Enhancing Security and Resiliency in Operational Technology Environments Through Network Slicing and Federated Learning

The growing convergence of Information Technology (IT) and Operational Technology (OT) within Industry 4.0 environments has introduced new demands on industrial network infrastructure. As cyber-physical systems become increasingly interconnected, ensuring the secure, timely, and efficient exchange of critical data is essential. This thesis explores how network slicing, a method of creating isolated virtual network segments, can be applied within OT environments to address challenges such as latency, security, and resource allocation. The first research question addressed in this thesis is: How can OT networks take advantage of NFV and SDN technology to become cyber resilient? This study examines the operational, security, and architectural implications of introducing network slicing into traditionally static OT infrastructures such as Industrial Control Systems (ICS) and SCADA. Through simulated deployments and case studies, the research demonstrates how slicing enables better isolation between critical and non-critical services, thereby improving response time, throughput, and security in sensitive environments. The second question considers: How to dynamically implement network slicing and take advantage of network resources towards integrating decentralized machine learning? In response, this thesis proposes a framework that combines Software-Defined Networking (SDN), Network Function Virtualization (NFV), and Federated Learning (FL) to enable real-time analytics while maintaining data locality. The proposed approach reduces the burden on centralized infrastructure and minimizes privacy risks by supporting on-site training of models across distributed OT nodes, coordinated through dynamically allocated network slices. The third focus explores: How slicing helps to increase the resiliency of OT networks through the orchestration of a dynamic DMZ? To answer this, the thesis presents a method for creating and managing Dynamic Demilitarized Zones (DMZs) using network slicing. This enables flexible and automated isolation of sensitive subsystems during threat scenarios or high-risk operations. Coupled with intelligent orchestration and containerized security services, the dynamic DMZ significantly enhances the system's ability to respond to cyber incidents without halting production. Ultimately, this thesis contributes a comprehensive architecture that blends network slicing with machine learning, secure segmentation, and automation, paving the way for resilient, adaptive, and intelligent OT environments. Performance evaluations across multiple scenarios show improvements in system reliability, threat response time, model accuracy, and resource utilization, providing a strong foundation for future industrial automation systems.