└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # ICS_Awesome_List 2 | 3 | **Table of Contents** 4 | - [ICS_Awesome_List](#ics_awesome_list) 5 | - [Communities](#communities) 6 | - [Conferences](#conferences) 7 | - [Ecosystems](#ecosystems) 8 | - [Exercises](#exercises) 9 | - [ISACs](#isacs) 10 | - [Free Trainings](#free-trainings) 11 | - [Bulletins](#bulletins) 12 | - [Articles](#articles) 13 | - [Books](#books) 14 | - [Certificates](#certificates) 15 | - [Top 10 Twitter Accounts](#top-10-twitter-accounts) 16 | - [Standards & Guidelines](#standards--guidelines) 17 | - [In Progress](#in-progress) 18 | - [References](#references) 19 | 20 | ## Communities 21 | 22 | Country |Community Name |Web Page |Twitter |Channels | 23 | --------|--------------------------------------|----------------------|------------- |----------------------------| 24 | Global |BEER-ISAC |N/A |@BEERISAC |N/A | 25 | Turkey |Türkiye EKS Siber Güvenlik Ekosistemi |https://eksguvenligi.org |@eks_ekosistem |https://t.me/eksguvenligi | 26 | Russia |Russian ICS Cyber Security Community |https://ruscadasec.com |N/A |https://t.me/ruscadasecnews | 27 | Brazil|Brazil ICS Cyber Security Community|scadasecbr.org |N/A |https://t.me/scadasecbr | 28 | Global |ICSVillage |https://icsvillage.com |@ICS_Village |N/A | 29 | Global |SANS ICS |https://ics.sans.org |@SANSICS |N/A | 30 | Global |SCADASEC |https://scadamag.infracritical.com/ | N/A |https://groups.io/g/scadasec| 31 | 32 | 33 | ## Conferences 34 | 35 | Country |Conference Name |Web Page | 36 | --------|-----------------------------------------------|-------------------------------------------------------| 37 | Turkey |EKS Konferans |https://www.ekskonferans.org/ | 38 | Germany |SANS ICS Europe |https://www.sans.org/ | 39 | Russia |Kaspersky Industrial Cybersecurity Conference |https://ics.kaspersky.com/conference/ | 40 | Sweden |CS3STHLM |https://cs3sthlm.se/ | 41 | Belgium |BRUCON |https://www.brucon.org/ | 42 | America |SANS ICS Summit USA |https://www.sans.org/ | 43 | America |SANS Oil & Gas Cyber Security |https://www.sans.org/ | 44 | America |S4xEvents |https://s4xevents.com/ | 45 | America |ICS Cyber Security Conference |https://www.icscybersecurityconference.com/ | 46 | Singapore|ICS Cyber Security Conference |https://www.icscybersecurityconference.com/ | 47 | Flexible|CIPRE |https://www.cipre-expo.com/ | 48 | 49 | 50 | ## Ecosystems 51 | 52 | Country |Ecosystem |Web Page | 53 | --------|-----------------------------------------------|-------------------------------------------------------------| 54 | Global |CCI-ES |https://www.cci-es.org/ | 55 | Global |OT-CSA |https://otcsalliance.org/ | 56 | Global |ISA Global Cybersecurity Alliance |https://isaautomation.isa.org/cybersecurity-alliance/ | 57 | Global |Charter of Trust |https://www.charteroftrust.com/ | 58 | 59 | 60 | 61 | ## Exercises 62 | 63 | Country |Exercise Name |Web Page | 64 | --------------|-----------------------------------------------|-------------------------------------------------------------| 65 | North America |GridEX |https://www.nerc.com/pa/CI/CIPOutreach/Pages/GridEx.aspx | 66 | Global |Locked Shields |https://ccdcoe.org/exercises/locked-shields/ | 67 | 68 | 69 | 70 | 71 | ## ISACs 72 | 73 | Community |Research Areas |Web Page | 74 | -------------|------------------------------------------------------------|-------------------------------------------------------------| 75 | E-ISAC |Electricity Information Sharing and Analysis Center |https://www.eisac.com/ | 76 | EE-ISAC |European Energy Information Sharing & Analysis Centre |https://www.ee-isac.eu/ | 77 | Water-ISAC |Water Information Sharing and Analysis Center |https://www.waterisac.org/ | 78 | ONG-ISAC |Oil and Natural Gas Information Sharing and Analysis Center |https://ongisac.org/ 79 | 80 | 81 | ## Free Trainings 82 | 83 | Organization |Web Page | 84 | ---------------|----------------------------------------------------------------------| 85 | ICS-CERT |https://us-cert.cisa.gov/ics/Training-Available-Through-ICS-CERT | 86 | IAEA |https://websso.iaea.org/login/login.fcc | 87 | S4XEvents |https://onramp.s4xevents.com/login| 88 | 89 | 90 | ## Bulletins 91 | 92 | Publisher |Web Page | 93 | ------------------|----------------------------------------------------------------------| 94 | Dale Peterson |https://mailchi.mp/f53b1c8c2da0/friday | 95 | eksguvenligi.org |https://www.eksguvenligi.org/bulten | 96 | CCI-ES |cci-es.org | 97 | 98 | 99 | 100 | 101 | ## Articles 102 | 103 | Organization |Topic |Link | 104 | -------------|------------------------------------------------------------|-------------------------------------------------------------| 