Forensic expert opinion on software. Forensic software and computer examination

22.11.2023

Software and computer expertise is a type of forensic computer-technical examination. With the development of computer technology, a new direction of offenses has arisen, which are called crimes in the field of computer information. In such crimes and not only computer hardware and software are used to achieve the goal.

The main goal of software and computer forensics is to establish the involvement of the software package under investigation in the criminal act under investigation. Also, as a result of the analysis, traces of illegal actions may be detected. Subject of research of this examination are the features of development and application software computer system. The analysis can be carried out in both civil and criminal cases.

Objects software and computer forensics are the following components:

Operating systems (system software).
Utilities (auxiliary programs).
Software tools for software development, as well as for its debugging.
Application programs designed to perform specific functions - text editors, spreadsheets, programs for working with two-dimensional and three-dimensional graphics, programs for creating presentations, mailers, drawing editors and much more.

Occasion to order a software and computer examination, there may be a reasonable suspicion of incorrect operation of the software, incompatibility of two or more programs located in the same chain of performing any operations, and so on.

Software and computer forensics are widely used in the investigation of criminal cases, but the need for similar research in other types of legal proceedings is gradually increasing, which is caused by the extensive computerization of all areas of life. Currently, many civil cases arise, including those resolved in arbitration courts. Also a large number of cases are related to the protection of consumer rights, as well as copyright infringement during the distribution of counterfeit products.

PROBLEMS THAT ARE SOLVED WITH THE HELP OF COMPUTER SOFTWARE EXPERTISE

Software and computer expertise solves a wide range of problems related to the specific features of software, its development, implementation, application, and so on. The wide variety of problems solved with the help of this research is due to the fact that computer systems with appropriate software are used in almost all areas of human activity. The main objectives of software and computer expertise are:

Establishment of general characteristics of the software under study, analysis of its component composition.
Classification of individual system or application software included in the software submitted for examination.
Determining whether the software as a whole or its components is counterfeit (or the presence of such signs).
Establishment of specific characteristics of the software under study. The type of software, its name, version, developer, type of presentation (remote, explicit or hidden) are determined.
Establishing the data of the owner and developer of the software under study. For legal entities The details of the organization are established. For individuals– identification data.
Determination of the file composition of the software under study, indicating their parameters - creation date, type, size (volume), other attributes.
Establishing the functional purpose of the software under study.
Identification of the presence on the computer system under study of software designed to solve a specific problem.
Establishment technical characteristics hardware, necessary for the normal functioning of the software under study.
Determining the compatibility of the software and hardware of the computer system and the software under study.
Establishing whether a given class of problems belongs to functionality software under study.
Establishing the current state of a computer system, namely software, the level of system performance and the system’s ability to implement certain tasks.
Establishing the configuration of input/output devices on a given computer system equipped with the software under study.
Identification of deviations from the software under study standard parameters(presence of undocumented functions, infection, etc.).
Determining the presence of software or hardware protection against copying and unauthorized access in the software under study.
Determination of algorithms for the software presented for research.
Establishing a method for protecting software.
Establishment of development tools for the software under study (types of compilers, programming languages, system libraries).
Revealing hidden codes with the original version of the program.
Determination of modifications of the original algorithms.
Establishing the use of specific algorithmization and programming techniques.
Establishing a chronology of changes in the software under study.
Establishing the chronology of the use of the software tool under study, starting from the moment of its installation and activation.
Establishment of possible consequences of subsequent operation of the software submitted for examination.
Establishing the possibility of the program under study performing the specified functions after making changes.

METHODS OF CONDUCTING COMPUTER SOFTWARE EXAMINATION

Software research methods used in the course of software and computer examination are usually classified based on the type of object under study. The following groups of methods are distinguished:

Methods for analyzing source codes.
Methods for studying software algorithms.
Methods for studying executable codes (load modules).

The examination of boot modules is based on the examination of software using basic methods that monitor all interrupts that are caused by a given program. The method used by the expert must exactly match the type of problem he is solving. Accordingly, to obtain a reliable research result, it is necessary to select an expert with a high level of professional competence and great experience conducting research.

When analyzing malware (viruses, worms, etc.), various monitoring methods are used - analysis of file signatures (disk memory monitoring method), verification of checksums (monitoring method random access memory) and so on.

