The FORMOBILE consortium consists of carefully chosen partners, coordinated by University of Mittweida. In total, there are 19 project partners, all experts in their field of competences. FORMOBILE brings together LEAs, companies, civil organisations and academic institutes from various fields. The Project partners come from thirteen EU countries and two associated countries.
Work package WP1 collects the requirements of law enforcement agencies (LEAs) and provides the base of the subsequent WPs. Based on these requirements, the methods to test the standardization agreements, as well as the tools and their applications (WP4 to WP6) will be defined. During this process, the input from the LEAs is essential to ensure that the results of the other work packages are useful in practice.
The work package is broken down into tasks. These include:
Task 1.1 - Specification of end-user requirements (Lead: ZITiS; Participants: HO, ESMIR, KWPP, MPF, PJ, PPHS, LIF) [M01-M06]
Main activities involve-
- ZITiS is to prepare a reporting template to retrieve LEAs’ requirements on mobile forensics.
- LEAs is to gather case information and prepare a local report, based on the current status of mobile forensics in their countries – to detail relevant data and known challenges
- Requirements for hardware and tools to be used in the mobile forensic workflow will be defined.
- ZITiS will combine all local reports and prepare an overall description of end-user requirements.
Task 1.2 - Evaluation of current status in mobile forensics (Lead: ZITiS; Participants: HO, ESMIR, KWPP, MPF, PJ, NFI) [M07- M13]
Based on the report about end-user requirements, a ring trial will be prepared to evaluate the current status of mobile forensics performed in different countries.
- All Partners to be included, ZITiS will analyse and interpret the data.
- The focus is to improve the current state of mobile forensics and to evaluate the differences throughout the European Union
Task 1.3 - Developing methodologies to test the project results (Lead: HO; Participants: ESMIR, KWPP, MPF, PJ, NMPS) [M14- M28]
- LEAs to develop multiple test cases - used for the validation of project results.
- Test cases will map different forensic scenarios, which can also be used during the training in WP7.
- Scenarios will be accompanied by the finding of suitable standardized test and evaluation methods. Scenarios and methods may also cover hardware and software tools.
Task 1.4 - Validation of the FORMOBILE results (Lead: ZITiS; Participants: HO, ESMIR, KWPP, MPF, PJ, A.S.I.) [M29- M36]
After the test training program, another ring trial will be prepared to evaluate the tools and methods developed in the FORMOBILE project. The “Best Practices” generated in the CEN workshop will be implemented in the ring trial after they were taught in training by WP7 – All partners to be included.
Is to ensure FORMOBILE action is carried out with respect to applicable ethical and legal rules; and, results produced are elaborated in compliance with criminal procedure.
To safeguard compliance issues arising during or after the implementation of the action, which would hamper the potential exploitation of the tools and results.
Facilitate the implementation of the European legislation in the field of data protection, notably Directive 680/2016, the General Data Protection Regulation where applicable and any other act in the field adopted before the project’s end.
Task 2.1 - Identification of legal and ethical issues (Lead: LIF; Participants: All) [M01-M12]
Identify potential legal issues that may arise in relation to the FORMOBILE implementation.
Legal partner LIF, with the support of time.lex to carry out appropriate research to identify possible issues, predominately relating to GDPR.
Identify the ethical rules applicable to FORMOBILE’s activities and the potential issues that may arise in this regard.
Task 2.2 – Research on the applicable legislation in the field of electronic evidence extracted from mobile phones (Lead: LIF; Participants: All) [M3-M18]
Explore the different legislative approaches regulating electronic evidence extracted from mobile phones in the selected countries.
- Elaboration of a tailored questionnaire strictly focused on issues related to extraction and use of electronic evidence from mobile devices.
- WP2 team to perform desk-based research to identify and analyse the applicable criminal procedure legal framework.
- The completed questionnaires are to analyse and compare the collected response and juxtapose it with the research findings.
- The resulting report is to concentrate on the criminal procedure rules and will examine how the tools elaborated during the project could be used and be of help to LEAs and the judiciary.
