A list of references, resources, and other items of interest for Industrial Control System (ICS) cybersecurity.

General ICS Resources

• A Collection of Resources for Getting Started in ICS/SCADA Cybersecuritty – Robert M. Lee
• Understanding Industrial Control Systems Security Basics
• NIST 800-82 Guide tto Industrial Control Systems Security
• Cyber-security in Industrial Control Systems
• Purdue Enterprise Reference Architecture
• SCADAhacker

Glossary and Terms

• Industrial Control System (ICS)
• Programmable Logic Controller (PLC)
• Human Machine Interface (HMI)
• Data Historian
• Engineering Workstation
• Remote Terminal Unit (RTU)
• Supervisory Control and Data Acquisition (SCADA)
• Distributed Control System (DCS)
• Safety Instrumented System (SIS)

ICS-Related Threat Intelligence

• The Industriral Control System Cyber Kill Chain
• MITRE ICS ATT&CK
• Evolution of ICS Attacks and the Prospects for Future Disruptive Events
• Stuxnet to CRASHOVERRIDE to TRISIS: Evaluating the History and Future of Integrity-Based Attacks on Industrial Environments
• Crouching Yeti (Energetic Bear) Malware
• Energetic Bear – Crouching Yeti
• The Baffling Berserk Bear
• Exorcising the Ghost in the Machine: Debunking Myths Around Supply Chain Intrusions
• Electric Sector Events
  • Analysis of the Cyber Attack on the Ukrainian Power Grid
  • WIN32/INDUSTROYER: A New Threat for Industrial Control Systems
  • CRASHOVERRIDE: Reassessing the 2016 Ukraine Electric Power Event as a Protection-Focused Attack
  • Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors
• Oil & Gas Events
  • Attackers Deploy New ICS Attack Framework “TRITON” and Casue Operational Disruption to Critical Infrastructure
  • TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mapping
  • TRISIS Malware
• Manufacturing Events
  • W32.Stuxnet Dossier
  • To Kill a Centrifuge
  • EKANS Ransomware and ICS Operations
  • Spyware, Stealer, Locker, Wiper: LockerGoga Revisited