PROCEDURE FOR CONDUCTING COMPUTER SOFTWARE EXAMINATION

The procedure for conducting software and computer examination is standard for all such studies. At the first stage, an expert is consulted to determine the type of examination, the subject and objectives of the study, as well as the cost and timing of its implementation.

At the next stage, an agreement is concluded with the organization to conduct the examination, after which the initiator of the examination transfers to the specialist the software on the medium on which it is installed, and all available documentation. The contract includes the subject of the study, the existing research tasks, the questions posed to the expert, as well as the expected completion date for the examination. Next, the research production specialist carries out the necessary expert activities and draws up an expert opinion, which is the main result of the research and can be presented as evidence during the trial. The expert report includes a description of the research conducted, copies of the submitted documents and answers to the questions posed to the specialist.

LEGAL FRAMEWORK FOR CONDUCTING COMPUTER SOFTWARE EXAMINATION

Chapter 28 of the Criminal Code of the Russian Federation describes crimes in the field of computer information, as well as penalties imposed for such offenses. The chapter contains three articles. Article 272 regulates penalties for illegal access to classified computer information. Article 273 provides for penalties for the development, use and distribution of so-called malicious programs that lead to the destruction or blocking of information on personal computers and production networks. Article 274 prescribes liability for non-compliance with the technique of use personal computers, computer systems or computer networks. By means of software and computer forensics, a justification is obtained for making decisions on the crimes outlined in this chapter.

QUESTIONS TO BE posed to a specialist in computer software examination

The full list of questions is quite extensive. In each specific case of conducting a software and computer examination, a list of questions is formed depending on the final purpose of the study and the type of software under study. The questions asked to the expert are based on the tasks being solved during the research process. In general, the questions look like this:

What are the general characteristics of the software under study?
What components does this software consist of?
What is the classification of the software under study?
What are the characteristics of the files that make up the software under study (date of creation, type, size, etc.)?
What is the name of this software? What is its type? Who is the developer?
What version of the software is provided for the examination?
What is functional feature software under study?
Does this computer system contain software designed to perform a specific functional task?
What should be the hardware characteristics of the computer system necessary for the correct operation of the program under study?
Is the program under study compatible with the hardware state of the computer system, as well as with the software already installed on it?
Has it been used this program to perform certain functional tasks?
Is the software being tested functional? what is its actual condition?
How exactly is the data input/output system organized in the software under study?
Are deviations from the standard characteristics of typical similar programs found in the software under study?
Does the software product design include protection against copying and unauthorized access?
What is the algorithm for organizing protection against copying and unauthorized access?
What is the basic algorithm underlying the software under study?
What main tools were used to develop this software product?
What are the details of the developer (owner) of the software submitted for examination?
What is the chronology of modifications to the software under study?
What is the chronology of use of the software under study, starting from the moment of installation?
What are the possible consequences of further use of the software product submitted for examination?
What is the reason for changes in the software - user actions, impact malware, software errors, hardware failure, etc.?

Please clarify any questions you are interested in by calling the contact number.

This story happened more than 3 years ago, so I can safely remove the “trade secret” stamp and voice its details on the Internet.
Colleagues from the financial control department of the Ministry of Defense of the Russian Federation contacted our company with a request to conduct an examination of the software - “ Simulation stand emergency situations in flight" It must be said that colleagues from the Ministry of Defense immediately suspected a catch in the software and decided to conduct an independent expert assessment in order to understand what they were dealing with and whether it was worth the money that was announced in the government contract. And the government contract was no joke; the total cost of the project was about 20 million rubles!

Initial data:
For the study, files were received on flash media with a total volume of 2,252,414,699 bytes. The root of the media contained two directories: FltRec02; SM-AS 2006.

Operating system on the computer under study: Microsoft Windows XP Professional.
Analysis of files in a directory FltRec02
File size: 472,899 bytes.

Among all the presented files, only one is bootable - FLTREC02.exe, which cannot be launched.

Analysis of files in a directory SM-AS 2006
Fighter Ace II

Directory size: 2,251,941,800 bytes.

Boot file FIGHTACE.exe

After launching the file, the window shown in Fig. appears on the screen. 2

The presence of an already entered security “key” (see highlight in Fig. 3) indicates the “pirated” origin of the software product!

