DeepAI AI Chat
Log In Sign Up

Risk-Oriented Design Approach For Forensic-Ready Software Systems

by   Lukas Daubner, et al.

Digital forensic investigation is a complex and time-consuming activity in response to a cybersecurity incident or cybercrime to answer questions related to it. These typically are what happened, when, where, how, and who is responsible. However, answering them is often very laborious and sometimes outright impossible due to a lack of useable data. The forensic-ready software systems are designed to produce valuable on-point data for use in the investigation with potentially high evidence value. Still, the particular ways to develop these systems are currently not explored. This paper proposes consideration of forensic readiness within security risk management to refine specific requirements on forensic-ready software systems. The idea is to re-evaluate the taken security risk decisions with the aim to provide trustable data when the security measures fail. Additionally, it also considers possible disputes, which the digital evidence can solve. Our proposed approach, risk-oriented forensic-ready design, composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidence sources and their relationship. Together they are aimed to provide a high-level overview of the forensic-ready requirements within the system. Finally, the approach is demonstrated on an automated valet parking scenario, followed by a discussion regarding its impact and usefulness within the forensic readiness effort.


page 1

page 2

page 3

page 4


Forensic-Ready Risk Management Concepts

Currently, numerous approaches exist supporting the implementation of fo...

DesCert: Design for Certification

The goal of the DARPA Automated Rapid Certification Of Software (ARCOS) ...

An STPA-based Approach for Systematic Security Analysis of In-vehicle Diagnostic and Software Update Systems

The in-vehicle diagnostic and software update system, which supports rem...

Enabling Security-Oriented Orchestration of Microservices

As cloud providers push multi-tenancy to new levels to meet growing scal...