This assessment helps evaluate potential cybersecurity risks across OT network infrastructures commonly found in manufacturing and industrial automation environments. The results provide a general overview of potential risk areas and highlight where additional security controls or mitigation measures may be required to maintain reliable and secure industrial operations.
For each risk scenario, rate the likelihood of occurrence and the potential operational impact using a scale from 1 to 3. The system will automatically calculate your overall OT network risk level.
Note: This assessment serves as an overview reference and does not cover all OT network scenarios. For more comprehensive guidance on strengthening OT network security, please contact Moxa experts.
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| A-1 | Broadcast storm caused by uncontrolled network traffic | PLC control packets delayed, causing abnormal production behavior or production line stoppage | |||
| A-2 | Layer-2 loop caused by network misconfiguration | Entire production network disrupted, HMI–PLC communication failure | |||
| A-3 | ARP spoofing attack within the OT network | PLC control packets intercepted or manipulated, causing incorrect equipment operation | |||
| A-4 | MAC address table flooding attack on switches | MAC table flooding forces switches into fail-open behavior, leading to packet flooding and unreliable device communication | |||
| A-5 | Rogue DHCP server assigning unauthorized IP addresses | Loss of SCADA visibility due to unauthorized IP address assignment | |||
| A-6 | Cyberattack propagation from IT networks into OT networks | IT ransomware spreading into OT network, causing full plant shutdown | |||
| A-7 | Denial-of-Service (DoS) attack targeting network devices | Industrial network congestion prevents SCADA from issuing control commands | |||
| A-8 | Unauthorized routing between OT network zones | Unauthorized cross-zone access to PLCs and modification of control logic | |||
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| B-1 | Engineering workstation compromised by malware | PLC control packet delays causing abnormal production behavior or line stoppage | |||
| B-2 | Unauthorized PLC firmware upgrade or modification | Unauthorized firmware changes can cause PLC malfunction, or unexpected process disruption | |||
| B-3 | Misconfigured HMI access control permissions | Allows unauthorized operators to issue incorrect PLC control packets, causing improper equipment operation | |||
| B-4 | Unsecured OT communication (like Modbus TCP) between control systems | Communication can be intercepted or manipulated, leading to falsified data and incorrect control decisions | |||
| B-5 | Legacy control software with known vulnerabilities | Legacy control software may allow attackers to manipulate OT systems | |||
| B-6 | Compromised remote maintenance laptop accessing OT network | IT ransomware spreading into the OT network, causing full plant shutdown | |||
| B-7 | PLC program download without audit or authorization | Introduce malicious or faulty logic, leading to unsafe or unstable operations | |||
| B-8 | Privilege misuse on engineering workstations | Attackers gaining cross-zone access to PLCs and modifying control logic | |||
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| C-1 | Unauthorized maintenance personnel accessing control equipment | Unauthorized personnel access can lead to a PLC program being implanted with malicious logic | |||
| C-2 | Network cable intentionally or accidentally unplugged | Disconnected network links can interrupt PLC–HMI communication, causing loss of control or process disruption | |||
| C-3 | Temporary maintenance switch left connected to the network | Uncontrolled maintenance devices can introduce unauthorized access paths or bypass network segmentation controls | |||
| C-4 | Failure to detect abnormal network port activity in time | Control data manipulated or altered | |||
| C-5 | Field switch physically tampered with | Create unauthorized access points within the OT network | |||
| C-6 | Unauthorized laptop connected to industrial switch | Introduce malware or enable unauthorized access to control systems | |||
| C-7 | Industrial PC replaced by unauthorized device | Production parameters modified or manipulated control data | |||
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| D-1 | Insecure serial-to-Ethernet gateway exposing legacy devices | PLC serial port remotely accessed | |||
| D-2 | Unsecured remote access to industrial devices | Contractor account compromised and used to remotely control equipment | |||
| D-3 | Insecure serial gateway configuration | PLC serial port remotely controlled | |||
| D-4 | Cellular router using weak authentication mechanisms | External attackers gaining access to the OT network | |||
