OT Digital Forensics

For Utilities and Vendors

Problem

Problem

Solution

Solution

Approach

Approach

Problem

If an event does occur, who do you call who understands the uniqueness of the devices in our industry… If you want to get to the bottom of suspicious activity in your power system devices, would you send these assets (relays, remote terminal units, cap bank controllers, etc) to a general ICS or IT firm or enlist the help of your IT department to perform a forensic analysis of the device… The suspicious activity could be the result of failing hardware, software bug, or could indeed be malicious. Performing a comprehensive forensic analysis of a power system asset requires a unique skill set that can only be acquired from years of intimate experience programming and configuring these industry-specific devices.

Solution

Imagine a team you can turn to who understands the uniqueness of your power system environment and is capable of promptly determining the root cause while also providing an assessment of how, what, and when. This provides a clear picture of what caused the event, if malicious how was the action carried out on the intelligent electronic device (IED), and how to prevent these events from occurring again in the future.

Approach

Our interdisciplinary team of licensed power system engineers, security analysts, and digital forensics examiners together provide you with an unmatched skillset you can call on to get to the bottom of an event.

Members of the team have years of experience designing, building, and commissioning power system environments, and several have experience directly performing forensic analysis for law enforcement. We have experience creating forensically sound copies, analyzing multiple IEDs from a variety of vendors, and following a documented chain of custody.