Contact Us
Back to parent
Ep24

Mission Assurance at the Optical Layer: OT Zero Trust with Photonics

03/12/2026
Doug Woolf
Principal

Introduction

Photonics is the use of light for communication, switching, sensing, and in some cases computation. Photonic computing is no longer an unobtainable, futuristic technology. In operational technology (OT) security, we can deploy photonics now: namely fiber transport, optical switching concepts, optical-layer telemetry, and fiber-based sensing.

Zero Trust Architecture (ZTA) and OT security don’t always line up cleanly because OT environments operate under constraints that most enterprise networks simply don’t have. OT has deterministic operations, safety implications, and availability requirements that add increased complexity. OT also has long asset lifecycles and legacy protocols that were never designed for authentication, encryption, or contemporary approaches towards logging, not to mention the physical limitations OT brings to the equation.

At the same time, national security and defense guidance is pushing OT and control systems toward modern security outcomes aligned to ZTA. According to the Department of Defense (DoD) Zero Trust Strategy “The journey to Zero Trust requires all DoD Components to adopt and integrate Zero Trust capabilities, technologies, solutions, and processes.”

This post breaks down where photonics supports OT Zero Trust outcomes and what current industry trends indicate about the optical infrastructure OT which environments are built on.

The Many Facets of OT Security

OT Zero Trust conversations often revolve around a similar theme. Security teams describe the end state: almost always tighter segmentation, fewer implicit trust paths, stronger monitoring, reduced lateral movement, controlled access, and faster detection and response.

Then an engineer asks the operational question: “How do we do that without breaking XYZ?”

In OT, availability is the mission. If a control adds jitter, creates chokepoints, or complicates recovery, it will be bypassed, even if the policy says otherwise. OT systems do not tolerate fragile security. They simply can’t afford to.

Photonics keeps showing up in these discussions because it allows for “security by physics” rather than “security by complex configuration”, which is an attractive selling point for overburdened OT staff. Fiber transport improves link stability and reduces electromagnetic susceptibility but it also eliminates the need for expensive shielded cabling, permitting much longer reach in massive industrial footprints. That stability makes segmentation more durable, which reduces the temptation for temporary bypasses. Optical-layer telemetry provides link integrity signals that help during incidents. Optical switching patterns support a zero-trust idea which OT can feasibly adopt: connectivity that is explicit, time-bound, and auditable, not permanently ambient.

Additionally, photonics can even help organizations improve metrics and enhance security strategy even from a governance perspective. For example, photonics reduces Mean Time to Repair (MTTR) by using “link truth” signals to instantly distinguish between a physical fiber break and a cyber-attack.

(Created by author using gen AI)

No Single Approach to Security

There is never a one-size-fits-all solution to zero trust. In fact, the United States General Services Administration (GSA) states this directly: “There is no single technology, product, or service that can achieve the goals of implementing a ZTA.” Therefore, we need to start with what already works in OT security:
  • Zones and conduits
  • Deterministic behavior and outcomes
  • Safety and availability as first-order requirements
  • Explicit boundaries between OT and enterprise
  • Visibility that does not create outages
  • Recovery that is not improvised
But where can photonics strengthen those fundamentals in a way that maps to OT zero trust outcomes? Photonics can make segmentation easier to sustain, increase monitoring confidence and enable more intentional connectivity patterns for the pathways that create the most risk in OT. The OT zero trust conversation has matured quickly. A year ago, many teams were still debating whether OT belonged in zero trust execution at all. That debate is fading, replaced by better engineering questions:
  • How do we segment without creating fragility?
  • How do we monitor without causing outages?
  • How do we control OT to enterprise pathways without starving telemetry?
  • How do we make remote access explicit and time-bound?
  • How do we incorporate physical realities into assurance?
Photonics are showing up more often because it can help answer those questions with OT-friendly tradeoffs. It enables stable segmentation backbones, stronger link truth signals, and more intentional connectivity patterns for the riskiest pathways.

Defining OT Photonics Deployment Models

Photonics for ZTA can be structured into two separate models that map to OT zero trust outcomes.

