The Critical Need for Post-Quantum Encryption in Manufacturing Execution Systems
The manufacturing industry is undergoing a digital transformation, with Manufacturing Execution Systems (MES) becoming the backbone of modern smart factories. However, as we advance toward Industry 4.0, a new threat looms on the horizon: quantum computing. The cryptographic algorithms that currently protect our most sensitive manufacturing data may soon become obsolete. This isn’t a distant concern - it’s a present reality that requires immediate attention.
Why MES Systems Are Critical Targets
Manufacturing Execution Systems sit at the heart of every modern production facility, making them treasure troves of invaluable industrial property and operational intelligence. The data contained within these systems represents the crown jewels of manufacturing organizations.
MES systems document and store comprehensive production processes that reflect decades of research, development, and optimization. These systems contain detailed product recipes that define the exact specifications, ingredients, formulations, and processing parameters required to manufacture products. For pharmaceutical companies, these might include drug formulations; for semiconductor manufacturers, they contain precise etching and deposition processes; for food and beverage companies, they hold proprietary recipes and processing conditions.
The intellectual property stored in MES systems extends beyond simple recipes. These systems maintain complete process workflows that detail every step of production, from raw material handling to final packaging. This includes optimal processing temperatures, timing sequences, equipment settings, and quality control checkpoints that have been refined over years of production experience.
Real-Time Operational Data
Beyond static information, MES systems continuously collect and store real-time operational data that provides unprecedented visibility into manufacturing operations. This includes:
- Equipment performance data: Machine utilization rates, cycle times, throughput measurements, and overall equipment effectiveness (OEE) metrics
- Quality measurements: In-process quality checks, statistical process control data, defect rates, and product specifications
- Material traceability: Complete genealogy of materials and components, including supplier information, batch numbers, and processing history
- Resource allocation: Labor assignments, skill requirements, and productivity metrics
Production Intelligence and Optimization Data
Modern MES systems leverage advanced analytics and machine learning to optimize production processes. They store predictive maintenance algorithms, demand forecasting models, and process optimization parameters that give manufacturers competitive advantages. This operational intelligence enables manufacturers to reduce waste, improve yield rates, minimize downtime, and respond quickly to market demands.
These systems also maintains detailed audit trails and compliance data essential for regulated industries. For medical device manufacturers, aerospace companies, and pharmaceutical producers, this includes validation records, batch records, and documentation required for regulatory submissions.
Network and System Integration Data
As the central hub connecting shop floor equipment with enterprise systems, MES platforms contain integration configurations and network topologies. This includes access to external system credentials, communication protocols, system interfaces, network architectures, and security configurations that could be exploited if compromised.
The value of this collective data cannot be overstated. A compromised MES system could expose proprietary manufacturing processes to competitors, disrupt production operations, compromise product quality, and violate regulatory compliance requirements. This makes MES systems prime targets for industrial espionage and cyber attacks.
The Quantum Computing Threat Timeline
Quantum computing represents a fundamental shift in computational capability that threatens the cryptographic foundations of our digital infrastructure. Unlike classical computers that process information in binary bits, quantum computers leverage quantum mechanical properties like superposition and entanglement to achieve exponential speedups for specific types of problems.
Current State and Projections
The quantum threat to encryption is not a theoretical concern - it’s an approaching reality with increasingly precise timelines. Recent research and expert assessments paint a concerning picture:
Conservative Estimates: The Chinese Academy of Sciences projects that quantum computers capable of breaking RSA-2048 encryption may emerge between 2045-2050. The MITRE analysis suggests RSA-2048 could remain secure until 2055-2060 under current technological constraints.
Moderate Projections: Most cybersecurity experts predict quantum computers will break RSA-2048 within 15 years, with some estimates pointing to 2030 as a critical milestone. Gartner predicts RSA and ECC will become unsafe by 2029 and potentially broken by 2034.
Aggressive Timelines: Some researchers warn of breakthrough capabilities emerging as early as 2028. A recent global survey found that 61% of security professionals believe quantum attacks will neutralize current encryption within 2-5 years.
The uncertainty in these timelines reflects the complexity of quantum computing development, but the overall trend is clear: the quantum threat is accelerating.
Algorithmic Breakthroughs
Recent developments have dramatically reduced the quantum computing resources required to break encryption. A 2025 study from Google Quantum AI researcher Craig Gidney suggests that breaking RSA-2048 encryption could be achieved in less than a week using fewer than one million noisy qubits - an order-of-magnitude reduction from previous estimates of 20 million qubits.
This reduction comes from algorithmic improvements and more efficient system designs, including approximate arithmetic and compressed error-correction layouts. Such breakthroughs demonstrate that progress in quantum computing can come not just from hardware advances, but also from software and algorithmic innovations.
The “Harvest Now, Decrypt Later” Attack
One of the most insidious aspects of the quantum threat is the “harvest now, decrypt later” attack strategy. Adversaries are currently collecting encrypted data with the intention of storing it until quantum computers become available to decrypt it.
