This document summarizes recent updates and future plans for ATT&CK for ICS, which provides threat modeling for industrial control systems. Key points include: new mitigation techniques have been added and mapped to standards; ATT&CK for ICS is now represented in STIX and the ATT&CK Navigator; additional ICS data sources will be profiled; and real-world ICS attacks will be mapped to enterprise attack techniques. Feedback is sought on how to improve ATT&CK for ICS and its use of mitigations and characterization of data sources.