Beacon Security
AutomotiveSecurity Assessment

360-Degree OT Security Assessment for an Automotive Assembly Plant

March 10, 2025

Background

An automotive assembly plant operating four production lines including body shop, paint shop, general assembly, and final inspection had never conducted a formal OT cybersecurity assessment. The facility ran over 200 OT devices including robotic welding cells, conveyor PLCs, paint booth controllers, vision inspection systems, torque monitoring stations, and a plant-wide MES.

Following a cybersecurity incident at a peer facility in the same automotive group that caused a 36-hour production stoppage, the Group CISO mandated all assembly plants to complete a comprehensive OT security assessment within 6 months. The Plant Director engaged Beacon Security to conduct a full 360-degree assessment and deliver a prioritized roadmap.

Note: All identifying details have been removed to protect client confidentiality.

The Challenge

No Baseline of Any Kind The facility had never catalogued its OT assets in a structured format. Maintenance had spreadsheets tracking PLC models for spare parts, but there was no unified inventory covering firmware versions, network addresses, communication flows, or criticality ratings. The engineering team estimated 160 devices on the production network.

Fragmented Ownership Four different teams touched the OT environment: plant engineering managed PLCs and robotics, IT managed the network switches and firewalls, maintenance handled HMIs and field instruments, and an external integrator managed the MES. Nobody had a complete picture. Security responsibilities were undefined.

Legacy and Modern Systems Side by Side The body shop ran PLCs commissioned 14 years ago with no vendor security patches available. The final inspection line used modern vision systems with cloud connectivity features enabled by default. Both shared the same flat network.

No Documented Processes No change management for PLC programs. No access control policy for engineering workstations. No incident response plan. No backup schedule for controller configurations. Changes were made ad hoc and documented only in personal notebooks.

Our Approach

The assessment was structured as a true 360-degree review covering four dimensions: technical infrastructure, operational processes, organizational readiness, and physical environment.

Phase 1: Technical Review (Weeks 1-3)

Passive monitoring deployed at 8 network collection points captured traffic across all four production lines for two full weeks:

  • 218 communicating devices identified on the OT network, 58 more than the engineering team's estimate
  • 34 devices running firmware with known vulnerabilities
  • 12 undocumented communication flows crossing the IT/OT boundary
  • 4 devices with active internet connectivity, including 2 vision systems uploading diagnostic data to vendor cloud platforms

Network architecture was mapped end to end, covering every switch, firewall, VLAN, and wireless access point. Firewall rules were reviewed and 23 rules were found to be overly permissive.

Phase 2: Process Review (Weeks 3-4)

Every operational process touching the OT environment was evaluated against IEC 62443 requirements:

  • Change management: no formal process existed. PLC program changes were made directly with no approval or rollback procedure
  • Access control: 3 shared engineering accounts used by 11 people across all shifts
  • Backup: only the MES server had automated backups. No PLC program backups existed for 2 of the 4 production lines
  • Patch management: no structured process. Patches were applied only when a vendor was on-site for other work
  • Vendor management: the MES integrator had persistent VPN access with no session logging or time restrictions

Phase 3: Stakeholder Interviews and Plant Walkthrough (Weeks 4-5)

Structured interviews were conducted with 22 individuals across 5 departments: plant engineering, IT, maintenance, operations, and plant management.

Key findings from interviews:

  • Operations staff reported 3 unexplained PLC faults in the previous 12 months that were never root-caused
  • Maintenance confirmed USB drives were used routinely to transfer PLC programs with no scanning or controls
  • IT acknowledged they had no visibility into OT network traffic and no tools to monitor it

The physical plant walkthrough covered all 4 production lines, control cabinets, server rooms, and network distribution points:

  • 6 unlocked control cabinets with exposed USB and serial ports in publicly accessible areas
  • 2 wireless access points installed by a contractor that did not appear in any network documentation
  • Network cabling in the body shop running through areas exposed to welding spatter and heat

Phase 4: Maturity and Gap Assessment (Week 6)

All findings were consolidated into a structured maturity assessment mapped against IEC 62443:

  • Overall maturity: Level 1 across all assessed domains
  • Strongest area: physical safety systems (due to existing functional safety compliance)
  • Weakest areas: access control, change management, and network security
  • 67 individual gaps identified across 8 assessment domains

An asset criticality matrix was developed classifying all 218 devices by their impact on safety, production continuity, quality, and environmental compliance.