Model 1: Optical Backbone for Durable Segmentation

This model uses photonics primarily as the transport substrate for zones and conduits. The goal is to make segmentation sustainable. What it looks like:
  • Fiber-first inter-zone connectivity
  • Backbone headroom that prevents segmentation from becoming a bottleneck
  • Reduced susceptibility to electromagnetic noise in harsh environments
  • Clear separation between real-time control pathways and analytics pathways
Segmentation requires operations to be running efficiently and correctly. When links are unreliable or constrained, teams create bypasses. When backbones are stable and have capacity, teams keep the design intact. This model is the best starting point when the dominant risk is lateral movement enabled by overly flat OT networks or fragile segmentation.

Model 2: Optical Switching and Controlled Connectivity

This model uses photonics to change how connectivity is granted. The goal is to make “default deny” meaningful at the pathway level. In OT, the most dangerous connectivity is often not a clever exploit. It is a permanent pathway that exists because it is convenient, such as vendor access that never turns off, engineering workstation reachability that expands over time, OT-to-enterprise flows that started as a one-time integration and becomes permanent. Controlled connectivity patterns aim to fix that by making pathways intentional events:
  • Created when needed
  • Limited in scope
  • Time-bound
  • Auditable
For example, Optical Circuit Switch (OCS) physically disconnects a path when not in use. This “air-gap on demand” is a unique photonic capability that standard Ethernet switching cannot replicate as securely.

Compliance Engineering and a Self-Healing Environment

OT security programs become insufficient when assurance becomes spreadsheet-only governance. OT security governance and assurance must exist as a byproduct of operations. Photonics supports that shift in three practical ways. 1. Link truth becomes a security signal Optical infrastructure provides health and integrity telemetry. Treated correctly, it helps reduce ambiguity during incidents:
  • Degradation trends that suggest physical disturbance
  • Error-rate changes that correlate with traffic anomalies
  • Link instability that does not align with maintenance windows
Reducing ambiguity reduces downtime and reducing downtime means everything in OT. 2. Segmentation drift becomes detectable Barring a few dramatic examples such as Stuxnet, OT segmentation rarely fails catastrophically. It fails quietly: a bypass cable, a convenience Virtual Local Area Network (VLAN), a tunnel left open. Over time, the system drifts away from the design baseline. A mature posture continuously validates segmentation intent. Photonics do not do that alone, but stable optical backbones and optical-layer signals make drift easier to detect and faster to troubleshoot. The result is fewer “mystery” outages and fewer silent architectural regressions. 3. Pathways can be governed as intentional events The riskiest OT connections are the ones that exist permanently “just in case.” Controlled connectivity patterns encourage a different posture: create access only when needed, prove it, log it, and remove it when done. This aligns with zero trust intent in a way OT can adopt: reduce ambient access without breaking operational workflows.

Photonics Industry Advancements

Two American companies are leading the way in innovative photonic designs to support ZTA. Coherent Corporation and Lumentum Holdings are two of the best-known U.S. photonics companies, sitting at different but complementary layers of the optical stack. Coherent is a diversified photonics manufacturer with major businesses in lasers and materials processing, plus a large and growing footprint in datacom optics and optical components used in high-speed networks. They play across “industrial photonics” and “network photonics,” which makes them a useful reference point for how optical technology migrates from specialized applications into scalable infrastructure. Some of the latest designs highlighting zero trust capabilities include: OCS: Coherent positions a large port-count optical circuit switch, described as a 300×300 platform built on its digital liquid-crystal technology. (Courtesy Coherent Optical Circuit Switch) https://www.coherent.com/news/press-releases/optical-circuit-switch-for-data-centers-live-demo-at-ofc-2024-based-on-ultrareliable-dlx-technology

1.6T silicon photonics transceivers and related building blocks: Coherent has publicly showcased silicon photonics based 1.6T-DR8 modules in Octal Small Form-factor Pluggable (OSFP), highlighting a differential electro-absorption modulated laser (D-EML) aimed at reducing power and crosstalk for higher-speed links.

(Courtesy Coherent) https://www.coherent.com/news/press-releases/400g-differential-eml

Coherent’s product direction signals a broader architectural trend away from “always-on, broadly reachable networks” toward intentional, on-demand pathways that can better support least-privilege connectivity, time-bound access, and smaller blast radius, while the maturation of high-integration pluggables helps make durable segmentation backbones more practical and supportable over time.

Lumentum is more concentrated in optical communications and photonic components, best known for indium phosphide–based lasers and modulators that power high-speed optical links, as well as optical switching and related infrastructure used in modern network fabrics. They are a strong lens on the building blocks that make dense, reliable optical connectivity possible at scale.

