Solveit

SOLVE-IT (Systematic Objective-based Listing of Various Established (Digital) Investigation Techniques) is a knowledge base for and by the digital forensic community, supported by DFRWS.org, that describes and indexes techniques available to digital forensic investigators during an examination.

Uniquely, it also describes potential weakness at each stage of a digital forensic investigation, including in digital forensic tools. It also provides Python tooling to compile the contents of the knowledge base into different formats, making it useful for a number of different applications.

Use

The many potential applications of SOLVE-IT include:

• strengthen tool testing by scoping error-focused data sets for a technique
• reinforce techniques by cataloguing available mitigations for weaknesses
• bolster quality assurance by identifying potential weaknesses in a specific processes
• structure consideration of potential uses of AI in digital forensics
• augment automation by highlighting relevant CASE ontology classes
• prioritize innovation by identifying academic research opportunities
• standardizing language and terminology in teaching using the indexed techniques
• conducting capability assessments of labs or individuals against the techniques

One of the most interesting and immediate applications of SOLVE-IT is to avoid missed or unmitigated errors in digital forensic processes. This can be undertaken to review either standard processes, tool workflows, or even individual investigations.

Reference

• SOLVE-IT: A proposed digital forensic knowledge base inspired by MITRE ATT&CK from the Proceedings of the DFRWS EU 2025 Conference

External Links

• SOLVE-IT GitHub repositories

See Also

• ASTM E3016-18: Standard Guide for Establishing Confidence in Digital and Multimedia Evidence Forensic Results by Error Mitigation Analysis based on SWGDE document