March 17, 1840 hours: A criminal robs a convenience store.
March 17, 1930 hours: Detective Murphy arrives on scene. He learns the perpetrator was armed with just a stick, but still took away a good amount of cash.
Showing posts with label know-how. Show all posts
Showing posts with label know-how. Show all posts
Why verify?
The importance of verifying digital video evidence before leaving the scene.
The characters and crimes in this story are fictitious, but the DVR is real. Everything the DVR does is real, as are all the photos.
March 17, 1840 hours: A criminal robs a convenience store.
March 17, 1930 hours: Detective Murphy arrives on scene. He learns the perpetrator was armed with just a stick, but still took away a good amount of cash.
March 17, 1840 hours: A criminal robs a convenience store.
March 17, 1930 hours: Detective Murphy arrives on scene. He learns the perpetrator was armed with just a stick, but still took away a good amount of cash.
Forensic video greatest hits re-release
Our list of free forensic video software tools and websites.
In May of last year we published our first list of free software downloads and references to help boost your video-forensic capabilities and know-how. Today we're re-releasing our list with some new hits.
In May of last year we published our first list of free software downloads and references to help boost your video-forensic capabilities and know-how. Today we're re-releasing our list with some new hits.
CODEC H-E-Double-Hockey-Sticks
We didn't say it, Wikipedia did. Wikipedia's article on Windows' DirectShow contains a section titled after the place you might sometimes feel you've been sent: CODEC hell.
DirectShow is Microsoft Windows' underlying multimedia framework. Windows calls on DirectShow to do things like play video and audio. Most people assume computers now play any type of video or audio right out of the box. However we deal with so many types of video we know that's not the case.
We recently had a call from someone new to the world of video evidence. They understood AVI to be a standard video format. It's not. That's right. If you didn't realize it, AVI is a standard file container not a standard video file format.
DirectShow is Microsoft Windows' underlying multimedia framework. Windows calls on DirectShow to do things like play video and audio. Most people assume computers now play any type of video or audio right out of the box. However we deal with so many types of video we know that's not the case.
We recently had a call from someone new to the world of video evidence. They understood AVI to be a standard video format. It's not. That's right. If you didn't realize it, AVI is a standard file container not a standard video file format.
Playing proprietary videos with Windows 7
Your new computer is running Windows 7. The proprietary video player on the CD was created in 2002 prior to being installed at the restaurant. Windows 7 didn't exist in 2002. Thus, the video player software was not developed or tested for newer versions of Windows.
With Windows XP becoming extinct we decided to take a closer look at Windows 7 and proprietary video players. We tested 33 proprietary video players for installation and video playback under Windows 7. We also evaluated the ability and reliability of screen recording, a step necessary to proceed with a full analysis of the video.
TOOLBOX: Technical Tips and Info
Free Software Downloads and Reference Sites That Will Boost Your Video-Forensic Capabilities and Know-How.Many steps and obstacles may sit between gathering video evidence at a crime scene and using it as a tool in the courtroom. How do you keep the evidence viable for the courtroom? How do you deal with possibly obscure digital file formats? Where do you look for answers when you hit a doorstop? To help knock out some of these obstacles, we’ve put together a list of useful free video software and reference websites.
Best Practices reference
The following links are best practice reference guides for
analyzing forensic video and retrieving video evidence from
CCTV systems.
SWGIT Best Practices for Forensic Video Analysis
Best Practices for the Retrieval of Video Evidence
from Digital CCTV Systems
Image Viewing Software
IrfanView: This freeware application will allow you to view and edit still
images on your system.
Codec Application Software
The following freeware applications will help you establish what codecs are required to play a media file, as well as identifying whether the codecs are present on your system. They will also point out problems associated with the codecs and the media files.
GSpot
AFREECODEC VT
MediaInfo
AVICodec
VideoInspector
Video Playback Application
This video playback and editing software application is geared towards processing AVI files. It can also read MPEG-1 files and handle sets of BPM images. It’s available as a free download.
