As　security　threats　to　industrial　control　systems　become　more　prevalent,　it　is　imperative　to　deploy　effective　intrusion-detection　systems.　However,　the　existing　methods　are　insufficient　for　addressing　contemporary　attacks.　Rule-based　methods　are　heavily　dependent　on　manual　settings,　and　the　covertness　of　attacks　poses　challenges　to　rule　effectiveness.　Machine　and　deep　learning　methods　exhibit　low　interpretability　owing　to　their　complex　designs,　and　the　semantic　gap　between　the　model　and　the　actual　operational　interpretation　limits　their　applicability.　To　mitigate　these　shortcomings,　we　propose　an　abnormal　logical　representation　learning　(ALRL)　intrusion　detection　method　for　industrial　control　systems.　ALRL　contains　a　specific　lightweight　neural　network　and　employs　knowledge　distillation　to　achieve　high　classification　ability.　More　importantly,　it　can　generate　effective　and　concise　intrusion　detection　rules　directly　from　the　learned　knowledge　of　the　model.　The　hierarchical　model　structure　and　residual　connections　ensure　high　interpretability　of　the　rules.　Experiments　conducted　on　two　publicly　available　industrial　control　datasets　demonstrate　that　ALRL　can　classify　attacks　with　an　excellent　performance.　In　addition,　the　logical　rules　generated　by　ALRL　can　effectively　detect　all　types　of　attacks　and　exhibit　good　interpretability.　IEEE