ICSCSI - Library of Resources for Industrial Control System Cyber Security

Workforce Development

Cyber Security Degrees, Jobs and Resources		html R9
National Initiative for Cybersecurity Careers and Studies (NICE)	CISA	html R9

		TOP

ICS Vulnerabilities

Year in Review ( 2017 \| 2016 \| 2015 \| 2014 \| 2013 \| 2012 \| 2011 \| 2010 )	DHS NCCIC	pdf R9
Annual Vulnerability Coordination Report (2016 \| 2015)	DHS NCCIC	pdf R9
Industrial Control Systems Assessments (2016 \| 2015 \| 2014)	DHS NCCIC	pdf R9
Incident Response Summary Report - 2009-2011	ICS-CERT	pdf
Distinguishing Internet-facing ICS Devices using PLC Programming Information	AFIT	pdf R3
2015 Cyber Security Report	Control Engr	pdf R6
Rockwell Automation MicroLogix Remote Code Execution	CyberX	pdf R9
Common Control System Vulnerabilities (2005)	DHS	pdf
Common Cybersecurity Vulnerabilities Observed in ICS (2009)	DHS	pdf
Common Cybersecurity Vulnerabilities in ICS (2011)	DHS	pdf
Risks to Critical Infrastruture that use Cloud Services	DHS OCIA	pdf R9
Common Cybersecurity Vulnerabilities Observed in Control Systems (2008)	DoE	pdf
Leveraging Ethernet Card Vulnerabilities in Field Devices	DigitalBond	pdf R1
ICCP: Threats to Data Security and Potential Solutions	EPRI	pdf R4
Hacking Embedded Devices		pdf R1
Cyber Incidents Involving Control Systems	INL	pdf R5
Safety vs Security (2006)	INL	pdf
Vulnerability Analysis of Energy Delivery Control Systems	INL	pdf R4
Project SHINE Findings Report - Oct. 2014	Infracritical	pdf R3
Commonalities in Vehicle Vulnerabilities	IOActive	pdf R9
SCADA Safety in Numbers	Positive Tech	pdf R5
Caution: Malware Ahead - An analysis of emerging risks in automotive system security	Wind River	pdf R1
Lessons Learned - Risk Posed by Firewall Firmware Vulnerabilities	NERC	pdf R9
Top 10 Vulnerabilities of Control Systems and their Mitigations (2007)	NERC	pdf
Hacking the Industrial Network	Phx Contact	pdf R9
SCADA & PLC Vulnerabilities in Correctional Facilities		pdf R1
PLC Blaster - A Worm Living Solely in the PLC	Spenneberg	pdf R9
Top 10 Most Dangerous ICS Software Weaknesses	ToolsWatch	pdf R6
Hacker Machine Interface - State of SCADA HMI Vulnerabilities	Trend Micro	pdf R9

		TOP

Standards

ISA Standards Directory		html R4
ISO Standards Directory		html R4
IEEE Standards Directory (1686-2013 \| C37.240-2014)		html R5
Cryptographic Protection of SCADA Communications - 12 Part1	AGA	pdf
API-1164 - Pipeline SCADA Security, 2nd ed	API	pdf R6
AS 7770:2018 - Rail Cyber Security	Au RISSB	pdf R9
BSI-100-1 - Information Security Management Systems	BSI	pdf R2
BSI-100-2 - IT-Grundschutz Methodology	BSI	pdf R2
BSI-100-3 - Risk Analysis Based on IT-Grundschutz	BSI	pdf R2
BSI-100-4 - Business Continuity Management	BSI	pdf R2
Mapping Between the Requirements of ISO/27001:2005 and 27001:2013	BSI	pdf R2
CNSSI-1253R2 - Security Categorization and Control Selection for National Security Systems	CNSS	pdf R6
CNSSI-1253 - Security Control Overlays for Industrial Control Systems	CNSS	pdf R6
Comparison of Oil and Gas Segment Cyber Security Standards	DHS	pdf
Chemical Facility Anti-Terrorism Standards (CFATS)		html
CFATS - Risk-based Performance Standard Guidance	DHS	pdf
Comparison of SCADA Security Standards	IEEE	pdf
A Comparison of Cross-Sector Cyber Security Standards	INL	pdf
ISA 62443 Series Overview	ISA	pdf R6
Comparing ISO/27001:2005 to ISO/27001:2013	itGovernance	pdf R2
NEI 08-09 - Cyber Security Plan for Nuclear Power Reactors (v6 \| v5)	NEI	pdf R6
NERC - Complete Set of Reliability Standards (as of 2020-06-20)	NERC	pdf R9
NERC - CIP U.S. Enforcement Dates	NERC	html R10
NERC - CIP U.S. Enforcement Status (as of 2020-06-20)	NERC	xslx R9
NERC - CIP v2	NERC	pdf
NERC - CIP v3	NERC	pdf
NERC - CIP v4	NERC	pdf
NERC - CIP v5 (consolidated - enforcement date: April 1, 2016)	NERC	pdf R6
NERC - CIP v5 Transition Guidance (Aug 2014)	NERC	pdf R6
NERC - CIP v5 Implementation Study Report - Transition Program	NERC	pdf R6
NERC - CIP v5 Transition Program - Lessons Learned	NERC	pdf R9
NERC - CIP v6 (updates only - enforcement date: July 1, 2016)	NERC	pdf R6
NERC - Glossary of Terms	NERC	pdf R2
SP800-18 - Guide for Developing Security Plans for Information Systems	NIST	pdf
SP800-30 (Rev 0) - Risk Management Guide for IT Systems	NIST	pdf
SP800-30 (Rev 1) - Risk Management Guide for IT Systems	NIST	pdf R1
SP800-37 (Rev 1) - Guide for Applying the Risk Management Framework	NIST	pdf R9
SP800-39 - Managing Information Security Risk	NIST	pdf R1
SP800-40 - Creating a Patch and Vulnerability Management Program	NIST	pdf
SP800-41 - Guidelines on Firewalls and Firewall Policies	NIST	pdf
SP800-42D - Guideline on Network Security Testing	NIST	pdf
SP800-48R1 - Guide to Securing Legacy 802.11 Wireless Networks	NIST	pdf
SP800-50 - Building an Information Technology Security Awareness and Training Program	NIST	pdf
SP800-53 (Rev 4) - Document Summary	NIST	pdf R1
SP800-53 (Rev 4) - Security and Privacy Controls for Federal Information Systems and Organizations	NIST	pdf R1
SP800-53 (Rev 4) - Security and Privacy Controls for Federal Information Systems and Organizations	NIST	docx
SP800-53 Controls Catalog	NIST	xml R2
SP800-53 - R3 to R4 Appendix Table D-2 Markup	NIST	pdf
SP800-53 - R3 to R4 Appendix F Markup	NIST	pdf
SP800-53 - R3 to R4 Appendix G Markup	NIST	pdf
SP800-53 (Rev 3) - (deprecated) Recommended Security Controls for Information Systems (incl ICS)	NIST	pdf
SP800-53A - Guide for Assessing Security Controls in Information Systems	NIST	pdf
SP800-53A (Rev 4) - Guide for Assessing Security Controls in Information Systems DRAFT	NIST	pdf R2
SP800-53B - Control Baselines for Information Systems and Organizations (2020-07)	NIST	pdf R12
SP800-53B - Control Baselines for Information Systems and Organizations (2020-10)	NIST	pdf R12
SP800-61 - Computer Security Incident Handling Guide	NIST	pdf
SP800-82 (Rev 2) - Guide to Industrial Control Systems Security	NIST	pdf R6
SP800-82 (Rev 1) - Guide to Industrial Control Systems Security	NIST	pdf
SP800-82 - (deprecated) Guide to Industrial Control Systems Security	NIST	pdf
SP800-84 - Guide to Test Training and Exercise Programs	NIST	pdf R9
SP800-94 - Guide to Intrusion Detection and Prevention Systems	NIST	pdf
SP800-97 - Establishing Wireless Robust Security Networks	NIST	pdf
SP800-115 - Technical Guide to Information Security Testing and Assessment	NIST	pdf
SP800-120 - Recommendation for EAP Methods Used in Wireless Network Access Authentication	NIST	pdf
SP800-127 - Guide to Securing WiMAX Wireless Communications	NIST	pdf
SP800-137 - Information System Continuous Monitoring	NIST	pdf R9
SP800-150 - Guide to Cyber Threat Info Sharing DRAFT	NIST	pdf R9
SP800-167 - Guide to Application Whitelisting	NIST	pdf R6
SP800-171 (Rev 1) Protecting Controlled Unclassified Information (standard \| change excerpt)	NIST	pdf R9
SP800-171 (Rev 0) Protecting Controlled Unclassified Information	NIST	pdf R9
SP800-181 - NICE Cybersecurity Workforce Framework	NIST	pdf R9
SP1800-2a DRAFT - Identity and Access Mgmt for Electric Utilities	NIST	zip R6
SP1800-5 - IT Asset Management	NIST	pdf R9
NISTR-8219 - Securing Manufacturing ICS: Behavioral Anomaly Detection	NIST	pdf R9
Framework to Reduce Cyber Risks to Critical Infrastructure v1.0	USA	pdf R1
NIST - System Protection Profile Industrial Control Systems	NIST	pdf
Regulatory Guide 5.71 - Cyber Security Programs for Nuclear Facilities	NRC	pdf R2
National (Qatar) ICS Security Standard	QCERT	pdf
Process Control Domain Security Requirements for Vendors	WIB	pdf

MAPPINGS BETWEEN STANDARDS
Mapping between CIS Controls v7.1 and NIST CSF	CIS	xlsx R9
Mapping between NIST 800-53 and ISO/IEC 27001	NIST	pdf
Mapping between DHS Catalog of Control Systems Security and Various Standards	DHS	pdf
Mapping between NISTIR-7628 (Smart Grid) and SP800-53, DHS, and NERC-CIP-2	NIST	pdf
NERC CIP v3-5 Standard Mapping to the Critical Security Controls (Draft)	SANS	pdf R6

		TOP

ACHILLES COMMUNICATIONS CERTIFICATION
Achilles Certification Level 1 Requirements - Embedded Device	Wurldtech	pdf R1
Achilles Certification Level 1 Requirements - Gateway (Network Device)	Wurldtech	pdf R1
Achilles Certification Level 1 Requirements - Host Based Device	Wurldtech	pdf R1
Achilles Certification Level 2 Requirements - Embedded Device	Wurldtech	pdf R1
Achilles Certified Products		html R8

