A New Era of Software Forensics with Static Analysis
The term “forensics” refers to the method of using science to discover evidence of criminal activity. Extending this to software broadens the use case to consider all the purposes of software investigation techniques. Software is ubiquitous, and is a part of all mission-critical systems. As such, software failures have tremendous real-world effects. In software, “forensics” refers to the method of using tools and techniques to uncover software evidence for purposes such as criminal investigations, civil cases (e.g. safety failures), commercial product failures, and security breaches.
This paper discusses how static analysis is an important tool in software forensics, and how hybrid source and binary code analysis can be applied and the advantages to investigation efficiency.