Abstract
Programmable logic controllers are widely used in industrial control systems and supervisory control and data acquisition (SCADA) systems. As the potential of cyber attacks on programmable logic controllers increase, it is important to develop robust digital forensic techniques for investigating potential security incidents involving programmable logic controllers. This chapter focuses on the logging mechanism of a Siemens programmable logic controller, specifically the Siemens Total Integrated Automation Portal V13 program (Siemens TIA Portal, also called Siemens Step-7).
Chapter PDF
References
Ahmed, I., Obermeier, S., Naedele, M., Richard, G.: SCADA systems: Challenges for forensic investigators, IEEE Computer, vol. 45(12), pp. 44–51 (2012)
Basnight, Z., Butts, J., Dube, T.: Analysis of programmable logic controller firmware for threat assessment and forensic investigation, Journal of Information Warfare, vol. 12(2) (2013)
Eden, P., Blyth, A., Burnap, P., Cherdantseva, Y., Jones, K., Soulsby, H., Stoddart, K.: A forensic taxonomy of SCADA systems and approach to incident response, Proceedings of the Third International Symposium on ICS and SCADA Cyber Security Research, pp. 42–51 (2015)
Kilpatrick, T., Gonzalez, J., Chandia, R., Papa, M., Shenoi, S.: An architecture for SCADA network forensics, in Advances in Digital Forensics II, M. Olivier and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 273–285 (2006)
Patzlaff, H.: D7.1 Preliminary Report on Forensic Analysis for Industrial Systems, CRISALIS Consortium, Symantec, Sophia Antipolis, France (2013)
Spyridopoulos, T., Tryfonas, T., May, J.: Incident analysis and digital forensics in SCADA and industrial control systems, Proceedings of the Eighth IET International System Safety Conference (2013)
Taveras, P.: SCADA live forensics: Real time data acquisition process to detect, prevent or evaluate critical situations, Proceedings of the First Annual International Interdisciplinary Conference, pp. 253–262 (2013)
Valli, C.: Snort IDS for SCADA networks, Proceedings of the International Conference on Security and Management, pp. 618–621 (2009)
Wu, T., Pagna Disso, J., Jones, K., Campos, A.: Towards a SCADA forensics architecture, Proceedings of the First International Symposium on ICS and SCADA Cyber Security Research, pp. 12–21 (2013)
Zetter, K.: Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon, Crown, New York (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 IFIP International Federation for Information Processing
About this paper
Cite this paper
Chan, R., Chow, KP. (2016). Forensic Analysis of a Siemens Programmable Logic Controller. In: Rice, M., Shenoi, S. (eds) Critical Infrastructure Protection X. ICCIP 2016. IFIP Advances in Information and Communication Technology, vol 485. Springer, Cham. https://doi.org/10.1007/978-3-319-48737-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-48737-3_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48736-6
Online ISBN: 978-3-319-48737-3
eBook Packages: Computer ScienceComputer Science (R0)