Giters

efrenlopezm / ics2matrix

The ICS^2 Matrix is a threat taxonomy for Programmable Logic Controllers and Industrial Control Systems

Repository from Github https://github.comefrenlopezm/ics2matrixRepository from Github https://github.comefrenlopezm/ics2matrix

ICS2 Matrix


This repository hosts the ICS2 Matrix released with the paper SoK: Security of Programmable Logic Controllers.

What is the ICS2 Matrix?

The ICS2 Matrix is a taxonomy of threats against PLCs and Industrial Control Systems (ICS). The taxonomy includes adversary tactics that describe “what” is the adversary’s goal and attack techniques which describe “how” the adversary can complete her goal. Additionally, it includes mitigations that prevent a technique from being successfully executed. The ICS2 Matrix builds upon the MITRE ATT&CK for ICS Matrix and the Hybrid ATT&CK Matrix. It also incorporates the scientific knowledge accumulated since 2007 of PLC security research by adding 6 new attack techniques and 5 new mitigation categories based on the literature reviewed in the SoK: Security of Programmable Logic Controllers paper.

How do I use the ICS2 Matrix?

📂 Matrix Excel File

The matrix is contained in the above Microsoft Excel document. This format allows for easy distrition and navigation of the multiple techniques. In order to use it you should download and open the Excel file and explore the "ICS2 Matrix" tab. This tab contains different techniques. The techniques are ordered by Tactic category. The new techniques introduced in our research are saved as multiple tabs in the Excel document and are also linked from their corresponding technique in the "ICS2 Matrix" tab.

How can I contribute to the ICS2 Matrix?

We encourage the community to provide feedback to improve the matrix. If you wish to add or modify a technique please send a Pull Request using the provided template.

Research Paper

SoK: Security of Programmable Logic Controllers

If you use our work in a scientific publication, please do cite us using this BibTex entry:

@inproceedings {lopez2024sok,
author = {Efr{\'e}n L{\'o}pez-Morales and Ulysse Planta and Carlos Rubio-Medrano and Ali Abbasi and Alvaro A. Cardenas},
title = {{SoK}: Security of Programmable Logic Controllers},
booktitle = {33rd USENIX Security Symposium (USENIX Security 24)},
year = {2024},
isbn = {978-1-939133-44-1},
address = {Philadelphia, PA},
pages = {7103--7122},
url = {https://www.usenix.org/conference/usenixsecurity24/presentation/lopez-morales},
publisher = {USENIX Association},
month = aug
}

Help

If you need help, please open a new issue.

License

This project is licensed under the MIT License - see the LICENSE.md file for details

Acknowledgments

Coming soon!

About

The ICS^2 Matrix is a threat taxonomy for Programmable Logic Controllers and Industrial Control Systems

License:MIT License