Phase 5: Roadmap Development and Governance Model (Weeks 7-8)

A 15-month remediation roadmap was built in three phases:

Short Term (Months 1-5): Quick wins and critical risk reduction

  • Eliminate shared credentials and deploy individual accounts
  • Remove unauthorized wireless access points
  • Implement PLC program backup across all lines
  • Disable unnecessary internet connectivity on OT devices
  • Lock control cabinets and restrict physical USB access

Medium Term (Months 6-10): Infrastructure and process hardening

  • Network segmentation into dedicated zones per production line
  • Firewall rule optimization and allow-list implementation
  • Formal change management process deployment
  • Vendor access consolidation with session logging
  • OT monitoring deployment at zone boundaries

Long Term (Months 11-15): Maturity and governance

  • Security metrics dashboard and KPI tracking
  • Annual assessment cycle and continuous improvement process
  • Workforce training program with role-based competency testing
  • Integration with corporate security operations

A RACI governance model was defined assigning clear responsibilities across all 5 departments for every security domain. The Plant Director was designated as the OT security sponsor with a quarterly review cadence.

Tabletop Exercise (Week 8)

A ransomware tabletop exercise was conducted with representatives from all 5 departments. The scenario simulated ransomware spreading from a compromised engineering workstation to production PLCs. The exercise exposed that no department had a clear role in OT incident response and that the only documented procedure was to call IT. Response procedures were drafted and included in the final deliverable package.

Key Findings

Unauthorized Cloud Connectivity Two vision inspection systems on the final inspection line were actively uploading diagnostic data to vendor cloud servers. The data included production images and quality parameters. This connectivity had never been authorized or documented.

Action: Cloud connectivity disabled immediately. Data flow routed through the approved IT/OT DMZ with content filtering.

Missing PLC Backups The body shop and paint shop production lines had no PLC program backups. A controller failure on either line would require the integrator to reprogram from scratch, estimated at 3 to 5 days of downtime per line.

Action: Prioritized as the first remediation item. Emergency backup of all PLC programs completed within 2 weeks of assessment completion.

Outcome

The assessment gave the facility a documented, evidence-based view of its OT security posture that had never existed before. The Group CISO approved the 15-month roadmap and allocated budget for execution.

Deliverables Provided:

  • Asset Criticality Matrix covering all 218 OT devices with safety, production, quality, and environmental impact ratings
  • Risk Register with 67 entries scored by likelihood and consequence
  • Network Security Review documenting all architecture gaps, overly permissive rules, and unauthorized connections
  • Maturity and Gap Assessment mapped against IEC 62443 across 8 domains
  • 15-month Remediation Roadmap in 3 phases with milestones and resource requirements
  • Governance and Ownership Model (RACI) assigning responsibilities across 5 departments
  • Tabletop Exercise Report documenting a ransomware scenario walkthrough with all department leads

Results:

  • 218 assets discovered and profiled from a baseline of zero
  • 67 security gaps identified and prioritized for remediation
  • 2 unauthorized cloud connections eliminated
  • Emergency PLC backup completed for 2 previously unprotected production lines
  • Governance structure established with quarterly review cadence
  • Roadmap adopted as the template for 3 additional plants in the automotive group

Beacon Security conducts 360-degree OT security assessments for automotive and discrete manufacturing facilities. Contact us to discuss your assessment requirements.

Back to Case Studies
Industrial infrastructure
OT Cybersecurity Experts

Your OT Environment Deserves
Expert Protection

IT security tools were not built for Modbus, OPC, or safety-rated controllers. Get a dedicated OT cybersecurity team that understands industrial protocols, control system architecture, and the operational constraints of your environment.

Book an Assessment+91 98259 94220
IEC/ISA 62443 Aligned
NIST 800-82 Compliant
OTCC Ready
ECC Aligned
Zero Operational Disruption