Command messages are used in ICS networks to give direct instructions to control systems devices. If an adversary can send an unauthorized command message to a control system, then it can instruct the control systems device to perform an action outside the normal bounds of the device’s actions. Devices should authenticate all messages between master and outstation assets. Protocols used for control functions should provide authenticity through MAC functions or digital signatures. Use host-based allowlists to prevent devices from accepting connections from unauthorized systems.”]
Source: https://collaborate.mitre.org/attackics/index.php/Technique/T0855

