Abstract
Forensic-ready software systems integrate preparedness for digital forensic investigation into their design. It includes ensuring the production of potential evidence with sufficient coverage and quality to improve the odds of successful investigation or admissibility. However, the design of such software systems is challenging without in-depth forensic readiness expertise. Thus, this paper presents a tool suite to help the designer. It includes a graphical editor for creating system models in BPMN4FRSS notation, an extended BPMN with forensic readiness constructs, and an analyser utilising Z3 solver for satisfiability checking of formulas derived from the models. It verifies the models’ validity, provides targeted hints to enhance forensic readiness capabilities, and allows for what-if analysis of potential evidence quality.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note the difference: potential digital evidence – potentially useable for future investigation, and digital evidence – used to satisfy or refute the investigation hypothesis.
- 2.
The documentation is available at: https://freas-tools.github.io/wiki/.
- 3.
Code, models, and a video demo are available at: https://doi.org/10.58126/bcxs-cr23.
References
Bjørner, N., de Moura, L., Nachmanson, L., Wintersteiger, C.M.: Programming Z3, pp. 148–201. Springer, Cham (2019)
Casey, E., Nikkel, B.: Forensic Analysis as Iterative Learning. In: Keupp, M. (ed.) The Security of Critical Infrastructures, pp. 177–192. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41826-7_11
CESG: Good Practice Guide No. 18: Forensic Readiness. Guideline, National Technical Authority for Information Assurance, United Kingdom (2015)
Daubner, L., Macak, M., Matulevic̆ius, R., Buhnova, B., Maksović, S., Pitner, T.: Addressing insider attacks via forensic-ready risk management. J. Inf. Secur. Appl. 73, 103433 (2023)
Daubner, L., Matulevičius, R., Buhnova, B.: A model of qualitative factors in forensic-ready software systems. In: Nurcan, S., Opdahl, A.L., Mouratidis, H., Tsohou, A. (eds.) RCIS 2023, pp. 308–324. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-33080-3_19
Daubner, L., Matulevičius, R., Buhnova, B., Pitner, T.: BPMN4FRSS: an BPMN extension to support risk-based development of forensic-ready software systems. In: Kaindl, H., Mannion, M., Maciaszek, L.A. (eds.) ENASE 2022. CCIS, vol. 1829, pp. 20–43. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-36597-3_2
Daubner, L., Matulevičius, R.: Risk-oriented design approach for forensic-ready software systems. In: The 16th International Conference on Availability, Reliability and Security. ACM (2021)
Dzurenda, P., et al.: Privacy-preserving solution for vehicle parking services complying with EU legislation. PeerJ Comput. Sci. 8, e1165 (2022)
Erol-Kantarci, M., Mouftah, H.T.: Smart grid forensic science: applications, challenges, and open issues. IEEE Commun. Mag. 51(1), 68–74 (2013)
Grispos, G., Glisson, W.B., Choo, K.K.R.: Medical cyber-physical systems development: a forensics-driven approach. In: IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies, pp. 108–113 (2017)
Jürjens, J.: Model-based security engineering with UML. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2005 2004. LNCS, vol. 3655, pp. 42–77. Springer, Heidelberg (2005). https://doi.org/10.1007/11554578_2
Maksović, S.: Model-based analysis of forensic-ready software systems. Bachelor’s thesis, Masaryk University (2023). https://is.muni.cz/th/w43li/
Matulevičius, R.: Fundamentals of Secure System Modelling. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61717-6
McKemmish, R.: When is digital evidence forensically sound? In: Ray, I., Shenoi, S. (eds.) Advances in Digital Forensics IV, pp. 3–15. Springer, Boston (2008). https://doi.org/10.1007/978-0-387-84927-0_1
Moura, L.D., Bjørner, N.: Z3: an efficient SMT solver. In: Proceedings of the Theory and Practice of Software, 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, pp. 337–340 (2008)
Pasquale, L., Alrajeh, D., Peersman, C., Tun, T., Nuseibeh, B., Rashid, A.: Towards forensic-ready software systems. In: Proceedings of the 40th International Conference on Software Engineering: NIER, pp. 9–12. ACM (2018)
Pasquale, L., Spoletini, P., Salehie, M., Cavallaro, L., Nuseibeh, B.: Automating trade-off analysis of security requirements. Requirements Eng. 21(4), 481–504 (2016)
Pullonen, P., Matulevičius, R., Bogdanov, D.: PE-BPMN: privacy-enhanced business process model and notation. In: Carmona, J., Engels, G., Kumar, A. (eds.) BPM 2017. LNCS, vol. 10445, pp. 40–56. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65000-5_3
Rivera-Ortiz, F., Pasquale, L.: Automated modelling of security incidents to represent logging requirements in software systems. In: Proceedings of the 15th International Conference on Availability, Reliability and Security. ACM (2020)
Rowlingson, R.: A ten step process for forensic readiness. Int. J. Digit. Evid. 2, 1–28 (2004)
Sedlác̆ek, T.: Web-based editor for BPMN4FRSS models. Bachelor’s thesis, Masaryk University (2023). https://is.muni.cz/th/oiby0/
Simou, S., Kalloniatis, C., Gritzalis, S., Katos, V.: A framework for designing cloud forensic-enabled services (CFES). Requirements Eng. 24(3), 403–430 (2019)
Tan, J.: Forensic readiness. Technical report, @stake, Inc. (2001)
Toots, A., et al.: Business process privacy analysis in pleak. In: Hähnle, R., van der Aalst, W. (eds.) FASE 2019. LNCS, vol. 11424, pp. 306–312. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-16722-6_18
Yin, Y., Tateiwa, Y., Wang, Y., Katayama, Y., Takahashi, N.: Inconsistency analysis of time-based security policy and firewall policy. In: Duan, Z., Ong, L. (eds.) ICFEM 2017. LNCS, vol. 10610, pp. 447–463. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68690-5_27
Acknowledgement
The work was supported by the Grant Agency of Masaryk University (GAMU) project “Forensic Support for Building Trust in Smart Software Ecosystems”, registration number MUNI/G/1142/2022. It was also co-founded by the European Union under Grant Agreement No. 101087529. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or European Research Executive Agency. Neither the European Union nor the granting authority can be held responsible for them.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Daubner, L., Maksović, S., Matulevičius, R., Buhnova, B., Sedlác̆ek, T. (2024). Forensic-Ready Analysis Suite: A Tool Support for Forensic-Ready Software Systems Design. In: Araújo, J., de la Vara, J.L., Santos, M.Y., Assar, S. (eds) Research Challenges in Information Science. RCIS 2024. Lecture Notes in Business Information Processing, vol 514. Springer, Cham. https://doi.org/10.1007/978-3-031-59468-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-59468-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-59467-0
Online ISBN: 978-3-031-59468-7
eBook Packages: Computer ScienceComputer Science (R0)