ABSTRACT:

This paper mainly reviews about the legal aspects of reverse while taking into consideration of its definitions and types of . It mainly concentrates on legal aspects of , issues of reverse engineering like and also discuss the laws according to some countries. While taking into consideration of its definition and types of reverse engineering and the tools used.

DEFENITION OF REVERSE ENGINEERING:

The process of systematically taking apart a chip or application program to discover how it works, with the aim of imitating or duplicating some or all of its functions.

For example removing the body parts of a car to understand the mechanism of the car and refitting it. Or making another car that doesn’t resemble the model without copying anything from the original.

Reverse engineering, as the name implies, in other words, the attempt to recapture the top specification by analysing the product - "attempt" because it is not possible in practice, or even in theory, to recover everything in the original specification purely by studying the product.

Reverse engineering is difficult and time consuming, but it is getting easier all the time thanks to IT, for two reasons:

 Firstly, as engineering techniques themselves become more computerised, more of the design is due to the computer. Thus, recognisable blocks of code, or groups of circuit elements on a substrate, often occur in many different produced by the same computer program. These are easier to recognise and interpret than a customised product would be.  Secondly, artificial intelligence techniques for pattern recognition, and for parsing and interpretation, have advanced to the point where these and other structures within a product can be recognised automatically.

However, whilst it is often possible to automate the generation of a higher level structural description of a product, recognising what it is doing is difficult and still requires human skills, and it may simply not be possible to recapture some parts of original specification to which the product was made by studying the product.

Since reverse engineering still needs human input, at some stage the reverse engineering process needs to produce a complete system description of the product, to allow a human to work out how the product functions; it is only after this human analysis that the product can be split into its component parts.

Thus, reverse engineering generally consists of the following stages:

1. Analysis of the product 2. Generation of an intermediate level product description 3. Human analysis of the product description to produce a specification 4. Generation of a new product using the specification. There is thus a chain of events between the underlying design specification and any intermediate level design documents lying behind the product, through the product itself, through the reverse engineered product description, through the reverse engineered specification, and into the new product itself. This raises at least the risk of infringement of copyright or similar design or chip protection rights.

If the same person both reverse engineers the old product and designs the new product, and there are similarities, it is hard to avoid an assumption that some copying has taken place, and so reverse engineering "best practice" involves breaking the chain, so far as possible, at the specification stage. The specification is made as abstract and functional as possible by the reverse engineers, and is then handed over to a "clean room" design team who have no other contact with the old product, or the team who analysed it, and who will then design the new product using as little low-level information as possible from the old product.

FIG 1: REVERSE ENGINEERING PROCEDURE (STEPS) WHO, WHAT AND WHY:

USERS

One group of reverse engineers are users of old products, who want to maintain them, but find that the original supplier may no longer exist, or may have dropped support for the product (1). Most users will want a subcontractor to re-engineer the software, rather than doing so themselves. To maintain an old product, it will often be necessary to understand how it works.

Recently, the "Year 2000" problem has stimulated interest in maintaining old software. Reverse engineering may be needed if an old product is to work alongside, or within a new system. There is also a desire, amongst some software users, to re-engineer old software, to make it more modular, re-useable, accessible or reliable.

COMPETITORS

Genuine competitors may wish to use reverse engineering techniques, for one of two reasons:

 Firstly, they may wish to produce a product which operates with the product to be analysed (but does not compete with it), or  Secondly, they may wish to produce a product which competes with the product to be analysed.

Examples of interoperable products are applications which need to interoperate with operating systems; software controlled exchanges which need to operate with others; and programs which are locked by hardware "dongles".

PIRATES

Finally, pirates may occasionally use reverse engineering techniques. Pirates do not usually need to understand how a product works merely to copy it, but occasionally a product may include security features which the pirate needs to defeat. TYPES OF REVERSE ENGINEERING:

1. SOFTWARE REVERSE ENGINEERING.

The essence of software re-engineering is to improve or transform existing software so that it can be understand, controlled, and used anew. The need for software re-engineering has increased greatly, as heritage software systems have become obsolescent in terms of their , the platforms on which they run, and their suitability and stability to support evolution to support changing needs. Software re-engineering is important for recovering and reusing existing software assets, putting high software maintenance costs under control, and establishing a base for future software evolution. The growth in cost and importance of software to NASA, and the aging of many of the Agency's important software systems, has necessitated software reengineering efforts .