Task 2.3 - Specification of a regulatory framework (Lead: LIF; Participants: All) [M12-M36]
Task 2.3 builds on the work done in task 2.1 and task 2.2 to identify ethical and legal issues applicable to the work done in FORMOBILE and the intended results and tools.
- It specifies the ethical and legal framework that must be respected,
- To include the pitfalls, challenges and proposed solutions or applicable best practices to prevent compliance issues at the exploitation stage. These may arise in relation to data protection and human rights.
Task 2.4 - Validation of standard and tool (Lead: TLX; Participants: All) [M24-M36]
The final legal reflection to validate, from a legal and ethical point of view, FORMOBILE standard (WP3), tools (WP4 to WP6) and trainings (WP7). Any outstanding issues are described in detail and practical solutions are to be proposed.
Due to the cross-border nature of crimes, it is vital to create EU standards regarding the forensic examination of mobile devices.
The new standard for mobile forensics will become a CEN workshop agreement (CWA), developed in a CEN or workshop. These workshops are open to all European institutions. CWAs are regularly the forerunner of an EN or ISO standard.
Task 3.1 - Identification of existing practices and standards (Lead: A.S.I.; Participants: ZITiS, PPHS, NFI) [M1-M9]
Existing standards and those under development which are within the scope of the project will be identified.
All relevant standards, directives and regulations will be screened. It will be confirmed which standards are currently used by the LEAs and forensics institutes within the European Union.
Examples of such standards include –
- ISO17025 which is used in many forensic laboratories
- ISO/IEC 27037 (Guidelines for identification, collection, acquisition and preservation of digital evidence)
- NIST Special Publication 800-101 (Guidelines on Mobile Device Forensics)
- ETSI standards on lawful interception
Task 3.2 - Gap analysis of existing practices and standards (Lead: A.S.I.; Participants: HO, ESMIR, KWPP, MPF, PJ) [M10-M15]
Standards identified in Task 3.1 will be evaluated against the end-user requirements that are collected in WP1.
The aim is to analyse what is missing in existing standards and what needs to be included in standards under development - Findings of this gap analysis will be included in a gap report.
Task 3.3 - Definition of the European mobile forensic standard (Lead: A.S.I.; Participants: HSMW, NFI, MSAB, ZITiS, HO, ESMIR, KWPP, MPF, PJ, NMPS, LIF, PPHS, TLX) [M1-M36]
To define the European standard, a workshop of the European Committee for Standardisation (CEN) will be set up and managed. This involves a series of physical and online meetings for engaging with stakeholder communities.
This is an open, inclusive multi-stakeholder process, where a European Standardisation Deliverable /CEN Workshop Agreement (CWA)/ a publicly available specification, will be produced.
Mobile forensics is mainstream but several technological trends threatening the continuous success of the acquisition of mobile devices.
Three main challenges arise in the field of acquisition:
- Acquisition of RAM memory
- Acquisition of cloud storage
- Acquisition of counterfeit devices.
This work package aims to assist with the acquisition process of challenging mobile data.
Task 4.1 - Acquisition of RAM memory/ Extraction of RAM memory content (Lead: NFI; Participants: TUD) [M1-M36]
An increasing application of strong cryptography demands for new approaches of (mobile) forensics.
To stay successful, focus must widen to include extraction of RAM content, like in traditional PC/laptop oriented digital forensics.
Key focus area will be –
- Adapting workflows from crime scene to lab – Reducing RAM contamination.
- To extract RAM content of a live phone.
Task 4.2 - Cloud data extraction (Lead: HSMW; Participants: MSAB, KWPP) [M1-M36]
Cloud data sources can serve as great evidence in investigations.
This task will support the improvements to decode even the major cloud computing data export formats in an automated and efficient way - whilst adhering to both national and international laws and the jurisdiction of LEAs.
Task 4.3 - Handling mobile clones (Lead: KSTU; Participants: MSAB, NFI, HSMW) [M1-M36]
With a lack of software information available from the manufacturers of smartphone clones, forensic examinations are very difficult.
