IoT & ICS/SCADA Forensics Workshop

When: 10th Jan 2018, 09:30 - 10th Jan 2018, 14:00
Where: (LAB002) Lord Ashcroft International Business School, Anglia Ruskin University, East Road, Cambridge, CB1 1PT
Town/City: Cambridge
Price: Free
Further Information: Further Information

Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, British Computer Society (BCS) Cybercrime Forensics Special Internet Group’s and OWASP (Open Web Application Security Project) Cambridge Chapter.

Industry pundits have predicted that we are about to experience the fourth industrial revolution (Industry 4.0), which is the future of industrial production based on the “Internet of Things” (IoT). As with all previous industrial major transitions, this leads to exciting opportunities but also great challenges. The “perfect world” is that IoT, is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine (M2M) communications. The interconnection of these embedded devices will potentially usher in automation in nearly all fields, resulting in improved efficiency, accuracy and economic benefit in addition to reduced human intervention. However, integrating IoT technologies within an organization means loosening access to the IT infrastructure, thus making it more susceptible to errors and vulnerable to attack. This is a scary proposition as intruders will not stop trying to find new ways of infiltrating business networks.

To better understand these infiltrations a cyber forensics program is necessary but this can be a challenging task when being applied to nontraditional environments, such as IoT and industrial control systems. Modern IT networks, through data exchange mechanisms, data storage devices and general computing components provide a good foundation for creating a landscape used to support effective cyber forensics. However, modern control systems environments are not easily configurable to accommodate forensics programs. Nonstandard protocols, legacy architectures that can be several decades old, and irregular or extinct proprietary technologies can all combine to make the creation and operation of a cyber forensics program anything but a smooth and easy process.