Published February 24, 2020 | Version v1
Conference paper Open

Basic Forensic Procedures for Cyber Crime Investigation in Smart Grid Networks

  • 1. G.E. Pukhov Institute for Modeling in Energy Engineering, National Academy of Sciences of Ukraine Kyiv, Ukraine
  • 2. School of Engineering, Computing and Mathematics Oxford Brookes University Oxford, United Kingdom
  • 3. School of Electrical and Computing Engineering National Technical University of Athens, Greece


The paper outlines some aspects of developing a cyber-forensic framework for Smart Grid cyber-crime investigations. In this research, we examine a key forensic instrument in reconstructing events, the timeline, followed by  correlation of data from different sources. Then, we deal with the tasks of collecting and storing the monitored data. The paper also covers some aspects of the legal ramifications from collecting this data and touches on the preconditions that must be met to enable network forensics. Then we present the logging architecture, based on the recommendations of the UK National 
Cyber Security Center. The final part presents the methodological framework that is the result of applying the OSCAR methodology and relevant open source tools in order to ensure that necessary forensic information can be collected, stored and used as legal evidence in court.


[12] Basic Forensic Procedures for Cyber Crime Investigation in Smart Grid Networks.pdf

Additional details


SPEAR – SPEAR: Secure and PrivatE smArt gRid 787011
European Commission