loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Roman Schlegel ; Ana Hristova and Sebastian Obermeier

Affiliation: ABB Switzerland Ltd. and Corporate Research, Switzerland

ISBN: 978-989-758-117-5

Keyword(s): Industrial Control System Security, Forensics, Incident Response.

Related Ontology Subjects/Areas/Topics: Critical Infrastructure Protection ; Digital Forensics ; Information and Systems Security ; Intrusion Detection & Prevention

Abstract: Industrial control systems are used to control and supervise plants and critical infrastructures. They are crucial for operation of many industries and even society at large. However, despite efforts to secure such systems, there are frequent reports of incidents that lead to problems because of human error (e.g., installing unauthorized software on a mission-critical machine) or even cyber attacks. While such incidents should be prevented in the first place, it is not feasible to achieve 100% security; therefore, operators should be prepared to deal with incidents promptly and efficiently if they occur. In this paper, we present a general methodology and framework for investigating incidents in industrial control systems. The methodology is supported by a tool to automate an investigation, especially to efficiently determine the state of files on a device after an incident. This enables faster recovery from incidents by being able to identify suspicious files and focus on the files that have been modified compared to the initially installed files, or a previously taken baseline. An evaluation confirms the applicability of the methodology for an embedded industrial controller and for an industrial control system. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.208.159.25

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Schlegel, R.; Hristova, A. and Obermeier, S. (2015). A Framework for Incident Response in Industrial Control Systems.In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 178-185. DOI: 10.5220/0005510001780185

@conference{secrypt15,
author={Roman Schlegel. and Ana Hristova. and Sebastian Obermeier.},
title={A Framework for Incident Response in Industrial Control Systems},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={178-185},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005510001780185},
isbn={978-989-758-117-5},
}

TY - CONF

JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - A Framework for Incident Response in Industrial Control Systems
SN - 978-989-758-117-5
AU - Schlegel, R.
AU - Hristova, A.
AU - Obermeier, S.
PY - 2015
SP - 178
EP - 185
DO - 10.5220/0005510001780185

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.