This paper introduces a secure control framework for resource-limited adversaries in cyber-physical systems. It models and analyzes various attack scenarios, including denial-of-service (DoS), replay, zero-dynamics, and bias injection attacks, within a networked control system architecture. The framework characterizes the attack space based on the adversary's system knowledge, disclosure resources, and disruption resources. The paper also describes the attack policies for each scenario and evaluates their impact using safe sets. Experimental results from a quadruple-tank process controlled over a wireless network illustrate the attack scenarios, their consequences, and potential countermeasures. Key contributions include the formalization of attack goals using safe regions and the analysis of additional attack scenarios. The paper extends previous work by providing more detailed analysis of attack performance and additional results for zero-dynamics and bias injection attacks.This paper introduces a secure control framework for resource-limited adversaries in cyber-physical systems. It models and analyzes various attack scenarios, including denial-of-service (DoS), replay, zero-dynamics, and bias injection attacks, within a networked control system architecture. The framework characterizes the attack space based on the adversary's system knowledge, disclosure resources, and disruption resources. The paper also describes the attack policies for each scenario and evaluates their impact using safe sets. Experimental results from a quadruple-tank process controlled over a wireless network illustrate the attack scenarios, their consequences, and potential countermeasures. Key contributions include the formalization of attack goals using safe regions and the analysis of additional attack scenarios. The paper extends previous work by providing more detailed analysis of attack performance and additional results for zero-dynamics and bias injection attacks.