After installing and launching the program in “play” mode, the user must register on the server of the official manufacturer – Microsoft.

In " training"The “training mode” opens in front of the user, see fig. 5 and 6

Conclusion: The software under study belongs to the “Computer Games - Simulations” class, developed by Microsoft Corp., released in 1999, named Fighter Ace II.

The cost of the software product, taking into account its “pirated” origin, is about 70 rubles.

Microsoft Flight Simulator 2002

Boot files FLTSIM98.exe, FS2000.exe, FS2002.exe

These files launch the “Microsoft Flight Simulator 2002” program, which is hidden under the “Flight Emergency Simulation Stand” screensaver. The company ZAO "ХХХХХХ" violated copyright by identifying itself as the developer!

We could not find any information about the legal origin of the software product!

Boot file FSUNINSTALL.exe

Boot file FSEDIT.exe

Conclusion: The software under study belongs to the class “Computer Games - Simulators”, the developer of which is Microsoft Corp., year of release 2002, name – “Microsoft Flight Simulator 2002”.

The cost of the software product, taking into account its “pirated” origin, as well as the cost of designing the splash screen (Fig. 7), is about 200 rubles.

In total, the total cost of software submitted for examination is about 270 rubles.

As a result of the examination, the Ministry of Defense employees were recommended to contact the military prosecutor's office and counterintelligence to conduct an investigation!

If a person is involved in an accident, he can get fair insurance compensation according to OSAGO. Today, a special government methodology called EMRU is used to calculate damage. But what is the structure of this technique? What laws govern EMRU? And what formula is used to determine the amount of damage? Below we will find out the answers to these questions. We will also look at an example of calculating insurance damage according to EMRU.

The Unified Methodology for Calculation of Damage (UMRU) is special method, with which you can calculate the amount of insurance compensation for compulsory motor liability insurance.

In fact, EMRU is a set of formulas.

The unified calculation methodology is regulated by the following documents:

the federal law No. 432-P. Represents the main regulatory document in accordance with which the amount of monetary compensation is calculated.
Federal Law No. 433-P. It is an additional regulatory document that regulates the rules for conducting an independent examination, with the help of which the amount of damage can be assessed and establish some details of the accident.
BCZ. It is an electronic database that stores information about the cost of certain spare parts to most vehicles.

The draft laws were developed by the Ministry of Transport, the Central Bank and the Russian Union of Auto Insurers (RUA). Before the introduction of ERMU, there were more than 5 recommended state methods with which it was possible to determine the amount of damage.

The problem was that these techniques did not fit well with each other, which led to confusion. Another problem was that different methods produced different results, and the amount of recommended payments using different methods could vary. differ by 2-3 times .

Because of this confusion, many dissatisfied car owners sued the insurance company, and in 2013, before the law was adopted, the number of such lawsuits was more than 600 thousand.

The adoption of EMRU allowed us to solve many problems:

Reducing the burden on the judiciary.
Increasing the level of transparency between insurance companies and motorists.
Unification of calculations.
Stabilization of the economic model of compulsory motor liability insurance.
Increasing the reliability of insurance companies.

EMRU is a document with which you can calculate the cost of insurance compensation. The EMRU contains the following information - definition of basic terms, calculation algorithms, formulas for calculations, reference materials, rules for drawing up expert reports, and so on. Using this information, you can accurately determine the amount of insurance payment for repairs.

The unified method for calculating damage contains information about all the main cars that can be found in Russian Federation(the total number of car brands is more than 67, and the list itself is periodically updated).

It should also be remembered that EMRU can only be used if the client of the insurance company is an individual.

The methodology has the following structure:

7 main chapters, which contain basic information on the calculation of insurance compensation for compulsory motor liability insurance.
10 applications, which contain some Additional information(correction factors, a list of parts for which a zero wear value is set, the average annual mileage of cars, and so on).
There is also a special electronic database , which contains information about the average market cost of parts. This database is called BCZ.

