Cyber-physical systems (CPSs) are complex systems that involve technologies such as control, communication, and computing. Nowadays, CPSs have a wide range of applications in smart cities, smart grids, smart manufacturing and intelligent transportation. However, with integration of industrial control systems with modern communication technologies, CPSs would be inevitably exposed to increasing security threats, which could lead to severe degradation of the system performance and even destruction of CPSs. This paper presents a survey on recent advances on security issues of industrial cyber-physical systems (ICPSs). We specifically discuss two typical kinds of attacks, i.e., Denial-of-Service (DoS) attack and Deception attack, and present recent results in terms of attack detection, estimation, and control of ICPSs. Classifications of current studies are analyzed and summarized based on different system modeling and analysis methods. In addition, advantages and disadvantage of various methodologies are also discussed. Finally, the paper concludes with some potential future research directions on secure ICPSs.