For many decades, Industrial Control Systems (ICS) have been the operational systems relied upon to safely and reliably deliver the essentials of daily life. Sometimes referred to as a Critical Infrastructure, they are the backbone of a modern economy. With these systems generally working well, there has been little need to make major changes to them. There has been innovation and some incremental changes, but in the ICS world, it has largely been ‘business as usual.’

That’s very different than other industries and sectors, such as enterprise IT, where seismic technology shifts seem to occur about every two years. Change in industrial control environments has been handled at a more measured pace and with a lot more caution.

There are several good reasons for this. The first is that the processes these systems control are usually very large and critical to the general public and the normal functioning of society. They support the provisioning of essentials like electricity, water, oil and gas and other basics.


If these systems go down, people’s health and safety are quickly put at stake. For that reason, reliability and availability have long been the overriding priorities in the design and operation of these systems, making broad-based changes in these environments a real challenge. That’s why slow, methodical and incremental change has been the norm for so long.

Another reason why ICS and Supervisory Control and Data Acquisition (SCADA) environments have not seen a more rapid rate of change was because it was not needed. Designed for a simpler era, automation systems typically were designed as proprietary (closed) systems and were implemented in isolated settings, both physically and electronically.

For many years, these systems successfully controlled industrial processes without requiring direct connections to enterprise networks, the Internet, or too much else for that matter.