“…Several attack vectors, or a combination of them, can be used to attack an ICS (see Figure 1). For example, an adversary can attack: 1) the HMI machine, by exploiting software vulnerabilities in its OS and application stack, presenting a fake view of the process and causing the operator to issue erroneous commands [21]; 2) the SCADA and/or engineering workstation machine, by exploiting software vulnerabilities and obtaining full control of the ICS, as occurred in the attack in Ukraine [1]; 3) the communication network in the control segment, the remote segment, or between them, by performing eavesdropping, replay, or false packet injection attacks; 4) the PLC, by exploiting software vulnerabilities or trust between the PLC and SCADA -this allows the attacker to change the PLC's logic, influencing the controlled process and causing damage, as in the Stuxnet case; 5) the sensors, by leveraging physical effects, interfering with the measurements, or replacing the sensor with a malicious one, as shown in [22]; 6) the actuators, by altering the signal sent by the actuators to the controlled process, as described in [23]; or, 7) the actuators and communication channels to create a covert channel, as demonstrated in [24]. The threat model assumed in this research considers an adversary whose ultimate goal, regardless of the attack vector, is a physical-level process change.…”