Through the examination of many illegal clones - knowledge, skills and training will be developed and shared between practitioners across Europe.
Task 4.4 - Development of novel import methods (Lead: MSAB; Participants: TUD, NFI, HSMW) [M1M36]
The goal is to create a software extraction tool Dump Importer to further process the additional data, gathered from the work of previous tasks.
Despite the importance of mobile forensics, security measures are hindering forensic examination.
- Increasing application of strong cryptography
- Migration of security techniques into the hardware
- Development of anti-forensic techniques
The work package aims to assist with the decoding process of mobile data and overcoming security measures like anti-forensic systems.
Task 5.1 - Overcoming security measures hindering forensic examination (Lead: UPat; Participants: NFI) [M1-M36]
The quantity and complexity of the steps required to access modern mobile devices (phones, tablets, car multimedia systems, USB-sticks) are increasing rapidly, due to the increasing application of encryption.
FORMOBILE will explore the known and original possibilities to overcome these security measures.
Task 5.2 - RAM Decoding (Lead: MSAB; Participants: NFI, TUD) [M1-M36]
Traditionally, the focus of mobile forensics has been on non-volatile memory. To stay successful, the focus must widen to include RAM decoding, just like in traditional PC/laptop-oriented digital forensics.
Task 5.3 - Detection and bypassing anti-forensics (Lead: HSMW; Participants: NFI, ZITiS) [M1-M36]
Mobile devices inherently create opportunities to present environments that are conducive to anti-forensic activities.
FORMOBILE will work on a new tool to detect and overcome anti-forensic techniques commonly used in mobile devices.
Task 5.4 - Development of novel decoding tools (Lead: MSAB; Participants: NMPS) [M1-M36]
The data dumps that will be acquired with the methods developed in WP4 need to be decoded. The aim of Task 5.4 is to develop new methods of decoding. This includes especially the decoding of file systems and file formats.
Mobile devices store more and more data, causing challenges for forensic analysis. This includes the sheer mass of short messages and the rise of mobile malware. This work package aims to assist with the analysis process of mobile data and overcoming problems that arise with mass data.
Task 6.1 - Evaluation of big data by semantic analysis (Lead: HSMW; Participants: UPat) [M1-M36]
The contents analysis of mobile data covers the analysis and evaluation of multiple artefacts, for example:
- Location Data
The goal is to develop new methods to analyse each data type and integrate all retrieved information into one complete knowledge map.
Task 6.2 - Malware analysis (Lead: ZITiS; Participants: HSMW) [M1-M36]
Today, mobile devices are the main target for cyber criminals. In particular, there is a broad range of malware for mobile platforms. The analysis of the malicious code is an important challenge for the law enforcing agencies and developers of antivirus suites.
To overcome this issue, a new platform for the automatic analysis of mobile malicious code will be developed.
Task 6.3 - Visualization of enriched data (Lead: MSAB; Participants: HSMW, KWPP) [M1-M36]
One problem of the analysis of big data is to find value in the mass amount of data. Visualisation is the main tool to overcome this problem, therefore, new tools to visualise the result of the big data analysis will be created.
Task 6.4 - Development of novel analysis tools/ Tools to enrich the extracted data with the results from the big data analysis (Lead: MSAB; Participants: HSMW, KWPP) [M1-M36]
Data acquired with the methods developed in WP5 need to be analysed, this is the aim of Task 6.4. This especially includes the ability to enrich the extracted data with the results from the analysis.
The FORMOBILE target user groups must be trained to use the tool and the novel mobile forensic standard. Users should be able to verify results from the tool and have in-depth knowledge of the standard defined by the project.
We aim for a new novel mobile forensics training curriculum that is developed by commercial players together with academia and LEAs. The curriculum will define a recommended set of courses to become a forensic expert in mobile forensics. Course material will be developed, and a test training of LEAs will be performed.