Type	Number	Short name	Information
Head of the Basic Law	1	Procedure for determining vehicle damage	Contains general information about EMRU. It is also indicated here that EMRU was created so that with its help it would be possible to calculate the amount of insurance compensation for damage to any vehicle. It also stipulates some basic concepts (evidence, vehicle examination, examination results) that are used to calculate insurance payments. Information is also indicated here that all examinations are divided into primary (carried out by an emergency commissioner or an insurer’s technician) and additional (carried out by forensic and independent experts).
	2	Investigation of the circumstances of the accident	This chapter discusses the issue of studying the circumstances of an accident. The circumstances of the accident are studied with the help of special examinations, with the help of which it is possible to establish the key details of the accident (based on this information, in the future it is possible to establish the culprit of the accident, the degree of culpability, the type of violations that led to the accident, the amount of damage caused, and so on). Typically, two examinations are carried out to investigate the circumstances of the accident. The first examination is an expert-comparative analysis of the documentation that was drawn up after the accident. The second examination is a scientific expert analysis of an accident, with the help of which it is possible to establish the nature and type of damage caused; based on these data it is possible to compile computer model, with which you can identify the culprit of the accident. If one of the parties does not agree with the conclusions of previous examinations, it can conduct an additional examination to clarify some details that may be important when considering the case.
	3	Determining the level of repair costs	Contains a number of algorithms that can be used to calculate the total cost of vehicle repairs. The following expense items are discussed here: the purchase of new auto parts (engine, headlights, bumper, etc.), the purchase of materials (paint, primer, abrasives, and so on) and the services of technicians.
	4	Determining wear levels when purchasing new parts	This chapter contains information on which you can calculate the wear of old parts. The fact is that many parts deteriorate over time, so when determining the level of compensation, the residual cost of the old part (taking into account wear and tear) should be subtracted from the full cost of each new part.
	5	Determining the cost of surviving parts if the vehicle is destroyed	This chapter describes a methodology with which you can calculate the cost of some spare parts, provided that the vehicle is completely destroyed (and there is the possibility of reusing these undamaged parts). The fact is that the damage caused may be so severe that the car will be almost impossible to repair, but some parts may be serviceable. Based on the data provided in this chapter, the cost of these serviceable spare parts can be calculated.
	6	Determining the value of a vehicle before damage	Contains information on how to use a methodology to calculate the pre-accident value of a vehicle. With the help of this information, you can understand whether it makes sense to restore the vehicle at all. The fact is that sometimes the damage can be so severe that repairing the vehicle does not make sense (for example, the value of the car before the accident may be much lower than the cost of repair). This chapter also specifies a method for calculating the average market value of a new car that is similar to a damaged one. If it turns out that a new car costs much less than repairing a damaged car, then the person is simply given money to buy a new vehicle (after all, in most cases it is quite difficult to calculate the cost of a car before an accident).
	7	The procedure for approving reference books for calculating the average cost of damaged parts	This chapter contains a list of sources that can help a technician or insurer estimate the cost of new parts. The fact is that when calculating damage, many parameters are used that can change (for example, the market value of parts). Some regulations of the Central Bank, an electronic database of spare parts, price standards and some other documents that do not contradict the EMRU are used as regulatory documents containing the necessary information.
Appendix to the law	1	Photographing an accident and a damaged car	Contains information on how and in what cases it is necessary to record the consequences of an accident on photographic or video equipment. This information will be useful both in the case of drawing up a standard protocol with the involvement of traffic police officers, and in the case of drawing up a European protocol without the participation of traffic police officers. This information may also be useful in the event of litigation.
	2	Typical vehicle damage	Contains information that can significantly simplify the procedure for classifying damage caused. This application also states that there are a total of 32 characteristic damages.
	3	Costs for restoring the body of some vehicles	This paragraph contains information on the basis of which you can calculate the cost of repairing non-metallic bodies of some vehicles. The fact is that the body of some foreign and domestic cars is made not of metal, but of some other materials (for example, special plastic), so an additional method is needed to calculate the repair of such a body.
	4	Commodity markets and boundaries of economic regions	Contains information about which economic regions certain areas belong to (13 regions in total). The fact is that the average market cost of parts is calculated taking into account the economic region (after all, for example, the price of a part in St. Petersburg may differ significantly from the price of the same part in Vladivostok).
	5	Size of correction factors for determining the degree of wear	When calculating the degree of wear, 2 special coefficients are used (depending on the type and brand of the vehicle). In this application you can find out the size of these coefficients in order to correctly calculate the degree of wear.
	6	Size of correction factors for determining the degree of wear of very old parts	In some cases, the values of the 2 correction factors (used to calculate the degree of wear) can be reduced. This annex provides information about the specific cases in which this may occur; The degree of reduction of these correction factors is also indicated here.
	7	List of parts for which wear value is set to zero	For some damaged parts, the wear value is set to zero. This appendix provides a list of these parts (brake discs, steering wheels, tie rod ends, etc.).
	8	Directory of average annual vehicle mileage (including regions)	When calculating the cost of repairs, the vehicle's mileage is also taken into account. In this application you can find out the average annual mileage of vehicles (taking into account the type of vehicle and region of residence).
	9	Reducing factor K, with which you can take into account the operating time of the vehicle	The cost of insurance payment may be slightly reduced depending on how long the vehicle is in use. This annex specifies the size of this reduction factor (the size of the factor depends on the type of vehicle and age of use).
	10	Additional coefficient K, with which you can take into account the nature mechanical damage	The cost of insurance payment may be changed depending on the nature of mechanical damage. This annex indicates the size of the correction factor, and the factor itself depends on the degree of mechanical damage.

