Copia secures $26 million to safeguard the software that operates factories.

      When asking an industrial engineer about the recovery process in the event of corrupted or encrypted controller code, the honest response is often not optimistic: a backup might be stored on someone's laptop in a folder named “final_backup_2”.

      Copia Automation aims to change this scenario to resemble the practices used by software teams. The New York-based startup has secured $26 million to develop version control, backups, and recovery systems for the code that operates factories and infrastructure. This funding round, co-led by AE Ventures and Squadra Ventures, increases its total funding to $55 million.

      The software that manages the physical world relies heavily on programmable logic controllers (PLCs), which are small computers that control machines and production lines. The problem is that standard IT software is inadequate for their protection. Each vendor—be it Rockwell, Siemens, or Schneider—utilizes its own proprietary tools, similar to how Windows applications can’t run on a Mac.

      As a result, crucial software practices such as version history, validated backups, and audit trails are largely absent from factory floors. Copia is working to integrate these practices across different vendors for the software that controls factories. The company also provides a continuous delivery system, akin to GitHub Actions, specifically for industrial code.

      The timing of this initiative is significant. As manufacturing begins to return to the United States, new, highly automated facilities are being established. Concurrently, there’s a rising trend of attacks targeting the controllers that manage essential infrastructure. According to one report, manufacturing was the most frequently attacked industry in 2025.

      Simply detecting a problem is not sufficient for restoring a plant. If a controller has been encrypted or overwritten, successful recovery relies on understanding what changed and having a clean, validated version to restore. As Stated by investors, Copia’s goal is to become the “system of record” for this layer, mirroring the efforts of other startups focused on safeguarding critical infrastructure.

      This isn’t a glamorous space, and that might be the objective. Copia doesn’t offer another cybersecurity dashboard; instead, it provides operational memory: tracking changes, identifying what worked, and outlining what can be restored. The funding round even combined equity with venture debt, emphasizing financial prudence.

      The main challenge lies in getting adoption. A single factory may have several PLC vendors, legacy code, and undocumented emergency fixes, with maintenance teams pressured to keep operations running. While standardization appears straightforward from a corporate perspective, it becomes less so at 3 AM during production halts. The true test for Copia will be its ability to integrate smoothly into these complex environments without disrupting operations.