Abstract
Industrial Control Systems (ICS) are used worldwide in critical infrastructures. An ICS system can be a single embedded system working stand-alone for controlling a simple process or ICS can also be a very complex Distributed Control System (DCS) connected to Supervisory Control And Data Acquisition (SCADA) system(s) in a nuclear power plant. Although ICS are widely used today, there are very little research on the forensic acquisition and analyze ICS’s artefacts. In this paper we present a case study of forensics in ICS where we describe a method of safeguarding important volatile artefacts from an embedded industrial control system and several other sources.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wu, T. et al.: Towards a SCADA forensics architecture, Newport (2013)
Barbosa, R.: Anomaly detection in SCADA systems, Enschede (2014)
van der Knijff, R.: Control systems/SCADA forensics, what’s the difference, The Hague (2014)
U.S. Department of Homeland Security, Creating Cyber Forensics Plans for Control Systems, Idaho (2008)
Boyer, S.: SCADA Supervisory Control and Data Acquisition, 2nd edn. ISA, Research Triangle Park (1999)
Modbus. http://en.wikipedia.org/wiki/Modbus. Accessed 4 Feb 2015
Profibus. http://en.wikipedia.org/wiki/Profibus. Accessed 4 Feb 2015
CRISALIS, Critical Infrastructure Security Analysis (2015). http://www.crisalis-project.eu/
Security Onion Linux suite. http://www.securityonion.net. Accessed 17 May 2015
Hjelmvik, E.: SCADA network forensics, Stockholm (2014)
Aouad, L.M., Le-Khac, N.-A., Kechadi, T.: Lightweight clustering technique for distributed data mining applications. In: Perner, P. (ed.) ICDM 2007. LNCS (LNAI), vol. 4597, pp. 120–134. Springer, Heidelberg (2007)
Le-Khac, N.-A., Aouad, L.M., Kechadi, M.-T.: A new approach for distributed density based clustering on grid platform. In: Cooper, R., Kennedy, J. (eds.) BNCOD 2007. LNCS, vol. 4587, pp. 247–258. Springer, Heidelberg (2007)
Le-Khac, N.-A., Aouad, L.M., Kechadi, M.-T.: Distributed knowledge map for mining data on grid platforms. IJCSNS Int. J. Comput. Sci. Netw. Secur. 7(10), 98 (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Van Vliet, P., Kechadi, MT., Le-Khac, NA. (2016). Forensics in Industrial Control System: A Case Study. In: BĂ©cue, A., Cuppens-Boulahia, N., Cuppens, F., Katsikas, S., Lambrinoudakis, C. (eds) Security of Industrial Control Systems and Cyber Physical Systems. CyberICS WOS-CPS 2015 2015. Lecture Notes in Computer Science(), vol 9588. Springer, Cham. https://doi.org/10.1007/978-3-319-40385-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-40385-4_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40384-7
Online ISBN: 978-3-319-40385-4
eBook Packages: Computer ScienceComputer Science (R0)