ISA SECURITY COMPLIANCE INSTITUTE EMBEDDED DEVICE SECURITY ASSURANCE (EDSA)
ASCI Policies and Procedures	ASCI	pdf R1
EDSA Certification Scheme Description
EDSA-100 - ISASecure Certification Scheme	ASCI	pdf R1
EDSA-102 - Errata for EDSA Specifications	ASCI	pdf R1
Lab Accreditation Requirements & Tool Recognition Requirements
EDSA-200 - EDSA Chartered Laboratory Operations and Accreditation	ASCI	pdf R1
EDSA-201 - Recognition Process for CRT Tools	ASCI	pdf R1
EDSA-202 - Chartered Lab Application and Contract	ASCI	pdf R1
EDSA-204 - Use of Symbol and Certificates	ASCI	pdf R1
ASCI Chartered Test Lab 2009 Approval Process	ASCI	pdf R2
ISASecure Transition to ISO/IEC 17065	ASCI	pdf R2
Initial Certification & Maintenance of Certification Policies & Criteria
EDSA-300 - ISASecure Certification Requirements	ASCI	pdf R1
EDSA-301 - Maintenance of ISASecure Certification	ASCI	pdf R1
Certification Requirements Specifications
EDSA-310 - Common Robustness Test Specification	ASCI	pdf R1
EDSA-311 - Functional Security Assessment	ASCI	pdf R1
EDSA-312 - Common Reqts for Comm Robustness Testing of IP-based Protocol Implementations	ASCI	pdf R1
CRT Test Requirements for Protocols in EDSA Certification
EDSA-401 - Common Ethernet Protocol Robustness	ASCI	pdf R1
EDSA-402 - ARP Protocol over IPv4 Robustness	ASCI	pdf R1
EDSA-403 - IPv4 Network Protocol Robustness	ASCI	pdf R1
EDSA-404 - ICMPv4 Network Protocol Robustness	ASCI	pdf R1
EDSA-405 - UDP Transport Protocol over IPv4 or IPv6 Robustness	ASCI	pdf R1
EDSA-406 - TCP Transport Protocol over IPv4 or IPv6 Robustness	ASCI	pdf R1

ISASecure Embedded Device Security Assurance Certification - March-2010	ASCI	pdf R1
EDSA Certified Components
ISASecure Certified Components List	ICSI	html R8

ISA SECURITY COMPLIANCE INSTITUTE SYSTEM SECURITY ASSURANCE (SSA)
SSA Certification Scheme Description
SSA-100 - ISASecure Certification Scheme	ASCI	pdf R2
SDLA Certification Specification
SDLA-100 - ISASecure Certification Scheme	ASCI	pdf R2
SSA Lab Acreditation Requirements
SSA-200 - Chartered Lab Operations and Accreditation	ASCI	pdf R2
SSA-204 - Use of Symbols and Certificates	ASCI	pdf R2
ASCI Chartered Test Lab 2009 Approval Process	ASCI	pdf R2
ISASecure Transition to ISO/IEC 17065	ASCI	pdf R2
Initial Certification & Maintenance of Certification Policies & Criteria
SSA-300 - ISASecure Certification Requirements	ASCI	pdf R2
SSA-301 - Maintainence of ISASecure Certification	ASCI	pdf R2
SSA Certification Requirements
SSA-310 - Requirements for System Robustnest Testing (SRT)	ASCI	pdf R2
SSA-311 - Functional Security Assessment for Systems (FSA-S)	ASCI	pdf R2
SSA-312 - Security Development Artifacts for Systems (SDA-S)	ASCI	pdf R2
SDLA-312 - Security Development Lifecycle Assessment (SDLA)	ASCI	pdf R2
SSA-420 - Vulnerability Identification Test (VIT) Policy Specification	ASCI	pdf R2
SSA Certified Systems
ISASecure Certified Systems List	ISCI	html R9

ISA SECURITY COMPLIANCE INSTITUTE SECURITY DEVELOPMENT LIFECYCLE ASSURANCE (SDLA)
SDLA Certification Specification
SLDA-100 - ISASecure Certification Scheme	ASCI	pdf R2
Accreditation Documents
SDLA-200 - Chartered Lab Operations and Accreditation	ASCI	pdf R2
SDLA-204 - Use of Symbols and Certificates	ASCI	pdf R2
Technical Specifications
SDLA-300 - ISASecure Certification Requriements	ASCI	pdf R2
SDLA-312 - Security Development Lifecycle Assessment	ASCI	pdf R2
SDLC Certified Development Organizations
ISASecure SDLA Certified Supplier Development Organizations	ISCI	pdf R9

		TOP

Best Practices

40 Essential Measures for a Healthy Network	ANSSI	pdf R4
Cybersecurity for ICS - Classification Method and Key Measures	ANSSI	pdf R4
Cybersecurity for ICS - Detailed Measures	ANSSI	pdf R4
Cybersecurity Considerations for Public Transit	APTA	pdf R9
Enterprise Cybersecurity Involving Board and Executive Suite	APTA	pdf R9
Enterprise Cybersecurity Training and Awareness	APTA	pdf R9
Securing Control & Comm Systems in Transit Environments - Part 1 - Elements, Organization and Risk Assessment/Management	APTA	pdf R9
Securing Control & Comm Systems in Rail Transit Environments - Part 2 - Defining Security Zone Architecdture and Protecting Critical Zones	APTA	pdf R9
Securing Control & Comm Systems in Rail Transit Environments - Part 3a - Attack Modeling Security Analysis White Paper	APTA	pdf R9
Securing Control & Comm Systems in Rail Transit Environments - Part 3b - Protecting the Operationally Critical Security Zone	APTA	pdf R9
Securing Control & Comm Systems in Transit Bus and Infrastructure	APTA	pdf R9
Application Whitelisting Explained	Au DSD	pdf R6
Assessing Security Vulnerabilities and Patches	Au DSD	pdf R6
Email Filtering and Mitigating Circumention Techniques	Au DSD	pdf R6
Restricting Adminstrative Privileges Explained	Au DSD	pdf R6
Australian Government Information Security Manual ( pdf \| docx)	Au ASD	R9
Strategies to Mitigate Cyber Security Incidents 2017 (Summary \| Details)	Au ASD	pdf R9
Strategies to Mitigate Targeted Cyber Intrusions (2014 \| 2012)	Au DSD	pdf R6
Strategies to Mitigate Targeted Cyber Intrusions - Mandatory Requirements (2013)	Au DSD	pdf R6
Strategies to Mitigate Targeted Cyber Intrusions - Mitigation Details (2014)	Au DSD	pdf R6
Top 4 Strategies to Mitigate Targeted Cyber Intrusions to ICT Systems (2012)	Au DSD	pdf R1
Top 4 Strategies to Mitigate Cyber Intrusions to Linux Systems ( 2016 \| 2013)	Au ACSC	pdf R9
Top 35 Strategies to Mitigate Targeted Cyber Intrusions (2012)	Au DSD	pdf R1
Malicious Email Mitigation Strategie (2016)	Au ASD	pdf R9
Cybersecurity Risk and Responsibility in the Water Sector	AWWA	pdf R9
Process Control System Security Guidance for the Water Sector	AWWA	pdf R9
Guidelines on Cyber Security Onboard Ships	BIMCO	pdf R9
Cybersecurity Reference Model	CIDX	pdf R1
Guidance for Addressing Cybersecurity in the Chemical Sector	CIDX	pdf R1
Configuring and Managing Remote Access for Industrial Control Systems	CPNI	pdf R2
Good Practice Guide - Process Control and SCADA Security	CPNI	pdf R2
Good Practice Guide - Implement Secure Architecture	CPNI	pdf R2
Good Practice Guide - Establish Response Capabilities	CPNI	pdf R2
Good Practice Guide - Improve Awareness and Skills	CPNI	pdf R2
Good Practice Guide - Engage Projects	CPNI	pdf R2
Good Practice Guide - Establish Ongoing Governance	CPNI	pdf R2
Good Practice Guide - Security for ICS Framework Overview	CPNI	pdf R9
Threat Intelligence - Collecting, Analysing, Evaluating	CPNI	pdf R6
Configuring and Managing Remote Access for Industrial Control Systems	CPNI	pdf R2
7 Steps to Effectively Defend Industrial Control Systems	DHS	pdf R6
Improved Robustness of Time and Frequency Sources in Fixed Locations	DHS	pdf R4
Catalog of Control Systems Security	DHS	pdf
Cyber Security Framework and Technical Metrics	DHS	pdf
Cyber Security Procurement Language for ICS	DHS	pdf
Cyber Security Procurement Language for Energy Delivery Systems	DHS	pdf R4
Defense in Depth Strategies	DHS	pdf
Recommended Practice for Patch Management	DHS	pdf
Remote Access for ICS	DHS	pdf
Securing SCADA and Industrial Control Systems	DHS	pdf
A Guide to Critical Infrastructure Security and Resilience	DHS	pdf R9
Defense in Depth Strategies for Industrial Control Systems	DHS	pdf R9
Guidelines for Application Whitelisting in Industrial Control Systems	DHS	pdf R9
Recommended Practice - Updating Antivirus in Industrial Control Systems	DHS	pdf R9
WMI for Detection and Response	DHS	pdf R9
Pipeline Security Guidelines	DHS TSA	pdf R9
Steps to Improve Cyber Security of SCADA Networks	DoE	pdf
Certification of Cyber Security Skills of ICS/SCADA Professionals	ENISA	pdf R4
Cyber Security and Resilience of Intelligent Public Transport	ENISA	pdf R9
Good Practice Guide for CERTs in the Area of Industrial Control Systems	ENISA	pdf R1
Good Practices for an EU ICS Testing Coordination Capability	ENISA	pdf R1
Methodologies for Identification of Critical Information Infrastructure Assets Services	ENISA	pdf R5
Methodology for the Identification of Critical Communication Networks Links and Components ( Report \| Annexes )	ENISA	pdf R9
Protecting Industrial Control Systems - Annex I - Desktop Research Results	ENISA	pdf R5
Protecting Industrial Control Systems - Annex II - Survey and Interview Analysis	ENISA	pdf R5
Protecting Industrial Control Systems - Annex III - ICS Security Related Standards, Guidelines and Policy Documents	ENISA	pdf R5
Protecting Industrial Control Systems - Annex IV - ICS Security Related Initiatives	ENISA	pdf R5
Protecting Industrial Control Systems - Annex V - Key Findings	ENISA	pdf R5
Protecting Industrial Control Systems - Annex VI - Minutes of the Workshop	ENISA	pdf R5
Smart Grid Security - ENISA Recommendations	ENISA	pdf R5
Smart Gride Security Certification in Europe	ENISA	pdf R5
Window of Exposure - A Real Program for SCADA - Recommendations for Europe on SCADA Patching	ENISA	pdf R5
Guidelines for Minimum Cybersecurity Requirements for Drilling Assets	IADC	pdf R9
Using Operational Security to Support Cyber Security Culture	INL	pdf
Design and Operational Guide to Protect against "Advanced Persistent Threats"	IPA-JP	pdf R5
Facility Security Plan Guide	ISC	pdf R9
Resilience for Grid Security Emergencies	JHU-APL	pdf R9
Securing WLANs using 802.11i	LLNL	pdf
Implementing the Top 4 Mitigation Strategies - A Guide for Project Managers	Microsoft	pdf R6
Implementing the Top 35 Mitigation Strategies on Windows Platform	Microsoft	pdf R1
Documents/Best_Practices/Microsoft - Password Guidance.pdf	Microsoft	pdf R9
Cyber Resiliency Engineering Framework	MITRE	pdf R9
Cyber Resilience Metrics - Key Observations	MITRE	pdf R9
Guide to Increased Security in Industrial Information and Control Systems	MSB	pdf R5
Good Practice Guide on Firewall Deployment for Control Systems	NISCC	pdf
Secure Remote Access Reference	NIST	pdf
NISTIR-7628 - Guidelines for Smart Grid Cyber Security (consolidated) Rev. 1	NIST	pdf R3
Cisco Security Switch Configuration Guide	NSA	pdf
Top 10 Information Assurance Mitigation Strategies	NSA-IAD	pdf R4
Anti-Exploitation	NSA-IAD	pdf R4
Antivirus File Reputation Services	NSA-IAD	pdf R4
Application Whitelisting	NSA-IAD	pdf R4
Control Administrative Privileges	NSA-IAD	pdf R4
Defending Against Destructive Malware	NSA-IAD	pdf R4
Host Intrusion Preventation Systems	NSA-IAD	pdf R4
Limited Workstation-to-Workstation Communications	NSA-IAD	pdf R4
Secure Baseline Configuration	NSA-IAD	pdf R4
Segregate Networks and Functions	NSA-IAD	pdf R4
Software Improvements	NSA-IAD	pdf R4
Web DNS Reputation	NSA-IAD	pdf R4
Mapping of NERC-CIP Ver 3-5 to 20 Critical Security Controls	CoCS	pdf R2
Mapping of NERC-CIP Ver 3-5 to 20 Critical Security Controls	CoCS	xls R2
Top 20 Critical Security Controls - Ver 5.1	CoCS	pdf R6
Top 20 Critical Security Controls - Ver 5.0	CoCS	pdf R2
Top 20 Critical Security Controls - Ver 4.0 poster	CoCS	pdf R2
Top 20 Critical Security Controls - Ver 4.0 - 11-2012	SANS	pdf R1
Top 20 Critical Security Controls - Ver 3.1 - 11-2011	SANS	pdf
Top 20 Critical Security Controls - Ver 3.1 poster	SANS	pdf
Top 20 Critical Security Controls - Ver 3.1 - 08-2011	SANS	pdf R1
Top 20 Critical Security Controls - Ver 2.3 - 11-2009	SANS	pdf R1
A Brief History of the 20 Critical Security Controls	SANS	html R1
Designing a DMZ	SANS	pdf
Industrial Control System Security Resources - poster	SANS	pdf R2
Code of Practice - Cyber Security for Ships	UK DfT	pdf R9
Rail Cyber Security - Guidance to Industry	UK DfT	pdf R9
10 Steps To Cyber Security	UK NCSC	pdf R9
10 Basic Cybersecurity Measures - Best Practices to Reduce Exploitable Weaknesses and Attacks	Water-ISAC	pdf R6

