Immutable infrastructure is a design principle where systems are replaced rather than updated or repaired. In an industrial setting, this involves using read-only file systems for controllers and workstations, ensuring that no permanent changes can be made to the software once it is deployed. If a system is suspected of being compromised or requires an update, it is simply rebuilt from a trusted, gold image. This approach eliminates configuration drift and ensures that the environment always returns to a known, secure state. See our pragmatic blueprint for modern infrastructure.

For more information, see Industrial Cyber Security Best Practices.