105 | SANS |Secure Architecture for Industrial Control Systems |https://www.sans.org/reading-room/whitepapers/ICS/secure-architecture-industrial-control-systems-36327| 106 | SANS |The Industrial Control System Cyber Kill Chain |https://www.sans.org/reading-room/whitepapers/ICS/industrial-control-system-cyber-kill-chain-36297 107 | 108 | 109 | ## Books 110 | 111 | - [x] Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems 112 | - [x] Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions 113 | - [x] Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure 114 | - [x] Security PHA Review for Consequence-Based Cybersecurity 115 | - [x] Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems 116 | 117 | ## Certificates 118 | - [x] GISCP (Global Industrial Cyber Security Professional) 119 | - [x] CSSA (Certified SCADA Security Architect) 120 | - [x] GRID (GIAC Response and Industrial Defense) 121 | - [x] Certified Operational Technology Cybersecurity Professional (TÜV) 122 | - [x] ISA/IEC 62443 Cybersecurity Fundamentals Specialist 123 | - [x] ISA/IEC 62443 Cybersecurity Risk Assessment Specialist 124 | - [x] ISA/IEC 62443 Cybersecurity Design Specialist 125 | - [x] ISA/IEC 62443 Cybersecurity Maintenance Specialist 126 | - [x] ISA/IEC 62443 Cybersecurity Expert 127 | 128 | 129 | ## Top 10 Twitter Accounts 130 | 131 | - [x] @shipulin_anton 132 | - [x] @digitalbond 133 | - [x] @PatrickCMiller 134 | - [x] @RobertMLee 135 | - [x] @SarahFluchs 136 | - [x] @SinclairKoelemi 137 | - [x] @SCADAhacker 138 | - [x] @Marmusha 139 | - [x] @timyardley 140 | - [x] @CloverStreetMan 141 | 142 | 143 | 144 | ## Standards & Guidelines 145 | 146 | Organization |Standard |Link | 147 | --------|-------------------------------------------------------|-------------------------------------------------------------------------------------------------| 148 | NIST |Guide to Industrial Control Systems (ICS) Security |https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf | 149 | NIST |Guidelines for Smart Grid Cybersecurity |https://nvlpubs.nist.gov/nistpubs/ir/2014/NIST.IR.7628r1.pdf | 150 | TSA |Pipeline Security Guidelines |https://www.tsa.gov/sites/default/files/pipeline_security_guidelines.pdf | 151 | IAEA |Computer Security at Nuclear Facilities |https://www-pub.iaea.org/MTCD/Publications/PDF/Pub1527_web.pdf | 152 | ACRP |Guidebook on Best Practices for Airport Cybersecurity |http://trbcybersecurity.erau.edu/resources/acrp_rpt_140.pdf | 153 | CFATS |Risk-Based Performance Standards Guidance |https://www.dhs.gov/xlibrary/assets/chemsec_cfats_riskbased_performance_standards.pdf | 154 | US-CERT |Cyber Security Procurement Language for Control Systems|https://us-cert.cisa.gov/sites/default/files/documents/Procurement_Language_Rev4_100809_S508C.pdf| 155 | AWWA |Water Sector Cybersecurity Guidance |https://www.awwa.org/Portals/0/AWWA/ETS/Resources/AWWACybersecurityGuidance2019.pdf?ver=2019-09-09-111949-960| 156 | NIST |Cybersecurity Framework Manufacturing Profile |https://www.nist.gov/publications/cybersecurity-framework-manufacturing-profile-0 | 157 | NIST |Energy Sector Asset Management | https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1800-23.pdf | 158 | Energy Gov|Electritcy Subsector Cybersecurity Capability Maturity Model | https://www.energy.gov/sites/prod/files/2014/02/f7/ES-C2M2-v1-1-Feb2014.pdf | 159 | Energy Gov| Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model | https://www.energy.gov/sites/prod/files/2014/03/f13/ONG-C2M2-v1-1_cor.pdf | 160 | NIST | Behavioral Anomaly Detection in ICS | https://csrc.nist.gov/publications/detail/nistir/8219/draft| 161 | ICS- CERT | Seven Strategies to Defend ICSs | https://us-cert.cisa.gov/sites/default/files/documents/Seven%20Steps%20to%20Effectively%20Defend%20Industrial%20Control%20Systems_S508C.pdf | 162 | ICS-CERT | ICS Defense-in-Depth Strategies | https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf| 163 | ICS-CERT | ICS-CERT Recommended Practices |https://us-cert.cisa.gov/ics/Recommended-Practices| 164 | 165 | 166 | 167 | 168 | ## In Progress 169 | - [x] Regulations 170 | - [x] Podcasts 171 | - [x] ICS PCAPs 172 | - [x] Videos 173 | - [x] Feeds 174 | - [x] Goverment Funded Research Projects 175 | - [x] Offensive Tools 176 | - [x] Defensensive Tools 177 | - [x] Products 178 | - [x] Research Institutes 179 | 180 | 181 | 182 | ## References 183 | - [x] https://scadahacker.com/library/index.html 184 | - [x] https://github.com/demirelcan/awesome-industrial-control-system-security 185 | 186 | --------------------------------------------------------------------------------