Re: Option: shut down the line.
Most machines in most factories can be shut down and have the PLC CPU module replaced. PLCs do fail and have to be replaced. It's a routine maintenance procedure.
If you have a process that is still running (since if it's not running, it's already shut down anyway) and absolutely must not shut down, then the system should be one that has redundant CPUs. These are off the shelf products made for this situation. You shut down one CPU and let it fail over to the other, replace it, then do the same to the other one.
As for the story's "a response plan could involve keeping backups of critical programs on the premise", any competently managed factory will already have that. Again, PLCs do fail naturally, and always have. Sometimes it's not even the hardware which failed, sometimes the program has become corrupted by voltage spikes, or drop outs, or some other reason.
The real problem which factories would face in this situation is diagnosing what is going wrong. Industrial networks don't normally have the sort of network monitoring equipment which would make this easy.
The best approach for concerned factory engineers and managers to take however would be to isolate each machine or node as much as possible to ensure that they have little opportunity to interfere with each other. This is just good industrial control design practice regardless of whether you are dealing with malware or not.
If you need to have systems communicating with each other, give them only very limited connectivity (via firewalls or other systems) rather than putting everything on a "flat" network such as vendors seem to like to show in their brochures. Many PLCs will fall over if you just accidentally bombard them with "too much" traffic, so again this is prudent system design for reliability regardless of whether you are concerned about maiware or not.