Virtual Dub
File Extension Source
These sites are searchable file extension databases containing information about thousands of file extensions. Entries contain the file format, a description of the file and the programs that can open the file.
filext.com
fileinfo.com
Miscellaneous Video Tools
List of links to various video software tools, including decrypters, screen capture programs, video editors, video players and much more.
videohelp.com
fourcc.org: source for video CODEC and format information.
media-geek.com: A forensic multimedia community containing a variety of downloads and links as well as forensic video news, blogs and forums. This is a great place to go to ask questions about or read up on video forensics. It is also a great place to download proprietary players and codecs (click downloads from the menu).
The Switch to Digital: A New Kind of Collection
The video surveillance industry is undergoing a dramatic change with the move from analog video tape systems to digital video recorders, or DVRs. The new technology has delivered real benefits to businesses of all sizes, but has created a new set of challenges for law enforcement.
Consider an example. A small business owner buys a four camera DVR surveillance system for under $500, and installs it himself in his store to replace his old analog tape system. He no longer has to bother with rewinding and swapping tapes, or worry about whether reused tapes are degrading the quality of his video. He can customize recording settings like frame rate and resolution that were not configurable at all on his old system. He may even be able to access and manage the system remotely from his home computer. When the day comes that his store is robbed, the business owner calls the police and waits for their arrival, ready to see his surveillance investment pay off.
Consider an example. A small business owner buys a four camera DVR surveillance system for under $500, and installs it himself in his store to replace his old analog tape system. He no longer has to bother with rewinding and swapping tapes, or worry about whether reused tapes are degrading the quality of his video. He can customize recording settings like frame rate and resolution that were not configurable at all on his old system. He may even be able to access and manage the system remotely from his home computer. When the day comes that his store is robbed, the business owner calls the police and waits for their arrival, ready to see his surveillance investment pay off.
To Save and Protect
A step-by-step guide to handling video evidence from the crime scene to the courtroom.
TOOLBOX: Technical Tips and Info
Handling video evidence is a tricky business. Like any other piece of evidence, it is vitally important that it be handled correctly so that your results are credible in court. To that end, we’ve put together some tips and hints to make sure your video evidence puts criminals behind bars for good!
Retrieval – Master and Working Copies
A crime has been committed at a local gas station with a CCTV surveillance system. The system has recorded events that may be evidence to the crime. Now you must figure out how to retrieve and properly handle the video to ensure that, if it comes to it, the evidence will be credible in court.
The first step is to create a master copy of the video from the surveillance system recording. When it comes to the courtroom, this master copy is critical because it’s what the court will look to in confirming the integrity of images presented during a trial. So you must be sure to both create a master and document your steps while doing so. The master should be copied from the CCTV system in the native file format, regardless of the format. There are several ways to create the master copy from the CCTV system, but your ultimate goal is to have it on a Write Once, Read Many times or WORM media (such as a CD-R or a DVD±R). Once you have created the master, store it securely. Its only use will be in court to protect the integrity of images produced as evidence.
Next you will need to create a working copy. The working copy is what you will use in the investigation. Any enhancement of the video will be done to this copy only. It’s usually preferable to create the working copy in the native file format, but due to the large amount of proprietary CCTV formats out there, that won’t always be possible. If that’s the case, a format conversion will be necessary.
There are four main methods for format conversion:
Digital media with a proprietary file format. In this situation, direct conversion of the data is available by using functionality available from within the proprietary software that plays the video. Additional screen recording software is typically employed to complete the conversion process.
Digital media with a common file format. Some common file formats need conversion. This conversion can be performed by acquiring the correct video CODEC and employing it with a video player.
Output from an analog connection, such as a NTSC monitor output from a DVR, or connection via a VGA cable either from the DVR or from the replay PC.
Digital connections (such as network, USB or FireWire) typically provide either a proprietary or common file format. These formats can be converted via proprietary player or CODEC.
The end goal of each method is to create a video that can be easily played back and worked on without losing any data from the original format. Each of these options has benefits and limitations. It’s important to consider these as you work through a digital video retrieval.
