SCADA Systems: Challenges for Forensic Investigators

When security incidents occur, several challenges exist for conducting an effective forensic investigation of SCADA systems, which run 24/7 to control and monitor industrial and infrastructure processes. The Web extra at http://youtu.be/L0EFnr-famg is an audio interview with Irfan Ahmed about SCADA (supervisory control and data acquisition) systems.

[1]  Martin Naedele,et al.  Addressing IT Security for Critical Control Systems , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[2]  Ross J. Anderson,et al.  The Protection of Substation Communications , 2009 .

[3]  Walter Brenner,et al.  Collaborative Security Assessments in Embedded Systems Development - The ESSAF Framework for Structured Qualitative Analysis , 2009, SECRYPT.

[4]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[5]  Ragnar Schierholz,et al.  Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration , 2009, 2009 IEEE Conference on Emerging Technologies & Factory Automation.

[6]  Thomas Morris,et al.  A testbed for SCADA control system cybersecurity research and pedagogy , 2011, CSIIRW '11.

[7]  Sujeet Shenoi,et al.  An Architecture for SCADA Network Forensics , 2006, IFIP Int. Conf. Digital Forensics.

[8]  Sujeet Shenoi,et al.  Forensic analysis of SCADA systems and networks , 2008, Int. J. Secur. Networks.

[9]  Eric Cornelius,et al.  Recommended Practice: Creating Cyber Forensics Plans for Control Systems , 2008 .

[10]  Sujeet Shenoi,et al.  Security Strategies for SCADA Networks , 2007, Critical Infrastructure Protection.

[11]  Elena Sitnikova,et al.  The Development of a Generic Framework for the Forensic Analysis of SCADA and Process Control Systems , 2009, e-Forensics.

[12]  Thomas M. Chen,et al.  Lessons from Stuxnet , 2011, Computer.

[13]  Martin Naedele,et al.  Security for Process Control Systems: An Overview , 2008, IEEE Security & Privacy Magazine.

[14]  Frank Adelstein,et al.  Live forensics: diagnosing your system without killing it first , 2006, CACM.

[15]  Elias Levy Crossover: Online Pests Plaguing the Offline World , 2003, IEEE Secur. Priv..

[16]  Craig Valli SCADA Forensics with Snort IDS , 2009 .