This work addresses the challenge of securely enabling data interoperability between isolated legacy systems and modern secure zones in Industrial 4.0 environments. The authors propose SigmaServer, a TCP-layer OPC UA aggregation mechanism that bridges legacy systems lacking native OPC UA support with contemporary architectures within an operational technology (OT) testbed. By doing so, SigmaServer overcomes the data flow limitations imposed by traditional air-gapped isolation strategies while preserving stringent security boundaries. Experimental validation demonstrates that SigmaServer effectively balances security and compatibility, facilitating efficient and reliable cross-domain data exchange. This approach offers a practical solution for heterogeneous integration in industrial control systems, where legacy infrastructure must coexist with evolving security and communication standards.

The increased connectivity of industrial networks has led to a surge in cyberattacks, emphasizing the need for cybersecurity measures tailored to the specific requirements of industrial systems. Modern Industry 4.0 technologies, such as OPC UA, offer enhanced resilience against these threats. However, widespread adoption remains limited due to long installation times, proprietary technology, restricted flexibility, and formal process requirements (e.g. safety certifications). Consequently, many systems do not yet implement these technologies, or only partially. This leads to the challenge of dealing with so-called brownfield systems, which are often placed in isolated security zones to mitigate risks. However, the need for data exchange between secure and insecure zones persists. This paper reviews existing solutions to address this challenge by analysing their approaches, advantages, and limitations. Building on these insights, we identify three key concepts, evaluate their suitability and compatibility, and ultimately introduce the SigmaServer, a novel TCP-level aggregation method. The developed proof-of-principle implementation is evaluated in an operational technology (OT) testbed, demonstrating its applicability and effectiveness in bridging secure and insecure zones.