Task 7.1 - Design of a novel curriculum for LEAs training (Lead: NMPS; Participants: FORTH) [M1-M12]
Today, there are few, mostly commercial, courses in mobile forensics. FORMOBILE will start evaluating existing curricula and courses in the domain of mobile forensics and will perform a gap analysis.
Based on the findings we will develop an innovative novel curriculum, consisting of a set of consecutive modules that will train on tools and standards.
Task 7.2 - Development of training material for LEA training and joint exercises training (Lead: FORTH; Participants: NMPS, MSAB) [M13-M30]
In Task 7.2 we will develop course material based on the novel curriculum, created for physical classrooms, online webinars and tutorials.
To ensure that the scenarios are relevant for the law enforcement agencies we will include the results task 1.4.
Task 7.3 - Prof of concept FORMOBILE forensic training / Train the trainers training (Lead: NMPS; Participants: All except TLX and SI) [M30-M36]
To prove the effectiveness of the novel curriculum and the training material, we will perform three proof of concept trainings with LEAs. A ‘train the trainers’ concept will be used to help disseminate the knowledge of the tool and the standard much faster.
WP8 aims to plan, develop and coordinate all FORMOBILE activities related to communication, dissemination and exploitation, to reach a wide audience and relevant stakeholders and to create strong awareness of the FORMOBILE outcomes (tools, standard and trainings) at the national, European and global level.
Task 8.1 - FORMOBILE Communication and Dissemination plan (Leader: PPHS; Participants: All) [M1-36]
To define all project communication and dissemination activities carried out throughout the lifetime of the project a strategic document the Communication and Dissemination plan (C&D) will be developed.
This plan will define actions with specific timelines, responsibilities and measurable results, tools (channels) and methods that will be used by the consortium, to ensure that the project is effectively promoted and FORMOBILE results meet the appropriate audience.
Task 8.2 - Communication and dissemination channels (Leader: PPHS; Participants: All) [M1-36]
To facilitate appropriate communication, a set of channels will be used to engage a variety of users. These will include:
- Project website
- Social media presence
- LinkedIn, Twitter, YouTube
Task 8.3 - Dissemination materials and visibility (Leader: PPHS; Participants: All) [M1-36]
To support the dissemination and communication activities, promotional materials (electronic and printed versions) will be produced. Moreover, it is planned to publish scientific articles with project results in scientific journals and magazines.
To coordinate dissemination activities, a GDPR compliant stakeholder database, shall be developed and filled up.
Task 8.4 - Dissemination FORMOBILE events (Leader: PPHS; Participants: All) [M1-36]
To disseminate the project results to an extended audience across Europe, a series of events will be created.
It is planned to organise different kinds of events, depending on the aim and the target group. These will include–
- Kick-off meeting (M1), Mid-term meeting (M18) and the Final-review meeting combined with a public event (M36)
- Executive meetings for the WP Leaders
- The standardization workshops (CEN workshop meetings
All events will be combined with public thematic conferences.
Furthermore, all consortium members agreed to contribute to project dissemination when participating in public events like conferences or fairs.
Task 8.5- FORMOBILE exploitation Strategy (Leader: SI; Participants: MSAB, NFI, HSMW) [M1-36]
The FORMOBILE Exploitation Board consisting of the partners (SI, MSAB, NFI and HSMW) will monitor the progress of project results and decide about the related exploitation route and ensure that appropriate measures for IP protection are implemented.
For the tools (developed in WP4-6), exploitation will take place directly by MSAB and NFI respectively. For other specific results, the potential to create start-ups to exploit side results for civil applications will be investigated.
All exploitation will be in total compliance with the Consortium Agreement and the Grant Agreement. One result of the task will be the project exploitation plan. This document will address IPR issues, commercialisation and exploitation aspects. It will ensure the best, maximised impact and full use of all results and outputs of the project.
Task 8.6 - Data Management (Leader: SI; Participants: All) [M1-36]
A Data Management Plan will be developed detailing what data the project will generate (including metadata), whether and how it will be shared or made accessible for verification and re-use, and how it will be curated and preserved.
