Enterprise Cybersecure Architectures

A well structured Enterprise Architecture is a fundamental requirement for enterprise cybersecurity.

An Enterprise Architecture must include secure interfaces between architecture levels, and particularly between IT office networks and Industrial Automation and Control networks. A common way to accomplish this, particularly in process industries, is the ISA 95 standard.

Gateways, bridges, routers, firewalls and other devices that create interfaces between architectural levels, must be minimized and continuously monitored. Failure to do so virtually guarantees vulnerability to cyberattackers and makes network troubleshooting increasingly difficult and complex.

The PERA provides rules for structuring a secure Enterprise Architecture; however the number of levels and the 4Rs (Reliability, Repairability, Response and Resolution) for each level, will depend on requirements of that industry and that enterprise. Thus is explained in more detail in the "PERA Architectures" section.

This webpage provides general principles for design of cybersecure architectures for most industries. The PERA Master Planning User Guide for that industry further develops these architecture principles for a specific industry.

• Physical Architectures (of computers, network devices, and media
• MP4 video of slides with spoken narrative (future)
• PDF slides with written narrative below each slide (9 pages)
• PPTX slides with written narrative in Notes field (9 slides)


• Logical Architectures (of application software and communication channels)
• MP4 video of slides with spoken narrative (future)
• PDF slides with written narrative below each slide (future)
• PPTX slides with written narrative in Notes field (future)

According to the amount of detail involved, these architecture diagrams may exist at more than one "resolution" (e.g., an overview diagram may be resolved into several more detailed diagrams).