With your master and working copy of the video, you are now ready to use your evidence to work the case. Here are a couple of things to keep in mind about the video:
Make sure the original recording of the crime is not erased without authorization. This may leave your evidence open to be challenged in court.
Try to store your media in a clean, dry environment and keep it away from strong magnetic fields, strong light and chemical contamination to prevent damaging the video.
Keep your DVDs and CDs in individual cases to prevent scratching and damaging them.
Make sure you define and label the master and working copies of the video.
Audit Log
One of the best tips we can provide you is: keep a detailed log of everything concerning the evidence. From the moment you come in contact with the video to the moment the evidence is disposed of or stored, be sure to log every action taken on the video. In fact, if not already in place, it’s a great idea to create a procedure that generates an audit log for every video. Some key details to include in the audit log are:
Details of the case.
Information about retrieving the evidence from the crime scene.
Details about the capture equipment used for retrieval.
Descriptions of the images captured.
Creation, storage and access to the master copy of the video.
Details on any analysis or clarification applied to the video.
Any copying of the master copy of the video.
Disposal details of the video and retention time of the video.
Keep in mind, when creating your audit log, make sure you have a date and time for every action in the log. Also, if you use software to enhance or process the video, check to see if the program creates an electronic log of the actions you take on the video. This may save you some time in creating your own audit log. Another helpful tool for creating an audit trail is having a Location, Equipment, and Incident Details Form to fill out while retrieving the video (see our example). Filling out a form like this at the crime scene will ensure that all of the pertinent information of the retrieval is accurately captured as soon as possible.
TOOLBOX: Terms
> CODEC – A CODEC is a program that encodes an audio or video stream for storage in a digital file, and decodes the same data for playback. Digital video created with a certain CODEC can not be played by or imported into a video player unless the decoder portion of the CODEC is installed.
> Component Video – Analog video output of a camera, videotape recorder, etc., consisting of three primary color signals: red, green, and blue (RGB).
> Composite Video – Encoded analog video signal that also includes horizontal and vertical synchronizing information. In the United States, Composite Video is standardized to the NTSC format.
> DCCTV – Digital Closed Circuit Television. A closed circuit television (or video) system that records digital video typically used in security applications.
> DVR – Digital Video Recorder. A DVR records video to a computer hard drive instead of analog tape. There are various types of DVRs. Surveillance systems are increasingly using DVRs.
> Embedded DVR – Digital video surveillance system that utilizes an operating system that boots from memory and not a hard drive. This system resembles an appliance or a self contained unit whose sole purpose is to act as a digital video surveillance system.
> PC-Based DVR - Digital video surveillance system that utilizes a full computer system. This system typically resembles a personal computer but has the ability to act as a digital video surveillance system.
> Proprietary Format Video – A digital video file that is formatted such that it is only usable by a proprietary playback software application.
> Proprietary Playback Software – Software from a DVR manufacturer that plays video files collected from that company’s DVR.
> S-Video – Separated Video. Industry standard for the way a signal is carried on the video cable. Utilizes a 4-pin mini plug connector. SVideo bypasses the comb filter in a device resulting in a better picture than Composite Video.
> Scan Converter – A device that converts output from a computer to standard television signals such as NTSC Composite or S-Video.
> Standard Format Video – A digital video file with a standard or common file format such as AVI, MPG, WMV, or MOV.
> Transport Medium – A medium or device that is temporarily used for data storage until data is transferred to permanent or archival storage.
> VGA – Video Graphics Array. Hardware video display standard of 640X480 pixels used for computers originally developed by IBM. Has been replaced by higher resolution standards.
Sample Location/Equipment/Indecent details form
TOOLBOX: Technical Tips and Info
Handling video evidence is a tricky business. Like any other piece of evidence, it is vitally important that it be handled correctly so that your results are credible in court. To that end, we’ve put together some tips and hints to make sure your video evidence puts criminals behind bars for good!