		TOP

Frameworks

8510.01 - Risk Management Framework for DoD IT Systems	DoD	pdf R9
503 - IC IT Systems Security Risk Mgmt Certification and Accreditation	DoD	pdf R9
Framework for Vulnerability Disclosure Program for Online Systems	DoJ	pdf R9
Industrial Internet Security Framework (Technical Report)	IIC	html R9
NICE Cybersecurity Workforce Framework	NIST	pdf R9
SP800-37 (Rev 1) - Guide to Applying the Risk Management Framework	NIST	pdf R9
CSF v1.0 to SP800-171r1 Mapping	NIST	xlsx R9
Cybersecurity Framework v1.1	NIST	pdf R10
Cybersecurity Framework v1.1 (with markup)	NIST	pdf R10
Cybersecurity Framework v1.1 Core	NIST	xlsx R10
Cybersecurity Framework v1.1 10-2019	NIST	pptx R10
Manufacturing Profile - Cybersecurity Framework - DRAFT	NIST	pdf R9
NISTIR-8183A-1 - CSF Manufacturing Profile - Low Security Level - Example Implementation Guide - Vol 1 (DRAFT)	NIST	pdf R9
NISTIR-8183A-1 - CSF Manufacturing Profile - Low Security Level - Example Implementation Guide - Vol 2 (DRAFT)	NIST	pdf R9
NISTIR-8183A-1 - CSF Manufacturing Profile - Low Security Level - Example Implementation Guide - Vol 3 (DRAFT)	NIST	pdf R9
Insider Threat Program - Maturity Framework	NITTF	pdf R9
OT Cybersecurity Maturity - 5-step Guide to Using the NIST CSF	Verve	pdf R9

		TOP

Maturity Models

Cybersecurity Maturity Model Certification (CMMC) v0.7	DoD	pdf R9
Cybersecurity Capability Maturity Model (C2M2) v1.1	DoE	pdf R9
Electricity Subsector C2M2 v1.1	DoE	pdf R9
Oil and Natural Gas Subsector C2M2 v1.1	DoE	pdf R9
The Community Cyber Security Maturity Model	White	pdf R9

		TOP

Table-Top and Live-Fire Exercises

CRR Method Description and Self Assessment User Guide	DHS	pdf R9
CRR NIST Framework Crosswalk	DHS	pdf R9
CRR Self Assessment Package	DHS	pdf R9
Homeland Security Exercise and Evaluation Program	DHS	pdf R9
Homeland Security Exercise and Evaluation Program	DHS	pdf R9
GridEx I (2011) After Action Report	NERC	pdf R9
GridEx II (2013) After Action Report	NERC	pdf R9
GridEx III (2015) After Action Report	NERC	pdf R9
SP800-84 - Guide to Test Training and Exercise Programs	NIST	pdf R9

		TOP

White Papers & Articles

Securing Your Control System	ABB - ISA	pdf R6
The Rocky Relationship between Safety and Security	ABB	pdf R6
Distinguishing Internet-facing ICS Devices using PLC Programming Information	AFIT	pdf R4
Creating Secure Systems through Attack Tree Modeling	Amenaza	pdf R6
Network Security Benchmarking Study	ARC	pdf R9
State of Physical Access Control	ASIS	pdf R9
House of ICS Security	Belden	pdf R9
Understanding Deep Packet Inspection for SCADA Security	Belden	pdf R9
Windows XP End of Service: Practical Options for Industrial Applications	Belden	pdf R4
Windows XP End-of-Life Handbook for Upgrade Latecomers	Bit9	pdf R2
Changing the CFO Mindset on Cybersecurity	CFO Mag	pdf R6
Cyber Security at Civil Nuclear Facilities	Chatham	pdf R6
Why Integrate Physical and Logical Security	Cisco	pdf R9
Security and Prosperity in the Information Age ( Vol 1 \| Vol 2)	CNAS	pdf R1
Best Practices for Protecting Your Personal Information from Hackers	Cognitio	pdf R9
Turbocharged DCSs Drive Users to New Production Heights	Control	pdf R9
Six Questions CEOs Should IT Teams about Cybersecurity	Crowe	pdf R6
Changing Face of Cybersecurity	Crowe	pdf R6
Next Generation Jump Servers for ICS	CyberArk	pdf R9
Priviledged Identity and Session Management for Protecting CI	CyberArk	pdf R9
Addressing the MITRE ATT&CK for ICS Matrix	CyberX	pdf R9
Understanding Distributed-Denial-of-Service (DDoS) Attacks	DHS	pdf R1
IT Management Challenges Continue in TSA's Security Technology Integrated Program	DHS	pdf R9
Review of Cyber Security Risk Assessment Methods for SCADA	Elsevier	pdf R9
A New Responsibility for Utility Boards of Directors: Cybersecurity	Energy Coll	pdf R6
Energy Company Cybersecurity References	Energy Coll	pdf R6
Can We Learn from SCADA Security Incidents	ENISA	pdf R5
Case Studies for the Cybersecurity of IACS	ERNCIP	pdf R6
R&D and Standardization Road Map	ESCoRTS	pdf R6
Cybersecurity Lifecycle Poster - Ver 1.19 - 01-2013	Exida	pdf R1
Securing SCADA Infrastructure	Fortinet	pdf R5
Security Best Practices and Risk Assessment of SCADA and ICS	Francia	pdf R9
Cyber Security eGuide r1	GarrettCom	pdf
Critical Capabilities for Security Information and Event Management (SIEM)	Gartner	pdf R6
Magic Quadrant for Security Information and Event Management (2015 \| 2014)	Gartner	pdf R6
Securing Operations Technology	Ginter	pdf R9
SCADA Security: What's broken and how to fix it	Ginter	pdf R9
Setting up pfSense as Stateful Bridging Firewall	Gray	pdf R9
Challenges of Multivendor Systems in Implementation of IIot-ready PLCs	Honeywell	pdf R9
Cyber Security Posters	Honeywell	pdf R1
PLCs and Cybersecurity	Honeywell	pdf R9
Secure Remote Access to Process Control Systems	Honeywell	pdf R1
Cyber Wars by Byres Staggs	Hydrocarbon Engineering	pdf R1
Know Your Enemies - A Primer on Advanced Persistent Threat Groups	ICIT	pdf R6
Implementing Deep Packet Inspection for EtherNet/IP	IEB	pdf R4
SCADA Challenges for Forensic Investigators	IEEE	pdf R6
7 Best Practices for Automation System Cyber Security & Compliance	Ind Def	pdf R1
SANS 20 and ICS Considerations	Ind Def	pdf R1
Six Steps to Control System Cybersecurity	InTech	pdf R6
Evaluating Cyber Attacks in Rail Transit	Jha	pdf R9
Architecture for Secure SCADA and Distributed Control System Networks	Juniper	pdf R5
Debunking the Top 5 Security Implementation Myths	Kaspersky	pdf R6
Effect of NERC CIP Standards on Bulk Electric System Reliability	Ladendorff	pdf R9
Tracking and Tracing Cyber Attacks	Lipson	pdf R9
ICS Virtualization Project - Final Report	LOGIIC	pdf R5
Real-Time Data Transfer Project - Final Public Report	LOGIIC	pdf R9
Advanced Targeted Attacks: It Takes a System	McAfee	pdf R6
Disrupt Targeted Attacks	McAfee	pdf R6
Monitor Continuously. Respond Swiftly.	McAfee	pdf R6
Mitigating Pass-the-Hash and other Credential Theft Attacks	Microsoft	pdf R1
Importance of Cybersecurity Monitoring for Utilities	n-Dimension	pdf R6
Centralized OT Security Management for Your Entire SCADA/ICS Environment	NextNine	pdf R6
Identifying SCADA Systems on Networks via Remote Reconnaissance	NPS	pdf R9
Exploit Evasion Defenses Analysis	NSS Labs	pdf R1
Exploit Protection Analysis	NSS Labs	pdf R1
Convergence in Automation System Protection (Executive Summary)	Pikes Res	pdf R1
All Data Diodes Are Not Equal	Owl	pdf R6
Defining the 21st Century Cybersecurity Protection Platform for ICS	Palo Alto	pdf R6
Convergency in Automation Systems Protection	Pikes	pdf R8
Defending Yesterday (all sectors)	PWC	pdf R8
Securing America's Passenger Rail Systems	RAND	pdf R9
Categorizing Threats - Building and Using a Threat Matrix	SNL	pdf R1
Industrial Control System Cyber Kill Chain	SANS	pdf R9
Pass-the-Hash Attacks: Tools and Mitigation	SANS	pdf R4
State of Application Security (2015)	SANS	pdf R9
Five Best Practices to Improve Building Management Systems Cyber Security	Schneider	pdf R9
Framework for Developing and Evaluating Utility Substation Cyber Security	Schneider	pdf R9
Cyber Threats in Physical Security - Understand and Mitigating the Risk	Senstar	pdf R9
Protecting Rail and Metro from Cyber Security Threats	SmartRail	pdf R9
Protecting Control Networks	Sourcefire	pdf R1
Building a Security Operations Center with Splunk	Splunk	pdf R9
Eliminating Cybersecurity Blind Spots - Challenges for Business	Tenable	pdf R6
SCADA and CIP Security in a Post Stuxnet World	Tofino	pdf R1
7 Steps to ICS and SCADA Security	Tofino	pdf
Solving the ICS Security Patch Problem	Tofino	pdf R9
Understanding Deep Packet Inspection for SCADA Security	Tofino	pdf R1
Communicating Cybersecurity to Boards and Executives	Tripwire	pdf R6
The Cybersecurity Literacy Confidence Gap	Tripwire	pdf R6
Executive Guide to the Top 20 Critical Security Controls	Tripwire	pdf R6
Security Reference Architecture - A Practical Guide to Foundation Ctrls	Tripwire	pdf R9
Top 5 CIP Audit Fails from 2013	Tripwire	pdf R9
When Cyber Attacks Get Physical	Tripwire	pdf R9
Stepping Up the Battle Against Advanced Threats	Trusteer	pdf R5
Common Cyber Attacks - Recuing the Impact	UK NCSC	pdf R9
What You Can Do to Combat Cyber Attacks	UK NCSC	pdf R9
Quantitatively Assessing and Visualising Industrial System Attack Surfaces	Univ of Cam	pdf R4
6 Emerging Rail Cybersecurity Standards	Waterfall	pdf R9
Black Box Flight Recorder for ICS Forensics	Waterfall	pdf R9
Cybersecurity for Rail Signaling Systems and Rolling Stock	Waterfall	pdf R9
Top 20 Cyber Attacks on ICS	Waterfall	pdf R9
An Executive Guide to Cyber Security for Operational Technology	Wurldtech	pdf R9
Cybersecurity in Operational Technology	Wurldtech	pdf R9
Network Segmentation for Industrial Control Systems	Wurldtech	pdf R9

