Abstract:
The smart grid has been widely used around the world. The security of this system is debatable among the researchers
because this area requiring improvement, in order to reassure the grid, is secured from cyber attacks. However, the malware was found
attacking smart grid systems such as Stuxnet, Flames, Triton, etc. Some of them are designed to avoid being tracked by a forensic
investigator. The perpetrator use fragility of digital evidence as an advantage to launch an attack on the smart grid without leaving
traces. Technology development gives challenges to digital forensic procedures because the data volume is much higher. Thus, the
digital forensic procedure needs to be redesign, modify, and improve to capture traces and handle digital evidence. This paper aims to
propose a digital forensic procedure to guide investigators to perform the digital forensic investigation, especially in a smart grid
environment. We also discussed several suitable tools and techniques in digital forensic investigation to solve the problem or
challenges. This study will discuss two examples of cyber attacks and simulate the attack to guide forensic investigators using the
proposed digital forensic procedure. Examples of attacks are Distributed Denial of Service and False Data Injection attacks. The paper
presents an appropriate methodology and relevant forensic tools to ensure the evidence's integrity during collection and analysis to be
used as legal evidence in court.