Federated Testing Version 5 for Disk Imaging, Forensic Media Preparation, Forensic String Search, Hardware Write Blocking, and Mobile Forensics Data Extraction is now available!
The Federated Testing project is an expansion of the Computer Forensics Tool Testing (CFTT) Program to provide digital forensics investigators and labs with test suites for tool testing and to support shared test reports. The goal of Federated Testing is to help digital forensics investigators to test the tools that they use in their labs and to enable sharing of tool test results within the digital forensics community.
CFTT has developed test suites that will help you test your forensic tool. The test suites are packaged together in a live Linux .iso file.
To test your tool using the Federated Testing test suites:
CFTT's approach to tool testing is to test a tool based on the functionalities it supports. Currently, you can use the Federated Testing .iso to test disk imaging, forensic media preparation, forensic string search, hardware write blocking, and mobile forensics data extraction tools, but CFTT will add new test suites in future releases to allow you to test more forensic functionalities and more types of tools, e.g., deleted file recovery, forensic file carving, etc.
A primary goal of the Federated Testing project is to produce tool test results that can be shared throughout the digital forensics community. Our Federated Testing test suites (packaged on our live Linux .iso file) allow any lab, agency or individual to test their tools using the same test methodology CFTT uses. The final step of this process is to generate a test report for the tool. Our test suites generate that test report for you in a common format that makes it easy for you and others to understand how the tool was tested and what the test results are. If someone has already tested a tool for the features you use in your lab, you can take advantage of their results in your evaluation of the tool. Click on the links below for test reports including Federated Testing reports.
Email your test reports produced using CFTT’s Federated Testing test suites and a zipped copy of the testing log files to cftt [at] nist.gov to share your results with the digital forensics community. CFTT staff will review your logs and the test results documented in the test reports before sharing the reports with the community. Shared test reports from Federated Testing will be publicly available through this website.
Click here to download version 5 of CFTT's Federated Testing live Linux .iso file (contains test suites for testing disk imaging, forensic media preparation, forensic string search, hardware write blocking, and mobile forensics data extraction tools)
Click here to view the change log.
ISO file sha1 value: b4162a68ff3b2d902dfddd4f256273fe1b5015a4
If you are testing a forensic string search tool, you will need to also download the string search test suite’s companion data set from the Federated Testing Test Data Sets section of this page.
Email federatedtesting+subscribe [at] list.nist.gov to subscribe to the federatedtesting(at)list.nist.gov mailing list. Federatedtesting(at)list.nist.gov is a low volume mailing list for distributing updates on the Federated Testing project (e.g., new releases/versions and test suites).