Currently, the international cybersecurity environment is tense. While until recently, cyber threats were considered primarily in relation to the theft of confidential information and extortion, governments are now increasingly talking about cyber weapons and the possibility of physical damage to critical infrastructure. This can be achieved by attacking industrial control systems (ICS) that connect the world of information technology and real industrial processes. Traditionally, systems of this class were poorly protected from cyber threats, or not protected at all, which now puts entire industries at risk. This paper discusses practical issues of ICS protection and in particular, issues related to the design of secure ICS architectures.