Task 8.7 - Management of Security Issues (Leader: MSAB) [M1-M36]
The security officer of the FORMOBILE project will oversee all security issues that arise within the project. This includes the risk of misuse of research results and all problems that arise from dual-use. FORMOBILE is committed to the ethics of the Wassenaar Arrangement and will take care that sensitive technologies will propagate freely.
Aims to provide effective and efficient management and communications environment of the FORMOBILE. This will cover the timely delivery of all obligations under the terms of the Grant and Consortium Agreement. Furthermore, the monitoring and managing the work packages, milestones and deliverables will be managed and maintained.
Task 9.1 - Internal Project Communication / Administrative and Financial Project Management. (Leader: HSMW) [M1-36]
This task will take care of the overall coordination and day-to-day management for the FORMOBILE project concerning internal communication, administrative and financial issues.
A close relationship with the finance departments of each partner will be established, to make sure all budget-related actions are performed correctly. Especially the EU financial contribution will be administrated and distributed within the consortium.
To summarize all these activities a FORMOBILE Project Management Handbook will be created. The project management team will set up and maintain adequate communications with the Commission’s project officers on the project progression and other relevant issues.
Task 9.2 - Technical Organisation, Coordination and Scientific Management of the Project (Leader: HSMW) [M1-36]
The project coordinator, HSMW, with its project management office is responsible for technical coordination and quality assurance throughout the project. This task involves coordination and synchronisation of the interfaces between the work package activities, monitoring of progress, tracking deliverables and milestones, coordinating input/output flows between the various work packages and tasks.
These tasks have been deduced from the deliverables of WP10 by the PMO
Task 10.1 - H - Requirement No. 2 (Leader: HSMW, Participants: All) [M1]
The procedures and criteria that will be used to identify/recruit research participants will be determined.
Task 10.2 - H - Requirement No. 3 (Leader: HSMW, Participants: All) [M1]
Copies of opinions/approvals by ethics committees and/or competent authorities for the research with humans have to be collected.
Task 10.3 - H - Requirement No. 4 (Leader: HSMW, Participants: All) [M1]
Informed consent procedures that will be implemented for the participation of humans will be defined. Templates of the informed consent forms and information sheets (in language and terms intelligible to the participants) will be created.
Task 10.4 - POPD - Requirement No. 6 (Leader: HSMW, Participants: All) [M1]
The host institution confirms that it has appointed a Data Protection Officer (DPO) and the contact details of the DPO are available to all data subjects involved in the research. For host institutions not required to appoint a DPO under the GDPR a detailed data protection policy for the project must be defined.
Task 10.5 - POPD - Requirement No. 7 (Leader: HSMW, Participants: All) [M1]
A description of the security measures that will be implemented to prevent unauthorised access to personal data or the equipment used for processing must be defined.
Task 10.6 - POPD - Requirement No. 8 (Leader: HSMW, Participants: All) [M1]
In case of further processing of previously collected personal data, an explicit confirmation that the beneficiary has a lawful basis for the data processing and that the appropriate technical and organisational measures are in place to safeguard the rights of the data subjects has to be defined.
Task 10.7 - POPD - Requirement No. 9 (Leader: HSMW, Participants: All) [M1]
Detailed information on the informed consent procedures with data processing will be defined. Templates of the informed consent forms and information sheets with data processing (in language and terms intelligible to the participants) will be created.
Task 10.8 - POPD - Requirement No. 10 (Leader: HSMW, Participants: All) [M3]
All beneficiaries must explain how all of the data they intend to process is relevant and limited to the purposes of the research project (in accordance with the 'data minimisation' principle).
Task 10.9 - POPD - Requirement No. 11 (Leader: HSMW, Participants: All) [M3]
All beneficiaries must evaluate the ethics risks related to the data processing activities of the project. This includes also an opinion if data protection impact assessment should be conducted under art.35 General Data Protection Regulation 2016/679 or art. 27 of the Directive 2016/680.
Task 10.10 - M - Requirement No. 12 (Leader: HSMW, Participants: All) [M12]
Risk assessment and details on measures to prevent misuse of research findings must be defined.
