Leveraging Digital Forensics in the Age of Smart Grids: A Survey of Tools and Techniques for Securing Electrical Power Systems

Abstract

The increasing reliance on digital technologies in smart grids introduces vulnerabilities to cyberattacks that can disrupt critical infrastructure and impact daily life. For critical infrastructures to be protected against potential cyber-attacks, many forensic approaches have already been developed to collect, analyze, and digitalize the evidence to assist in the in-depth investigation of any incident. The growing complexity of power grids with interconnected digital components necessitates robust security measures. The modern power grids are not isolated they are interconnected networks of controls where if one component or system is affected the whole system faces a blackout. Network forensics plays a crucial role in investigating these attacks, identifying the source, and implementing mitigation strategies. This paper compares and analyzes three key tools: Wireshark, Nmap and NetMiner used in the network forensics of electrical power systems focusing on their performance assessed against various parameters.