The article considers the possibility of using EPC diagram to build scenarios of information security (InfoSec) threats in industrial control system (ICS). In accordance with regulatory and legal documents, if there is a scenario of an InfoSec threat, it is recognized as relevant to the information system and is included in the InfoSec threat model to justify the choice of measures and means of information protection. The methodology of building scenarios of threat realization in the form of EPC models is proposed. The construction of EPC models of attack scenarios on industrial network infrastructure components is based on the establishment of possible objects of impact taking into account the architecture of the ICS, identification of possible vulnerabilities of infrastructure components and means of protection on the way to the threat’s implementation, determination of possible tactics and techniques, threats, lists of which are presented in methodological documents. The results of the development of several scenario models of computer attacks on the enterprise infrastructure, including an attack over wireless channel of communication with the field level are presented.