The primary focus of the project is to develop a forensic approach for substation automation, which involves collecting, preserving, and analyzing digital evidence to support cybersecurity investigations.
To facilitate this research, the project makes use of the HSLU's "Krinflab" laboratory, designed to resemble a substation automation system. This laboratory will be instrumental in creating a forensic approach specifically tailored for substation automation systems. It will serve as a platform for generating various challenges that will be employed during a hackathon. Participants in the hackathon will be tasked with investigating and analyzing different attack scenarios, aiming to identify the root causes and gain insights into OT environments.
The results of this research endeavor will yield valuable insights into the development of effective forensic strategies for both substation automation and OT systems in general, ultimately bolstering the security of critical infrastructure.