		TOP

Assessment Guidance

Security Vulnerability Assessments	API	pdf
Cyber Security Assessments of Industrial Control Systems (Good Practice Guide)	CPNI	pdf R2
Cyber Security Assessments of Industrial Control Systems (Viewpoint)	CPNI	pdf R2
Cyber Security Assessments of Industrial Control Systems	DHS	pdf
Cyber Assessments Methods for SCADA	ISA	pdf
Guideline on Network Security Testing	NIST	pdf
Framework for Assessing and Improving Security Posture of ICS	NSA	pdf
Blending Security Checks	Tenable	pdf R6
Open Source Security Testing Methodology Manual v3.0		pdf

		TOP

Assessment Tools

Cyber Security Evaluation Tool (CSET)	html R7
DHS CISA GitHub Project - Cyber Security Evaluation Tool	html R9
Cyber Security Evaluation Tool (CSET) - Version 10.0.1	exe R9
Cyber Security Evaluation Tool (CSET) - Version 10.0.0	exe R9
Cyber Security Evaluation Tool (CSET) - Version 9.2.3	exe R9
Cyber Security Evaluation Tool (CSET) - Version 9.2.2	exe R9
Cyber Security Evaluation Tool (CSET) - Version 9.2.1	exe R9
Cyber Security Evaluation Tool (CSET) - Version 9.2.0	exe R9
Cyber Security Evaluation Tool (CSET) - Version 9.0.1	exe R9
Cyber Security Evaluation Tool (CSET) - Version 8.1	iso R7
Cyber Security Evaluation Tool (CSET) - Version 8.0	iso R7
Cyber Security Evaluation Tool (CSET) - Version 7.1	iso R9
Cyber Security Evaluation Tool (CSET) - Version 7.0	iso R6
Cyber Security Evaluation Tool (CSET) - Version 6.2	iso R4
Cyber Security Evaluation Tool (CSET) - Version 6.1	iso R4
Cyber Security Evaluation Tool (CSET) - Fact Sheet	pdf
CSET Sample Project (CSET v4)	orxml
CSET Sample Project (CSET v6)	cset R1
CSET Sample Output - Detailed Report	pdf
CSET Sample Output - Executive Summary	pdf
CSET Sample Output - Security Plan Report	pdf
CSET Sample Output - Site Summary Report	pdf
Nessus SCADA Plugins	html
Nessus and NERC CIP Compliance	html R1
Digital Bond Research on GitHub (deprecated)	html R8
Tenable - Control System Security - Project Bandolier (deprecated)	html R8
Auditing SCADA and Control System Networks (Tenable)	html
Compliance Auditing with Microsoft PowerShell (Tenable)	html R8
Tenable (Nessus) Blog - SCADA Posts	html R8
Offensive Security - Penetration Test Report - Sample 1	docx R9
Offensive Security - Penetration Test Report - Sample 2	pdf R9

	TOP

ICS Cyber Event Reference

STUXNET
Stuxnet Under the Microscope v1.31 \| v1.1	ESET	pdf
Stuxnet Worm and Options for Remediation	Ind Def	pdf
To Kill a Centriduge - Technical Analysis of What Stuxnet’s Creators Tried to Achieve	Langner	pdf R4
Stuxnet 0.5 - The Missing Link v1.0	Symantec	pdf R1
Stuxnet Dossier v1.4 \| v1.3	Symantec	pdf
Analysis of Siemens Stuxnet Malware Attacks	Tofino	pdf
How Stuxnet Spreads v1.0	Byres Ginter Langill	pdf

DUQU
Duqu 2 - Technical Details v2.1	Kaspersky	pdf R6
Duqu 2 - Frequently Asked Questions	Kaspersky	pdf R6
Duqu 2 - Indicators of Compromise (IoC)	Kaspersky	pdf R6
Duqu 2 - Yara Rules	Kaspersky	pdf R6
W32.Duqu Threat Analysis	McAfee	pdf
W32.Duqu v1.3 \| v1.2 \| v1.0	Symantec	pdf

DRAGONFLY / HAVEX
Defending Against the Dragonfly Cyber Security Attacks	Belden Langill	pdf R5
Havex Hunts for ICS/SCADA Systems	F-Secure	pdf R2
Energetic Bear - Crouching Yeti (Report \| Appendices)	Kaspersky	pdf R2
Full Disclosure of Havex Trojans	NETRESEC	pdf R4
Observing the Havex RAT	NETRESEC	pdf R4
SCADA Network Forensics - Analyzing Havex	NETRESEC	pdf R4
Cyberespionage Campaign Hits Energy Companies	Sec Matters Langill	pdf R9
Dragonfly: Cyberespionage Attacks Against Energy Suppliers v1.2 \| v1.0	Symantec	pdf R2
Targeted Attacks Against the Energy Sector	Symantec	pdf R2

Miscellaneous
sKyWIper (Flame/Flamer) - A Complex Malware for Targeted Attacks	CrySys	pdf R1
Operation Cleaver Report	Cylance	pdf R9
ICS-CERT Incident Response Summary (2009-2011)	DHS	pdf
Targeted Cyber Intrusion Detection and Mitigation Strategies (ICS-TIP-12-146-01A)	DHS	pdf R1
HatMan - Safety System Targeted Malware	DHS	pdf R9
Analysis of the Cyber Attack on the Ukrainian Power Grid	E-ISAC	pdf R9
GreyEnergy - A Sucessor to Black Energy	ESET	pdf R9
Fireeye APT30 Report - Mechanics of a Long-Running Cyber Espionage Operation	Fireeye	pdf R5
Hacking the Street? FIN4 Likely Playing the Market	Fireeye	pdf R4
Irongate ICS Malware	Fireeye	pdf R9
Mandiant APT28 Report - A Window into Russias Cyber Espionage Ops	Mandiant	pdf R4
Mandiant APT1 Report - Exposing One of China's Cyber Espionage Units	Mandiant	pdf R1
Mandiant APT1 Report Appendices	Mandiant	zip R1
Night Dragon - Global Energy Cyberattacks	McAfee	pdf
Operation Shady RAT	McAfee	pdf R9
TRITON - The First SIS Cyberattack	Nozomi	pdf R9
Global Bank Network Breach	NYT	pdf R9
Exploitation on SAP Business Apps - Threat Report	Onapsis	pdf R9
Operation "Oil Tanker" - The Phantom Menace	Panda	pdf R6
The Black Vine Cyberespionage Group	Symantec	pdf R6
Regin: Top-tier Espionage Tool Enables Stealthy Surveillance	Symantec	pdf R4
The Downadup Codex v2.0	Symantec	pdf R1
The Elderwood Project	Symantec	pdf R1
The Nitro Attacks	Symantec	pdf R9
OpenSSL - How Does It Affect You	Tenable	pdf R2
Cyberattack Impacts MTSA Facility Operations	USCG	pdf R9

