Week 15: Identify OT Cyber Incidents That Could Cause High Consequence Events

7 Apr 2025 | A Year In OT Security

This week’s task builds on the information collected in the previous five weeks and provides a key output for your OT security program. It identifies the high consequence events that could be caused by a cyber incident if an attacker gains access to and control of OT. This is what the company’s risk management program is focused on preventing. 

  • In Week 13 you identified the high consequence events (really bad things) that could happen in Operations.
  • In Week 14 you identified cases where the safety and protection devices and systems in place to prevent the high consequence events could fail due to a cyber attacker on the OT network.
  • This week you will write up a cyber incident scenario that could cause the high consequence event.

A glass factory example:

High Consequence Event 

The material in the line becomes too hot. This will result in either a) the production line melting or b) the emergency stop button being pressed to cut off the heat. In both the a and b cases, the production line will be destroyed causing a high consequence event in the financial and customer impact categories. This event also introduces a possible high consequence event in human safety.

Cyber Safety or Protection Component

A PLC on the OT network is monitoring the temperature of material on the production line. There is a control loop to keep this temperature in a safe range. The operators can also see and lower the temperature to override the control loop.

Failure Scenario

An attacker gains access to the OT network. They send a command to the PLC that controls the heat to raise the heat source to its highest level and then bricks the PLC. Crashes the PLC in a way that can’t be rebooted or restored without return to manufacturer. There is no way to turn down the heat and the production line is destroyed.

_________

Now it’s your turn. Discuss with the key engineers all the safety and protection devices and systems identified in Week 14 that could be disabled from OT and fill out the items below.

High Consequence Event

Cyber Safety or Protection Component

Failure Scenario 1

High Consequence Event

Cyber Safety or Protection Component

Failure Scenario 2

High Consequence Event

Cyber Safety or Protection Component

Failure Scenario 3