Saved in:
Bibliographic Details
Main Authors: Sain, Dalibor, Rosenstatter, Thomas, Saßnick, Olaf, Schäfer, Christian, Huber, Stefan
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2601.10929
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866911379118620672
author Sain, Dalibor
Rosenstatter, Thomas
Saßnick, Olaf
Schäfer, Christian
Huber, Stefan
author_facet Sain, Dalibor
Rosenstatter, Thomas
Saßnick, Olaf
Schäfer, Christian
Huber, Stefan
contents The increased connectivity of industrial networks has led to a surge in cyberattacks, emphasizing the need for cybersecurity measures tailored to the specific requirements of industrial systems. Modern Industry 4.0 technologies, such as OPC UA, offer enhanced resilience against these threats. However, widespread adoption remains limited due to long installation times, proprietary technology, restricted flexibility, and formal process requirements (e.g. safety certifications). Consequently, many systems do not yet implement these technologies, or only partially. This leads to the challenge of dealing with so-called brownfield systems, which are often placed in isolated security zones to mitigate risks. However, the need for data exchange between secure and insecure zones persists. This paper reviews existing solutions to address this challenge by analysing their approaches, advantages, and limitations. Building on these insights, we identify three key concepts, evaluate their suitability and compatibility, and ultimately introduce the SigmaServer, a novel TCP-level aggregation method. The developed proof-of-principle implementation is evaluated in an operational technology (OT) testbed, demonstrating its applicability and effectiveness in bridging secure and insecure zones.
format Preprint
id arxiv_https___arxiv_org_abs_2601_10929
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Secure Data Bridging in Industry 4.0: An OPC UA Aggregation Approach for Including Insecure Legacy Systems
Sain, Dalibor
Rosenstatter, Thomas
Saßnick, Olaf
Schäfer, Christian
Huber, Stefan
Cryptography and Security
Systems and Control
The increased connectivity of industrial networks has led to a surge in cyberattacks, emphasizing the need for cybersecurity measures tailored to the specific requirements of industrial systems. Modern Industry 4.0 technologies, such as OPC UA, offer enhanced resilience against these threats. However, widespread adoption remains limited due to long installation times, proprietary technology, restricted flexibility, and formal process requirements (e.g. safety certifications). Consequently, many systems do not yet implement these technologies, or only partially. This leads to the challenge of dealing with so-called brownfield systems, which are often placed in isolated security zones to mitigate risks. However, the need for data exchange between secure and insecure zones persists. This paper reviews existing solutions to address this challenge by analysing their approaches, advantages, and limitations. Building on these insights, we identify three key concepts, evaluate their suitability and compatibility, and ultimately introduce the SigmaServer, a novel TCP-level aggregation method. The developed proof-of-principle implementation is evaluated in an operational technology (OT) testbed, demonstrating its applicability and effectiveness in bridging secure and insecure zones.
title Secure Data Bridging in Industry 4.0: An OPC UA Aggregation Approach for Including Insecure Legacy Systems
topic Cryptography and Security
Systems and Control
url https://arxiv.org/abs/2601.10929