Task 10.11 - DU - Requirement No. 13 (Leader: HSMW, Participants: All) [M12]
Details on potential dual-use implications of the project and risk-mitigation strategies have to be described.
Task 10.12 - GEN - Requirement No. 14 (Leader: HSMW, Participants: Ethics Advisory Board members) [M1]
Due to the severity of the ethics issues raised by the proposed research, the Ethical Advisory Board which includes relevant independent expertise must be established to monitor the ethics issues in this project and how they are handled. The Board must be consulted at least on the following points: processing of data extracted from mobile devices (who can access the data, potential anonymisation procedures and potential for misuse) and data security (multiple types of personal data, potentially including sensitive data is extracted from mobile devices and stored and processed).
Task 10.13 - GEN - Requirement No. 15 (Leader: HSMW, Participants: Ethics Advisory Board members) [M5]
A report by the Ethics Advisory Board must be submitted as a deliverable at month 5.
Task 10.14 - GEN - Requirement No. 16 (Leader: HSMW, Participants: Ethics Advisory Board members) [M19]
A report by the Ethics Advisory Board must be submitted as a deliverable at month 19.
Consortium & Advisory Board
Home Office (HO)
The Home Office originates from 1782 employing circa 30,000 staff and is the department of state with responsibility for policing, counter terrorism and borders/immigration and citizenship. It supports the full range of Home Office interests in policing and tackling crime, counter-terrorism, border security and controlling immigration.Visit Website
Polish Platform for Homeland Security (PPHS)
WP Leader - 8
The Polish Platform for Homeland Security (PPHS) associate representatives of Polish Law Enforcement Agencies, which in cooperation with other practitioners and representatives of science, develop IT tools and legal environments to support the broadly defined efforts to improve public security. The main pillars of PPHS activities are projects and training in the area of security.Visit Website
The Polish Police Regional Headquarters in Poznan (KWPP)
The Polish Police Regional Headquarters in Poznan manages the Wielkopolska garrison. The basic tasks of the Police are the prevention of criminal offences, economic crime, identification of perpetrators of crimes and misdemeanours, ensuring security in public places, monitoring traffic on roads and safety on the water, and conducting prophylactic activities.Visit Website
Mittweida University of Applied Sciences (HSMW) – Project Coordinator
WP Leader - 5,9&10
Mittweida University of Applied Sciences is a strong centre for research and transfer services in central Saxony with about 7,000 students in 5 faculties. The University provides different study programmes and continuing education programmes in the fields of cybersecurity and forensics.Visit Website
Central Office for Information Technology in the Security Sector (ZITiS)
WP Leader - 1
The Central Office for Information Technology in the Security Sector (ZITiS) has been established by the German Federal Ministry of the Interior in 2017. As a service provider for the German security authorities, ZITiS focuses on research and development and provides technical expertise in the cyber domain.Visit Website
Micro System AB (MSAB)
WP Leader - 6
MSAB is the global leader and pioneer in digital forensic technology for mobile device examinations. The business is a for-profit company, with headquarters in Stockholm (Sweden), with offices in Europe, USA and Asia, as well as a network of distributors across the globe.Visit Website
Austrian Standards International (A.S.I.)
