Thesis (M.S., Computer Science)--University of Idaho, June 2014 | Many industrial control systems are vital components of modern life, and have proven vulnerable to some computer-based attacks. Because of this, professionals seek to ensure their continued service by exploring methods of defense and incident response. Applying computer forensics to critical infrastructure is a problem that researchers must face to ensure system resilience. If those involved in securing critical infrastructures don't understand what has happened to the system after an incident, then they cannot protect it in the future.
A solution to this problem is to integrate the beginning stages of forensics investigation into the operators' and/or process engineers' incident response plan. Implementing new training seminars, moderately changing system structure, and developing software features can help mitigate certain problems. There are, of course, new complications that this solution creates. However, with adequate research and resource dedication it can be tested, and provide the progressive momentum that this field needs.