Retrieval – Master and Working Copies
A crime has been committed at a local gas station with a CCTV surveillance system. The system has recorded events that may be evidence to the crime. Now you must figure out how to retrieve and properly handle the video to ensure that, if it comes to it, the evidence will be credible in court.
The first step is to create a master copy of the video from the surveillance system recording. When it comes to the courtroom, this master copy is critical because it’s what the court will look to in confirming the integrity of images presented during a trial. So you must be sure to both create a master and document your steps while doing so. The master should be copied from the CCTV system in the native file format, regardless of the format. There are several ways to create the master copy from the CCTV system, but your ultimate goal is to have it on a Write Once, Read Many times or WORM media (such as a CD-R or a DVD±R). Once you have created the master, store it securely. Its only use will be in court to protect the integrity of images produced as evidence.
Next you will need to create a working copy. The working copy is what you will use in the investigation. Any enhancement of the video will be done to this copy only. It’s usually preferable to create the working copy in the native file format, but due to the large amount of proprietary CCTV formats out there, that won’t always be possible. If that’s the case, a format conversion will be necessary.
There are four main methods for format conversion:
Digital media with a proprietary file format. In this situation, direct conversion of the data is available by using functionality available from within the proprietary software that plays the video. Additional screen recording software is typically employed to complete the conversion process.
Digital media with a common file format. Some common file formats need conversion. This conversion can be performed by acquiring the correct video CODEC and employing it with a video player.
Output from an analog connection, such as a NTSC monitor output from a DVR, or connection via a VGA cable either from the DVR or from the replay PC.
Digital connections (such as network, USB or FireWire) typically provide either a proprietary or common file format. These formats can be converted via proprietary player or CODEC.
The end goal of each method is to create a video that can be easily played back and worked on without losing any data from the original format. Each of these options has benefits and limitations. It’s important to consider these as you work through a digital video retrieval.
With your master and working copy of the video, you are now ready to use your evidence to work the case. Here are a couple of things to keep in mind about the video:
Make sure the original recording of the crime is not erased without authorization. This may leave your evidence open to be challenged in court.
Try to store your media in a clean, dry environment and keep it away from strong magnetic fields, strong light and chemical contamination to prevent damaging the video.
Keep your DVDs and CDs in individual cases to prevent scratching and damaging them.
Make sure you define and label the master and working copies of the video.
Audit Log
One of the best tips we can provide you is: keep a detailed log of everything concerning the evidence. From the moment you come in contact with the video to the moment the evidence is disposed of or stored, be sure to log every action taken on the video. In fact, if not already in place, it’s a great idea to create a procedure that generates an audit log for every video. Some key details to include in the audit log are:
Details of the case.
Information about retrieving the evidence from the crime scene.
Details about the capture equipment used for retrieval.
Descriptions of the images captured.
Creation, storage and access to the master copy of the video.
Details on any analysis or clarification applied to the video.
Any copying of the master copy of the video.
Disposal details of the video and retention time of the video.
Keep in mind, when creating your audit log, make sure you have a date and time for every action in the log. Also, if you use software to enhance or process the video, check to see if the program creates an electronic log of the actions you take on the video. This may save you some time in creating your own audit log. Another helpful tool for creating an audit trail is having a Location, Equipment, and Incident Details Form to fill out while retrieving the video (see our example). Filling out a form like this at the crime scene will ensure that all of the pertinent information of the retrieval is accurately captured as soon as possible.
TOOLBOX: Terms
> CODEC – A CODEC is a program that encodes an audio or video stream for storage in a digital file, and decodes the same data for playback. Digital video created with a certain CODEC can not be played by or imported into a video player unless the decoder portion of the CODEC is installed.
> Component Video – Analog video output of a camera, videotape recorder, etc., consisting of three primary color signals: red, green, and blue (RGB).
> Composite Video – Encoded analog video signal that also includes horizontal and vertical synchronizing information. In the United States, Composite Video is standardized to the NTSC format.
> DCCTV – Digital Closed Circuit Television. A closed circuit television (or video) system that records digital video typically used in security applications.