WP Leader - 3
Austrian Standards International (A.S.I.) – Standardization and Innovation is the recognized standardization body in Austria, member of the European Committee for Standardization CEN, International Organisation for Standardization ISO and European Telecommunications Standards Institute ETSI. A.S.I make it possible for thousands of Austrian experts to set standards based on their innovative ideas internationally.Visit Website
Spanish National Police (ESMIR)
The Spanish National Police is a law enforcement agency (LEA) founded in 1824. It is deployed in whole national territory, with about 70,000 police officers among other civil servants. It has competencies in Public Order, Serious Crime, Forensics, Terrorism, and has exclusive competences in human beings crossing borders, the identity of citizens and private security. One of the ESMIR strategic lines in home security is to achieve a police force more dynamic, more efficient and more intelligent use of new technologies and new working methods to be more effective.Visit Website
Malta Police Force (MPF)
The Malta Police Force is one of the oldest police forces in Europe and has mixed responsibility with respect to its investigative role and national security. The Forensic Science Laboratory within the police force is comprised of eight units each specialised in a unique forensic field.Visit Website
Portuguese Judicial Police (PJ)
Portuguese Criminal Police is the Portuguese higher criminal police body, hierarchically organized under the aegis of the Ministry of Justice. As a criminal investigation police force, PJ has reserved competence, which cannot be assigned to other criminal police bodies, for the investigation of serious and organized crime in general.Visit Website
Netherlands Forensic Institute (NFI)
WP Leader - 4
The Netherlands Forensic Institute (NFI) is a public organisation under the Ministry of Justice and Security. The NFI is providing forensic services using state-of-the-art science and technology and contributes to the investigation and prosecution of suspects, and the exoneration of innocent parties.Visit Website
Delft University of Technology (TUD)
Top education and research are at the heart of the oldest and largest technical university in the Netherlands. Our 8 faculties offer 16 bachelor's and more than 30 master's programmes. Our more than 25,000 students and 6,000 employees share a fascination for science, design and technology. Our common mission: impact for a better society.Visit Website
University of Patras (UPat)
The University of Patras (UPat) was founded in the city of Patras in 1964 and it began functioning in the academic year 1966-67. UPat is one of the leading research and teaching institutions, and the third largest in Greece.Visit Website
Foundation for Research and Technology Hellas (FORTH)
The Foundation for Research and Technology - Hellas (FORTH) is the premier research centre in Greece, internationally acknowledged for its excellence in basic and applied research, in developing applications and products, and in providing services.Visit Website
Norwegian Ministry of Justice and Public Safety (NMPS)
WP Leader - 7
The Norwegian Police University College (PHS) is the premier educational institution for the police service and county administrative officials in Norway. Its purpose is to provide fundamental training for service in the police service or county administration, further and continuing education for employees within the police service and to conduct research on police science.Visit Website
Law and Internet Foundation (LIF)
WP Leader - 2
Law and Internet Foundation (LIF) is a Bulgarian NGO & Research centre which supports and performs applied studies, scientific researches, programmes and projects in the field of legal, technological, economic and social issues related to the fast penetration of information and communication technologies both in public and private sectors.Visit Website
Timelex is a niche law firm based in Brussels, specialised in information technology and electronic communications law in the broadest sense. This includes privacy protection, data and information management, e-business, intellectual property and telecommunications.Visit Website
Strane Innovation (SI)
Strane Innovation (SI) is an SME start-up facility - specializing in the sectors of sustainable development (energy, water, transport, environment, smart systems). SI creates independent start-up companies based on technologies proven at lab or pilot scale. By assessing in detail the technologies and the market, SI creates complete business concepts, managing the legal creation and entire development of the start-up companies.Visit Website
Kyrgyz State Technical University named after I. Razzakov (KSTU)
Kyrgyz State Technical University, named after, I. Razzakov (KSTU), was founded in 1954. It is the biggest technical university in the Kyrgyz Republic, with about 14,000 students and about 1500 staff members. The university comprises of 6 faculties, 4 institutes, and 4 research institutes. Consists of 4 regional branches and 1 Lyceum.Visit Website
Dr. Reinhard Kreissl
Director of VICESSE, Co-editor of the ‘Kriminologisches Journal’, Member of the Scientific Board of the 'Gesellschaft für interdisziplinäre wissenschaftliche Kriminologie'.
Bernhard C. Witt
Head of IT Governance, Risk & Compliance Management at IT.SEC. A senior Data Protection and Information Security Consultant. An experienced lecturer, trainer, author, auditor and consultant for information security management, business continuity management, and data protection with respect to the GDPR.
