Cyber-Physical Attack Recovery Procedures: A Step-by-Step Preparation and Response Guide

Posted on by Ben Rothke

Dr. Karyn Hall wrote The Emotionally Sensitive Person: Finding Peace When Your Emotions Overwhelm You to help such people identify emotional triggers, and to develop strong and healthy identity without becoming upset. When it comes to the world of building equipment, while these systems look tough and resilient on the outside, they are often quite sensitive and vulnerable.

In Cyber-Physical Attack Recovery Procedures: A Step-by-Step Preparation and Response Guide (Apress Publishing ISBN 978-1484220641), Luis Ayala has written a most-helpful and informative guide on how to deal with security around building control systems (BCS). Ayala takes the approach that it’s inevitable that attackers will penetrate these systems, and when that occurs, the outcome can be devastating. Small adjustments of a few degrees, or a few pounds of water pressure in the wrong way, can have catastrophic and life-threatening ramifications.


With about 50 pages of text and 100 pages of checklists, the book is a quick read. The challenge for the information security staff is to get building engineers and managers, architects and their teams to understand and deal with the risks of leaving these systems in their insecure configurations. At many firms, the CISO needs to convince the head of physical security to put these requisite security controls in place. Security can no longer be an afterthought.

The book details the many methods of attack against pressure vessels, chillers, cooling towers, switchgear gas fuel trains and similar equipment. It also details the ways in which you can prevent attackers from destroying these expensive systems.

The checklists in the book, available on the book's companion website, are quite helpful. Ayala has a number of rapid inspection checklists that can be used to document the condition of building equipment and determine how risky of a state they are in.

While there doesn’t seem to have been many BCS attacks to date, the risk is increasing as these systems are being connected to corporate networks. The potential for a complete building shutdown—which has the capacity to lock out hundreds of firms and thousands of employees—is something that all building managers need to consider.

For those in building management who may not be convinced of the risks, the cyber-attack trees the book details for chillers, air handling units and electrical switchgear should quiet even the most disconcerting voices.

Ayala certainly knows his topics and lays them out well. The only minor issue with the book is that the author at times uses acronyms without defining them.

For anyone concerned about keeping attackers out of their building control systems, Cyber-Physical Attack Recovery Procedures: A Step-by-Step Preparation and Response Guide is a most helpful and long overdue guide.

Ben Rothke

Senior Information Security Manager, Tapad

critical infrastructure cyber warfare & cyber weapons security operations

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community