> DVR – Digital Video Recorder. A DVR records video to a computer hard drive instead of analog tape. There are various types of DVRs. Surveillance systems are increasingly using DVRs.
> Embedded DVR – Digital video surveillance system that utilizes an operating system that boots from memory and not a hard drive. This system resembles an appliance or a self contained unit whose sole purpose is to act as a digital video surveillance system.
> PC-Based DVR - Digital video surveillance system that utilizes a full computer system. This system typically resembles a personal computer but has the ability to act as a digital video surveillance system.
> Proprietary Format Video – A digital video file that is formatted such that it is only usable by a proprietary playback software application.
> Proprietary Playback Software – Software from a DVR manufacturer that plays video files collected from that company’s DVR.
> S-Video – Separated Video. Industry standard for the way a signal is carried on the video cable. Utilizes a 4-pin mini plug connector. SVideo bypasses the comb filter in a device resulting in a better picture than Composite Video.
> Scan Converter – A device that converts output from a computer to standard television signals such as NTSC Composite or S-Video.
> Standard Format Video – A digital video file with a standard or common file format such as AVI, MPG, WMV, or MOV.
> Transport Medium – A medium or device that is temporarily used for data storage until data is transferred to permanent or archival storage.
> VGA – Video Graphics Array. Hardware video display standard of 640X480 pixels used for computers originally developed by IBM. Has been replaced by higher resolution standards.
Sample Location/Equipment/Indecent details form
To Collect and to Serve
The challenges–and possibilities–of digital evidence in law enforcement.
The average person is photographed or videoed 14 times on any given day. This includes those citizens who are a little shady, disreputable or downright criminal. Now that video evidence has reached this critical mass, it’s no surprise that footage is becoming an integral piece in our crime-solving puzzle. Yet with its ascension comes some interesting issues, especially when you’re talking about digital video.
Digital video is typically stored on a hard drive inside a DVR at the scene of a crime. Law enforcement can expect any number of experiences with this sort of foot-age–including ‘I can’t get the (expletive) video off of this DVR.’ The video ends up contributing nothing to the case. Or perhaps the video is collected from the DVR, but the quality is so poor that little can be discerned. Then there are the times where video solves a crime–and fast. Cases where no one saw anything–except for the video (watch a few episodes of CSI and you’ll get the impression this is what happens in every case).
But lets start with a frustrating example from the UK of the limitations of digital evidence.
A thief burglarized a man’s car in London. The incident took place during 1 of those 14 moments in his day in which the thief was being taped. In this case, by a neighbor’s home CCTV system. The footage went to the local police.
But as it turned out, investigators had to suspend their search...due to lack of evidence. A spokesman for the police explained that the video footage had not led to any new insights because of the quality of the video. This sent the man, already understandably vehement about the crime, into another stratosphere of rage. “You can commit a crime and still get away with it de-spite being caught in the act,” he bemoaned.
But as anyone in law enforcement knows, being caught on tape may not equal being caught. In most situations, evidence produced by a video surveillance system leads to new insights about a crime. But just how valuable these insights are may depend on how ‘clear’ that video happens to be.
And what you’re able to get out of the video footage. Take, for instance, the new mother in Florida, who had been the victim of an unspeakable crime. Her one-day-old child was abducted from her hospital room by someone posing as a nurse. Just a few promises that the child was getting an eye exam and ‘poof,’ gone. In the sustained chaos and stress of a hospital environment, no one noticed.
Except, it turns out, for the video camera in the hallway. Analyzed footage revealed the suspect to be a woman, and showed her lurking around the halls hours before the actual crime. It also gave investigators an idea of how she got the child out of there unnoticed (in this case, a duffel bag). So while Florida police didn’t get an exact ID from the surveillance footage, they got enough clues to nab the woman (the local paper was also able to broadcast the footage on their website, allowing ordinary citizens to help with the case). Always review any video evidence at the scene of a crime to be sure to consider all the hints and tips in the footage below the obvious.
