Authors: James Lyle (NIST)



There is a critical need in the law enforcement community to ensure the reliability of computer forensic tools. A capability is required to ensure that forensic software tools consistently produce accurate and objective test results. The goal of the Computer Forensic Tool Testing (CFTT) project at the National Institute of Standards and Technology (NIST) is to establish a methodology for testing computer forensic software tools by development of general tool specifications, test procedures, and test sets. The results provide the information necessary for toolmakers to improve tools, for users to make informed choices about acquiring and using computer forensics tools, and for interested parties to understand the tools’ capabilities. Our approach for testing computer forensic tools is based on well recognized international methodologies for conformance testing and quality testing. This paper describes requirements and test assertions that make up a strategy for testing hardware write block devices.