Ics2matrix
The ICS^2 Matrix is a threat taxonomy for Programmable Logic Controllers and Industrial Control Systems
Install / Use
/learn @efrenlopezm/Ics2matrixREADME
ICS<sup>2</sup> Matrix
<div align="center"> <kbd> <img src="img/logo.png" /> </kbd> </div> <br />This repository hosts the ICS<sup>2</sup> Matrix released with the paper SoK: Security of Programmable Logic Controllers.
What is the ICS<sup>2</sup> Matrix?
The ICS<sup>2</sup> Matrix is a taxonomy of threats against PLCs and Industrial Control Systems (ICS). The taxonomy includes adversary tactics that describe “what” is the adversary’s goal and attack techniques which describe “how” the adversary can complete her goal. Additionally, it includes mitigations that prevent a technique from being successfully executed. The ICS2 Matrix builds upon the MITRE ATT&CK for ICS Matrix and the Hybrid ATT&CK Matrix. It also incorporates the scientific knowledge accumulated since 2007 of PLC security research by adding 6 new attack techniques and 5 new mitigation categories based on the literature reviewed in the SoK: Security of Programmable Logic Controllers paper.
How do I use the ICS<sup>2</sup> Matrix?
:open_file_folder: Matrix Excel File
The matrix is contained in the above Microsoft Excel document. This format allows for easy distrition and navigation of the multiple techniques. In order to use it you should download and open the Excel file and explore the "ICS2 Matrix" tab. This tab contains different techniques. The techniques are ordered by Tactic category. The new techniques introduced in our research are saved as multiple tabs in the Excel document and are also linked from their corresponding technique in the "ICS2 Matrix" tab.
How can I contribute to the ICS<sup>2</sup> Matrix?
We encourage the community to provide feedback to improve the matrix. If you wish to add or modify a technique please send a Pull Request using the provided template.
Research Paper
SoK: Security of Programmable Logic Controllers
If you use our work in a scientific publication, please do cite us using this BibTex entry:
@inproceedings {lopez2024sok,
author = {Efr{\'e}n L{\'o}pez-Morales and Ulysse Planta and Carlos Rubio-Medrano and Ali Abbasi and Alvaro A. Cardenas},
title = {{SoK}: Security of Programmable Logic Controllers},
booktitle = {33rd USENIX Security Symposium (USENIX Security 24)},
year = {2024},
isbn = {978-1-939133-44-1},
address = {Philadelphia, PA},
pages = {7103--7122},
url = {https://www.usenix.org/conference/usenixsecurity24/presentation/lopez-morales},
publisher = {USENIX Association},
month = aug
}
Help
If you need help, please open a new issue.
License
This project is licensed under the MIT License - see the LICENSE.md file for details
Acknowledgments
Coming soon!
Related Skills
node-connect
342.0kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
84.7kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
342.0kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
84.7kCommit, push, and open a PR
Security Score
Audited on Mar 3, 2026