https://spidercontrol.net/spidercontrol-products/micro-browser-solution/?lang=en

https://i.blackhat.com/eu-19/Wednesday/eu-19-Abbasi-Doors-Of-Durin-The-Veiled-Gate-To-Siemens-S7-Silicon.pdf

https://claroty.com/2021/05/28/blog-research-race-to-native-code-execution-in-plcs/

https://www.cisa.gov/news-events/ics-advisories/icsa-17-101-01

https://www.cisa.gov/news-events/ics-advisories/icsa-19-283-02

https://cache.industry.siemens.com/dl/files/496/68011496/att_917318/v3/68011496_S7-1200_1500_Webserver_DOC_v22_en.pdf

https://literature.rockwellautomation.com/idc/groups/literature/documents/um/1766-um002_-en-p.pdf

https://dl.mitsubishielectric.co.jp/dl/fa/document/catalog/plcf/l08643/l08643-a.pdf

https://www.facebook.com/whitehat/education/false-positives/

https://www.rockwellautomation.com/content/dam/rockwell-automation/sites/downloads/pdf/CIPandPCCC_v1_1.pdf

https://cache.industry.siemens.com/dl/files/710/109747710/att_923140/v6/109747710__IsoOnTcp_BaseComm_V1_en.pdf

https://www.manualslib.com/manual/1258748/Ge-Rx3i.html?page=22

http://www.elmielettromeccanica.it

https://www.wago.com/us/software/webvisu

https://www.se.com/in/en/faqs/FAQ000191672/

https://www.codesys.com/products/codesys-visualization/webvisu.html

https://jlajara.gitlab.io/js-recon

https://developers.google.com/web/fundamentals/primers/service-workers

https://www.w3.org/TR/service-workers/

https://chromium.googlesource.com/chromium/src/+/main/docs/security/service-worker-security-faq.md

https://developer.mozilla.org/en-US/docs/Web/API/FetchEvent/respondWith

https://www.cisa.gov/sites/default/files/publications/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf

https://cache.industry.siemens.com/dl/files/560/59193560/att_898124/v1/s71500_webserver_function_manual_en-US_en-US.pdf

https://html.spec.whatwg.org/multipage/webstorage.html

https://cache.industry.siemens.com/dl/files/663/109798663/att_1070766/v1/PH_SCALANCE-XM-400-XR-500-WBM_76.pdf

https://www.wago.com/us/pfc200

https://www.cisa.gov/uscert/ics/Control_System_Engineering_Workstation-Definition.html

https://support.industry.siemens.com/cs/start?lc=en-US

https://attack.mitre.org/techniques/T1567/

https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/

https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-14-281-01B

https://www.wired.com/story/oldsmar-florida-water-utility-hack/

https://doi.org/10.1145/1920261.1920267

https://shodan.io/

https://amplitude.com/2022-app-vs-website-report#key-takeaways

https://doi.org/10.1145/2914770.2837671

https://github.com/HynekPetrak/javascript-malware-collection

https://wicg.github.io/private-network-access/

https://github.blog/2017-01-19-githubs-post-csp-journey/

https://wiki.mozilla.org/Security/CSP/Confidentiality

https://security.googleblog.com/2012/08/content-hosting-for-modern-web.html

https://zenodo.org/record/8279954

https://github.com/escomplex/complexity-report

https://github.com/pceres/lint_php

https://dwheeler.com/sloccount/

https://ndss-2024-23049.s3.amazonaws.com/index.html

https://github.com/WAGO/pfc-firmware/releases/download/v3.0.39/WAGO_FW0750-8xxx_V030039_IX12_r38974.img

https://github.com/WAGO/pfc-firmware/releases/download/v04.02.13-24/PFC-G2-Linux_sd_V040213_24_r74297.img

https://<wago_ip>/evil.html

http://<ab_ip>/

http://sfbsbx.com

http://support.industry.siemens.com

https://www.arizton.com/market-reports/plc-market-analysis2K.Stouffer,S.Lightman,V.Pillitteri,M.Abrams,andA.Hahn,

https://www.marketsandmarkets.com/Market-Reports/industrial-control-systems-security-ics-market-1273.html5E.D.KnappandJ.T.Langill,IndustrialNetworkSecurity:Securingcriticalinfrastructurenetworksforsmartgrid,SCADA,andotherindustrialcontrolsystems.Syngress,2014.6,

https://media.kaspersky.com/pdf/DataSheetKESB5Myths-ICSSEngWEB.pdf7R.Langner,

https://cms-cdn.selinc.com/assets/Literature/Publications/Application%20Notes/AN2013-24-20130701.pdf?v=20211013-235342[17]T.Sasaki,A.Fujita,C.H.Ga

