File Download
There are no files associated with this item.
Supplementary
-
Citations:
- Appears in Collections:
Conference Paper: PLC Forensics Based On Control Program Logic Change Detection
| Title | PLC Forensics Based On Control Program Logic Change Detection |
|---|---|
| Authors | |
| Keywords | PLC forensics SCADA security Ladder Logic Programming |
| Issue Date | 2015 |
| Citation | 10th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE 2015), Málaga, Spain, 30 September-2 October 2015 How to Cite? |
| Abstract | Supervisory Control and Data Acquisition (SCADA) system is an industrial control automated system. It is built with multiple Programmable Logic Controllers (PLCs). PLC is a special form of microprocessor-based controller with proprietary operating system. Due to the unique architecture of PLC, traditional digital forensic tools are difficult to be applied. In this paper, we propose a program called Control Program Logic Change Detector (CPLCD), it works with a set of Detection Rules (DRs) to detect and record undesired incidents on interfering normal operations of PLC. In order to prove the feasibility of our solution, we set up two experiments for detecting two common PLC attacks. Moreover, we illustrate how CPLCD and network analyzer Wireshark could work together for performing digital forensic investigation on PLC. |
| Description | Session 3: PLC Forensics |
| Persistent Identifier | http://hdl.handle.net/10722/219207 |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Yau, KKK | - |
| dc.contributor.author | Chow, KP | - |
| dc.date.accessioned | 2015-09-18T07:17:32Z | - |
| dc.date.available | 2015-09-18T07:17:32Z | - |
| dc.date.issued | 2015 | - |
| dc.identifier.citation | 10th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE 2015), Málaga, Spain, 30 September-2 October 2015 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/219207 | - |
| dc.description | Session 3: PLC Forensics | - |
| dc.description.abstract | Supervisory Control and Data Acquisition (SCADA) system is an industrial control automated system. It is built with multiple Programmable Logic Controllers (PLCs). PLC is a special form of microprocessor-based controller with proprietary operating system. Due to the unique architecture of PLC, traditional digital forensic tools are difficult to be applied. In this paper, we propose a program called Control Program Logic Change Detector (CPLCD), it works with a set of Detection Rules (DRs) to detect and record undesired incidents on interfering normal operations of PLC. In order to prove the feasibility of our solution, we set up two experiments for detecting two common PLC attacks. Moreover, we illustrate how CPLCD and network analyzer Wireshark could work together for performing digital forensic investigation on PLC. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Journal of Digital Forensics, Security and Law (JDFSL) | - |
| dc.subject | PLC forensics | - |
| dc.subject | SCADA security | - |
| dc.subject | Ladder Logic Programming | - |
| dc.title | PLC Forensics Based On Control Program Logic Change Detection | - |
| dc.type | Conference_Paper | - |
| dc.identifier.email | Yau, KKK: kenyaukk@hku.hk | - |
| dc.identifier.email | Chow, KP: kpchow@hkucc.hku.hk | - |
| dc.identifier.authority | Chow, KP=rp00111 | - |
| dc.identifier.hkuros | 254958 | - |