In addition to the methods discussed in the previous chapters, there are also more advanced, specialized methods available. JTAG and chip-off methods are both highly useful tools in many common situations, but require advanced training (and a lot of practice before working on live evidence!). The final advanced method, a cold boot attack to recover encryption keys, is far more theoretical.
JTAG is a standard developed by the Institute of Electrical and Electronics Engineers (IEEE). During the device production process, it is used to communicate with the processor through a specialized interface for testing purposes. Luckily for forensic examiners, it also allows them to communicate directly with the processor and retrieve a full physical image of the flash memory.
To perform a JTAG extraction, the device must be taken apart down to the circuit board. The circuit board will contain multiple taps (physical contacts on the device circuit board), though they are...