Question 1

How do I start learning ICS security from scratch?

Accepted Answer

Begin with the 'Introduction to ICS, SCADA, & PLCs' section for YouTube videos on basics like MODBUS, then use educational resources like GRFICSv2 for hands-on simulation in lab environments.

Question 2

What are the best tools for scanning industrial networks?

Accepted Answer

The list includes tools like ModScan for MODBUS mapping and s7scan for Siemens PLC enumeration, but tool choice depends on your network's specific protocols—always test in isolated setups first.

Question 3

ICS security vs traditional IT security: what's the main difference?

Accepted Answer

ICS security focuses on real-time, safety-critical systems with proprietary protocols like S7comm, while IT security emphasizes data confidentiality; this list highlights unique ICS threats and resources.

Question 4

How to set up a honeypot for ICS like Conpot?

Accepted Answer

Conpot is listed as a low-interactive honeypot; follow its GitHub link for installation, and use it in lab environments to simulate attacks and analyze traffic patterns for research.

Question 5

Where can I find real PCAP files for ICS protocols?

Accepted Answer

Check the 'Data' section for sources like 4SICS Lab PCAPs and DEF CON captures, which provide packet traces for protocols like S7 and MODBUS useful for analysis and testing.

Question 6

How to contribute to or update this awesome list?

Accepted Answer

Refer to the CONTRIBUTING.md file in the repository; it outlines guidelines for adding new resources or improving entries through pull requests to keep the list community-driven.

Industrial Control System Security

What is Industrial Control System Security?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions