1,923
views
0
recommends
+1 Recommend
1 collections
    0
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Towards a SCADA Forensics Architecture

      Published
      proceedings-article
      , , ,
      1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013) (ICSCSR)
      ICS & SCADA Cyber Security Research 2013
      16-17 September 2013
      Digital Forensics, SCADA Forensics, Critical Infrastructures, PLC, Process Control, EnCase, Forensic Architecture
      Bookmark

            Abstract

            With the increasing threat of sophisticated attacks on critical infrastructures, it is vital that forensic investigations take place immediately following a security incident. This paper presents an existing SCADA forensic process model and proposes a structured SCADA forensic process model to carry out a forensic investigations. A discussion on the limitations of using traditional forensic investigative processes and the challenges facing forensic investigators. Furthermore, flaws of existing research into providing forensic capability for SCADA systems are examined in detail. The study concludes with an experimentation of a proposed SCADA forensic capability architecture on the Siemens S7 PLC. Modifications to the memory addresses are monitored and recorded for forensic evidence. The collected forensic evidence will be used to aid the reconstruction of a timeline of events, in addition to other collected forensic evidence such as network packet captures.

            Content

            Author and article information

            Contributors
            Conference
            September 2013
            September 2013
            : 12-21
            Affiliations
            [0001]EADS Innovation Works Quadrant House Celtic Springs

            Coedkernew, Newport NP10 8FZ UK
            Article
            10.14236/ewic/ICSCSR2013.2
            77e2e89e-288d-48d6-91e1-5c70d02b56ac
            © Tina Wu et al. Published by BCS Learning and Development Ltd. 1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013), Leicester, UK

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013)
            ICSCSR
            1
            Leicester, UK
            16-17 September 2013
            Electronic Workshops in Computing (eWiC)
            ICS & SCADA Cyber Security Research 2013
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICSCSR2013.2
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            EnCase,SCADA Forensics,Process Control,Critical Infrastructures,PLC,Forensic Architecture,Digital Forensics

            Comments

            Comment on this article