The Ultimate Guide to Cyber Physical Systems (CPS) Security

The Claroty Team

/ January 10th, 2023 / 7 min read

Looking to learn about Cyber Physical Systems (CPS) security? Check out our beginner's guide, covering everything from the basics of CPS to the security challenges involved, and how to keep your systems safe. Whether you're new to the field or just looking to brush up on your knowledge, this guide is the perfect place to start.

Updated: June 11, 2025

As digital transformation continues to blur the lines between operational technology (OT) and IT, it’s time to start thinking more holistically about how to protect both from threat actors. Whereas IT and OT were once siloed, the convergence of the two has required previously isolated teams to approach cyber-physical systems (CPS) security as a more cohesive unit.

To do that, organizations must focus on developing a deeper understanding of the ubiquitous connectivity that now defines our physical world. Machinery and equipment that was once insulated from cyberattacks is now being brought online more commonly, changing the face of digital operations as we know it.

This guide walks organizations through the convergence of IT and OT, the security challenges brought about by this convergence, and how to prioritize device remediation based on organizational impact.

Outcome of IT and OT Convergence
Cyber-Physical System Security Challenge
Cyber-Physical Systems with Claroty
The Bottom Line

What are Cyber-Physical Systems?

Cyber-physical systems are engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world — resulting in improved operations, resilient, reliable systems, and a deeper understanding of the physical things they control. As cyber-physical systems face new threats and challenge traditional IT approaches, it is now more important than ever for organizations to incorporate CPS into their security strategy.

According to the DHS, cyber-physical systems security addresses CPS security concerns and internet of things (IoT) devices. Cyber-physical systems have become an increasingly integral part of critical infrastructure, government and everyday life. Key examples of CPS include patient monitoring in hospitals, intelligent buildings, smart electric grids, and autonomous vehicles. These smart networked systems interact with the physical world to support real-time, guaranteed performance in safety-critical applications. Although these devices help to sustain our lives, they also greatly increase cybersecurity risks and attack surfaces — and the consequences of unintentional faults or malicious attacks could have a severe impact on human lives. As more and more devices become interconnected, securing both the cyber and physical world will only become more challenging, making it paramount for organizations to implement a comprehensive CPS security strategy.

Cyber-Physical Systems: An Outcome of IT and OT Convergence

In the past, IT and OT were seen as distinct and isolated business domains. IT focused solely on capabilities necessary to process data, while OT focused solely on devices responsible for monitoring or carrying out physical processes.

However, as digital transformation accelerated, connecting OT networks to IT systems has unlocked tremendous business value – enabling improvements in operations efficiencies, performance, and quality of service. The level of interconnectivity introduced by the rise of the extended internet of things (XIoT) — including more sector-specific concepts such as the Industrial Internet of Things (IIoT), Internet of Medical Things (IoMT) — further fueled IT-OT convergence. And now we’ve reached a point where our physical world is very dependent on its digital components.

While the terms IT and OT can be applied to specific devices, hardware, and software, the expanding interface between cyber (i.e., IT) and physical (i.e., OT) technologies has given rise to the concept of cyber-physical systems with applications including heavy industry, healthcare, building management systems, and critical infrastructure. Even our most basic needs like food, water, and healthcare depend on cyber-physical systems and the connected devices that underpin them.

This distinction of cyber-physical systems as an overarching term that comprises multiple assets and systems across multiple environments interacting with one another is important, as it helps explain the security challenges.

Understanding Cyber-Physical Systems Security Challenges & Risks

Since cyber-physical systems are complex, interconnected, and comprise different types of devices and different protocols, securing them is both challenging and critically important.

Cyber-physical systems challenge traditional security approaches, and with the complexity and variety of old and new connected assets, organizations are beginning to recognize that OT is not the only cyber-physical asset they have to contend with. Smart buildings, for example, are cyber-physical systems that do more than just process data. These assets straddle the cyber and physical worlds and are typically deployed in operational or mission-critical environments, where human safety and operational resilience are top priorities. This is par for the course with technology innovation, and it will take years, if not decades, before a new generation of connected assets emerges with more natively integrated security processes and pathways.

Technological advancements have enabled a broad range of new devices; however, these devices are being created and deployed without safety and security in mind. This challenge, coupled with the fact that many device lifespans are measured in decades, mean current designs could impact the next several decades. Analyzing, understanding and addressing these issues in the early stages will help organizations to develop a sound strategy when it comes to CPS security.

At the same time, cyber-physical systems are attractive targets because of their criticality levels and vulnerabilities that leave them open to attack. While compromised IT networks and security breaches that exfiltrate personal data are very costly and have other financial implications, they don’t threaten the physical world we live in and the systems we depend on. Lives and livelihoods are at risk when cyberattacks spillover into the OT realm and have a physical impact. Some examples of threats associated with cyber-physical systems include:

Malware: In March 2025, Ukraine was hit by a malware attack called PathWiper that disrupted the country’s critical infrastructure. The attack was likely the work of a Russia-linked advanced persistent threat (APT).
Ransomware: Kettering Health, an Ohio-based healthcare provider, was affected by a ransomware attack in May 2025 that impacted its operations and patient care.
Unauthorized Remote Access: VoltTyphoon, an APT linked to China, has gained attention in 2025 for its continuous living-off-the-land attacks, in which the group uses valid credentials to gain unauthorized access to company networks.
Supply Chain Attacks: A highly sophisticated supply chain attack targeting the XZ data compression utility came perilously close to succeeding in April 2024.

The range of attack types across sectors also reflects another challenge with cyber-physical systems security: a breadth and depth of domain knowledge to understand how best to secure each environment while operating within the models and methods unique to each.

On top of that, prioritizing which devices to protect based on potential business impact is difficult without a way to fully identify every asset on your organization’s network. Typically, CPS protection platforms focus on device and asset-centric risk assessment, but don’t include recommendations on which devices need to be prioritized first.

Securing Cyber-Physical Systems with Claroty

The biggest advantage defenders have is to know their networks better than the adversary. Visibility to provide a clear picture of what is happening across the entire OT environment, including systems and workflows, is essential.

Fueled by broad domain knowledge of physical systems and workflows, along with deep capabilities including full-spectrum visibility, exposure management, threat detection, and secure access controls, the Claroty Platform redefines cyber-physical systems protection. It provides industry-leading device purpose and risk benchmarking features that help your organization identify the most critical assets within your network, allowing security teams to devote more time and resources to protecting them.

Protecting Cyber-Physical Systems: The Bottom Line

Regardless of what the future brings, one thing is clear: cyber-physical systems and the networks they operate on have become attractive targets for threat actors. These networks are critical, and therefore valuable. Organizations need visibility and control over those assets to proactively prepare for every scenario, and to be able to respond quickly and effectively to all threats.

The Claroty Platform provides critical infrastructure with the tools required to defend against an evolving threat landscape. Schedule a demo today to see how the platform can revolutionize your organization’s approach to CPS security.