This paper presents a secure control framework for resource-limited adversaries in networked control systems. The framework models and analyzes attack scenarios based on the adversary's system knowledge, disclosure, and disruption resources. It introduces an attack space defined by these three dimensions, and demonstrates how various attack types, such as denial-of-service, replay, zero-dynamics, and bias injection attacks, can be analyzed within this framework. The paper also describes the attack policies for each scenario and characterizes the attack impact using the concept of safe sets. An experimental setup based on a quadruple-tank process controlled over a wireless network is used to illustrate the attack scenarios, their consequences, and potential countermeasures. The paper discusses the importance of considering both cyber and physical threats in networked control systems. It highlights the vulnerability of cyber-physical systems to cyber attacks that can influence physical processes through feedback actuation. The framework is applied to analyze different attack scenarios, including denial-of-service, replay, zero-dynamics, and bias injection attacks. The paper also introduces the concept of safe regions of the state space to formalize attack goals and analyze the impact of attacks on the system's physical state. The paper presents a detailed model of the networked control system, including the physical plant, feedback controller, and anomaly detector. It describes the adversary model, which includes the adversary's system knowledge, disclosure resources, and disruption resources. The paper also discusses the impact of different types of attacks on the system, including physical attacks, data deception attacks, and the effects of these attacks on the anomaly detector. The paper analyzes several attack scenarios, including denial-of-service, replay, zero-dynamics, and bias injection attacks. For each scenario, the paper describes the attack policy, the attack performance, and the adversary's capabilities along each dimension of the attack space. The paper also presents experimental results on a process control testbed to illustrate the attack scenarios and their consequences. The paper concludes with a discussion of the implications of the findings for the design and analysis of secure control systems.This paper presents a secure control framework for resource-limited adversaries in networked control systems. The framework models and analyzes attack scenarios based on the adversary's system knowledge, disclosure, and disruption resources. It introduces an attack space defined by these three dimensions, and demonstrates how various attack types, such as denial-of-service, replay, zero-dynamics, and bias injection attacks, can be analyzed within this framework. The paper also describes the attack policies for each scenario and characterizes the attack impact using the concept of safe sets. An experimental setup based on a quadruple-tank process controlled over a wireless network is used to illustrate the attack scenarios, their consequences, and potential countermeasures. The paper discusses the importance of considering both cyber and physical threats in networked control systems. It highlights the vulnerability of cyber-physical systems to cyber attacks that can influence physical processes through feedback actuation. The framework is applied to analyze different attack scenarios, including denial-of-service, replay, zero-dynamics, and bias injection attacks. The paper also introduces the concept of safe regions of the state space to formalize attack goals and analyze the impact of attacks on the system's physical state. The paper presents a detailed model of the networked control system, including the physical plant, feedback controller, and anomaly detector. It describes the adversary model, which includes the adversary's system knowledge, disclosure resources, and disruption resources. The paper also discusses the impact of different types of attacks on the system, including physical attacks, data deception attacks, and the effects of these attacks on the anomaly detector. The paper analyzes several attack scenarios, including denial-of-service, replay, zero-dynamics, and bias injection attacks. For each scenario, the paper describes the attack policy, the attack performance, and the adversary's capabilities along each dimension of the attack space. The paper also presents experimental results on a process control testbed to illustrate the attack scenarios and their consequences. The paper concludes with a discussion of the implications of the findings for the design and analysis of secure control systems.