Is there anybody here that develops software for Forensic purposes - I just wanted to ask what type of experience/skills/training is required for that type of job role???
Thanx in advance
I am currently working on Forensic Software, Currently I am working on a complete kit that will image the drive, keep logs and investigator notes and to catalog all evidence during the investigation. Basically knowledge of forensics and how data is structured as well as programming go into the creation of these tools. I wish i knew more about the job role I mostly do this as a hobby. However I have several people from different agency's testing my tools with great results. Its alot of fun.
I too am very much interested in the topic, as I too am involved in Forensic Software Development as part of my PhD.
From what I was both told and discovered through my own research in the topic, there currently is no "formal" set of standards for Forensic Software Development. Looking through my notes now, there are two main requirements for FSD projects… integrity and fitness for purpose, both of which one needs to "prove" in a court of law. Integrity can be proven through the soundness and rigorousness of the S/W Eng. process(es) you use, as well as through the use of Formal Methods.
Other more practical advice I was given is to develop the software on a totally isolated system (not connected to the net) where the OS/System specs and ANY patches/whatever documented (so as to prove the code is not "tainted" and works "as expected").
Finally, you should use "strong design by contract" in all essential components of your software.
I hope this information helps, and if you or anyone has anything more substantial in the way of guidelines, could you please post links and info here, as both myself and Juniper would be more than interested, methinks?
Cheers
DarkSYN
DarkSYS, you'd be interested in the research at Uni of S AU if you haven't already looked. They're doing academic work on IV&V, etc.
Thanks for the replies,
I have had exposure to developing my own basic forensic software using Java/Netbeans during my Degree. The course had a heavy SD element - but this was at the expense of taught Forensic methodologies - as such I feel I have mastered neither and that further study is required.
DarkSYN - I am interested in doing a PhD and was wondering if I could do research in developing the "Formal Methods" as outlined in your post?? Is this feasible?? Any further advice would be greatly appreciated.
Thanx in advance