Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Industry 4.0: An Overview of Key Benefits, Technologies, and Challenges Kapitel lesen Erstes Kapitel lesen

2017 | OriginalPaper | Buchkapitel

SCADA System Forensic Analysis Within IIoT

verfasst von : Peter Eden, Andrew Blyth, Kevin Jones, Hugh Soulsby, Pete Burnap, Yulia Cherdantseva, Kristan Stoddart

Erschienen in: Cybersecurity for Industry 4.0

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a progression from electronic devices and IT (Information Technology) systems that automate production advance to a new revolution of Cyber-Physical Production Systems used for Smart Manufacturing and Smart Factories via IIoT (Industrial Internet of Things). As more and more devices are becoming connected and networked to allow for Smart Manufacturing to take place the number of data sources significantly increases as a result. Real-time Information is then becoming increasingly interlinked across multiple industries for a more efficient productivity process and a reduction in cost. Aside from Smart manufacturing and factories, Industry 4.0 has already seen huge advances in infrastructure management, energy management, transportation and building and home automation. With such industries relying so heavily on real-time data from connected sensors the security of these systems are at risk due to the reliance on low-latency and reliable communication for critical processes. The increase of interconnected networks and devices across the Internet significantly increases the amount of entry points into these systems, increasing their vulnerability and allowing outsiders to take advantage of any weaknesses within them. This has already been highlighted by the events of Stuxnet, Havex, Black Energy and the German Steel Mill that targeted ICS (Industrial Control Systems) and SCADA (Supervisory Control and Data Acquisition) Systems causing catastrophic results. The use of SIEM (Security Information and Event Management) services, IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems) and firewalls may be implemented within ICS but only operate on the perimeters of their networks or segmented networks and not at the lower operational level where critical processes rely on speed and availability simply because by doing so could introduce latency between critical processes. When events do occur, regardless of whether an incident is accidental or deliberate, an immediate incident response should take place. This chapter focusses on the forensic challenges and analysis of the physical infrastructure that underpins the systems operating within IIoT. It discusses the development of SCADA system architecture over the past few decades and how it has arrived at IIoT, creating the new generation of SCADA systems. The chapter then discusses the current available tools that exist that can help carry out a forensic investigation of a SCADA system operating within IIoT space before closing with a suggested SCADA Incident Response Model.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel A New Approach to Cyberphysical Security in Industry 4.0
Nächstes Kapitel Big Data Security Intelligence for Healthcare Industry 4.0
Literatur
Abrams M, Weiss J (2008) Malicious control system cyber security attack case study-maroochy water services. Australia, Technical report, NIST
Ahmed I, Obermeier S, Naedele M (2012) Scada systems: challenges for forensic investigators. Computer 450(12):44–51CrossRef
Bencsáth B, Pék G, Buttyán L, Félegyházi M (2011) Duqu: a stuxnet-like malware found in the wild. Technical report, laboratory of cryptography and system security (CrySyS)
Boyer S (2004) Scada. ISA-the instrumentation, systems, and automation society, Research triangle park, NC
CA (2015) Data acquisition: best practices guide. Technical report, CA technologies
Cruz T, Barrigas J, Proenca J, Graziano A, Panzieri S, Lev L, Simões P (2015) Improving network security monitoring for industrial control systems. In: 14th IFIP/IEEE international symposium on integrated management (IM 2015)
Eden P, Blyth A, Burnap P, Cherdantseva Y, Jones K, Soulsby H, Stoddart K (2015) A forensic taxonomy of scada systems and approach to incident response. In: 3rd international symposium for ICS and SCADA cyber security research 2015
Fabro M, Cornelius E (2008) Recommended practice: recommended practice: creating cyber forensics plans for control systems. Technical report, department of homeland security
Green T, VandenBrink R (2012) Analyzing network traffic with basic linux tools. Technical report, SANS Institute InfoSec Reading Room
Ibrahim M, Faisal M (2012) Stuxnet, duqu and stuxnet, duqu and beyond. Int J Sci Int J Sci Eng Invest 1(2):75–78
Janicke H, Nicholson A, Webber S, Cau A (2015) Runtime-monitoring for industrial control systems. Electronics 40(4):995–1017CrossRef
Karnouskos S, Colombo AW (2011) Architecting the next generation of service-based scada/dcs system of systems. In: IECON 2011—37th annual conference on ieee industrial electronics society, pp 359–364
McClanahan R (2003) Scada and ip: is network convergence really here? IEEE Industry Appl Mag 90(2):29–36CrossRef
Miller B, Rowe D (2012) A survey of scada and critical infrastructure incidents. Proceedings of the 1st Annual conference on research in information technology. New York, NY, USA. ACM, pp 51–56
Robles R, Choi M (2009) Assessment of the vulnerabilities of scada, control systems and critical infrastructure systems. Int J Grid, Distrib Comput 2
Rutherford D (2012) Make the most of your energy ethernet for scada systems. Technical report, Schneider electric telemetry and remote SCADA solutions
Homeland Security (2009) Recomended practice: developing an industrial control systems cybersecurity incident response capability. Technical report, Homeland security
Stirland J, Jones K, Janicke H, Wu T (2014) Developing cyber forensics for scada industrial control systems. In: Proceedings of the international conference on information security and cyber forensics. SDIWC Digital Library
Stouffer K, Falco J, Kent K (2008) Guide to industrial control systems (ics) security. gaithersburg, md: U.s. department of commerce, national institute of standards and technology. Technical report, NIST (National institute of standards and technology)
Stouffer K, Falco J, Scarfone K (2011) Recommendations of the national institute of standards and technology. NIST
Taveras P (2013) Scada live forensics: real time data acquisition process to detect, prevent or evaluate critical situations. Eur Sci J
van der Knijff RM (2014) Control systems/scada forensics, what’s the difference? Digit Invest 110(3):160–174CrossRef
Wilhoit K (2013) The scada that didn’t cry wolf. Technical report, Trend Micro
Wu T, Disso J, Ferdinand P, Jones K, Campos A (2013) Towards a scada forensics architecture. In: Proceedings of the 1st international symposium for ICS and SCADA cyber security research
Zhu B, Joseph A, Sastry S (2011) A taxonomy of cyber attacks on scada systems. In: Proceedings of the 2011 international conference on internet of things and 4th international conference on cyber, physical and social computing, pp 380–388
Metadaten
Titel
SCADA System Forensic Analysis Within IIoT
verfasst von
Peter Eden
Andrew Blyth
Kevin Jones
Hugh Soulsby
Pete Burnap
Yulia Cherdantseva
Kristan Stoddart
Copyright-Jahr
2017
Buch
Cybersecurity for Industry 4.0

Print ISBN: 978-3-319-50659-3

Electronic ISBN: 978-3-319-50660-9

Copyright-Jahr: 2017

DOI
https://doi.org/10.1007/978-3-319-50660-9_4