Dr. Uwe Ewald
Director of the International Justice Analysis Forum. Attorney & Analyst in coop. with Dost-Roxin and Marson, Berlin, Certified Expert for Digital Forensic Big Data Analysis, Member of the German Expert Association. Experience in digital evidence analysis and consultant for digitsation of (international) criminal justice and related legislation. Trainer for content analysis Software.
Prof. Dr. Tobias Eggendorfer
Professor for IT security in Ravensburg, prior professor for IT forensics in Hamburg. Data protection officer at Ravensburg-Weingarten University. Freelance consultant for IT security, IT forensics and data protection. Several publications in these fields.
Prof. Dr. Elias Athanasopoulos
An assistant professor in Computer Science with the University of Cyprus. BSc in Physics from the University of Athens and PhD in Computer Science from the University of Crete. Previously an assistant professor with Vrije Universiteit Amsterdam. His research interests are systems security and privacy. A Microsoft Research PhD Scholar, interning with Microsoft Research in Cambridge. Marie Curie fellow with Columbia University and FORTH. He has several publications in IEEE Security and Privacy, ACM CCS, Usenix Security and ATC, NDSS, and EuroSys.
Prof. Dr. Davide Balzarotti
A Professor and Head of the Software and System Security group at Eurecom. His research interests include most aspects of system security, in particular, the areas of binary and malware analysis, reverse engineering, and computer forensics - with a particular focus on memory analysis. In 2017 Davide received an ERC Consolidator Grant for his research in the analysis of compromised systems.
Dr. Albena Spasova
Project Director of the Bulgarian Centre of Excellence in cybercrime. President of the Management Board of the International Cybercrime Investigation Training Academy. Founder of the Bulgarian Cyber Centre of Excellence for Training Research and Education (B2CENTRE). A former Law Enforcement Director at eBay Europe.
LT CDR Kieren Nicolas Lovell
Head of the Computer Emergency Response Team at the University of Cambridge. A former Chief Communications Officer (CISO) for, Standing NATO Maritime Group One (COMSNMG1).
Dutch Police Officer. Core Group Leader of ENLETS. Coordinator of i-Lead Project. A former head of Horizon 2020 Protection and Security Advisory Group (PASAG).
Peter Drescher has worked for over 25 years in the field of analysing hardware and software for the German BSI (Federal Office for Information Security). He has monitored the technical progress of mobile devices since the age of Psion and Newton from a forensic and security point of view.
Prof. Dr. Matthew Sorell
A Senior Lecturer in Telecommunications and Multimedia Engineering at the University of Adelaide (Australia). Adjunct Professor of Digital Forensics at the Tallinn University of Technology (Estonia). Provides operational and strategic consulting in digital evidence, forensics and investigation to law enforcement agencies in Australia and elsewhere. An academic member of the INTERPOL Digital Forensics Experts Group, and in 2018 received a High Commendation for developing emerging sources of digital investigation in the International Digital Investigation Awards.
Lawful evidence collecting and continuity platform Development. LOCARD is the next generation platform to process digital evidence through blockchain technology and generate mutual recognition of judicial decisions among the EU.
All digital evidence has to be stored in a manner that cannot be disputed in a court of law. As FORMOBILE completes an end-to-end mobile forensic chain HOW the data is stored and used is of the utmost importance.
LOCARD and FORMOBILE have been cooperating since the middle of 2020. To aid cooperation, the projects have established specific working groups dedicated to Legal matters, Technical Matters, Training and Procedural topics. The Legal group is currently the most active and working hard to support each other by exchanging best practices and domain-specific knowledge.
ROXANNE Real time network, text and speaker Analytics for combating organized crime. A research and innovation project, aiming to unmask criminal networks and their members as well as to reveal the true identity of perpetrators by combining the capabilities of speech/language technologies and visual analysis with network analysis.
Audio is a critical source of data and information for law enforcement. FORMOBILE is interested in the techniques and methods adopted by the ROXANNE team to identify perpetrators.
Engagement with ROXANNE is still in the preliminary stages. There has been several activities launched to foster cooperation and strengthen relations between the projects. The long-term vision looks promising and the FORMOBILE team is excited about future collaboration opportunities.