Abstract: The security assurance capabilities of industrial control systems (ICS) have a very uncoordinated contrast with their important status related to national economy and people's livelihood. To reveal the potential attack structure and methods of ICS, aimed to make ICS defense strategy research more practical and targeted, the research on false data injection (FDI) attack was oriented towards ICS, a kind of covert FDI attack model was created. The false data could be injected in ICS to tamper monitoring variables without affecting the normal communication of ICS. Following the attack model, a verification experiment in the simulation factory of coal-to-methanol shows that the threat actually exists and is difficult to detect. At the same time, the seriousness of the threat is analyzed and the defense measures are discussed.