Secure software development practices should be applied as part of the foundation of critical infrastructure systems development to ensure stability and defend against attacks, said Steve Lipner