Cyber Resilience in OT: Characteristics and Security Challenges

Operational Technology (OT) devices play a crucial role in industrial systems due to their capabilities to monitor events, processes, and lower-level systems and assist in enterprise and industrial operations. With a focus on digitalization, OT systems are increasingly interconnected and vulnerable to cyber threats, which can potentially lead to devastating consequences. However, due to their unique design, nature, and functionality, conventional security mechanisms are often not applicable to the OT domain. In this context, cyber resilience is a promising approach to provide strong security guarantees for OT systems. To contribute to designing the future of cyber resilience architectures, this paper identifies the characteristics of OT devices and highlights their security challenges. Additionally, it describes the reference architectures of OT devices and provides a comprehensive correlation and comparison among anomalous behaviours and detection methods in the OT setting. Finally, the paper provides directions for future research in the OT cyber resilience domain.