Digital Tools: Process, Validation or Certification
Over ten years (2010) ago it was discussed should there be Certified Tools (as in Certificated following a tool being subjected to testing).
In that time the tool has remained non-Certified. Efforts made have been not to look at the tool, per se, but merely assess the 'output' and how to manage that. Two examples are shown below, but there are many, many more articles and reports that have been written about tool validation and certification; and that is without mentioning iso17025 requirements.
In 2013 "A critical review of 7 years of Mobile Device Forensics". This article preferred a common framework proposal route.
Konstantia Barmpatsalou, Dimitrios Damopoulos, Georgios Kambourakis, Vasilios Katos
2013 Elsevier Ltd. All rights reserved.
Moreover, since standardization efforts in this area are still in their infancy, this synopsis of research helps set the foundations for a common framework proposal. Furthermore, because technology related to mobile devices is evolving rapidly, disciplines in the MF ecosystem experience frequent changes. The rigorous and critical review of the state-of-the-art in this paper will serve as a resource to support efficient and effective reference and adaptation.
In 2020, "Towards reliable digital forensics investigations through measurement science" - the article highlights "Currently, digital forensics discipline does not conduct the sort of validation testing needed to develop statistical confidence in tool performance, or to generate the empirical data needed to bring objectivity to examiner conclusions."
Towards reliable digital forensics investigations through measurement science
Nicolas Hughes , Umit Karabiyik
First published 03 January 2020|
Validation is the scientifically accepted methodology for demonstrating the accuracy and reliability of a process. Currently, digital forensics discipline does not conduct the sort of validation testing needed to develop statistical confidence in tool performance, or to generate the empirical data needed to bring objectivity to examiner conclusions. Recently recommended standards provide more reliable results, and tool testing programs provide a better understanding of tools' limitations. However, these efforts do not constitute testing over the full range of expected target device conditions, product functionality, and target device configurations which are needed for validation testing. Several major impediments to validation testing include a lack of validation methods, a lack of reference data, and a lack of the definitional precision and low‐level specificity needed to establish a system of measurement in digital forensics. This study attempts to identify the remaining needs that prevent comprehensive validation in digital forensics and identify potential solutions to address those needs.
This article is characterized under
Digital and Multimedia Science > Cyber Threat Intelligence
Jurisprudence and Regulatory Oversight > Interdisciplinary Collaboration
Very interesting! Thanks for posting!