FIG 2. GENERAL MODEL FOR REVERSE ENGINEERING

2. HARDWARE REVERSE ENGINEERING.

Hardware reverse engineering involves taking apart a device to see how it works. For example, if a processor manufacturer wants to see how a competitor's processor works, they can purchase a competitor's processor, disassemble it, and then make a processor similar to it. However, this process is illegal in many countries. In general, hardware reverse engineering requires a great deal of expertise and is quite expensive. HARDWARE REVERSE ENGINEERING TECHNIQUES:

ENGINEERING COMPONENTS

Techniques now exist for visually scanning mechanical parts and generating CAD models from them, using machine vision technology; for example, the REFAB (Reverse Engineering - Feature Based) tool available from the Department of Computer Science of the University of Utah (2) and ARL's site. In REFAB, a laser digitiser is used to the scan the part, and the analysis software then analyses the shape of the part, using features which are based on typical machining operations, to generate a computerised manufacturing description which can be displayed, used to copy the product, or produce new products using the design.

PRINTED CIRCUIT BOARDS (PCBS)

Computer vision has been widely used to scan PCBs for quality control and inspection purposes, and based on this, there are a number of machine vision for analysing and reverse engineering PCBs (3). Several firms on the Internet offer a service of scanning a PCB and supplying a corresponding netlist.

INTEGRATED CIRCUIT (IC) COMPONENTS

This is much harder work, since everything is on a much smaller scale.

The first step is to get through the encapsulating material into the product itself, by chemical etching or grinding. This can be tough in itself, since some manufacturers include hard particles such as carborundum or sapphire in the encapsulating the resin, so that mechanical grinding also destroys the chip.

Once at the chip surface, each layer of components is photographed, then ground away to reveal the layer below. This process reveals the structure of the chip. Again, the process can be made more difficult, for example by providing some of the components vertically across several layers.

Although these processes can reveal the structure of the chip, they do not indicate the voltages at each point. However, if the chip is undamaged, voltage contrast electron microscopy can be used to scan the chip in use, and watch the voltage level change over time.

These processes are generally referred to as "stripping" or "peeling" the chip.

Having stripped the chip, it can then be analysed using pattern recognition software and human inspection to get to a netlist and then a circuit diagram.

Several firms on the Internet offer a service of scanning standard cell or gate to automatically generate a netlist (i.e. a low level circuit description which can be used to generate a new integrated circuit) REVERSE ENGINEERING TOOLS(HOUGLAND, MCGRAW 2003) :

1. DEBUGGER:

A debugger is a software program that attaches to and controls other software programs. A debugger allows single stepping of code, debug tracing, setting breakpoints, and viewing variables and memory state in the target program as it executes in a stepwise fashion. Debuggers are invaluable in determining logical program flow. Debuggers fall into two categories: user-mode and kernel-mode debuggers. User-mode debuggers run like normal programs under the OS and are subject to the same rules as normal programs. Thus, user-mode debuggers can only debug other user-level processes. A kernel-mode debugger is part of the OS And can debug device drivers and even the OS itself.

2. FAULT INJECTION TOOLS: Tools that can supply malformed or improperly formatted input to a target software process to cause failures are one class of fault injection tool. Program failures can be analyzed to determine whether errors exist in the target software. Some failures have security implications, such as failures that allow an attacker direct access to the host computer or network. Fault injection tools fall into two categories: host and network. Host-based fault injectors operate like debuggers and can attach to a process and alter program states. Network-based fault injectors Manipulate network traffic to determine the effect on the receiver.

3. DISSAMBLER : A disassembler is a tool that converts machine-readable code into assembly language. Assembly language is a human-readable form of machine code. Disassemblers reveal which machine instructions are being used in the code. Machine code is usually specific to a given hardware architecture (such as the PowerPC chip or Intel Pentium chip). Thus, disassemblers Are written expressly for the target hardware architecture.

4. DECOMPILER:

De-compilers are programs which will convert object code back to high level languages such as C (although, to the uninitiated, a C program may be little more meaningful than object code!) LEGAL ASPECTS OF REVERSE ENGINEERING:

PATENTS

Many patented goods are not sold with restrictive licences, and hence a bona fide purchaser cannot usually be prevented by the patent from doing what they like with the patented product. Indeed, the patent itself may give the reverse engineer valuable information on how the patented product operates.

However, a competitive product produced by reverse engineering may still infringe the patent itself - patent infringement does not require copying, and so "clean-room" techniques do not assist.