		TOP

Vulnerability Disclosure

Framework for Vulnerability Disclosure Program for Online Systems	DoJ	pdf R9
Governments Role in Vulnerability Disclosure	Harvard	pdf R9

		TOP

Threat Intelligence

Cyber Threat Report 2015	ACSC	pdf R6
Definitive Guide to Sharing Threat Intelligence	Anomali	pdf R9
Iran Country Profile Relating to Security	Anomali	pdf R9
Cyber Threat Predictions (2018)	BAE	pdf R9
IT Security Situation in Germany (2014 (DE) \| 2011 \| 2009)	BSI	pdf R6
Threat Catalogue for Elementary Threats	BSI	pdf R2
Cyber Crime and Security Report 2013 (pdf \| doc)	CERTAu	R2
Cyber Crime and Security Report 2012 (pdf \| doc)	CERTAu	R2
Year in Review (2018 \| 2017)	CIS	pdf R9
Cisco Annual Cybersecurity Report ( 2018 \| 2017 \| 2016 \| 2016 \| 2015 \| 2014 \| 2013 \| 2011 \| 2010)	Cisco	pdf R9
Cisco Threats of the Year (2019)	Cisco	pdf R9
Global Threat Report	CrowdStrike	pdf R2
Computer Crime and Security Survey (2010 \| 2009)	CSI	pdf R2
Cyberthreat Defense Report (2020 \| 2019 \| 2018 \| 2017 \| 2016 \| 2015 \| 2014)	CyberEdge	pdf R9
Global IoT-ICS Risk Report (2020)	CyberX	pdf R9
Annual Threat Report (2017)	Cypher	pdf R9
Sector Resilience Report: Electric Power Delivery - June 2014	DHS	pdf R2
Malware Trends 2016	DHS	pdf R9
Freight Rail Threat Assessment	DHS	pdf R9
Threat Landscape 2015	ENISA	pdf R6
Advanced Threat Report - 2012 (1H \| 2H)	FireEye	pdf R1
Definitive Guide to Next-Generation Threat Protection	FireEye	pdf R1
ICS Vulnerability Trend Report (2016)	FireEye	pdf R9
Industrial Control System Vulnerability Trend Report (2016)	FireEye	pdf R9
The Evolving Threat Landscape in 2016	Fortinet	pdf R6
ICS2 Global Information Security Workforce Study (2013)	Frost-Sullivan	pdf R1
Attack Landscape (2019-1H)	F-Secure	pdf R9
Cyber Risk Report (2016)	HPE	pdf R9
Threat Intelligence Index (2017)	IBM	pdf R9
Internet Crime Report (2015 \| 2014 \| 2013 \| 2012 \| 2011 \| 2010)	IC3	pdf R9
BYOD and Mobile Security 2014	InfoSec	pdf R2
Executive Perspectives on Cyber Threat Intelligence	iSight	pdf R6
State of Industrial Cybersecurity (2018)	Kaspersky	pdf R9
Threat Intelligence Report for the Telecommunications Industry (2016)	Kaspersky	pdf R9
Threat Predictions (2018)	Kaspersky	pdf R9
Cybersecurity in the Oil and Gas Industry	LMCO	pdf R4
Cybercrime Exposed: Cybercrime as a Service	McAfee	pdf R1
McAfee Global Threat Intelligence	McAfee	pdf R1
Hacking the Human OS	McAfee	pdf R5
Reputation - The Foundation of Effective Threat Protection	McAfee	pdf R1
State of Security (March 2012)	McAfee	pdf R1
Threat Predictions (2019 \| 2018 \| 2017 \| 2016 \| 2015 \| 2014 \| 2013 \| 2012)	McAfee	pdf R6
Threat Report 2018 (Q1 \| Q2)	McAfee	pdf R9
Threat Report 2017 (Q1 \| Q2 \| Q3 \| Q4)	McAfee	pdf R9
Threat Report 2016 (Q1 \| Q2 \| Q3 \| Q4)	McAfee	pdf R9
Threat Report 2015 (Q1 \| Q2 \| Q3)	McAfee	pdf R6
Threat Report 2014 (Q1 \| Q2 \| Q3 \| Q4)	McAfee	pdf R5
Threat Report 2013 (Q1 \| Q2 \| Q3 \| Q4)	McAfee	pdf R1
Threat Report 2012 (Q1 \| Q2 \| Q3 \| Q4)	McAfee	pdf R1
Security Intelligence Report (2018 \| 2017 2Q 1Q \| 2016 1H \| 2015 2H 1H \| 2014 2H 1H \| 2013 2H 1H \| 2012 2H 1H \| 2011 2H 1H \| 2010 2H 1H \| 2009 2H 1H \| 2008 2H)	Microsoft	pdf R9
Security Intelligence Report 2015 (Key Findings 1H) \| WW Threat Assess)	Microsoft	pdf R6
Security Intelligence Report 2014 (1H \| 2H)	Microsoft	pdf R6
Security Intelligence Report 2013 (1H \| 2H)	Microsoft	pdf R1
Security Intelligence Report 2012 (1H \| 2H)	Microsoft	pdf R1
Security Intelligence Report 2011 (2H)	Microsoft	pdf R6
Nationwide Cyber Security Review (2018 \| 2017 \| 2016)	MS-ISAC	pdf R9
Global Threat Intelligence Report (2016 \| 2014)	NTT	pdf R9
Application Usage and Threat Report 2015 - Unit 42	Palo Alto	pdf R6
Value of Threat Intelligence (2017)	Ponemon	pdf R9
ICS Security in Review (2017)	Positive Tech	pdf R9
Vulnerability Review 2015	Secunia	pdf R5
State of Security in Control Systems Today (Survey Results) - 2015	SANS	pdf R6
Intelligence Report (Feb. 2013)	Symantec	pdf R1
Internet Security Threat Report (2016 \| 2015 App \| 2014 App \| 2013 App \| 2012 Trends App \| 2011 2010)	Symantec	pdf R9
Report on Cybersecurity and Critical Infrastructure in the Americas	Trend Micro	pdf R5
Spear-Phishing - Email: Most Favored APT Attack Bait (2012)	Trend Micro	pdf R1
Cybersecurity Trend Report (2016)	UBM	pdf R9
Attacker Behavior Report (2018)	Vectra	pdf R9
Hidden Threat of Cyberattachs in the Energy and Utilities Industry (2018)	Vectra	pdf R9
Data Breach Investigations Report (2020 \| 2019 \| 2018 \| 2017 \| 2016 \| 2015 \| 2014 \| 2013 \| 2012)	Verizon	pdf R9
Data Breach Digest (2016)	Verion	pdf R9

		TOP

Open-Source Intelligence

Bugtraq (seclists.org)	html R1
Exploit-DB	html R1
National Vulnerability Database (NIST)	html R1
Rapid 7 (Metasploit) Vulnerabilities & Exploit Modules	html R1
Security Focus (by Symantec)	html R1
Tenable Nessus Plugins	html R11
CVE Details	html R11

	TOP

ICS Vendor Security Reference

Industrial Information System Security	ABB	pdf R3
Integrated Safety - How a simplier system can increase effectiveness	ABB	pdf R9
Is your current safety system compliant to today's safety standard	ABB	pdf R9
Securing Your Control System	ABB	pdf R9
Intrinsic Cyber Security Fundamentals	Bedrock	pdf R9
Cyber Secure Industrial Automation - Secure Control & Communication	Bedrock	pdf R9
A Guide to Securing Your Process	Emerson	pdf R6
Best Practices for DeltaV Cyber Security	Emerson	pdf R9
DeltaV Controller Firewall - Product Data Sheet	Emerson	pdf R9
DeltaV Smart Firewall - Product Data Sheet	Emerson	pdf R9
DeltaV Smart Switches - Product Data Sheet	Emerson	pdf R9
DeltaV System Cyber Security (2013)	Emerson	pdf R9
Essentials of Cyber Security	Honeywell	pdf R6
Integrating Control and Safety with Secure System Segregation	Honeywell	pdf R6
Securing Industrial Control Systems: A Guide for Properly Securing ICS Operating in a Microsoft Windows Environment	Wonderware (Schneider)	pdf R1
Achieving Secure, Remote Access to Plant-Floor Applications and Data	Rockwell Cisco	pdf R1
Control System Security Updates	Rockwell	pdf R1
Securing Manufacturing Computing and Controller Assets	Rockwell Cisco	pdf R1
Security Concept for PCS7 and WinCC	Siemens	pdf R1
NERC CIP Security Solution Suite	Tripwire	pdf R4
Wibu Systems - Software Integrity Protection	Wibu	pdf R6

SUPPLIER SECURITY WEBSITES / PORTALS / CERTS
Cyber Security Alerts and Notifications	ABB	html R1
Cyber Security Updates	Honeywell	html R9
Security Advisory Index (login required)	Rockwell	html R1
Cybersecurity Support Portal	Schneider	html R1
ProductCERT Security Advisories	Siemens	html R1

		TOP

Insider Threats

Common Sense Guide to Prevention and Detection of Insider Threats	CERT	pdf R1
Insider Threat Control - Using a SIEM signature to detect potential precursors to IT Sabotage	CERT	pdf R1
Insider Threat Control - Using Centralized Logging to Detect Data Exfiltration Near Insider Termination	CERT	pdf R1
Insider Misuse of IT Systems	CPNI	pdf R2
2010-2011 Computer Crime and Security Survey	CSI	pdf R1
Cybersecurity Watch Survey 2011	Deloitte	pdf R1
Combating the Insider Threat	DHS	pdf R4
Insider Threat Awareness Webinar	DHS	pdf R1
National Risk Estimate: Insider Threat Fact Sheet	DHS	pdf R4
Risks to US Critical Infrastructure from Insider Threat (23 Dec 2013)	DHS	pdf R1
Insider Threat Intelligence Report (2018)	Dtex	pdf R9
Insider Threats	FBI	pdf R1
Insider Threat Examples by Sector		pdf R1
Insider Threat to Criticail Infrastructure	NIAC	pdf R1
Insider Threat Program - Maturity Framework	NITTF	pdf R9
Cost of Data Breach Study 2011	Ponemon	pdf R1

