Perform a formal tool validation of a computer forensics tool of your choice (selected from the list provided). Your tool validation should be comprised of two parts. A formal validation study and a write up as a formal APA research paper. I would like you to use the provided documentation from NIST, NIJ, DFI and SWGDE as a guide for the steps a proper tool validation should take. The tool list provided to you are all freeware tools. Whatever tool you choose (FTK Imager or HxD) should have each of its features tested, not just one of its abilities. I expect a thorough testing of the tool you select and your documentation should be extensive enough to serve as a guide on tool validation.
The documentation provided in the course shell to gain an understanding of formal tool validation. This is very different from a quick functionality test and each function of the tool should be thoroughly tested. Strict adherence to APA is required and I will be watching grammar and sentence structure closely.
- Your formal validation study should follow the guidelines provided by SWGDE. The guidelines for sections are as follows: 1. Develop and document test plan before testing begins. The test plan should contain the following: a. Purpose and scope b. Requirements to be tested – what does the tool have to do? c. Methodology – how to test? (Identify support tools required to assist in evaluation of results when applicable) d. Test scenarios • Condition or environment required for test scenario • Actions to perform during utilization of the tool, technique or procedure CRJ 455 Midterm 7 • Expected results – determine pass/fail criteria • One test may be sufficient depending on the tool, technique or procedure being tested. The number of test scenarios should be sufficient to cover the various environments encountered – for example, different file systems, media sizes, platforms, device types, etc. • Different options may need to be tested such as user configurable option settings, switch settings, etc., in accordance with purpose and scope e. Test data to fulfill conditions of test scenarios – can the existing reference data set be used? (Identify support tools required to assist in the development of test data when applicable) f. Document test data used Note: Be sure each requirement is assigned to at least one test scenario.
- Perform test scenario(s) and document results in test report a. Use media and/or other sample materials that are in a known state or condition b. Use test equipment with known configuration which corresponds to your examination environment c. If anomaly occurs then: • Attempt to identify conditions causing anomaly • Attempt to independently verify conditions causing anomaly • If feasible, implement alternative procedure and re-test d. If re-tests are performed, results of all tests must be documented e. Be sure pass/fail status for each requirement is annotated in test report f. Ensure to annotate all testers and dates assigned to test scenario g. Individual test scenario(s) must be documented separately, but a summary report should be written which states the overall pass/fail status of the tool, technique or procedure, along with any recommendations, concerns, etc. h. Validation of results: comparison between actual and expected results must be performed and discrepancies between the two must be documented
- Aside from the formatting requirements of APA your paper should contain the following sections (with appropriate headings related to your topic) for the content portion. a. An overview of the topic the tool addresses b. An overview of the tool and its purported abilities and functions c. A detailed description of your known data including its origins and known values d. A detailed description of your testing of the tool using your data e. Your results f. Your determination of whether the tool meets expectations and does what the manufacturer stated g. Any suggested improvements for the tool