The Order of Things – Timeline Analysis of a Complex Investigation

This case study looks at the importance of validation of timelines and log processes in a complex murder investigation. It is concerned with piecing together the activities of the suspect, who was initially considered a victim of the crime.

The case study will consider extractable logs from an iPhone 5c circa late 2016, billing records in which shortcuts have been made in billing mediation, a phone with a manually modified clock, a massive thunderstorm and state-wide blackout, suspicious gaps in the record, and securement mistakes made by crime scene investigators.

The case study is real, presented with sanitised data. It demonstrates the importance of understanding the big picture of a complex telecommunications system – the links between data sources and the subtleties of their compilation.