Industrial Control System Security Taxonomic Framework with Application to a Comprehensive Incidents Survey

In recent years, the number of cyber-physical incidents in industrial control systems (ICSs) has increased. Providing a framework for ICS threat intelligence is of utmost importance because of the critical role of ICSs in the nations' critical infrastructures. In this paper, after a short review of various threats and security incidents’ taxonomies in the cyber-physical scope, we propose the Hierarchical Taxonomic Framework (HTF) with required characteristics for classifying attacks and security incidents in ICSs. We applied the HTF to analyze 268 available public security incidents on ICSs reported between 1982 and 2018. Among these 268 incidents, there are 147 attacks and 121 non-attack security incidents. The HTF and the analytical incidents study are carried out to extract the useful patterns and key points for organizing threat intelligence in ICSs and critical infrastructures to improve their security level according to the cyber-attacks trends.