When can a unified methodology for calculating damages under compulsory motor liability insurance be used?

The following persons can use the unified methodology for calculating damage:

Insurance companies and their official representatives who have the right to inspect damaged vehicles.
Certified expert organizations (including independent ones).
Private experts who have passed certification and are licensed.
Forensic experts who have passed certification and are licensed.

After an accident, it is necessary to draw up a vehicle inspection report (usually this document is compiled by experts with the participation of people who were involved in an accident).

The vehicle inspection report must include the following information:

Reason for vehicle inspection(in our case it will be an accident).
Exact start date and completion of the vehicle inspection.
The exact address. If the accident occurred near a house - the street name and house number, if the accident occurred at an intersection - street names, if the accident occurred far from any populated areas - the name of the highway, kilometer number and direction of travel.
Full information about the owner, as well as information about the person who was driving at the time of the accident (after all, in the general case, the driver may not be the owner of the car, but some other person, for example, a friend of the car owner).
Information about vehicle — equipment, start of operation, mileage, and so on.
Information about damage that occurred before the accident. It is necessary to indicate not only all old damage, but also indicate the type of damage, their location, and so on. If repairs were made or spare parts were changed, this fact must also be reflected in the report.
Information about damage that occurred as a result of an accident. It is necessary to indicate not only all existing damage, but also indicate the type of damage, their location, and so on.
If any part was taken for analysis to conduct an additional examination, this fact must be reflected in the report.
You should also indicate in the report the current condition of the car. If the car has been towed— the report should include information about where and how the vehicle was evacuated.

The unified methodology for calculating damage contains special rules that regulate the conduct of special examinations, with the help of which the amount of monetary compensation can be determined.

EMRU requires experts to meet the following requirements:

They must have higher technical education.
They must undergo special expert technical courses. At the end they must pass the exam successfully.
They must take advanced training courses at least once every 5 years.
The minimum professional experience is 12 months.
After receiving a license to conduct an examination, information about the expert is entered into a special list of auto expert technicians. This list can be found on the RSA website . From this register you can find out the following information about the expert - full name, city, legal status, terms of accreditation, contact details, and so on.

Setting the amount of payments - the basic formula

The unified methodology for calculating damage contains information on how to correctly calculate the amount of insurance compensation.

The following formula is used for calculations:

RK = SR + SM + SD.
RK- This total amount of compensation.
SR- This repair cost.
CM- This Cost of materials.
SD- This cost of parts that need to be replaced.
When calculating these indicators, the average market cost of parts, materials and repair work is taken into account. The maximum degree of deviation from the average market value can be no more than 10%.
When calculating the cost of work (CP) and materials (CM), the date and region of the accident are taken into account .
Calculation of CP and SM occurs on the basis of standards specified in Appendix No. 3.
Only damage caused by an accident is taken into account. . If, for example, someone scratched a car before an accident, then the insurance company will not give money to paint over the scratch.
It should also be remembered that when calculating the cost of parts (CP), wear should be taken into account . To do this, it is necessary to calculate the correction factor using a special complex formula; after this, you need to subtract this coefficient from unity, and the resulting result should be multiplied by the SD parameter.
It should be understood that the correction factor will always be less than one, so the full market value of the damaged part will not be returned to you.

