skip navigation


Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.


NCJ Number: 200014 Find in a Library
Title: Is the Duplicate Hard Drive Really an Exact Copy?
Journal: Law Enforcement Technology  Volume:30  Issue:4  Dated:April 2003  Pages:24,26,28
Author(s): Douglas Page
Date Published: April 2003
Page Count: 4
Type: Technical Assistance
Format: Article
Language: English
Country: United States of America
Annotation: This article discusses the reliability of computer forensic tools.
Abstract: A new methodology under development at the National Institute of Standards and Technology (NIST) called the Computer Forensic Tool Testing (CFTT) may help law enforcement investigate computer-related crime. The forensic issue is authentication, which means the process of ensuring that the duplicate of the hard drive provided in discovery is an exact copy of what the agency originally acquired. There is a requirement to ensure that forensic software tools consistently produce accurate and objective test results. The goal of CFTT is to meet this need by developing a methodology for testing computer forensic software tools. There are few standards available to define how these tools should operate and perform. CFTT aims to provide the information necessary for users to make informed choices about acquiring and using computer forensics tools. The project is directed by a steering committee representing a broad spectrum of the law enforcement community. This committee provides the project with both resources and direction. Once a specification is developed, the committee selects tools for testing against the specification. Software tools are divided according to their function: imaging, write blockers, and test suites. CFTT has already demonstrated some limitations of the software tools of which the manufacturers were unaware. The testing procedure subjects each tool to a list of requirements that have been determined through Federal, State, and local input. The main point is that the testing is done at a facility with no benefit in the outcome, conducted through scientific methodology, and with individuals knowledgeable in the process. Information generated from testing has already been used to support or substantiate the methodology in court.
Main Term(s): Computer related crime; Forensic sciences
Index Term(s): Computer abuse; Computer crime investigative Training; Criminal investigation; Fraud and abuse prevention measures; Police computer training; Scientific testimony
To cite this abstract, use the following link:

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.