With all the possible outcomes and unknowns of today’s digital technology, you may feel a temptation to not even try to collect evidence. The hassles of transferring it off the DVR, the spotty quality issues that put our London man’s case into deep freeze, for example. But then consider the Florida mother, and where her case would be without that footage.
In the end, video footage is one piece of evidence. One element along with fingerprints and interviews and eyewitnesses in the pursuit of criminals. It provides tremendous opportunity to learn information about crimes. That’s what motivates each and every one of us to collect and analyze video evidence every day.
This article was adapted from a blog post. For more insights, updates and discussions, check out starwitnessweekly.com.
The average person is photographed or videoed 14 times on any given day. This includes those citizens who are a little shady, disreputable or downright criminal. Now that video evidence has reached this critical mass, it’s no surprise that footage is becoming an integral piece in our crime-solving puzzle. Yet with its ascension comes some interesting issues, especially when you’re talking about digital video.
Digital video is typically stored on a hard drive inside a DVR at the scene of a crime. Law enforcement can expect any number of experiences with this sort of foot-age–including ‘I can’t get the (expletive) video off of this DVR.’ The video ends up contributing nothing to the case. Or perhaps the video is collected from the DVR, but the quality is so poor that little can be discerned. Then there are the times where video solves a crime–and fast. Cases where no one saw anything–except for the video (watch a few episodes of CSI and you’ll get the impression this is what happens in every case).
But lets start with a frustrating example from the UK of the limitations of digital evidence.
A thief burglarized a man’s car in London. The incident took place during 1 of those 14 moments in his day in which the thief was being taped. In this case, by a neighbor’s home CCTV system. The footage went to the local police.
In most situations, evidence produced by a video surveillance system leads to new insights about a crime. Just how valuable these insights are may depend on how 'clear' that video happens to be.
But as it turned out, investigators had to suspend their search...due to lack of evidence. A spokesman for the police explained that the video footage had not led to any new insights because of the quality of the video. This sent the man, already understandably vehement about the crime, into another stratosphere of rage. “You can commit a crime and still get away with it de-spite being caught in the act,” he bemoaned.
But as anyone in law enforcement knows, being caught on tape may not equal being caught. In most situations, evidence produced by a video surveillance system leads to new insights about a crime. But just how valuable these insights are may depend on how ‘clear’ that video happens to be.
And what you’re able to get out of the video footage. Take, for instance, the new mother in Florida, who had been the victim of an unspeakable crime. Her one-day-old child was abducted from her hospital room by someone posing as a nurse. Just a few promises that the child was getting an eye exam and ‘poof,’ gone. In the sustained chaos and stress of a hospital environment, no one noticed.
Except, it turns out, for the video camera in the hallway. Analyzed footage revealed the suspect to be a woman, and showed her lurking around the halls hours before the actual crime. It also gave investigators an idea of how she got the child out of there unnoticed (in this case, a duffel bag). So while Florida police didn’t get an exact ID from the surveillance footage, they got enough clues to nab the woman (the local paper was also able to broadcast the footage on their website, allowing ordinary citizens to help with the case). Always review any video evidence at the scene of a crime to be sure to consider all the hints and tips in the footage below the obvious.
With all the possible outcomes and unknowns of today’s digital technology, you may feel a temptation to not even try to collect evidence. The hassles of transferring it off the DVR, the spotty quality issues that put our London man’s case into deep freeze, for example. But then consider the Florida mother, and where her case would be without that footage.
In the end, video footage is one piece of evidence. One element along with fingerprints and interviews and eyewitnesses in the pursuit of criminals. It provides tremendous opportunity to learn information about crimes. That’s what motivates each and every one of us to collect and analyze video evidence every day.
This article was adapted from a blog post. For more insights, updates and discussions, check out starwitnessweekly.com.
Stay in Control
A Practical Application for Forensic Audio and Video Examinations
By Wayne R. Runion
The term ‘control’ has long meant something specific and invaluable in the world of chemistry. But in the last few years, it’s come to mean something somewhat different – yet just as critical – to the world of forensic audio and video.
