Forensics in Industrial Control System: A Case Study
Pieter Van Vliet, M-T. Kechadi, Nhien-An Le-Khac
TL;DR
This paper presents a case study on forensic methods for safeguarding volatile artefacts in Industrial Control Systems, highlighting the challenges and techniques specific to critical infrastructure environments.
Contribution
It introduces a novel approach for forensic acquisition and analysis tailored to ICS environments, addressing the lack of existing research in this area.
Findings
Developed a method for preserving volatile ICS artefacts
Demonstrated forensic acquisition techniques in a real ICS environment
Highlighted challenges unique to ICS forensic investigations
Abstract
Industrial Control Systems (ICS) are used worldwide in critical infrastructures. An ICS system can be a single embedded system working stand-alone for controlling a simple process or ICS can also be a very complex Distributed Control System (DCS) connected to Supervisory Control And Data Acquisition (SCADA) system(s) in a nuclear power plant. Although ICS are widely used to-day, there are very little research on the forensic acquisition and analyze ICS artefacts. In this paper we present a case study of forensics in ICS where we de-scribe a method of safeguarding important volatile artefacts from an embedded industrial control system and several other sources
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsDigital and Cyber Forensics · Advanced Malware Detection Techniques · Digital Media Forensic Detection