ICS Technique Matrix 

Initial AccessExecutionPersistenceEvasionDiscoveryLateral MovementCollectionCommand and ControlInhibit Response FunctionImpair Process ControlImpact
Data Historian CompromiseChange Program StateHookingExploitation for EvasionControl Device IdentificationDefault CredentialsAutomated CollectionCommonly Used PortActivate Firmware Update ModeBrute Force I/ODamage to Property
Drive-by CompromiseCommand-Line InterfaceModule FirmwareIndicator Removal on HostI/O Module DiscoveryExploitation of Remote ServicesData from Information RepositoriesConnection ProxyAlarm SuppressionChange Program StateDenial of Control
Engineering Workstation CompromiseExecution through APIProgram DownloadMasqueradingNetwork Connection EnumerationExternal Remote ServicesDetect Operating ModeStandard Application Layer ProtocolBlock Command MessageMasqueradingDenial of View
Exploit Public-Facing ApplicationGraphical User InterfaceProject File InfectionRogue Master DeviceNetwork Service ScanningProgram Organization UnitsDetect Program State Block Reporting MessageModify Control LogicLoss of Availability
External Remote ServicesMan in the MiddleSystem FirmwareRootkitNetwork SniffingRemote File CopyI/O Image Block Serial COMModify ParameterLoss of Control
Internet Accessible DeviceProgram Organization UnitsValid AccountsSpoof Reporting MessageRemote System DiscoveryValid AccountsLocation Identification Data DestructionModule FirmwareLoss of Productivity and Revenue
Replication Through Removable MediaProject File Infection Utilize/Change Operating ModeSerial Connection Enumeration Monitor Process State Denial of ServiceProgram DownloadLoss of Safety
Spearphishing AttachmentScripting    Point & Tag Identification Device Restart/ShutdownRogue Master DeviceLoss of View
Supply Chain CompromiseUser Execution    Program Upload Manipulate I/O ImageService StopManipulation of Control
Wireless Compromise     Role Identification Modify Alarm SettingsSpoof Reporting MessageManipulation of View
      Screen Capture Modify Control LogicUnauthorized Command MessageTheft of Operational Information
        Program Download  
        Rootkit  
        System Firmware  
        Utilize/Change Operating Mode