Random House Dictionary defines it as “to test or verify by parallel experiment or other standard of comparison.” Controls are widely used in the scientific community to verify results. One familiar example is the use of placebos in drug testing, in which placebos provide a point of reference or comparison for the experiment. But relative to forensic science, ASLCD considers control to mean “a standard of comparison for verifying or checking the finding of an experiment,” and requires a control conducted with each examination and the results documented (paragraph 1.4.2.8 of the ASCLD 2005 manual).
ASLCLD-LAB brought the issue of how controls were to be used in the Digital Evidence community to the attention of the Scientific Working Group on Digital Evidence (SWGDE), of which I am a former member. At the time, ASLCLD-LAB was incorporating the new forensic disciplines of Digital and Multimedia Evidence for accreditation. SWGDE found controls valuable for the forensic audio community and outlined a recommendation that controls be used in forensic audio in the SWGDE Best Practices for Forensic Audio:
“A control is a known audio test signal that is run through a system to ensure that the system produces the expected result. This gives an examiner confidence that the system will perform as expected when processing evidence. In forensic audio, the system is the complete signal path including playback, processing, and recording equipment, cables, and connectors. A control test should be run on the complete signal path before processing evidence.
The interval at which controls are run should be appropriate for the specific equipment used. Specifically, controls should be run:
If a control test fails, evidence should not be run through the system until it behaves properly. When failure occurs:
The Scientific Working Group on Imaging Technology (SWGIT) also outlines the importance of controls for forensic video examinations in their Best Practices For Video Analysis:
For tape based media
Prior to inserting videotape evidence into a playback device, ensure the equipment is functioning properly by inserting a non-evidentiary test tape of known signal and image quality. When playback of the evidentiary tape is less than optimal or signal dropouts occur, and the analyst suspects player idiosyncrasies as a potential factor, multiple players and/or recorders should be utilized to preview the tape. In some cases, this may necessitate retrieving the original recorder and/or camcorder unit. For example, head misalignment on the original recorder may produce a tape in which video playback is degraded or not viewable when played back on any unit other than the original recording device. Tracking adjustment may be necessary to optimize playback of the original video. (draft January 18, 2008)
In practice, a control is a known sample recording that contains audio and video (i.e. tone and color bars) of a known quality, played through the same equipment as the evidence recording. The control aids the examiner in determining if the equipment is functioning properly and all the connections are correct. My control contains known music and tones, color bars, black frames and the old movie countdown.
Maybe at this point you’re wondering if control is really important beyond being a necessary step for accreditation. Simply put, yes. A control actually serves several purposes. Use the same path or chain of equipment and cables that you intend on using for the analysis of your audio and video evidence. This will check that playback heads and cables are all in good working order and any intermediate devices (such as a compressor/limiter) are also not adversely affecting the audio or video.
For perspective, consider the dangers of not doing a control. Unintentional or accidental noises could be introduced on the digitized evidence tape. This might leave you with the mistaken impression that the signal was very noisy from the source, or just a really poor recording. You could be processing out noise that had accidentally been induced. Cables between the playback and the computer could be bad, or a dirty head or roller on an audio or video cassette player could grab and damage the tape. Running a control before performing an audio or video analysis not only provides information about the signal path, it also may save the evidence from harm.
Even if you are not in a laboratory environment and do not fall under accreditation standards, it is good practice to run a control before each and every examination. This will help ensure that your system and all intermediate devices are working properly, that no accidental noise has been added, and help prevent surprise damage to the evidence by dirty heads. Before you start processing evidence, run a control: it will help ensure that you begin with the best possible digital copy of your audio and video evidence recording, making your resulting products the best they can be.
By Wayne R. Runion
The term ‘control’ has long meant something specific and invaluable in the world of chemistry. But in the last few years, it’s come to mean something somewhat different – yet just as critical – to the world of forensic audio and video.