Current Data Collection
Cybercriminals and nation-state actors are actively harvesting encrypted communications, stored databases, and backup systems containing sensitive manufacturing data. This includes:
- Encrypted MES database backups
- Secure communications between manufacturing sites
- Proprietary technical documentation
- Financial and competitive intelligence
- Customer and supplier information
Future Decryption Capabilities
Once cryptographically relevant quantum computers (CRQCs) become available, this stored data will become vulnerable to retrospective decryption. For manufacturing companies, this means that trade secrets, product formulations, and competitive intelligence collected today could be exposed in the future.
The timeline for this threat is particularly concerning for data with long-term value. Manufacturing processes, product recipes, and technological innovations often remain valuable for decades. A pharmaceutical company’s drug formulation collected today could still be commercially sensitive 20-30 years from now, well within the projected timeline for quantum computing threats.
This “store now, decrypt later” strategy creates an immediate urgency for implementing post-quantum cryptography, even before quantum computers become practically available. Organizations cannot wait until quantum computers are deployed to begin protecting their data - they must act now to prevent future exposure.
Interactive Quantum Timeline Simulation
To better understand when current encryption methods might become vulnerable, several organizations have developed online simulators and calculators that visualize the quantum threat timeline.
IBM Quantum Experience provides access to both quantum simulators and real quantum processors, allowing users to experiment with quantum algorithms and understand their implications for cryptography. The platform includes educational resources about Shor’s algorithm and its impact on RSA encryption.
Quantum Computing Timeline Calculators are available from various cybersecurity organizations that allow users to input different scenarios (qubit counts, error rates, algorithmic improvements) to estimate when specific encryption methods might become vulnerable.
NIST Post-Quantum Cryptography Resources provide detailed timelines and migration guidance for transitioning to quantum-resistant algorithms. These resources include risk assessment tools and implementation roadmaps.
While there is no single definitive simulation website, these resources collectively offer interactive ways to explore the quantum timeline and understand the urgency of transitioning to post-quantum cryptography. Organizations should regularly consult these resources to stay updated on quantum computing progress and adjust their security strategies accordingly.
Critical Manufacturing’s Quantum-Safe Leadership
As the quantum threat becomes more tangible, manufacturing software providers must take proactive steps to protect their customers’ valuable data. That’s why Critical Manufacturing is at the forefront of this effort in the upcoming 11.2 release.
Version 11.2 is the first release to support Post-Quantum Cryptography, allowing customers to use X25519MLKEM768, a hybrid key exchange algorithm used in TLS 1.3 that combines the established X25519 elliptic curve with the NIST-standardized ML-KEM-768 post-quantum algorithm.
Support for TLS 1.3 with X25519MLKEM768 highlights Critical Manufacturing’s commitment to spearhead manufacturing excellence and MES innovation. Critical Manufacturing’s continuous dedication to security and secure architecture patterns, allows Critical Manufacturing MES to be one of the first MES solutions to provide Post-Quantum safe communication options.
The Imperative for Action
The convergence of quantum computing advancement and the critical nature of MES data creates an urgent imperative for the manufacturing industry. Organizations cannot afford to wait until quantum computers become mainstream to begin their post-quantum transition.
Immediate Steps
Assessment and Inventory: Manufacturers must immediately assess their current cryptographic implementations, identify vulnerable systems, and prioritize critical assets for protection.
Vendor Engagement: Work with MES providers, equipment manufacturers, and system integrators to understand their post-quantum roadmaps and timelines.
Pilot Projects: Begin testing post-quantum cryptographic implementations in non-production environments to understand performance implications and integration challenges.
Staff Training: Educate IT and OT teams about quantum threats and post-quantum cryptography to build internal expertise.
Long-term Strategy
The transition to post-quantum cryptography will be complex and lengthy, requiring careful planning and execution. Organizations should develop comprehensive strategies that address not just MES systems but entire manufacturing technology stacks including PLCs, SCADA systems, and enterprise applications. When well designed, a hybrid deployment approach with the right MES can significantly mitigate the risks of maintaining some legacy systems running on the shop-floor.
The quantum threat to manufacturing is real, imminent, and potentially devastating. However, with proper preparation and proactive adoption of post-quantum cryptographic solutions like those offered in Critical Manufacturing MES 11.2, the industry can maintain the security and integrity of its most valuable digital assets.
The question is not whether quantum computers will break current encryption - it’s whether your organization will be ready when they do.
This blog post is based on current research and industry developments as of September 2025. Quantum computing and post-quantum cryptography are rapidly evolving fields, and organizations should regularly update their threat assessments and security strategies.
Author
Hi! My name is José Pedro Silva. ✌️
I’m the R&D Director at Critical Manufacturing. Passionate about cybersecurity and everything Software Engineering.
You can find me on LinkedIn.
