Top

Published in:

2024 | OriginalPaper | Chapter

Forensic-Ready Analysis Suite: A Tool Support for Forensic-Ready Software Systems Design

Authors : Lukas Daubner, Sofija Maksović, Raimundas Matulevičius, Barbora Buhnova, Tomás̆ Sedlác̆ek

Published in: Research Challenges in Information Science

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Forensic-ready software systems integrate preparedness for digital forensic investigation into their design. It includes ensuring the production of potential evidence with sufficient coverage and quality to improve the odds of successful investigation or admissibility. However, the design of such software systems is challenging without in-depth forensic readiness expertise. Thus, this paper presents a tool suite to help the designer. It includes a graphical editor for creating system models in BPMN4FRSS notation, an extended BPMN with forensic readiness constructs, and an analyser utilising Z3 solver for satisfiability checking of formulas derived from the models. It verifies the models’ validity, provides targeted hints to enhance forensic readiness capabilities, and allows for what-if analysis of potential evidence quality.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter IPMD: Intentional Process Model Discovery from Event Logs

next chapter Control and Monitoring of Software Robots: What Can Academia and Industry Learn from Each Other?

Note the difference: potential digital evidence – potentially useable for future investigation, and digital evidence – used to satisfy or refute the investigation hypothesis.

The documentation is available at: https://freas-tools.github.io/wiki/.

Code, models, and a video demo are available at: https://doi.org/10.58126/bcxs-cr23.

Bjørner, N., de Moura, L., Nachmanson, L., Wintersteiger, C.M.: Programming Z3, pp. 148–201. Springer, Cham (2019)

Casey, E., Nikkel, B.: Forensic Analysis as Iterative Learning. In: Keupp, M. (ed.) The Security of Critical Infrastructures, pp. 177–192. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41826-7_11CrossRef

CESG: Good Practice Guide No. 18: Forensic Readiness. Guideline, National Technical Authority for Information Assurance, United Kingdom (2015)

Daubner, L., Macak, M., Matulevic̆ius, R., Buhnova, B., Maksović, S., Pitner, T.: Addressing insider attacks via forensic-ready risk management. J. Inf. Secur. Appl. 73, 103433 (2023)

Daubner, L., Matulevičius, R., Buhnova, B.: A model of qualitative factors in forensic-ready software systems. In: Nurcan, S., Opdahl, A.L., Mouratidis, H., Tsohou, A. (eds.) RCIS 2023, pp. 308–324. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-33080-3_19CrossRef

Daubner, L., Matulevičius, R., Buhnova, B., Pitner, T.: BPMN4FRSS: an BPMN extension to support risk-based development of forensic-ready software systems. In: Kaindl, H., Mannion, M., Maciaszek, L.A. (eds.) ENASE 2022. CCIS, vol. 1829, pp. 20–43. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-36597-3_2CrossRef

Daubner, L., Matulevičius, R.: Risk-oriented design approach for forensic-ready software systems. In: The 16th International Conference on Availability, Reliability and Security. ACM (2021)

Dzurenda, P., et al.: Privacy-preserving solution for vehicle parking services complying with EU legislation. PeerJ Comput. Sci. 8, e1165 (2022)CrossRef

Erol-Kantarci, M., Mouftah, H.T.: Smart grid forensic science: applications, challenges, and open issues. IEEE Commun. Mag. 51(1), 68–74 (2013)CrossRef

10.

Grispos, G., Glisson, W.B., Choo, K.K.R.: Medical cyber-physical systems development: a forensics-driven approach. In: IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies, pp. 108–113 (2017)

11.

Jürjens, J.: Model-based security engineering with UML. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2005 2004. LNCS, vol. 3655, pp. 42–77. Springer, Heidelberg (2005). https://doi.org/10.1007/11554578_2CrossRef

12.

Maksović, S.: Model-based analysis of forensic-ready software systems. Bachelor’s thesis, Masaryk University (2023). https://is.muni.cz/th/w43li/

13.

Matulevičius, R.: Fundamentals of Secure System Modelling. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61717-6CrossRef

14.

McKemmish, R.: When is digital evidence forensically sound? In: Ray, I., Shenoi, S. (eds.) Advances in Digital Forensics IV, pp. 3–15. Springer, Boston (2008). https://doi.org/10.1007/978-0-387-84927-0_1CrossRef

15.

Moura, L.D., Bjørner, N.: Z3: an efficient SMT solver. In: Proceedings of the Theory and Practice of Software, 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, pp. 337–340 (2008)

16.

Pasquale, L., Alrajeh, D., Peersman, C., Tun, T., Nuseibeh, B., Rashid, A.: Towards forensic-ready software systems. In: Proceedings of the 40th International Conference on Software Engineering: NIER, pp. 9–12. ACM (2018)

17.

Pasquale, L., Spoletini, P., Salehie, M., Cavallaro, L., Nuseibeh, B.: Automating trade-off analysis of security requirements. Requirements Eng. 21(4), 481–504 (2016)CrossRef

18.

Pullonen, P., Matulevičius, R., Bogdanov, D.: PE-BPMN: privacy-enhanced business process model and notation. In: Carmona, J., Engels, G., Kumar, A. (eds.) BPM 2017. LNCS, vol. 10445, pp. 40–56. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65000-5_3CrossRef

19.

Rivera-Ortiz, F., Pasquale, L.: Automated modelling of security incidents to represent logging requirements in software systems. In: Proceedings of the 15th International Conference on Availability, Reliability and Security. ACM (2020)

20.

Rowlingson, R.: A ten step process for forensic readiness. Int. J. Digit. Evid. 2, 1–28 (2004)

21.

Sedlác̆ek, T.: Web-based editor for BPMN4FRSS models. Bachelor’s thesis, Masaryk University (2023). https://is.muni.cz/th/oiby0/

22.

Simou, S., Kalloniatis, C., Gritzalis, S., Katos, V.: A framework for designing cloud forensic-enabled services (CFES). Requirements Eng. 24(3), 403–430 (2019)CrossRef

23.

Tan, J.: Forensic readiness. Technical report, @stake, Inc. (2001)

24.

Toots, A., et al.: Business process privacy analysis in pleak. In: Hähnle, R., van der Aalst, W. (eds.) FASE 2019. LNCS, vol. 11424, pp. 306–312. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-16722-6_18CrossRef

25.

Yin, Y., Tateiwa, Y., Wang, Y., Katayama, Y., Takahashi, N.: Inconsistency analysis of time-based security policy and firewall policy. In: Duan, Z., Ong, L. (eds.) ICFEM 2017. LNCS, vol. 10610, pp. 447–463. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68690-5_27CrossRef

Title: Forensic-Ready Analysis Suite: A Tool Support for Forensic-Ready Software Systems Design
Authors: Lukas Daubner
Sofija Maksović
Raimundas Matulevičius
Barbora Buhnova
Tomás̆ Sedlác̆ek
Publisher: Springer Nature Switzerland
Book: Research Challenges in Information Science
Print ISBN: 978-3-031-59467-0

Electronic ISBN: 978-3-031-59468-7

Copyright Year: 2024
DOI: https://doi.org/10.1007/978-3-031-59468-7_6

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner