# What is immutable infrastructure in an industrial setting?

Immutable infrastructure is a design principle where systems are replaced rather than updated or repaired. In an industrial setting, this involves using read-only file systems for controllers and workstations, ensuring that no permanent changes can be made to the software once it is deployed. If a system is suspected of being compromised or requires an update, it is simply rebuilt from a trusted, gold image. This approach eliminates configuration drift and ensures that the environment always returns to a known, secure state. See our [pragmatic blueprint for modern infrastructure](https://www.agilicus.com/a-pragmatic-blueprint-for-industrial-cyber-security/).

For more information, see [Industrial Cyber Security Best Practices](https://www.agilicus.com/white-papers/industrial-cyber-security-best-practices/).