		TOP

Risk Management

An IT Auditor’s Guide to Security Controls and Risk Compliance	Bit9	pdf R9
Good Practice Guide - Understand the Business Risk	CPNI	pdf R2
Good Practice Guide - Manage Third Party Risk	CPNI	pdf R2
Five Critical Attributes of Effective Cybersecurity Risk Management	Crowe	pdf R6
Cybersecurity Risk Management Processs Guideline	DoE	pdf R9
Reducing Operational Risk in Oil and Gas Industry	EMC	pdf R4
Bound to Fail: Why Cyber Security Risk Cannot Simply Be "Managed" Away	Langner	pdf R2
Cyber Supply Chain Risk Management: Toward a Global Vision of Transparency & Trust	Microsoft	pdf R1
SP800-30 (Rev 1) - Risk Management Guide for IT Systems	NIST	pdf R1
SP800-39 - Managing Information Security Risk	NIST	pdf R1
Cyber-Risk Oversight - Director's Handbook Series	Tripwire	pdf R6
State of Risk-Based Security Management	Tripwire	pdf R6

		TOP

Incident Response

Handbook for Computer Security Incident Response Teams (CSIRT)	CMU-SEI	pdf R6
Developing a Cybersecurity Incident Response Capability	DHS	pdf
Best Practices for Victim Response and Reporting of Cyber Incidents	FBI	pdf R6
SP800-61 - Computer Security Incident Handling Guide	NIST	pdf

		TOP

Government

Action Plan for Critical Infrastructure - 2014-2017	Canada	pdf R9
Directive 2008/114/EC - Identification of European Critical Infrastructures (2008)	EU	pdf R2
European Programme for Critical Infrastructure Protection (2006)	EU	pdf R2
French National Digital Security Strategy	France	pdf R9
Analysis of Critical Infrastructures (2004)	Germany	pdf R2
CIP Implementation Plan of the National Plan for Information Infrastructure Protection (2005)	Germany	pdf R2
National ICS Security Standard (2014)	Qatar	pdf R9
Meridan Library of Global Regulatory Standards (hosted by Qatar CERT)	Qatar	html R1
Singapore National Cybersecurity Strategy (2016)	Singapore	pdf R9
Strategic Framework and Policy Statement - Improving Resilience of Critical Infrastructure (2010)	UK	pdf R2
Report to Presidents Commission on Critical Infrastructure Protection (1997)	USA	pdf R9
Security Categorization and Control Selection for National Security Systems (CNSSI) (2014)	USA	pdf R9
Dept of Energy Cyber Security Program (DoE) (2019)	USA	pdf R9
Framework to Reduce Cyber Risks to Critical Infrastructure v1.0 (2014)	USA	pdf R1
Executive Order - Improving Critical Infrastructure Cyber Security (2013)	USA	pdf R1
Executive Order - Fact Sheet (2013)	USA	pdf R1
PPD-21 - Critical Infrastructure Security and Resilience (2013)	USA	pdf R1
PPD-21 - Fact Sheet (2013)	USA	pdf R1
Postmarket Management of Cybersecurity in Medical Devices (FDA) (2016)	USA	pdf R6
Actions Needed to Address Significant Cybersecurity Risks Facing the Electric Grid (GAO) (2019)	USA	pdf R9
Challenges in Securing Control Systems (GAO) (2003)	USA	pdf
Cybersecurity for Critical Infrastructure Protection (GAO) (2004)	USA	pdf R1
DHS Needs to Enhance Capabilities, Improve Planning, and Support Greater Adoption of Its NCPS (GAO) (2016)	USA	pdf R6
CyberSkills Task Force Report (2012)	USA	pdf R4
Liberty and Security in a Changing World (2013)	USA	pdf R9
New York State Homeland Security Strategy (2014-2016)	USA	pdf R9
Addressing Urgent Cyber Threats to Critical Infrastructure (2017)	USA`	pdf R9
Intelligence Information Sharing Report (2012)	USA	pdf R4
National Infrastructure Protection Plan ( 2009 \| 2006)	USA	pdf
Updates to the National Infrastructure Protection Plan ( Full Report \| Highlights)	USA	pdf
NIPP - Sector-Specific Plan - Chemical (2010)	USA	pdf
NIPP - Sector-Specific Plan - Critical Manufacturing (2010)	USA	pdf
NIPP - Sector-Specific Plan - Energy (2010)	USA	pdf
NIPP - Sector-Specific Plan - Information Technology (2010)	USA	pdf
NIPP - Sector-Specific Plan - Transportation Systems (2010)	USA	pdf
NIPP - Sector-Specific Plan - Water (2010)	USA	pdf
Federal Government's Track Record on Cybersecurity and Critical Infrastructure (2014)	USA	pdf R6
National (Qatar) ICS Security Standard (2014)	QCERT	pdf

		TOP

Roadmaps

Cross Sector Roadmap for Cybersecurity of Control Systems	pdf
Roadmap to Achieve Energy Delivery Systems Cybersecurity (current)	pdf
Roadmap to Secure Control Systems in the Chemical Sector	pdf
Roadmap to Secure Control Systems in the Energy Sector (outdated)	pdf
Roadmap to Secure Control Systems in the Transportation Sector	pdf
Roadmap to Secure Control Systems in the Water Sector	pdf
Securing ICS in the Chemical Sector	pdf
Strategy for Securing Control Systems	pdf

	TOP

Defense & Military

DoDI 8500.01 - Cybersecurity	DoD	pdf R9
Advanced Cyber ICS Tactics, Techniques, and Procedures for DoD ICS	CYBERCOM	pdf R9
Dictionary of Military and Associated Terms	DoD	pdf R9
Handbook for Self-Assessing Security Vulnerabilities & Risks of ICS on DoD Installations	DoD	pdf R9
Program Managers Guide for Integrating Cybersecurity RMF into Acquisition Lifecycle	DoD	pdf R9
UFC-4 010 06 - Cybersecurity of Facility-Related Control Systems	DoD	pdf R9
UFGS-25 05 11 - Division 25 - Integrated Automation - Cybersecurity for Facility-Related Control Systems	DoD	pdf R9
UFGS-25 10 10 - Division 25 - Integrated Automation - Utility Monitoring and Control System Front End and Integration	DoD	pdf R9
ITG 2017-01 - Application of Cybersecurity to Facility-Related Control Systems	DoN	pdf R9
Cybersecurity-Related Policies and Issuances	DoD	pdf R9
NVIC 05-17 - Guidelines for Addressing Cyber Risks at MTSA Facilities	USCG	pdf R9

		TOP

Case Studies

Backdoors and Holes in Network Perimeters	pdf
Deepwater Horizon Accident Investigation Report (Executive Summary \| Full Report)	pdf R1
Maroochy Water Services Australia (NIST) (Report \| Presentation)	pdf R6
Olympic Pipeline Bellingham, Washington (NIST) (Report \| Presentation)	pdf R6
German Still Works Facility (SANS)	pdf R6
Undirected Attached Against Critical Infrastructure	pdf
Air Traffic Control (ATC) Cyber Security Project (CSFI)	pdf R6
ABB SCADA EMS System INEEL Baseline Summary Test Report (INEEL)	pdf
Control System Security Assessments including PCS7 Details (INL-Siemens)	pdf R6
Olympic (Bellingham) Pipeline Accident Report (NTSB)	pdf R1

	TOP

Security Considerations for OPC

Effective OPC Security for Control Systems	Matrikon	pdf
Hardening Guidelines for OPC Hosts	Byres	pdf
OPC Exposed	Byres	pdf
Understanding OPC	Byres	pdf
Using OPC via DCOM with Windows XP SP2	OPCF	pdf R9
Securing Your OPC Classic Control Systems	Tofino	pdf
Security Implcations of OPC in Control Systems	DHS	pdf

		TOP

ICS Basics

"The Ever-Expanding Mind of Morley = the Father of the PLC"	mp4 R6
Automation 101 - An Industry Guide to Control System Engineering (Automation Direct)	pdf R3
Acronyms List	pdf R6
PLC Handbook - Practical Guide to PLCs (Automation Direct)	pdf R9
SCADA Basics - NCS TIB 04-1	pdf
SCADA Basics - TM 5-601	pdf
PLC Programming Theory	pdf
CODESYS Runtime - A PLC Control Framework (Kaspersky)	pdf R9
Purdue Enterprise Reference Architecture (Purdue Model)	pdf R9
Essentials of Safety Instrumented Systems (ABB)	pdf R1
Safety Lifecycle Workbook (Emerson)	pdf R4
Power System and Substation Automation	pdf R3
High-Voltage Substation Configuration Infrastruture System Overview (OCIA)	pdf R9
Engineers Guide to DP Flow Measurement (Emerson)	pdf R9
Control Magazine's 2016 Readers Choice Awards	pdf R6
Control Magazine - State of Technology - Controllers & Control Systems (2015)	pdf R9
Control Magazine - State of Technology - PLCs, PCs, & PACs (2017)	pdf R9
Top 50 Automation Vendors - North America (Control-ARC) (2015 \| 2013)	pdf R6
Top 50 Automation Vendors - Worldwide (Control-ARC) (2015 \| 2013)	pdf R6

ICS SUPPLIER SYSTEM INFORMATION
ABB AC800M Controller - Communication Protocols	pdf R3
ABB System 800xA - Reference Architecture	pdf R6
ABB System 800xA - Solutions Handbook	pdf R3
ABB System 800xA - System Guide Summary	pdf R1

	TOP

ICS Protocols & Networks

USER ORGANIZATIONS
EtherCAT Technology Group		html R10
Fieldbus Foundation		html R10
Modbus Organization		html R10
OPC Foundation		html R10
Open Device Vendors Association (ODVA)		html R10
PROFIBUS & PROFINET International (PI)		html R10