Some of the latest designs highlighting zero trust capabilities include:

R64 Optical Circuit Switch: Lumentum announced and productized an R64 platform, positioned as a lower port-count OCS built on field-proven micro-electromechanical systems (MEMS) technology

(Courtesy Lumentum) https://www.lumentum.com/en/products/64×64-optical-circuit-switch-ocs

Optical circuit switch portfolio messaging: Lumentum’s OCS materials emphasize transparent any-to-any connectivity with low latency, low insertion loss, and low power consumption, built on MEMS.

(Courtesy Lumentum) https://www.lumentum.com/en/products/300×300-optical-circuit-switch-ocs

Lumentum’s newest photonic technology also points to a broader trend toward intentional, on-demand, while its continued push in 200G-per-lane electro-absorption modulated laser (EML) components reflects the maturity curve that makes optical infrastructure more reliable and supportable for durable segmentation backbones over time.

Why Do Photonic Components Matter?

OT is now inside the zero trust execution perimeter and the Department of War (DoW) has described OT-specific activities and outcomes that make the expectation concrete.

Photonics assists OT security teams achieve more favorable outcomes with fewer operational tradeoffs:

  • Durable segmentation through stable, high-headroom backbones
  • Improved detection confidence through optical-layer link truth signals
  • More realistic default-off connectivity through controlled-path patterns
  • Better correlation between cyber anomalies and physical reality through sensing opportunities
  • Faster troubleshooting and recovery because the physical layer is observable, not assumed

For mission partners, the value is straightforward. Photonics is not the story. OT outcomes are the story. Photonics is one way to make those outcomes operationally survivable.

The Future of OT Zero Trust

OT will not suddenly become photonics-native. However, it most certainly will become photonics-assisted.

Near-term adoption trends will likely look like:

  • More fiber-first segmentation backbones, especially at boundaries and between zones
  • More optical telemetry integrated into monitoring for integrity and anomaly correlation
  • More controlled-path thinking for remote access and OT-to-enterprise transfers
  • More convergence between network operations and security assurance because continuous validation becomes the only scalable model

The best OT programs will not use photonics because it sounds futuristic. They will use it because it makes the right outcomes easier to sustain.

OT zero trust is not a checkbox exercise. It reduces implicit trust without breaking operations.

Photonics does not replace identity, access control, boundary enforcement, or incident response. It makes segmentation more durable, monitoring more confident, and controlled connectivity more achievable. It also forces a healthy truth: in OT, you cannot separate cyber from physical, and you cannot secure what you cannot observe.

Security that breaks the mission is not security. Photonics helps us get closer to the version of OT zero trust that actually works.

References:

  • DoD CIO. (2022). Department of Defense Zero Trust Strategy. (DoD CIO)
  • Washington Headquarters Services. (Jul 17, 2025) ; Incorporating Change 1 Sep 2, 2025). Directive-Type Memorandum (DTM) 25-003, “Implementing the DoD Zero Trust Strategy.” (Defense Logistics Agency)
  • DoD CIO. (Nov 18, 2025). Zero Trust for Operational Technology: Activities and Outcomes. (DoD CIO)
  • DefenseScoop. (Dec 1, 2025). Pentagon posts guidance on implementing zero trust for operational technology. (DefenseScoop)
  • U.S. General Services Administration. Zero Trust Architecture (ZTA) (U.S. General Services Administration)
  • Coherent Corp. (Mar 31, 2025). Coherent to Showcase Innovative Products and Technologies at OFC 2025. (Coherent Inc)
  • Coherent Corp. (May 6, 2024). Shareholder Letter (FY24 Q3). (Coherent Inc)
  • Coherent Corp. (Oct 2, 2025). Coherent Proxy Statement 2025. (Coherent Inc)
  • Lumentum Holdings Inc. (Sep 24, 2025). Lumentum Announces R64 Optical Circuit Switch for AI Data Centers. (Business Wire)
  • Lumentum Holdings Inc. Optical Circuit Switches (R300/R64 product overview). (Lumentum)
  • Lumentum Holdings Inc. (Nov 19, 2025). Optical Circuit Switches in AI Hyperscale Data Centers. (Lumentum)
  • Lumentum Holdings Inc. EML 200G PAM4 CWDM Laser. (Lumentum)
  • Lumentum Holdings Inc. (Mar 27, 2025). Lumentum to Showcase Cutting-Edge Optical Innovations for Cloud, AI, and Networking Infrastructure at OFC 2025 (Business Wire)