| D-5 | Edge gateway exposed directly to the internet | Allow attackers to discover and access industrial devices, increasing intrusion risk | |||
| D-6 | Legacy serial protocols lacking authentication or encryption | Unauthorized commands issued to control equipment | |||
| D-7 | Remote firmware upgrade mechanism abused to deploy malicious code | Malicious firmware implanted in devices | |||
| D-8 | Edge device credentials leaked or improperly stored | Unauthorized remote login to devices | |||
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| E-1 | Use of outdated or insufficient WLAN encryption mechanisms | Weak wireless protection increases the risk of unauthorized access, traffic interception, or credential compromise | |||
| E-2 | Unauthorized wireless clients connecting to the industrial WLAN | Unauthorized devices access to the control network | |||
| E-3 | WLAN signal interference affecting device connectivity | AGV or mobile device communication interrupted | |||
| E-4 | Unstable or unsecured WLAN roaming between access points | Temporary disconnections during devices roaming between access points | |||
| E-5 | Cellular communication instability or unexpected connection drops | Loss of remote connectivity for mobile devices | |||
| E-6 | Unauthorized probing or access attempts over cellular connections | External attackers identify exposed devices, services, or communication paths in the OT network | |||
| E-7 | Cellular remote access without secure encryption | Traffic interception or unauthorized remote access to OT systems | |||
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| F-1 | Electrical noise affecting industrial network devices | Communication errors occurring in the network | |||
| F-2 | Lightning surge damaging network infrastructure | Network equipment damaged | |||
| F-3 | Cooling fan failure in network equipment | Switch overheating | |||
| F-4 | Industrial dust accumulation inside equipment | Reduced device cooling performance | |||
| F-5 | Long-term mechanical vibration affecting device reliability | Loose network connectors causing unstable connections | |||
| Security Threat | Operational Impact | Risk Level | |||
|---|---|---|---|---|---|
| Threat | Likelihood of Occurrence |
Impact | Impact Level |
||
| G-1 | Lack of asset inventory for network devices and connected assets | Unknown or unauthorized devices connected to the network due to limited asset visibility | |||
| G-2 | Lack of real-time network monitoring for abnormal activity | Delayed detection of abnormal traffic or cybersecurity incidents | |||
| G-3 | Lack of OT network topology visibility | Difficulty locating faults or affected devices during network anomalies | |||
| G-4 | Lack of network performance monitoring | Failure to detect bandwidth saturation or performance bottlenecks | |||
| G-5 | Lack of redundancy monitoring | Undetected redundancy failures leading to reduced system reliability | |||
| G-6 | Lack of centralized event logging | Inability to trace security events or perform incident investigation | |||
| G-7 | Lack of configuration tracking and backups | Inability to detect unauthorized configuration changes and manual reconfiguration required after device failures | |||
| Risk Level | Low | Medium | High |
|---|---|---|---|
| A. Network Risk | 0 | 0 | 0 |
| B. Endpoint Risk | 0 | 0 | 0 |
| C. Physical Security Risk | 0 | 0 | 0 |
| D. Edge Connectivity Risk | 0 | 0 | 0 |
| E. Wireless Connectivity Risk | 0 | 0 | 0 |
| F. Environment Risk | 0 | 0 | 0 |
| G. Management Risk | 0 | 0 | 0 |
A low-risk result doesn’t mean zero risk. OT environments continuously evolve, and risks can emerge over time. Each identified risk reflects hidden exposure that can be reduced or eliminated with the right approach. Regular assessment and continuous risk mitigation are essential to maintain secure and reliable operations.
Moxa is here to support your journey toward secure OT networks.
Disclaimer: This Assessment (the “Tool”) is a self-assessment tool provided by Moxa for informational purposes only. It maps common security best practices to device capabilities but does not constitute a comprehensive security audit or penetration test. The results do not constitute professional security, technical, or legal advice.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE TOOL IS PROVIDED “AS IS” WITHOUT ANY WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. MOXA DOES NOT WARRANT THAT THE TOOL WILL BE ERROR-FREE, ACCURATE, COMPLETE, OR UNINTERRUPTED. WE SPECIFICALLY DISCLAIM ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
IN NO EVENT SHALL MOXA BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF THIS TOOL, INCLUDING BUT NOT LIMITED TO LOSS OF DATA, SYSTEM DOWNTIME, OR FINANCIAL LOSS RESULTING FROM SECURITY BREACHES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.