Cyber attacks on Critical National Infrastructure (CNI) can be hugely detrimental to society, notably via compromising Industrial Control Systems (ICS) that underpin core CNI functions. In order to explore in-depth ICS Cyber Security challenges, testbeds are an essential tool, avoiding the need to experiment exclusively on live systems. However, ICS testbed creation is a complex multidisciplinary challenge, with a plethora of conflicting requirements. This paper, based on over six years of ICS testbed research and development that spans multiple diverse applications, proposes a flexible high-level model that can be adopted to support ICS testbed development. This is complemented by a baseline set of practical implementation guidance incorporating related and emerging technologies. As a collective, the model and implementation guidance offers a go-to guide for a wide range of end-users. Furthermore, it provides a coherent foundational structure towards establishing an online "living" resource, which can be expanded over time through broader community engagement.