Salt Lake City, Utah
June 23, 2018
June 23, 2018
July 27, 2018
Computing and Information Technology
Supervisory Control and Data Acquisition/Industrial Control Systems (SCADA/ICS) have achieved rapid growth within the competitive technology market. As a result, it has encountered serious security problems. Hence, security methods are needed to secure ICS from targeted attacks. The information security vulnerabilities of ICS have been studied extensively, and the vulnerable nature of these systems is well-known. However, in the case of a security incident (e.g. system failure, security breach, or denial of service attack), it is important to understand what the digital forensics consequences of such incidents are, what procedures or protocols are needed to be used during an investigation, what tools and techniques are appropriate to be used by an investigator, and where the forensic data can be collected from and how. Taking into these questions consideration, there is a serious gap in the literature as forensic attack analysis is commonly guided by experience and by intuition rather than by a systematic or scientific process. Therefore, in this study, we aim to close this gap by developing fairly complex SCADA/ICS laboratory at Sam Houston State University. During the course of our studies, several students (graduate and undergraduate) worked under the supervision of faculty members to understand the forensic aspects of real world attacks on SCADA hardware as well as the network used by the system. This new laboratory is intended to be used for Computer Science, Digital and Cyber Forensic Engineering Technology, and Engineering Technology programs at our university. With the availability of this laboratory we have a realistic SCADA/ICS system which can be used to study real-life experiments such as penetration assessment and testing, vulnerability assessment and testing, and the SCADA forensics research. In addition to aforementioned research activities, the laboratory will also serve to develop and support both undergraduate and graduate level computer science courses as well as undergraduate engineering technology courses. In this paper we will discuss the digital forensics and security challenges in SCADA/ICS, system infrastructure, forensic attack scenarios and results, student and faculty involvement in this research, laboratory related future course development objectives, student assessments, and the industry support.
Karabiyik, U., & Celebi, N., & Yildiz, F., & Holekamp, J., & Rabieh, K. (2018, June), Forensic Analysis of SCADA/ICS System with Security and Vulnerability Assessment Paper presented at 2018 ASEE Annual Conference & Exposition , Salt Lake City, Utah. 10.18260/1-2--30530
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2018 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015