And this is fair - after all, over time, many parts wear out, and if you are in an accident, the insurance company must only compensate for the market value of the old part.
If the total amount of compensation exceeds the cost of a new car of the same make and model, then the insurance company will issue money not for repairs, but for the purchase of a new car . Often this approach is used when there is so much damage that it is much cheaper to buy a new car than to repair the old one.

Let's try to calculate the amount of damage ourselves:

Let us have a car CHERY TIGGO (T11). Let's assume that the car was released in 2012. Its mileage was 70 thousand kilometers.
In March 2016, an accident occurred.
Let's Let's first calculate the degree of wear. To do this, you can use a special complex formula; You can also use a special online calculator. Regardless of the calculation method, we will get a wear rate of 0.35 (or 35%).
Let us recall that The amount of compensation is calculated according to the following formula : amount of compensation (RK) = cost of materials (CM) + cost of repairs (SR) + cost of parts (SD).
Let's first calculate the SD parameter (cost of parts). Suppose we should buy a bumper, a right headlight and a mount for the right headlight. To do this, let's go to several sites and find out how much the same parts will cost on different sites (we will visit 3 sites). After this, you should calculate the arithmetic average (this will be the average market value). Let the bumper cost 3,600, 3,400 and 3,200 rubles on different sites - then the arithmetic average will be 3,400 rubles. Using the same scheme, we will calculate the cost of the headlight and headlight mount - let their average market price be 3,000 rubles and 800 rubles, respectively. Now let's add up these three numbers - we get 7,200 rubles. Now let's calculate the cost of parts taking into account wear: (1 - 0.35) * 7,200 = 4,680 rubles.
Let us now calculate the parameter CP (repair cost). Let us only need to repair the wheel arch and carry out wheel balancing. Let the average market price of a standard hour in cases 1 and 2 be 1,000 rubles each. Now let’s open Appendix No. 3 - it states that the standard is 3.0 and 0.1 in the first and second cases, respectively. Let's calculate the CP: CP = 3.0 * 1.000 + 0.1 * 1.000 = 3.100 rubles.
Now calculate the SM parameter (Cost of materials). Let's say we should paint the new bumper and bumper mount. Let's assume that the average market price for a standard hour is 1,200 and 500 rubles, respectively. Let's open the application - it states that the standard is 1.0 and 0.4, respectively. Let's calculate CM: CM = 1.0 * 1.200 + 0.4 * 500 = 1.200 + 200 = 1.400 rubles.
Now we have all the data. Let us now calculate the amount of insurance payment: RK = SM + SR + SD = 1.400 + 3.100 + 4.680 = 9.180 rubles.

Video on the topic

Conclusion

Now you know what EMRU is. Let's summarize. Firstly, EMRU is the main method by which you can accurately determine the amount of insurance compensation in case of an accident. Secondly, EMRU is a document that consists of 7 chapters and 10 annexes, where contains all the basic information about the technique.

Software examination is a study whose ultimate goal is to verify the completeness/completeness of a software product.

The tasks of software examination include:

Compliance check terms of reference(functionality, efficiency, reliability, etc.)
Correct operation on planned hardware and software infrastructure
checking the completeness of operational documentation
checking the readiness of a software product for implementation into trial or industrial operation

The software examination process requires clear regulation. The whole process can be divided into several stages:

internal software examination performed by the contractor’s employees at certain stages of development
software acceptance examination performed on equipment and with the involvement of customer personnel to determine the degree of readiness of the product for implementation

Software examination within the project team is carried out in accordance with the regulations adopted by the performing company. When conducting an external examination, they are often guided by the following standards:

GOST R ISO/IEC 12207-99,
GOST R ISO/IEC 12119-2000,
GOST R ISO/IEC 14764-2002,
GOST R ISO/IEC TO 16326-2002,
GOST R ISO/IEC 15408-2002

At the stage of acceptance testing, a document is drawn up: Test Program and Methodology, which determines quantitative indicators of product quality and testing methods. A program is being developed from the perspective of minimizing the amount of testing to verify that all document requirements are met.

