Why OT Cyber Resilience Must Match Production Speed
The U.S. Army’s new SkyFoundry initiative marks a historic acceleration in domestic drone production. Announced as a pilot program in October, it aims to manufacture up to 10,000 small unmanned aerial systems (UAS) per month in the next 2 to 3 years and ultimately scale to 1 million units annually once fully operational. The program will integrate advanced digital and automated manufacturing across multiple U.S. facilities, including a dedicated innovation hub to rapidly evolve drone designs based on lessons learned from global conflicts.
SkyFoundry represents more than a production milestone. It signals a transformation in how the United States approaches defense manufacturing in the digital age. At the same time, the Department of Defense must address a growing and often underestimated challenge: the cybersecurity of the operational technology (OT) systems that underpin production.
The Expanding OT Attack Surface
Digitally enabled manufacturing promises speed and scale, but it also expands the attack surface across critical OT environments. Modern production lines depend on programmable logic controllers (PLCs), robotic systems, additive manufacturing platforms, and industrial sensors, all of which are increasingly network-connected. These assets blur the line between cyber and physical domains, meaning a digital intrusion could have kinetic consequences.
A compromised PLC, for example, could introduce minute alterations to a drone’s airframe or payload configuration. In large-scale, automated production, such a modification could propagate across thousands of units before detection. The potential implications, ranging from flight instability to mission failure, underscore why OT network integrity must be treated as a national security priority alongside production capacity.
The Supply Chain Challenge
SkyFoundry’s distributed model, which brings together multiple domestic manufacturers contributing hardware, software, and mission-specific components, also introduces new firmware and AI supply chain risks. Each vendor integration point, whether for sensors, navigation software, or onboard processing, creates a potential entry vector for adversaries.
Foreign actors targeting firmware update processes or model weights used in onboarding AI could subtly alter drone behavior in the field. Ensuring AI model integrity, secure firmware signing, and continuous validation across all partners will be essential. These are not just IT concerns; they are mission assurance imperatives.
The challenge is compounded by the pace of production. When a facility is producing thousands of units per month, it is impractical to fully flight-test every drone before deployment. This makes real-time visibility and anomaly detection within OT environments a critical safeguard.
The Case for Automated Anomaly Detection
Traditional cybersecurity tools are designed for IT networks, not for the deterministic, safety-critical nature of industrial systems. What is needed in a program like SkyFoundry is continuous, automated OT network monitoring that can baseline normal operational behavior and detect deviations in real time, whether they stem from cyber manipulation, misconfiguration, or equipment malfunction.
By leveraging anomaly detection and network segmentation, defense manufacturers can quickly isolate potential compromises before they propagate across production lines. Such monitoring provides an added layer of assurance that each drone matches its approved digital twin and that no unauthorized changes have been introduced during design or assembly.
Balancing Velocity, Visibility, and Resilience
SkyFoundry’s success will depend on the Army’s ability to balance velocity, visibility, and resilience. The program’s promise to dramatically expand domestic UAS production capacity is strategically vital. But speed without visibility creates risk. A single undetected cyber intrusion within an OT environment could undermine thousands of assets, negating the very advantage this rapid production model seeks to create.
Embedding OT security from the ground up through network segmentation, strict access controls, firmware validation, and automated anomaly detection can ensure that manufacturing speed does not come at the cost of system integrity.
Securing the Future of Digital Defense Manufacturing
SkyFoundry is a bold step toward strengthening America’s defense industrial base, but it also signals the future of digital manufacturing across all sectors, where physical production and cyber systems are inseparable. As the United States transitions to this new model, cyber-physical resilience must be viewed as integral to readiness, not a secondary consideration.
In an era where adversaries can exploit the invisible seams between IT, OT, and AI, securing those seams is as critical as any armor or airframe. The Army’s initiative offers an opportunity not only to reimagine how drones are built, but also how secure, adaptive, and trusted the entire defense manufacturing ecosystem can become.
Col. Jen Sovada (U.S. Air Force, ret.) Public Sector GM at Claroty.