Digital Forensics in Industrial Control Systems

被引：4

作者：

Altschaffel, Robert ^{[1
]}

Hildebrandt, Mario ^{[1
]}

Kiltz, Stefan ^{[1
]}

Dittmann, Jana ^{[1
]}

机构：

[1] Otto von Guericke Univ, D-39102 Magdeburg, ST, Germany

来源：

COMPUTER SAFETY, RELIABILITY, AND SECURITY, SAFECOMP 2019 | 2019年 / 11698卷

关键词：

Non-traditional forensic scenarios; SCADA; ICS;

D O I：

10.1007/978-3-030-26601-1_9

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The increasing complexity of industrial control systems (ICS) and interconnection with other systems poses more safety- and/or security-related challenges due to a rising number of attacks and errors. The event reconstruction is the goal of the new field of ICS forensics differing from well-established Desktop-IT forensics. We identify ICS properties, implications and the impact on the forensic process. Our primary contribution is the identifcation of ICS specific properties and their impact on the forensic process in order to foster forensic capabilities and forensic readiness in ICS. An existing model for Desktop-IT forensics is successfully adapted for use in ICS.

引用

页码：126 / 134

页数：9

共 7 条

[1] Inman K., 2001, PRINCIPLES PRACTISES
[2] International Electrotechnical Commission, 2010, IEC 62443 2 12010 IN
[3] Kiltz S., 2015, IMF 2015
[4] Computer forensics in forensis
Peisert, Sean
Bishop, Matt
Marzullo, Keith
[J]. SADFE 2008: THIRD INTERNATIONAL WORKSHOP ON SYSTEMATIC APPROACHES TO DIGITAL FORENSIC ENGINEERING, PROCEEDINGS, 2008, : 102 - +
[5] Pollitt M, 2008, INT FED INFO PROC, V285, P17
[6] Van Vliet P., FORENSICS IND CONTRO
[7] Williams T.J., 1992, The Purdue Enterprise Reference Architecture - A technical guide for CIOM planning and implementation

← 1 →