This book constitutes the refereed post-conference proceedings of the 6th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2020, the Second International Workshop on Security and Privacy Requirements Engineering, SECPRE 2020, and the Third International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2020, held in Guildford, UK, in September 2020 in conjunction with the 25th European Symposium on Research in Computer Security, ESORICS 2020. Due to COVID-19 pandemic the conference was held virtually The CyberICPS Workshop received 21 submissions from which 5 full papers were selected for presentation. They cover topics related to threats, vulnerabilities and risks that cyber-physical systems and industrial control systems face; cyberattacks that may be launched against such systems; and ways of detecting and responding to such attacks. From the SECPRE Workshop 4 full papers out of 7 submissions are included. The selected papers deal with aspects of security and privacy requirements assurance and evaluation; and security requirements elicitation and modelling and to GDPR compliance. From the ADIoT Workshop 2 full papers and 2 short papers out of 12 submissions are included. The papers focus on IoT attacks and defenses and discuss either practical or theoretical solutions to identify IoT vulnerabilities and IoT security mechanisms.