The software examination program and methodology must contain the following sections (according to RD 50-34.698-90 AUTOMATED SYSTEMS, REQUIREMENTS FOR DOCUMENT CONTENT):

description and purpose of the object
list of documents based on which development is carried out (contract)
purpose of the examination
list of requirements and limitations of the technical specification that must be verified
a program for testing the completeness of the software in accordance with the technical documentation and a test plan for checking all sections of the technical specifications (if additional requirements were identified during the development process, then a separate scenario is drawn up for them indicating the documents on the basis of which changes were made)
all concepts of tested characteristics, testing conditions, tools used to automate tests, methods for processing and evaluating test results for each section of the examination program.

The software examination program and methodology are agreed upon with the developers and the Customer.

During the software examination process, the following indicators are checked:

software size in different units measurements (number of functions, lines in the program, disk memory size, etc.);
system operation time;
labor productivity
number of errors and number of failures

The operating instructions for the software package are also checked and adjusted in all specified modes.

Software examination at the time of acceptance tests is carried out at the Customer's stands. The installation of software and debugging of stands is carried out by representatives of the developers.

During software examination, the use of automated testing tools is allowed.

The result of the software examination is recorded in the Test Report. The protocol must contain:

date and place of examination
list of documents on the basis of which the examination was carried out
composition of the expert commission
generalized test results with their assessment for compliance with the requirements of the technical specifications
conclusions about test results and readiness of the software product for transfer to trial/industrial operation.

If during the software examination the need to change the requirements is identified, adjustments to the technical specifications are allowed by agreement of both parties. It is also possible to accept a software package with deviations from the original requirements. At the same time, the accepted assumptions are recorded in the software examination protocol.

If deviations from the requirements stated in the technical specifications significantly affect the achievement of the goals of the software, then the program is returned for revision. The examination protocol records the period for the retest.

Given the market situation and the availability of a wide variety of CRM systems and various platforms, software is being created that can be used to automate the professional activities of representatives of different specializations. Such applications are “tailored” to a specific industry and significantly simplify work in it and communication with other structural units. IN We ordered the development of special software to solve your problems, but the contractor, for certain reasons, in violation of the contract or technical specifications, did not complete the work or performed the work poorly. In this case, it is not possible for you to prove your case in court without an expert opinion. Independent examination information systems And software products- this is a whole complex of research. Its goal is to solve problems of the identification level of information and software on appropriate media. Specialists discover patterns in the development and use of software, study the functional meaning and characteristics of the algorithm, structural features and current state, and also determine whether changes have been made to overcome the protection.

The most frequently received requests are for examination of 1C software. This type We carried out the examination separately - “Examination of 1C products (software)”

Examination objectives:

analysis of related documentation and regulations;
examination of the information system for compliance with the technical specifications;
preparation of an evidentiary expert opinion (must be in writing).

When is software expertise needed?

if it is necessary to check various business systems, organizational management systems (ERP, CRM, etc.) for compliance with the standards of the technical specifications;
if it is necessary to determine whether changes have been made to the program;
if it is necessary to determine whether there are attempts in the data system to illegally access information;
if it is necessary to determine the causes of software malfunction;
if it is necessary to determine the possibility of making changes to the storage medium;
if it is necessary to determine an assessment of the quality of the information system;
if it is necessary to determine the cost of the information system;
if it is necessary to determine an assessment of the cost and quality of the software.

Cost of examination (research):

Cost of the study: from 20,000 rubles*.

LEGAL SUPPORT OF EXPERT ACTIVITIES

Our legal department, working closely with the expert department, will ensure high-quality, legally and technically verified preparation of expert opinions, and will ensure an internal logical relationship between the results of the study and a retrospective of the case materials.

Our specialists are ready to advise you on the grounds, procedure for conducting an examination (forensic examination), its main stages, methods of recording and studying significant circumstances.
Based on experience collaboration, we can distinguish several types of interaction with our Clients:

Primary protection of the Client's interests.

This category will include a full list of legal services, from analysis of the situation to consideration of the case on its merits. Our lawyers, together with the department of experts, will be able to quickly understand controversial situation, will develop...

Challenging the examination.

This service is of a slightly specific nature and belongs to cases of the highest category of complexity, requiring not only joint analysis, but also the joint participation of a lawyer and an expert directly in the court hearing. This service...