Improved cybersecurity is enabling the integration of OT and IT systems to unlock real-time data flow, enhanced operational visibility, accelerated decision-making, and the adoption of AI

In the processing industries, operational technology (OT) systems that control and automate physical industrial operations have traditionally been isolated from information technology (IT) systems that manage data and enterprise-level functions. This separation was largely driven by cybersecurity concerns, leading to strict controls on OT networks and limiting their ability to connect with broader IT infrastructure.

However, this division has hindered the ability to achieve critical automation advancements.
Integrating OT and IT systems enables continuous data flow, unlocking full operational visibility, accelerating decision-making, and allowing for proactive problem-solving. It also lays the foundation for AI-driven process automation, which depends on secure, real-time access to external data to deliver real-time monitoring, predictive maintenance, and adaptive control.
This shift is accelerating the development of systems that support secure IT/OT convergence, prompting leading DCS providers like Valmet to design solutions with cybersecurity and connectivity as foundational elements.

"Modern distributed control systems must now enable open yet secure communication across all levels of the automation architecture—bridging OT and IT environments—while protecting critical assets and data. The objective is to advance toward intelligent automation that enhances operational efficiency, increases asset utilization, and delivers tangible cost savings across the production landscape," says Taavi Veltheim, Manager, Global Solution Management, DCS at Valmet.

Valmet is a leading worldwide provider of process technologies, automation systems, and services for the pulp, paper, and energy sectors. The company's automation and flow control offerings further extend their reach into a wide range of other process industries. With headquarters in Espoo, Finland, Valmet has over 220 years in the industrial sector.

Integrating OT and IT
According to Veltheim, Operational Technology (OT) systems in the process industries encompass the hardware and software used to control, monitor, and automate physical industrial processes.

These systems are critical for ensuring the safe, efficient, and continuous operation of equipment such as pumps, compressors, reactors, valves, and other machinery commonly found in industries like oil and gas, chemicals, power generation, water treatment, and pharmaceuticals.

However, automation systems have traditionally functioned as isolated, highly secured environments—effectively digital fortresses with strict controls preventing any external data exchange. While this architecture provided strong protection against cyber threats, it also created a major limitation: no digital data could enter or exit the OT network.

Without this connectivity, linking production systems with business technologies such as analytics tools, cloud platforms, and enterprise resource planning (ERP) systems was not possible. However, connecting these environments delivers tremendous benefits by enabling continuous data flow, delivering end-to-end operational insight and allowing organizations to identify patterns, address problems proactively, and make better, faster decisions.

AI-driven tools also require access to external information for effective implementation within closed, automated systems. These systems must securely exchange data beyond their immediate environment to harness the full potential of artificial intelligence, particularly generative AI.

With generative AI, even a single well-crafted prompt can potentially expose sensitive intellectual property such as proprietary processes or datasets. Therefore, organizations must strike a careful balance between enabling access to pre-trained models and external insights while enforcing strict data protection measures to safeguard their competitive knowledge and ensure responsible AI deployment.

With AI-driven tools set to transform process automation, the emphasis is shifting to the distributed control systems (DCS) that serve as a foundational component of OT, providing the essential control infrastructure that enables safe, stable, and efficient operation of continuous industrial processes.

"Digitalization initiatives have pushed DCS towards higher levels of connectivity and automation," says Veltheim. "Today, DCS are expected to provide open and secure connectivity at all levels, including between operational and information systems."

However, this shift introduces a new layer of complexity: securing the convergence point where data from physical operations intersects with enterprise IT systems. This is where modern distributed control systems play a pivotal role.

Cybersecure by Design
To meet these challenges, Valmet has launched the newest generation of its DNA distributed control system from the very first lines of code to deliver cutting edge cybersecurity, user interface, data storage and management, and other advanced features

Introduced in 2024, Valmet DNAe takes a modern and proactive approach to cybersecurity, enabling companies to effectively prevent and respond to evolving cyber threats.

Valmet DNAe was built with IT/OT convergence in mind, offering seamless connectivity from sensors to the cloud via edge technology and industrial-standard interfaces. The integration enables enhanced digital intelligence, paving the way for AI-powered tools at every level.

According to David Ding, OT Cybersecurity Engineer, Valmet, "DNAe is engineered with security at its foundation, empowering customers to stay ahead of cyber threats as OT environments become more interconnected and complex."

Valmet approached the task by adopting the cybersecurity philosophy known as "security by design." This school of thought emphasizes incorporating security measures from the very beginning of a product's development cycle, rather than adding them later in response to threats. Valmet DNAe's product development process was validated with the Security Development Lifecycle Assurance (SDLA) certification in 2020. Valmet DNAe cybersecurity is also externally certified according to ISO 27001 and IEC 62443 standards.

Valmet recently reached a significant milestone in industrial cybersecurity by becoming the first fully web-based system to receive the ISASecure System Security Assurance (SSA) Security Level 1 certificate. The external assessment conducted by exida, a product certification and knowledge company specializing in automation system safety, alarm management, cybersecurity, and availability, ensured that Valmet DNAe meets the strict security requirements and levels specified in the ISA/IEC 62443-3-3 standard.

At the core of the Valmet DNAe Distributed Control System is the Trusted Information Framework (TIF), which serves as the backbone for communication and data management. Built upon the TIF foundation, Valmet DNAe architecture includes measures such as role-based access control, authentication, encryption, endpoint protection and comprehensive audit trails.

Valmet DNAe incorporates endpoint protection measures such as system hardening, antivirus software and application whitelisting to reduce the risk of malware, unauthorized access and system compromise.

Encryption protocols, access controls, and VPN tunneling are used to secure data transmissions by encrypting communications and restricting access to authorized users, protecting sensitive information from interception or tampering. These measures support secure remote access, enabling approved personnel to monitor, operate, and maintain mill systems from any location while preserving the confidentiality and integrity of all communications.

For IT teams, Valmet DNAe provides centralized user management and Active Directory (AD) integration, enabling role-based access control and authentication. Additionally, the system offers authorization, audit trails, secure communication, encryption mechanisms, content-signed software, and comprehensive logging.

IT security integration helps security teams stay alert to potential threats. If needed, Valmet DNAe can deliver intrusion detection and prevention mechanisms to monitor network traffic and detect potential security breaches in real time. Centralized log management enables comprehensive analysis of security events, facilitating timely response and mitigation measures.

To support enterprise-level visibility, Valmet DNAe integrates with customers' Security Information and Event Management (SIEM) solutions, providing valuable information to Security Operations Center (SOC) teams. Customers are supported by extensive Valmet Cybersecurity Services.

The Future is Now
The integration of operational and information systems today depends on systems that can provide secure, real-time communication across multiple layers of an organization's infrastructure. Distributed control systems serve as critical enablers, tasked not only with managing process operations but also with ensuring secure data exchange between the plant floor and enterprise systems.

The growing reliance on AI tools and remote connectivity adds urgency to this shift. Ensuring that such technologies can be deployed safely and effectively requires a foundational approach to cybersecurity—one that is embedded into system architecture rather than added as an afterthought.

For more information about Valmet's process automation systems, please visit www.valmet.com/dnae.