Title :
TRINITY: An IDE for the Matrix
Author :
van den Bos, Jeroen ; van der Storm, Tijs
Author_Institution :
Netherlands Forensic Inst. (NFI), The Hague, Netherlands
Abstract :
Digital forensics software often has to be changed to cope with new variants and versions of file formats. Developers reverse engineer the actual files, and then change the source code of the analysis tools. This process is error-prone and time consuming because the relation between the newly encountered data and how the source code must be changed is implicit. TRINITY is an integrated debugging environment which makes this relation explicit using the DERRIC DSL for describing file formats. TRINITY consists of three simultaneous views: 1) the runtime state of an analysis, 2) a hex view of the actual data, and 3) the file format description. Cross-view trace ability links allow developers to better understand how the file format description should be modified. TRINITY aims to make the process of adapting digital forensics software more effective and efficient.
Keywords :
data flow analysis; digital forensics; program debugging; reverse engineering; software maintenance; DERRIC DSL; IDE; TRINITY; actual data hexview; analysis runtime state; cross-view traceability links; digital forensics software; domain-specific language; file format description; integrated debugging environment; reverse engineering; Debugging; Digital forensics; Layout; Maintenance engineering; Reverse engineering; Runtime; Software; domain-specific language; integrated development environment; model-driven engineering; reverse engineering; software maintenance;
Conference_Titel :
Software Maintenance (ICSM), 2013 29th IEEE International Conference on
Conference_Location :
Eindhoven
DOI :
10.1109/ICSM.2013.86
