Abstract

Industrial digitalization is moving from Industry 4.0 toward Industry 5.0’s emphasis on resilience, human-centric operation, and sustainability. This shift is enabled by the convergence of Operational Technology and Information Technology, but this integration also broadens the exposure of industrial infrastructures to cyber threats targeting communication integrity and process continuity. Mitigating these risks requires network control that is both programmable and aware of each asset’s operational context. However, there is still a lack of operational interfaces that translate the semantics of industrial assets into programmable, runtime-enforceable network behavior. In this paper, following a Design Science Research methodology, we introduce an asset-aware, closed-loop network control abstraction in which the industrial network itself is modeled as a managed asset through Asset Administration Shells. Asset state, lifecycle phase, and operational intent are translated into network policies enforced at runtime on programmable data planes, while in-network telemetry is exposed at the asset level and correlated with operational metrics. We validate the abstraction on a hybrid testbed that combines virtualized components with industrial-grade hardware and virtualized 5G connectivity, through three security-oriented use cases: (i) asset-driven customization of forwarding policies; (ii) human-centric secure maintenance with controlled remote access over 5G; and (iii) anomaly detection and isolation based on cross-layer telemetry correlation. The results show that asset-level operations can drive programmable network enforcement and make network telemetry available at the asset layer. Finally, the work outlines a first step toward standardizing network-oriented asset submodels by separating control-plane operations from data-plane state and telemetry.

IPC Classification

Keywords