Blog
About

115
views
0
recommends
+1 Recommend
1 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Towards a SCADA Forensics Architecture

      , , ,

      1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013) (ICSCSR)

      ICS & SCADA Cyber Security Research 2013

      16-17 September 2013

      Digital Forensics, SCADA Forensics, Critical Infrastructures, PLC, Process Control, EnCase, Forensic Architecture

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          With the increasing threat of sophisticated attacks on critical infrastructures, it is vital that forensic investigations take place immediately following a security incident. This paper presents an existing SCADA forensic process model and proposes a structured SCADA forensic process model to carry out a forensic investigations. A discussion on the limitations of using traditional forensic investigative processes and the challenges facing forensic investigators. Furthermore, flaws of existing research into providing forensic capability for SCADA systems are examined in detail. The study concludes with an experimentation of a proposed SCADA forensic capability architecture on the Siemens S7 PLC. Modifications to the memory addresses are monitored and recorded for forensic evidence. The collected forensic evidence will be used to aid the reconstruction of a timeline of events, in addition to other collected forensic evidence such as network packet captures.

          Related collections

          Most cited references 3

          • Record: found
          • Abstract: not found
          • Article: not found

          A Taxonomy of Cyber Attacks on SCADA Systems

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            SCADA security in the light of Cyber-Warfare

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              SCADA Systems: Challenges for Forensic Investigators

                Bookmark

                Author and article information

                Contributors
                Conference
                September 2013
                September 2013
                : 12-21
                Affiliations
                EADS Innovation Works Quadrant House Celtic Springs

                Coedkernew, Newport NP10 8FZ UK
                10.14236/ewic/ICSCSR2013.2
                © Tina Wu et al. Published by BCS Learning and Development Ltd. 1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013), Leicester, UK

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013)
                ICSCSR
                1
                Leicester, UK
                16-17 September 2013
                Electronic Workshops in Computing (eWiC)
                ICS & SCADA Cyber Security Research 2013
                Product
                Product Information: 1477-9358 BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article