Fitness for Purpose revisited

Posted on April 29, 2010. Filed under: forensic | Tags: , , , , , , , , , |

I posted a hint, a few weeks ago, that I was intrigued by differing attitudes to the validation task which is effectively required by ISO17025 and the Forensic Science Regulator’s standards.

The two attitudes seem to be :

  • “Well, it’s just testing isn’t it ? How hard can it be ? “
  • “We have to do it, but think of the complexity! How many hardware and software configurations do we need to consider ? “

One comes from end-users of the tools, one from developers. I’ll let you decided which is which. the second response, though, is particularly interesting in light of some stories I’ve heard from teams who have tried to get accreditation for mobile phone work. There has been a suggestion that they have to test every handset which their systems claim they support – even the American spec. phones which don’t work in the UK.

Interestingly, in spite of the requirement to do this validation, there doesn’t seem to be much work going on to determine what we mean by “valid”. Personally, I fall back on software engineering definitions of validation and verification in this situation – it has to do the right thing in the right way. How do we find out how commercial software is doing something anyway ?

Back in December, I hosted a meeting of some industry representatives – mainly people I know or who were recommended to me, to look at the problem more closely. To start the ball rolling, I asked a couple of questions

  • What do we mean by fitness for purpose ?
  • What do we mean by purpose ?

Fairly obviously, the second questions needs to be answered before the first can be dealt with, but the outcome of the discussions we had was quite fascinating to me. You can find a copy of the full report in the “Regulation” section at http://www.n-gate.net/, but the short version is – we struggled to define purpose.

As we considered the various phases of a digital forensic investigation, and the different types of devices, methods and data which might have to be considered it became clear that relatively few people have sat down and done a proper old-fashioned requirements analysis. The view of the group was that we should launch a pilot programme to see if a requirements-led approach can work. The group recommended starting with the data acquisition phase (carefully chosen phrase as it encompasses non-digital data too) as this is the foundation of everything else that can be done.

Thinking more about this process has led me to start challenging accepted wisdom in digital forensics – for example, do we always have to try to get a complete image of every storage device ? Even the ACPO guide doesn’t say it, but anyone who doesn’t can rely on their methods being challenged in court. A proper requirements analysis, determined in part by the type of case might help here.

As always, though, we have the golden question – who has the gold to pay for this ?

(If you have any to spare, let me know – I’d love to get my teeth into this problem properly)

Advertisements

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

    About

    This is the weblog of Angus M. Marshall, forensic scientist, author of Digital Forensics : digital evidence in criminal investigations and MD at n-gate ltd.

    RSS

    Subscribe Via RSS

    • Subscribe with Bloglines
    • Add your feed to Newsburst from CNET News.com
    • Subscribe in Google Reader
    • Add to My Yahoo!
    • Subscribe in NewsGator Online
    • The latest comments to all posts in RSS

    Meta

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: