L-3 Communications ASA Limited

Child Abuse Image Database (CAID)

L3’s Child Abuse Image Database (CAID) provides a suite of digital media investigation services utilising Griffeye Analyze Suite, Hubstream Intelligence and NEC products. This national system is used by UK law enforcement and provides facilities to detect, block, flag, alert and analyse illegal digital images and for facial recognition.


  • Can be deployed nationally on Government networks and infrastructure
  • Developed in collaboration with law enforcement and research institutes
  • Allows sharing of intelligence between organisations
  • Minimises the risk of missed intelligence
  • Significantly improves operational knowledge between agencies
  • Allows sharing of intelligence between industry and law enforcement
  • Cuts duplication of effort in the analysis of material
  • Enables the identification of previously circulated and new material
  • Enables fast and accurate identification of subjects of interest
  • Integrates with exiting systems and infrastructure


  • World leading and proven system successfully deployed internationally
  • Automatically analyse digital media across multiple organisations
  • Specialised investigative capability
  • Innovative and intuitive tools and techniques
  • Service includes end user training
  • Cloud provision and customer infrastructure deployment options
  • Strong company pedigree in secure system development and support
  • Supports open and industry standards such as OData
  • •Supported by a range of other L-3 G-Cloud services
  • Video and still image capability covering 350+ media formats


£791664 per instance per year

Service documents


G-Cloud 11

Service ID

9 1 9 7 4 4 0 8 4 6 8 9 6 8 4


L-3 Communications ASA Limited

John Muir

01252 775757


Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
There are a number of technical dependencies depending on the deployment model selected. Details can be found in the service definition document.
System requirements
Minimum software specification. See service definition

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday to Friday - Office hours(Weekends at additional cost)

Priority 1 The Software is unavailable or not useable for all users Response Time 4 hours / Update 1 Working Day / Resolution Target 5 Working Days
Priority 2 A key Business Function of the Software is unavailable to all users Response Time 12 hours / Update 3 Working Day / Resolution Target 20 Working Days
Priority 3 An important business function of the Software is affecting a proportion of users Response Time 24 hours / Update Weekly / Resolution Target Next maintenance Release
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
L3 ASA normal service offerings are 8.30am to 5.30pm Monday to Friday. Initial support will be provided by telephone or email via our Support Help Desk. However the company has a flexible approach as is able to tailor a package to support most customer requirements. L3 ASA will prepare a support plan in order to ensure that its meets it's customers requirements. The number and level of staff required will be assessed on case by case basis. The appointed Project Manager will ensure all support contractual commitments are achieved. L3 ASA also includes 3rd Party supplier support to ensure the support solution provides the customer with the most optimum level of support for the supplied service.
Support available to third parties

Onboarding and offboarding

Getting started
Customers are provided with a licence key which allows them to download appropriate elements of the software. L3 then provide installation support and initial training. Further details can be found in the Service Description
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
This is dependent on the type of data and media held with in the service. L3 will provide support where appropriate to ensure the customer can extract all relevant data.
End-of-contract process
L-3 ASA will identify the relevant issues and requirements early in the process of delivering or ceasing to deliver the service, and will supply the customer with the required level of advice and support. This will cover areas such as:
 Data migration
 Connecting/disconnecting databases, systems and applications within cloud services
 Security continuity

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Compatible operating systems
  • Linux or Unix
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
Service can be deployed on suitable Mobile tablets meeting the minimum system specifications.
Service interface
Description of service interface
Admin defined permissions such as view, amend, create and delete
Accessibility standards
None or don’t know
Description of accessibility
Levels can be defined per application
Accessibility testing
None beyond standard operating system functionality
What users can and can't do using the API
Using the API

The service utilises a range of APIs. There are specific APIs designed to be used with industry standard forensic tools. There are also a number of restful APIs that can be used by the customer to interoperate with their own systems.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
There are a large range of customisable options within the GUI, the software capabilities and the support solution. There is also a 'digital market place' where there is an open market place for the Platform. It operates an open plugin framework architecture to attract the best and brightest of new technologies in the field of forensic investigations. A constantly growing portfolio of apps is distributed to users, ensuring the service is continually updated to remain on the cutting edge of digital forensic investigations.


