Industrial control systems (ICS) monitor and operate critical infrastructures via logic implemented on their component devices — e.g., programmable logic controllers (PLCs). The PLC code may be maliciously modified in different ways, e.g., through runtime memory modification or tampering with the binary code. Once the PLC code is modified, the safety and security of CPS can be compromised. This project seeks to develop practical defender attestation techniques that can be applied to iTrust ICS testbeds and eventually to real-world systems. The developed solution will be able to cope with the lack of hardware support and software privilege and also ensure that attestation does not affect the ICS operations. We will also play the role of attacker to develop advanced techniques for attacking existing attestation techniques and co-evolve the defender and attacker to develop effective attestation techniques that are resilient against the sophisticated attackers.