In order to guarantee the security of industrial control system (ICS) processes, the proper functioning of the programmable logic controllers (PLCs) must be ensured. In particular, cyberattacks can manipulate the PLC control logic program and cause terrible damage that jeopardize people's life when bringing the state of the critical system into an unreliable state. Unfortunately, no remote attestation technique has yet been proposed that can validate the PLC control logic program using a physics-based model that demonstrates device behavior. In this article, we propose PLCDefender, a mitigation method that combines hybrid remote attestation technique with a physics-based model to preserve the control behavior integrity of ICS. We implemented PLCDefender and evaluated its effectiveness against a wide range of attacks on a secure water treatment facility. As our evaluation shows, we can model PLC physical behavior with accuracy as high as 98%. The evaluation results show that by determining the different threshold values, PLCDefender can accurately detect a wide range of attack scenarios on PLCs.