Data Extraction Suite
One issue related to computer forensics, is the extraction of data from within embedded systems , this has to be accomplished without modification to the physical item being forensically examined, as well as ensuring that any data extracted is done so within an audit-able environment meeting established good chain of custody requirements.
Normal chip programmers/readers fail to meet the requirement because they are specifically designed to program chips or read content in a manufacturing environment rather than in a forensic environment,as such they do not meet the traceability and integrity requirements needed for valid forensic extraction.
To this end we have assembled a custom hardware solution designed to meet the requirements of a forensic based extraction environment.
The systems will initially target data extraction from in circuit I2C chips.
The system is rudimentary at this stage, but it allows I2C data to be extracted from most onboard chips whilst they are still in circuit on the main PCB.
Here we see the manufacturers embedded data which has been extracted from the I2C chip onboard a Kingston KVR400x64c3A/256 DDR ram board.
The data can be saved /edited and re-written back to the device.
There is also a byte analysis system that will include CRC codes and SHA2 checksums.