ICS Tactics H Tactics Techniques Technique Matrix Software Groups
| Name | Description |
| Collection | The adversary is trying to gather data of interest and domain knowledge on your ICS environment to inform their goal. |
| Command and Control | The adversary is trying to communicate with and control compromised systems, controllers, and platforms with access to your ICS environment. |
| Discovery | The adversary is trying to figure out your ICS environment. |
| Evasion | The adversary is trying to avoid being detected. |
| Execution | The adversary is trying to run malicious code. |
| Impact | The adversary is trying to manipulate, interrupt, or destroy your ICS systems, data, and their surrounding environment. |
| Impair Process Control | The adversary is trying to manipulate, disable, or damage physical control processes. |
| Inhibit Response Function | The adversary is trying to prevent your safety, protection, quality assurance, and operator intervention functions from responding to a failure, hazard, or unsafe state. |
| Initial Access | The adversary is trying to get into your ICS environment. |
| Lateral Movement | The adversary is trying to move through your ICS environment. |
| Persistence | The adversary is trying to maintain their foothold in your ICS environment. |