPC UA, to have networks fairly coexist together with Time Sensitive Networking, or to be able to easily replace devices if the original product isn’t available via EtherNet/IP Process Device Profiles, interoperability is key to successfully running an automation facility that can be efficiently run for decades to come.”

Al Presher, Editor, Industrial Ethernet Book