INDUSTRIAL PROTOCOLS
System Comparison - The Five Major Technologies	IE Facts	pdf R1
Comparison of Protocols Used in Remote Monitoring	IIT	pdf R4
Introduction to Modbus TCP/IP	Acromag	pdf R2
Introduction to Modbus Serial and Modbus TCP	Extension	pdf R1
Modbus Application Protocol Specification v1.1b3	Modbus.org	pdf R6
Modbus Messaging on TCP/IP Implementation Guide v1.0b	Modbus.org	pdf R6
Open Modbus/TCP Specification		docx R4
DNP3 User & Reference Manual	Control	pdf R1
DNP3 Overview	Triangle	pdf R1
DNP3 Protocol Primer	DNP UG	pdf R1
DNP3 Secure Authentication v5 2011-11-08		pdf R1
DNP3 Decoder/Parser (online)	Automatak	html R5
Introduction to EtherNet/IP Technology		pdf R6
EtherNet/IP	Delta	html R3
Principles of EtherNet/IP Communication	Schneider	pdf R6
EtherNet/IP - Using Explicit Messaging	Delta	pdf R3
Communicating with Rockwell Automation Products using EtherNet/IP Explicit Messaging	Rockwell	pdf R6
Optimize EtherNet/IP	Journal	pdf R1
Common Industrial Protocol (CIP)	ODVA	pdf R1
CIP Security Phase 1 - Secure Trasnport for EtherNet/IP	ODVA	pdf R9
ControlNet - CIP on CTDMA Technology	ODVA	pdf R1
DeviceNet - CIP on CAN	ODVA	pdf R1
EtherNet/IP - CIP on Ethernet Technology	ODVA	pdf R1
EtherNet/IP - A Guide for Developers	ODVA	pdf R3
Network Infrastructure for EtherNet/IP: Introduction and Considerations	ODVA	pdf R1
Securing EtherNet/IP Networks	ODVA	pdf R1
EtherNet/IP Specification for ACR Series Products	Parker	pdf R3
DF1 Protocol and Command Set Reference Manual	Rockwell	pdf R4
Guide to Open Protocols in Building Automation	Schneider	pdf R9
BACnet Primer	Phoenix Ctrl	pdf R3
LonTalk Protocol Specification v3.0	Echelon	pdf R9
Guide to OPC	Matrikon	pdf R2
Distributed Component Object Model (DCOM) Technical Overview	Microsoft	pdf R6
OPC-DCOM - Five Things You Need to Know	OPC TI	pdf R6
OPC Data Access - Custom Interface - Ver 2.05A	OPCF	pdf R2
OPC Unified Architecture - Future standard for communication and information modeling in automation	ABB	pdf R6
The Evolution of OPC - Classic to Unified Architecture	Honeywell	pdf R6
OPC Unfied Architecture - The Interoperabilty Standard	OPCF	pdf R3
OPC Unified Architecture - Collaboration with PLCopen	OPCF	pdf R3
OPC Unified Architecture - Advantages and Possibilities of Use	OPCF	pdf R3
OPC Unified Architecture - Overview and Concepts - Ver 1.02	OPCF	pdf R2
OPC Unified Architecture - Secure Communication with IEC 62541	OPCF	pdf R3
PROFINET Security Guideline	PI	pdf R1
PROFINET System Description - Technology and Application	PI	pdf R1
Power Industry Communication Protocol Features and Benefits	ProSoft	pdf R3
Technical Overview and Benefits of IEC 61850 Standard for Substation Automation	SISCO	pdf R3
Top 10 Recommendations for Plantwide EtherNet/IP Deployments	Rockwell Cisco	pdf R1
PROFIBUS and Modbus: A Comparison	Siemens	pdf R1
Comparison of DNP3 and IEC 60870-5-101	Triangle	pdf R3
Comparison of Modbus and DNP3 Communication Protocols	Triangle	pdf R4
Using DNP3 & IEC 60870-5 Communication Protocols in the Oil & Gas Industry	Triangle	pdf R1
Industrial Internet of Things (IIoT) Protocols to Watch	Automation	pdf R9
Industrial Internet of Thinbgs (IIoT) Protcols to Watch	Kepware	pdf R9

INDUSTRIAL NETWORKING
Substation Cellular WAN Solution Reference Architecture	Belden	pdf R4
Substation Ethernet MPLS Solution Reference Architecture	Belden	pdf R4
Substation Ethernet WAN Solution Reference Architecture	Belden	pdf R4
Substation Communications Design - Legacy to IEC 61850	Belden	pdf R4
Substation Communications Design - Legacy to IEC 61850 - Best Practices	Belden	pdf R4
Substation Communications Design - Legacy to IEC 61850 - Practical Applications	Belden	pdf R4
Substation Communications Design - Legacy to IEC 61850 - Reliability and Security	Belden	pdf R4
Industrial Networks: Wired & Wireless		pdf R1
Ethernet Backbones in Safety and Basic Process Control Systems	GE-IP	pdf R3
Ethernet Basics	Phoenix Cont	pdf R9
Industrial Ethernet - Quick & Simple Explanation of Key Terms	Phoenix Cont	pdf R9
Industrial Ethernet	Phoenix Cont	pdf R9
Industrial Ethernet - A Control Engineers Guide	Cisco	pdf R1
Field Wireless Networks	ISA	pdf R1
Converged Plantwide Ethernet (CPwE) Design & Implementation Guide	Rockwell Cisco	pdf R1
Connected Factory Architecture Reference Architecture	Cisco	pdf R4
Ethernet Design Considerations for Control System Networks	Rockwell	pdf R1
Fundamentals of EtherNet/IP Networking	Rockwell	pdf R4
TCP/UDP Ports Used by Rockwell and Allen-Bradley Products	Rockwell	pdf R1
Ethernet to the Factory Design and Implementation Guide v1.2	Rockwell Cisco	pdf R1
SNMP Tutorial	DPS Teleco	pdf R1
Demystifying the SNMP MIB	DPS Teleco	pdf R1
Handbook for Network Security	IAONA	pdf R10

		TOP

Reference

Acronyms List	DHS	pdf R9
Dictionary of Military and Associated Terms	DoD	pdf R9
Cyber Security Handbook & Reference Guide (2019) - The Ultimate List of Cyber Security Vendors	TAG	pdf R9

		TOP

Manuals and User Guides

AlienVault OSSIM Installation Guide	pdf
AlienVault OSSIM Snare Windows	pdf
AlienVault OSSIM Users Manual v1.0	pdf
Allen-Bradley Stratix Ethernet Switches	pdf R4
Allen-Bradley Stratix 5900 Industrial Router	pdf R4
Certes Networks Layer 4 (Payload) Encryption	pdf R1
Certes Networks TrustNet Group Encryption	pdf R1
Certes Networks CEP-5LC Datasheet	pdf R1
Certes Networks CEP-5LC Brochure	pdf R1
Certes Networks CEP-10 Datasheet	pdf
Certes Networks Variable Speed Encryptors Datasheet	pdf
Cisco Guide to Hardening IOS Devices	pdf R6
Cisco IOS Switch Security Configuration Guide (NSA)	pdf R2
Cisco SAFE Security Reference Architecture (White Paper)	pdf R1
Cisco SAFE Security Reference Architecture (Poster)	pdf R1
Cisco Network Admission Control	pdf R1
Cisco TrustSec Solution At-a-Glance	pdf R1
Cisco TrustSec Solution Overview	pdf R1
Enterasys Secure Networks for Process Control	pdf R1
Enterasys Network Access Control	pdf R1
eWon Industrial Remote Access Routers	pdf R6
Hardening HP ProCurve Switches	pdf R2
MatrikonOPC Tunneller User Manual	pdf R1
MatrikonOPC Server for Simulation User Manual	pdf R6
Microsoft Introduction to Network Access Protection	pdf R1
Nessus Documentation (Tenable)	html
Nessus 6.4 Command Line Reference	pdf R6
Nessus 6.4 Installation and Configuration Guide	pdf R6
Nessus 6.4 SCAP Assessments	pdf R6
Nessus 6.4 User Guide	pdf R6
Nessus Activation Code Installation	pdf R6
Nessus Compliance Checks (r89)	pdf R6
Nessus Credential Checks	pdf
Nessus Patch Management Integration	pdf
Suricata - Basic Setup	pdf R1
Suricata - Setting up IPS Inline for Linux	pdf R1
Suricata - Suricata.yaml Reference	pdf R1
Suricata - Ubuntu Getting Started with Suricata	pdf R1
Suricata - Ubuntu Installation	pdf R1
Tofino Argon 100 Hardware Installation and Troubleshooting Guide v1.0.0	pdf
Tofino Argon 220 Hardware Installation and Troubleshooting Guide v1.0.0	pdf
Tofino Argon CMP Installation and Upgrade Guide v1.7.0	pdf
Tofino Argon CMP User's Guide v1.7.0	pdf
Tofino Pre-Defined Controllers and Protocols	pdf R5
Tofino Xenon Security Appliance - Datasheet	pdf R5
Tofino Xenon Security Appliance - Product Bulletin	pdf R6
VMware Network Segmentation in Virtualized Environments	pdf R1
VMware DMZ Virtualization using vSphere 4 Cisco Nexus	pdf R1
VMware DMZ Virtualization with Infrastructure 3 (legacy)	pdf R1
VMware vSphere 5.5 Security Hardening Guide	xlsx R1
VMware vSphere 5.1 Security Hardening Guide	xlsx R1
VMware vSphere 5.0 Security Hardening Guide	xlsx R1
VMware vSphere 4.1 Security Hardening Guide (legacy)	pdf R1
VMware vSphere 4.0 Security Hardening Guide (legacy)	pdf R1
VMware Instrastructure 3 Securing Hardening (legacy)	pdf R1
Wurldtech Industrial Next-Generation Firewall Solution Brief	pdf R5
Wurldtech Industrial Next-Generation Firewall Spec Sheet	pdf R6

