Pharmaceutical manufacturing sits at the intersection of two regulatory frameworks with fundamentally different risk tolerances. Cybersecurity frameworks require rapid patching, continuous monitoring, and aggressive response to detected threats. Good Manufacturing Practice (GMP) quality systems require validated, locked-down process control environments where changes are slow, thoroughly documented, and subject to formal revalidation before deployment.

This tension is a consistent source of vulnerability in pharmaceutical OT environments. Systems that cybersecurity teams would classify as critically exposed — Windows Server 2008 HMIs, unpatched SCADA servers, decade-old engineering workstations — remain in production because the cost and time to patch in a validated environment is prohibitive. Understanding this constraint is essential for OT security practitioners entering the pharmaceutical sector.

The Pharmaceutical OT Architecture

Pharmaceutical manufacturing uses three categories of process control technology:

Distributed Control Systems (DCS) form the core of continuous manufacturing — API (active pharmaceutical ingredient) synthesis, fermentation, chromatography purification, and fill-finish operations. Dominant vendors are Emerson DeltaV, Honeywell Experion PKS, and Siemens PCS 7/SIMATIC. DCS workstations run Windows-based HMIs with validated OS configurations, meaning they must run a specific, tested OS version and software build. Any deviation — including a Windows update — requires formal revalidation before the system can be returned to production use.

Batch Execution Systems manage discrete manufacturing steps and are typically compliant with ISA-88 (IEC 61512), the international batch control standard. Siemens SIMATIC Batch, Emerson DeltaV Batch, and standalone systems like Werum PAS-X sit in this category. Under FDA 21 CFR Part 11 and EU GMP Annex 11, these systems must maintain a complete, tamper-evident audit trail — electronic records and electronic signatures must be attributable to a specific individual, accurate, and unalterable after the fact.

Building Management and Environmental Monitoring Systems control cleanroom HVAC, temperature, humidity, and pressure differential — parameters critical to product sterility and quality. BMS systems from Siemens Desigo, Johnson Controls Metasys, or Automated Logic connect via BACnet or Modbus to manufacturing systems and to building control networks. They are frequently the most network-connected and least security-maintained systems in the facility.

The Validation Constraint

The 21 CFR Part 11 requirement for electronic record integrity and EU GMP Annex 11’s “computerised systems” requirements create a specific security constraint: any change to a validated system — including security patches — must go through a formal change control and revalidation process before deployment.

A full DCS revalidation at a large manufacturing site can take three to six months and cost several million dollars. A Windows security patch to a validated HMI isn’t applied the week it’s released; it may not be applied for twelve to eighteen months after the patch is bundled into a validated upgrade package by the DCS vendor, tested, and scheduled into a planned maintenance window.

The result: pharmaceutical OT environments commonly run operating systems and software versions that are years past end-of-support. This is not ignorance or negligence — it is a rational response to regulatory requirements that have historically been interpreted as prioritising process stability over security currency. The FDA and EMA have been updating their guidance to address this, but the installed base reflects decades of the prior approach.

Critical Attack Paths

Three attack paths are most consequential in pharmaceutical OT environments:

Historian pivot. Process historians (AVEVA PI System, formerly OSIsoft PI; AVEVA System Platform) aggregate real-time process data from DCS and batch systems and connect upward to enterprise networks for reporting, QA monitoring, and MES integration. They are the most common pivot point in pharmaceutical OT intrusions. Historian servers sit across the IT/OT boundary by design, are often less hardened than either the DCS or the enterprise IT environment, and when compromised can provide read (and sometimes write) access to process data across all connected zones.

Engineering workstation compromise. Engineering workstations (EWS) have the ability to download new control logic to DCS controllers, modify process parameters, and configure safety interlocks. Compromise of an EWS gives an attacker the ability to modify the manufacturing process itself — changing temperature setpoints, disabling alarms, or altering batch recipes. In sterile manufacturing, process parameter modification is a patient safety issue, not only a data security issue.

Vendor remote access. Pharmaceutical facilities have vendor remote access for DCS and BMS maintenance — Emerson, Siemens, Honeywell, and building automation vendors all require remote access to their installed systems for support and upgrades. If this access is persistent VPN credentials rather than just-in-time provisioned sessions, it represents permanent external attack surface. Vendor accounts have been exploited in multiple documented pharmaceutical sector incidents.

Compensating Controls for GMP-Constrained Environments

The validation constraint does not prevent security improvement — it changes which controls are feasible. Compensating controls that don’t touch validated systems are the practical path:

Passive OT network monitoring is the highest-value investment. Deploying Claroty, Dragos, or Nozomi Network Visibility sensors in passive tap/span mode provides continuous asset discovery and anomaly detection without touching validated systems. These platforms can identify unusual communications from DCS workstations, unexpected engineer workstation connections, and historian data access anomalies. Deployment requires network access but no changes to validated system configurations.

Unidirectional data diodes for historian connections. Process historians that must send data to enterprise networks are a two-way risk if the connection is bidirectional. Waterfall Security or OPSWAT unidirectional gateways enforce one-way data flow at the hardware level — process data flows outbound to reporting systems, but nothing can flow back into the OT zone. This is a validated-system-compatible control that closes the most common pivot path.

Just-in-time vendor access. Replace persistent VPN credentials for vendor remote access with JIT-provisioned privileged access management (PAM) solutions — CyberArk, BeyondTrust, or Delinea. Sessions are time-limited, require approval workflow, are fully recorded, and leave no persistent credentials in the environment. This can be implemented as an IT/network-layer control without touching validated DCS components.

Zone segmentation at the network layer. If the facility network has not been segmented to separate DCS zones (Level 1-2), historian/SCADA zone (Level 3), and enterprise DMZ (Level 3.5), that segmentation should be the first infrastructure investment. Firewalls between zones with allowlist-only rules — permitting only the specific OPC-UA, Modbus, or Ethernet/IP traffic that must traverse the boundary — contain lateral movement without modifying validated systems.

GMP audit trail monitoring in SIEM. Batch execution system audit logs (21 CFR Part 11-compliant records) should be ingested by the SIEM and alerted on for tamper events. Any audit trail modification or deletion event is both a regulatory violation and a potential indicator of malicious activity — patient safety and security obligations align here.

Sector-Specific Governance Considerations

OT security practitioners entering pharmaceutical manufacturing must understand the regulatory structure: the Quality department, not IT, owns validated systems. Change requests to OT security controls must go through the same change control process as manufacturing process changes. The Quality VP or Director of GMP IT has authority over validated system changes that a CISO or OT security lead may not.

Building productive relationships with Quality, Regulatory Affairs, and Manufacturing Operations — rather than treating the validation constraint as an obstacle — is what separates effective pharmaceutical OT security programmes from those that remain marginalised. Security controls framed as supporting GMP compliance (audit trail integrity, access control for electronic signatures) are received differently than controls framed as security-for-its-own-sake.

The FDA’s Computer Software Assurance (CSA) guidance, published in 2022, is worth understanding. It shifts from prescriptive validation documentation to a risk-based approach that explicitly permits more efficient change management for lower-risk systems — which can open a path to more timely security patching for components outside the direct process control scope.

Tags
pharmaceuticalmanufacturingDCSSCADAFDA 21 CFR Part 11GMP Annex 11batch controlEmerson DeltaVSiemensHoneywell Experionvalidated systemsOT security