4. Januar 2026

8 MIN.

Cyber resilience in real-world manufacturing: Protecting legacy environments

Production lines today are often a technical patchwork — modern systems and legacy machines are connected within the same network and often communicate via software that is decades old. In many factories, it is normal to find outdated operating systems that are no longer supported alongside proprietary protocols. Why? Because proven processes cannot simply be replaced. In In my previous post „Legacy by Design“ I wrote about how this situation comes about. In this article, I’ll go a step further to demonstrate how existing legacy systems in the production environment can be made more cyber resilient.

Accept reality: Legacy machines are here to stay

IT cybersecurity strategies that rely on consistently up-to-date systems are unsuitable for the manufacturing industry, because most legacy systems can no longer be patched.
Human-machine interfaces running on Windows XP or older are still in use because functions are critical, manufacturers don’t provide updates or may no longer exist, and replacing the hardware involves significant risk of downtime.

The question isn’t how to immediately modernize production, but rather — how to best secure operations within the given constraints.

Goals: Keep production stable, reduce attack risk, maintain business continuity

In this context, cyber resilience means maintaining operations even under adverse conditions.
The probability of an attack can never be reduced to zero, but the impact of an attack can be contained.
The aim is to keep production stable during a security incident, and to have plans ready for a quick restart.
Before we look at best practices to achieve these goals, it’s worth taking a look at the typical weaknesses in Operation Technology (OT).

.

Typical vulnerabilities in OT systems

Legacy systems generally have a combination of technical and structural weaknesses:

Outdated operating systems
In many production environments, Windows XP, MS-DOS, older Linux derivatives, and proprietary embedded systems are still in use. While they no longer meet modern safety standards, they are often the only way to maintain compatibility between different components in production. Organizations have no alternatives: If, for example, a software provider discontinues support for an older operating system, the company can either switch off network functions, or replace hardware at great expense and effort.

Older HMIs and controls
Human-machine interfaces and control systems have often been in operation for decades. Organizations needing spare parts and upgrades rely on machine manufacturers — who may no longer offer support. To reduce incompatibilities and production downtimes, companies keep using these components, which can become a gateway for cyberattacks.

Insecure protocols
When outdated operating systems are used, it’s common to find insecure — sometimes even unencrypted — communication standards, such as Modbus, FTP, or SMBv1 still in use. They were developed at a time when IT and OT were more strictly separated. Without additional protective measures, they are easily targeted by attackers.

Lack of network segmentation
Due to the organic convergence of IT and OT networks in Industry 4.0, network zones and their boundaries are often not clearly defined and shielded. In these flat networks, malware can spread uncontrollably, for instance, from an infected office client or USB stick to production, and vice versa.

Best Practices: Three levels of legacy cyber resilience

If replacing legacy systems is not feasible, appropriate protection strategies are required. A multi-layered approach has proven to be particularly effective in practice.

Technical level: Isolate, segment, observe
A key element of technical resilience is the consequent segmentation of network areas. This enables the decoupling of production networks from IT, while clearly defined and monitored communication channels at the network edge allow for secure data transfer, to realize the benefits of networked production. This creates additional risks, as communication depends on open network ports, which can provide access for attacks.
For the standardization of the production environment, in particular for legacy machines with the vulnerabilities mentioned above, it is recommended to provide an additional layer of protection — think of it like putting the system under a protective dome. The machine or system is isolated from the rest of the network, but can communicate via filtered, controlled channels, due to the conversion of insecure protocols to modern versions with increased security, for example from SMBv1 to SMBv3. This eliminates the need to reconfigure firewalls depending on the protocol. One way of doing this is using edge.SHIELDOR, which is described in more detail below.

Operational level: Manage, monitor, react
We can also apply some routine cybersecurity measures from the IT sector to the OT environment. For example, it is advisable to switch off unnecessary services, completely remove user accounts that are no longer required, use secure passwords, and carefully manage network ports. As mentioned, the boundaries between the IT and OT networks are particularly critical, for example, for process data or remote maintenance.

When network traffic is closely monitored and logged, an attack can be identified significantly earlier, enabling a rapid response that can prevent major damage.

Governance and compliance: Strategically integrate legacy systems
The need to comply with EU regulations, such as the NIS-2-Directive and the Cyber Resilience Act}, is a good starting point for strategically integrating legacy systems into the corporate strategy. Systems that cannot be patched must be included in the risk assessment and mitigation plans.

Incident response plans should take the specific conditions of the production environment into consideration: Which systems must be prioritized for a restart? Can backups be created in the outdated format? Are specific problems likely when restarting legacy software? These plans are not only useful for compliance; they also significantly reduce downtime and strengthen confidence in the company’s internal processes.

Case study: Implementation with edge.SHIELDOR

A leading global manufacturer of medical compression products uses our OT security solution edge.SHIELDOR, to implement many of the technical and operational measures described above. The manufacturer of a virtual server used in production announced the end of support for the Windows operating system, which uses insecure server protocols.. Replacing the machine was not a feasible option. edge.SHIELDOR now protects the affected systems, combining cybersecurity with data connectivity:

• During process data transfer from and to the legacy machines, the insecure SMBv1 protocol is converted to SMBv3.
• Bi-directional network traffic is logged and filtered at the network boundaries.
• Screen transmission through edge.SHIELDOR enables secure remote access to the systems.

With this, edge.SHIELDOR builds a bridge between the IT and OT participants in the network, ensuring the secure connection of legacy systems and a reduction of downtime risk, while optimally preparing the company for EU compliance requirements.

Read our case studies to find out more about the use of edge.SHIELDOR and other TRIOVEGA solutions in manufacturing, or book a consultation appointment directly.

Author: Mareike Redder

Mareike Redder has been working as an IT engineer at TRIOVEGA GmbH since 2018, and has been responsible for product management since 2022.

Book your individual consultation!