Independence of resources
Specific deployments for each customer


Service usage metrics
Metrics types
Flexible dependant on customer use case e.g. data volumes, throughput rates, queue times etc
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
GriffEye, Hubstream

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other data at rest protection approach
Depending on the Customer's data and protection requirements, L3 ASA will work with the customer to provide appropriate levels of protection using techniques such as standard commercial encryption to high grade Type 1 Government encryption. Security and integrity protection is a risk balanced approach which as part of the initial start up of the service L3 ASA will advise the customer on the most suitable method.
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data export is a key component of the service and a range of tools are provided to allow users to facilitate this activity.
Data export formats
  • CSV
  • Other
Other data export formats
Multiple data format export types
Data import formats
  • CSV
  • Other
Other data import formats
  • Multiple (including PhotoDNA, MD5,SHA-1 hash file types)
  • Multiple media and video formats

Data-in-transit protection

Data protection between buyer and supplier networks
Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
L3 ASA has a number of typical SLAs that would provide the Customer with a level of assurance for the availability of the service. Service credits is one such suitable method but any scheme would need to consider the Customer's deployment options which could impact the availability of the provided service. An example would be the level and criticality of the support requested from any hosting service.
Approach to resilience
Accredited third party provision
Outage reporting
Accredited third party provision

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Customer defines access control via Active Directory user configuration
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • IASME Governance Standard
  • Acredited to HMG and MOD Policy Requirements
  • Cyber Essentials Plus
  • TickIT+

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
L3 ASA is a List X site, which is certified by the Ministry of Defence to hold classified information and media iaw with JSP440. As part of the certification, L3 ASA are required to nominate a trained Security Assurance Coordinator who is responsible and accountable for security compliance.
Information security policies and processes
L3 ASA are certified as a List X site by the Ministry of Defence and as such follow the guidelines laid down within JSP440. Part of these guidelines state the requirement to appoint a Security Assurance Coordinator (SAC), who is accountable and responsible for all security, integrity and reliability of both company's and customer's information. This includes all hardware, software and other information. The SAC reports directly to the CEO but has access to wider company and Government support, should any issue require escalation outside the business. All service delivery staff will be suitable cleared and trained individuals and will be accountable to a Board Level Director who will provide an escalation route for the customer if required. L3 ASA are corporate members of the Association for Project Managers (APM) and as such all staff with delivery responsibility will be qualified to at least practitioner level.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration Items are identified by the Project Manager and/or the Technical Authority on the basis of entities that can be acquired or produced, controlled, and verified individually. They may be hardware, software or documents (in physical or electronic form). Each Configuration Item shall be assigned a unique identity. A record of all Configuration Items shall be maintained.
Changes may arise from non-conformities, changes to design requirements, design improvements or similar. Proposals to change a Formal Baseline will use a Change Note, normally in the form of an electronic item which can be stored for the purposes of audit.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
L3 ASA has access to a reference system for all delivered services, this may be via a 3rd Party supplier. Any requirement for patching is discussed with the customer and an agreed service update is scheduled. See helpdesk metrics for response times P1 to P3 instances.

In addition, CERT UK is monitoring our IP range to see if it is being accessed by known hackers.

We receive threat information and alerts from various sources on particular Viruses, Scams, Spearfishing and other Cyber techniques, which includes:
• Corporate
• CiSP
• MoD
• Other third parties (such as Checkpoint and Symantec)
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Security events include the following:
 Uncontrolled system changes.
 Access violations – e.g. password sharing.
 Breaches of physical security.
 Non-compliance with policies.
 Systems being hacked / manipulated.
Security weaknesses include:
 Inadequate firewall / antivirus.
 System malfunctions or overloads.
 Malfunctions software applications.
 Human errors.
The PM will report any incidents by the most expedient means to
the SAC by telephone or in person which will be followed up by email with details. No containment action will be taken without instructions from the SAC. See helpdesk metrics for response to P1 to P3 incidents.
Incident management type
Supplier-defined controls
Incident management approach
L3 ASA use the methodology described within the ITIL v3.0 framework to manage incidents. Incidents are reported via the helpdesk and are assessed and managed iaw the response times shown in the helpdesk section. The helpdesk will usually have a predefined set of common faults which will aid troubleshooting along with the support of the 3rd Party suppliers who make up the service.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)


£791664 per instance per year
Discount for educational organisations
Free trial available

Service documents

Return to top ↑