	TOP

Cheat Sheets

Hacking - Certified Ethical Hacker Cheat Sheet Exercises	pdf
Hacking - Meterpreter Cheat Sheet	pdf
Hacking - Nessus NMAP Commands	pdf
Hacking - netcat	pdf
Hacking - NMap Mindmap Reference	pdf
Hacking - NMap Quick Reference Guide	pdf
Hacking - Reconnaissance Reference Sheet	pdf
Hacking - Tripwire Common Security Exploit-Vuln Matrix	pdf
HTML - Markdown	pdf
Intelligence - Cyber Intelligence Gathering	pdf R9
Intelligence - OSINT Links for Investigators	pdf R9
Linux - Admin Quick Reference	pdf R9
Linux - Bourne Shell Quick Reference	pdf
Linux - Command Reference 1	pdf R9
Linux - Command Reference 2	pdf R9
Linux - OpenSUSE - Zypper	pdf R9
Linux - Quick Reference Card	pdf
Linux - RHEL - Common Admin Commands	pdf R9
Linux - RHEL - Linux Commands	pdf R9
Linux - RHEL - Yum	pdf R9
Linux - Scapy	pdf R6
Linux - Security Onion	pdf R9
Linux - Shell Cheat Sheet	pdf
Linux - Shell Script Cheat Sheet	pdf
Linux - Solaris - Basic Commands	pdf R9
Linux - Solaris - Quick Sheet	pdf R9
Linux - tcpdump	pdf
Linux - Ubuntu Quick Reference	pdf
Linux - VI Editor Reference	pdf
MAC - OSX Key Combo Reference Guide	pdf
Networking - Border Gateway Protocol	pdf
Networking - Cisco CCENT	pdf R9
Networking - Cisco CCNA	pdf R9
Networking - Cisco IOS Interior Routing Protocols	pdf R6
Networking - Cisco IOS IPv4 Access Lists	pdf
Networking - Cisco IOS Quick Reference	pdf R9
Networking - Cisco IOS Versions	pdf
Networking - Cisco IOS Zone-Based Firewall	pdf R6
Networking - Common TCP-UDP Ports	pdf
Networking - EIGRP (Enhanced Interior Gateway Routing Protocol)	pdf
Networking - First Hop (Router) Redundancy	pdf
Networking - Frame Mode MPLS	pdf
Networking - IEEE 802.11 Pocket Reference Guide	pdf R9
Networking - IEEE 802.11 WirelessLAN	pdf
Networking - IEEE 802.1X Authentication	pdf
Networking - IP Tables Processing	png R1
Networking - IP Security (IPsec)	pdf
Networking - IPv4 Multicast	pdf
Networking - IPv4_Subnetting	pdf
Networking - IPv6	pdf
Networking - IS-IS	pdf
Networking - Network Address Translation (NAT)	pdf
Networking - Open Shortest Path First (OSPF)	pdf
Networking - Physical Terminations	pdf
Networking - Point-to-Point Protocol (PPP)	pdf
Networking - Quality of Service (QoS)	pdf
Networking - Routing Information Protocol (RIP)	pdf R6
Networking - Spanning Tree	pdf
Networking - tcpdump	pdf R9
Networking - TCP/IP	pdf
Networking - Virtual Local Area Networks (VLAN)	pdf
Networking - Voice over IP (VoIP) Basics	pdf R6
Networking - Wireshark - Display Filters 1	pdf
Networking - Wireshark - Display Filters 2	pdf
Programming - Ruby	pdf R1
Programming - x64 Instructions	pdf R2
Programming - x86 Instructions	pdf R2
Programming - x86 Instructions	pdf R2
Source Control - Git	pdf R6
SQL - MySQL Commands	pdf
VMware - Ports and Services	pdf R9
VMware - PowerCLI	pdf R9
VMware - Reference Card	pdf
Web - Google Hacking Advanced Querying	pdf R9
Web - Google Hacking and Defense	pdf R9
Windows - Command Line	pdf R1
Windows - Command Reference (book extract)	pdf R4
Windows - NTFS	pdf R9
Windows - PowerShell 1	pdf R9
Windows - PowerShell 2	pdf R9
Windows - PowerShell 3	pdf R9
Windows - PowerShell 4	pdf R9

	TOP

eBooks

Industrial Cyber Security for Dummies	Belden	pdf R9
Endpoint Threat Detection, Response and Prevention for Dummies	Bit9	pdf R4
Next-Generation Intrusion Prevention Systems (IPS) for Dummies	Sourcefire	pdf R3
CISO Handbook	CISO Coun	pdf R9
Universal Threat Management (UTM) for Dummies	Fortinet	pdf R1
Fundamentals of Azure	Microsoft	pdf R6
Introducing Microsoft System Center 2012R2 - Technical Overview	Microsoft	pdf R6
Introducing Windows 10 for IT Professionals - Preview Edition	Microsoft	pdf R6
Introducing Windows 8.1 for IT Professionals - Technical Overview	Microsoft	pdf R6
Introducing Windows Azure for IT Professionals	Microsoft	pdf R6
Introducing Windows Server 2012R2 - Technical Overview	Microsoft	pdf R6
Windows 10 Support Secrets	Microsoft	pdf R9
Vulnerability Management for Dummies	Qualys	pdf R1
Network Monitoring and Troubleshooting for Dummies (2nd ed)	Riverbed	pdf R6
Network Monitoring for Dummies (1st ed)	Solarwinds	pdf R9
Essential Guide to Machine Data	Splunk	pdf R9
Security Configuration Management for Dummies	Tripwire	pdf R6

		TOP

Multimedia

WEB-BASED DEMONSTRATION VIDEOS BY SCADAHACKER
Exploitation 101: Turning a SCADA Vulnerability into a Successful Attack	html R8
Protecting Your ICS from Zero-Day Attacks	html R8
Stuxnet - Introduction, Installation, and Injection Methods	html R8
Stuxnet - Using Software Restriction Policy as a Mitigation	html R8

WEB-BASED THIRD-PARTY VIDEOS
Auditing SCADA and Control System Networks (Tenable)	html

	TOP

Spreadsheets

IP Address Subnet Calculator	xls R1
Network Assistant (subnetting, port lookup, cli commands, acronyms)	xls R1
IP Subnetting Assistant (tools to understand "visibility")	xls R1

	TOP

Tools and Applications

MITRE ATT&CK for ICS	html R10
NIST Quick Guide for 800-53 (Apple IOS)	html
NIST Quick Guide for 800-53 (Android)	html R8
National Vulnerability Database - NIST Special Publication 800-53 Rev. 3 & 4 (http)	html R8
National Vulnerability Database - CVSS Scoring Tool (v2 \| v3)	html R9
NIST Computer Forensics Tool Catalog	html R8

	TOP

Websites

INDUSTRIAL
American Chemistry Council Chemical Sector Cyber Security Program	html
American Gas Association - Natural Gas Security	html R8
American Water Works Assocation - Cybersecurity and Guidance	html R9
ASIS International	html
Canadian Society for Industrial Security (CSIS)	html R8
Control Engineering	html
Control Global (Control Magazine)	html
Digital Bond Archives	html R9
lectric Power Research Institute (EPRI)	html R8
Electrical Energy Online	html
Emerging Security Standards to the EU Power Network Controls & other Critical Equipment	html R6
InfraGard	html
ISA-99, Manufacturing and Control Systems Security	html R8
ISA Security Compliance Institute (ISASecure)	html R1
SCADA HoneyNet Project (Source Forge)	html R8
ScadaSafe Project (Source Forge)	html

CERT AND SECURITY FIRMS
AusCERT - Blog and Publications	html R8
Forum of Incident Response and Security Teams (FIRST)	html
McAfee Labs	html R8
McAfee Threat Center	html R8
Symantec Security Center	html R8
Symantec Security Center - Whitepapers	html R8

MALWARE ANALYSIS
Malwr	html R8
Virus Total	html R8

NATIONAL LABORATORIES
Argonne National Laboratory (ANL) - National Security Programs	html R8
Idaho National Laboratory (INL) - National and Homeland Security	html R8
Idaho National Laboratory (INL) - Cybercore Integration Center	html R9
Pacific Northwest National Laboratory (PNNL) National Security	html R8
Sandia National Laboratory (SNL) - Center for SCADA Security	html R8

INFORMATION SHARING AND ANALYSIS CENTERS
Industrial Control System Information Sharing and Analysis Center	html R9
Electricity Information Sharing and Analysis Center (E-ISAC)	html R8
Multi-State Information Sharing and Analysis Center: SCADA and Control Systems Procurement Project (MS-ISAC)	html R8
Surface Transportation Sector Information Sharing and Analysis Center (ST-ISAC)	html
Water Sector Information Sharing and Analysis Center (WS-ISAC)	html R8

GOVERNMENT / REGULATORY
Directory Listing of Worldwide CERT Organizations	html R8
Centre for the Protection of National Infrastructure (CPNI)	html R8
Department of Energy (DOE) Control Systems Security	html R8
Dept of Homeland Security (DHS) Cybersecurity & Infrastructure Security Agency (CISA)	html R8
DHS-CISA US-CERT Industrial Control Systems	html R9
DHS - Infrastructure Security - Chemical Security	html R8
Federal Energy Regulatory Council (FERC)	html
National Institute of Standards and Technology (NIST)	html
NIST - Computer Security Resource Center - Special Publications (800 Series)	html R8
NIST - Cyber-Physical Systems	html R9
NIST - Cyber-Physical Systems Public Working Group	html R9
North American Electric Reliability Corp (NERC) - Critical Infrastructure Protection (CIP) Standards	html R6
Combating Terrorism Tech Support Office (CTTSO) - Tech Support Working Group	html

PRODUCTS / VENDORS
AT&T Security (formerly Alien Vault)	html R8
Certes Networks	html
Cisco	html R8
Dragos	html R8
Hirschmann	html R8
Netresec	html R6
OSIsoft	html
Phoenix Contact / Innominate	html R8
SCADAfence	html R8
Secure Crossing	html
Splunk	html R6
Tenable Network Security	html
Tofino Security	html
Waterfall Security Solutions	html R8

	TOP

News Sources

ISSSource	html
Threat Level (Wired)	html
Homeland Security Newswire	html

	TOP

Software

These links will redirect you to various sites on the Internet for downloading of current versions. Some applications may require registration prior to downloading. You should always validate that you are accessing the latest version before downloading.

AT&T AlienVault Open-Source Security Incident Monitor (OSSIM) (14-day trial)	R8
Clonezilla Disk Imaging Utility	R1
Cyber Security Evaluation Tool	R8
Firewall Builder for Windows / Mac / Linux	R8
HashCheck Shell Extension for Windows	R9
Hashdeep Utilities for Windows	R9
HashTab Shell Extension for Windows	R9
Kali Linux	R1
Libre Office (replaces Open Office) for Windows / Mac / Linux	R8
Metasploit Community Edition for Windows/Linux	R8
Microsoft Baseline Security Advisor for Windows	R8
Microsoft Network Monitor	R1
ModbusPal Java-based Modbus/TCP Simulator	R8
Nessus Vulnerability Scanner	R8
Nessus Center for Internet Security (CIS) Benchmark Files	R8
NIST Cyber Security Framework (CSF) Reference Tool	R9
Ophcrack Password Utility LiveCD	R8
Ophcrack Password Rainbow Tables	R8
pfSense Security Appliance	R1
Portable Apps for Windows	R9
Putty Telnet/SSH Client	R8
QuickDraw IDS Signatures and PCAP Test Files	R8
Redo Disk Imaging Utility	R8
Rockwell Client Server Protcol (CSP) Lua add-on for Wireshark (deprecated)	R4
Rufus USB Boot Creation Utility for Windows / Mac / Linux	R9
SCADA Honeynet	R8
Security Onion Linux (Xubuntu) Distro	R1
Snare Syslog Agentss	R8
SNORT (Intrusion Monitoring System)	R1
Solarwinds Network Tools for Windows	R8
Splunk Syslog Server for Windows / Mac / Linux	R8
Suricata (Intrusion Monitoring System)	R8
Triangle MicroWorks Test Harness for Windows	R1
UNetBootin USB Boot Creation Utility for Windows / Mac / Linux	R8
VeraCrypt Disk Encryption Utility for Windows/Linux/Mac OS X	R8
VyOS Security Platform (formerly Vyatta)	R8
Windows Password Recovery Tool (Linux)	R8
Windows 10 Subsystem for Linux	R9
Wireshark	R1

	TOP

Industrial Control System Cyber Security Institute

Library of Resources for Industrial Control System Cyber Security