Random House Dictionary defines it as “to test or verify by parallel experiment or other standard of comparison.” Controls are widely used in the scientific community to verify results. One familiar example is the use of placebos in drug testing, in which placebos provide a point of reference or comparison for the experiment. But relative to forensic science, ASLCD considers control to mean “a standard of comparison for verifying or checking the finding of an experiment,” and requires a control conducted with each examination and the results documented (paragraph 1.4.2.8 of the ASCLD 2005 manual).ASLCLD-LAB brought the issue of how controls were to be used in the Digital Evidence community to the attention of the Scientific Working Group on Digital Evidence (SWGDE), of which I am a former member. At the time, ASLCLD-LAB was incorporating the new forensic disciplines of Digital and Multimedia Evidence for accreditation. SWGDE found controls valuable for the forensic audio community and outlined a recommendation that controls be used in forensic audio in the SWGDE Best Practices for Forensic Audio:
“A control is a known audio test signal that is run through a system to ensure that the system produces the expected result. This gives an examiner confidence that the system will perform as expected when processing evidence. In forensic audio, the system is the complete signal path including playback, processing, and recording equipment, cables, and connectors. A control test should be run on the complete signal path before processing evidence.
The interval at which controls are run should be appropriate for the specific equipment used. Specifically, controls should be run:
- Whenever a system configuration change occurs.
- Regularly for equipment that experience wear.
- When infrequently used equipment is put into service.
If a control test fails, evidence should not be run through the system until it behaves properly. When failure occurs:
- Notify other examiners of the failure.
- Troubleshoot the system to isolate the failed component. Recognize that the failure could be in a piece of equipment, a cable, a connector, or in an interconnection itself. Take the failed component out of service until it can be replaced, repaired or recalibrated, or it otherwise demonstrates reliable performance.” (chapter 4 version 1.0, January 31, 2008)
The Scientific Working Group on Imaging Technology (SWGIT) also outlines the importance of controls for forensic video examinations in their Best Practices For Video Analysis:
For tape based media
Prior to inserting videotape evidence into a playback device, ensure the equipment is functioning properly by inserting a non-evidentiary test tape of known signal and image quality. When playback of the evidentiary tape is less than optimal or signal dropouts occur, and the analyst suspects player idiosyncrasies as a potential factor, multiple players and/or recorders should be utilized to preview the tape. In some cases, this may necessitate retrieving the original recorder and/or camcorder unit. For example, head misalignment on the original recorder may produce a tape in which video playback is degraded or not viewable when played back on any unit other than the original recording device. Tracking adjustment may be necessary to optimize playback of the original video. (draft January 18, 2008)
In practice, a control is a known sample recording that contains audio and video (i.e. tone and color bars) of a known quality, played through the same equipment as the evidence recording. The control aids the examiner in determining if the equipment is functioning properly and all the connections are correct. My control contains known music and tones, color bars, black frames and the old movie countdown.Maybe at this point you’re wondering if control is really important beyond being a necessary step for accreditation. Simply put, yes. A control actually serves several purposes. Use the same path or chain of equipment and cables that you intend on using for the analysis of your audio and video evidence. This will check that playback heads and cables are all in good working order and any intermediate devices (such as a compressor/limiter) are also not adversely affecting the audio or video.
For perspective, consider the dangers of not doing a control. Unintentional or accidental noises could be introduced on the digitized evidence tape. This might leave you with the mistaken impression that the signal was very noisy from the source, or just a really poor recording. You could be processing out noise that had accidentally been induced. Cables between the playback and the computer could be bad, or a dirty head or roller on an audio or video cassette player could grab and damage the tape. Running a control before performing an audio or video analysis not only provides information about the signal path, it also may save the evidence from harm.
Even if you are not in a laboratory environment and do not fall under accreditation standards, it is good practice to run a control before each and every examination. This will help ensure that your system and all intermediate devices are working properly, that no accidental noise has been added, and help prevent surprise damage to the evidence by dirty heads. Before you start processing evidence, run a control: it will help ensure that you begin with the best possible digital copy of your audio and video evidence recording, making your resulting products the best they can be.
