So far, we focused on the first strategy for defending cyber attack on the SCADA/ICS systems, which is the physical/logical network separation. There are many literatures related to this topic. In order not to be overwhelmed by an excess of documents, I selected a few of them by which I hope you can get some help and directions to grasp the part and parcel of the issues we discussed in the class
1. Concept and model
Among many documents, I recommend this one as a launchpad, since it explains the general ideas underlining the ICS system security, especially touching the subject of the network separation approach.
This ISA report deals with security technologies, so you can have an overview of various technologies involving the ICS security.
2. Firewall and Intrusion Detection System(IDS)
Firewall and Intrusion Detection System(IDS) are two widely used security tools for network separation:.
This technical report is easy to understand how a firewall works and what peculiar features should be considered in the context of the SCADA/ICS system.
Here are the academic papers if you are interested.
For IDS, this is a good survey about the IDS/IPS.
And more about the SCADA-specific IDS.
3. Case studies
I listed 3 case studies for cyber attack incidents.
4. Cyber kill chain
And I also include some references related to the cyber kill chain which I explained as an attack model in the class. Not much special in these documents, but who knows if you are interested.