https://www.energy.gov/sites/prod/

https://www.statista.com/statistics/897201/global-plc-market-share-by-manufacturer/[21]WAGO,

https://github.com/WAGO/pfc-

https://support.industry.siemens.com/cs/document/107539750/

https://www.automation.com/en-us/articles/2003-1/web-based-hmi-an-emerging-trend[24]SpiderControl,

https://spidercontrol.net/spidercontrol-products/micro-browser-solution/?lang=en[25]D.Formby,S.Durbha,andR.Beyah,

https://i.blackhat.com/eu-19/Wednesday/eu-19-Abbasi-Doors-Of-Durin-The-Veiled-Gate-To-Siemens-S7-Silicon.pdf[29]T.Keren,

https://claroty.com/2021/05/28/blog-research-race-to-native-code-execution-in-plcs/[30]CISA,

https://www.cisa.gov/news-events/ics-advisories/icsa-17-101-01[31]

https://www.cisa.gov/news-events/ics-advisories/icsa-19-283-02[32]Siemens,

https://cache.industry.siemens.com/dl/

https://literature.rockwellautomation.com/idc/groups/literature/documents/um/1766-um002-en-p.pdf[34]

https://dl.mitsubishielectric.co.jp/dl/fa/document/catalog/plcf/l08643/l08643-a.pdf[35]R.Automation,

https://literature.rockwellautomation.com/idc/groups/literature/documents/um/1766-um002-en-p.pdf[36]Facebook,

https://www.facebook.com/whitehat/education/false-positives/[37]RockwellAutomation,

https://www.rockwellautomation.com/content/dam/rockwell-automation/sites/downloads/pdf/CIPandPCCCv11.pdf[38]Siemens,

https://www.manualslib.com/manual/1258748/Ge-Rx3i.html?page=22[40]ElmiElettromeccanica,

https://www.wago.com/us/software/webvisu[42]Schneider,

https://www.se.com/in/en/faqs/FAQ000191672/[43]Codesys,

https://www.codesys.com/products/codesys-visualization/webvisu.html[44]R.Madhusudhanetal.,

https://jlajara.gitlab.io/js-recon[47]N.Krithika,

https://developers.google.com/web/fundamentals/primers/service-workers[49]W3C,

https://www.w3.org/TR/service-workers/[50]Google,

https://chromium.googlesource.com/chromium/src/+/main/docs/security/service-worker-security-faq.md[51]Mozilla,

https://developer.mozilla.org/en-US/docs/Web/API/FetchEvent/respondWith[52]CybersecurityandInfrastructureSecurityAgency,

https://www.cisa.gov/sites/default/

http://whatwg.org

https://html.spec.whatwg.org/multipage/webstorage.html[56]Siemens,

https://www.wago.com/us/pfc200[58]CybersecurityandInfrastructureSecurityAgency,

https://www.cisa.gov/uscert/ics/ControlSystemEngineeringWorkstation-De

https://support.industry.siemens.com/cs/start?lc=en-US[60]K.Born,

https://attack.mitre.org/techniques/T1567/[63]K.Zetter,

https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/[64]D.Albright,P.Brannan,andC.Walrond,DidStuxnettakeout1,000centrifugesattheNatanzenrichmentplant?InstituteforScienceandInternationalSecurity,2010.[65]ICSAlert

https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-14-281-01B[66]Wired,

https://www.wired.com/story/oldsmar-

https://doi.org/10.1145/1920261.1920267[71]C.Curtsinger,B.Livshits,B.Zorn,andC.Seifert,

https://shodan.io/[77]Aplitude,

https://amplitude.com/2022-app-vs-website-report#key-takeaways15

https://doi.org/10.1145/2914770.2837671[79]@HynekPetrak,

https://github.com/HynekPetrak/javascript-malware-collection[80]W3CCommunityGroup,

https://wicg.github.io/private-network-access/[81]GithubSecurityEngineering,

https://github.blog/2017-01-19-githubs-post-csp-journey/[82]S.VanAcker,D.Hausknecht,andA.Sabelfeld,

https://wiki.mozilla.org/Security/CSP/Con

https://security.googleblog.com/2012/08/content-hosting-for-modern-web.htmlAPPENDIXI.APPENDIXA.PLCWebCapabilityTrends.Weindependentlycon

http://Facebookhostscustomer-writtencodeonfbsbx.com

http://andGooglehostscustomer-writtencodeongoogleusercontent.com

https://zenodo.org/record/82799542

https://github.com/pceres/lintphp

https://ndss-2024-23049.s3.amazonaws.com/index.html.C.ExperimentWork

http://051Runpython3exploit.py

https://ndss-2024-23049.s3.amazonaws.com/index.html.18

http://gatech.edu

https://dx.doi.org/10.14722/ndss.2024.23049www.ndss-symposium.org