COPYRIGHT AND RELATED RIGHTS

It is widely accepted that copyright does not protect "ideas", but only "expression"; that is, the way in which those ideas are "expressed". This idea is carried through into similar rights, such as Topography Rights. Copyright subsists in "copyright works". Reproduction or translation of the whole or a substantial part of a copyright work will constitute an infringement of copyright.

Top level specification are themselves copyright works, and intermediate level specifications (source code and circuit diagrams) and lower level specifications (assembly code, net lists and node lists) may also qualify as copyright works.

A common assumption is that the top level of a design specification is unprotectable by copyright, since it consists only of "ideas" . Some assume that this applies also to some lower levels insofar as they cover "algorithms" and not actual code.

On this assumption, "clean-room" reverse engineering techniques succeed in breaking the chain of copying, since if only unprotectable ideas are communicated to the new design team by the reverse engineers, the new design team cannot be copying protectable "expression".

However, this approach is incomplete. Firstly, it ignores the fact that the intermediate copies made during reverse engineering are themselves infringements. Secondly, at least in the UK, serious doubt has been cast on the correctness of this approach . Thirdly, modern engineering tools can directly accept some high-level specifications, which are thus akin to executable code rather than abstract description.

In Europe, special codes of protection exist for computer programs , semiconductor topographies , and databases . Each of these contains special definitions of infringement which are binding across the EU, and which (for computer programs and semi-conductor products) mirror those created in the US.

A given act of reverse engineering may involve several of these provisions; if so, it needs to be clear of infringement under each different head of copyright work.

With copyright infringement, both the creation of the intermediate copy of the original design documents (which takes place after analysis of the product) and the ultimate products created from it may be infringements of copyright, as we will see from the cases. COMPUTER PROGRAMS

In the case of computer programs, the EU directive states that the ideas and principles underlying a program are not protected by copyright, and that logic, algorithms and programming languages may to some extent comprise ideas and principles.

Analysis of the function of a program (but not decompilation is permitted under Article 5.3, if it is carried out by a licensed user in the normal use of the program.

Reverse engineering is allowed under Article 6, but only for the single purpose of producing an interoperable program (rather than a competing program).

For this purpose, in addition to reverse engineering itself (i.e. producing a high level version of the code) subsequent forward engineering to produce the interoperable program is permitted.

However, the reverse engineer has to cross a host of formidable barriers before he can make use of this right;

1. It must be indispensable to reverse engineer to obtain the necessary information. 2. The reverse engineering has to be by a licensee or authorised user. 3. The necessary information must not already have been readily available to those people. 4. Only the parts of the program necessary for interoperability (i.e. the interfaces) can be reproduced. 5. The information generated by the reverse engineering cannot be used for anything other than achieving interoperability of an independently created program. 6. The information cannot be passed on to others except where necessary for this purpose. 7. The information obtained cannot be used to make a competing program (rather than just an interoperable one). 8. The "legitimate interests" of the copyright owner or "normal exploitation" of the program must not be prejudice.

Thus, far from creating a general right to reverse engineer, these provisions create only the smallest of openings for the reverse engineer; they are intended for use only to defeat locked, confidential, proprietary interfaces. SEMICONDUCTOR TOPOGRAPHIES

Directive 87/54/EEC, and the corresponding US provisions of the Semiconductor Chip Protection Act 1984 , contain the same distinction between the protection granted to topography and the concepts, processes, systems, techniques or encoded information embodied in the topography, which are not protected by the topography.

The topography directive permits reverse engineering (i.e. the analysis of a topography). It does not, however, allow all uses of the information obtained from reverse engineering.

If a different topography can be created using the information derived from the original, so that it does not "reproduce" the original, then there will be no infringement of the topography right.

If the reverse engineering information is used, by the reverse engineer, to create a new original mask work, then this too is not an infringement, apparently even if it reproduces a substantial part of the original chip topography. In other words, where a chip has been reversed engineered, chip protection right is useful only against pirates.

There has been little case law under the chip protection provision. One case which went through three rounds in the US was the Brooktree v. AMD case , in which Brooktree Corporation brought an action against AMD, who were producing plug-compatible colour palette chips for use in graphics work stations.

At the interlocutory stage, the Court held that if AMD could show they had reversed engineered the chip, then anything less than a substantially identical chip would not infringe Brooktree's topography rights. However, at the full trial in 1990, the jury found infringement and this was upheld on appeal in 1993.

DATA

Databases or collections of data in general may be protected under copyright law, and (in Europe) by a special sui generis right .

Under previous UK copyright law, even the simplest tables of data would have qualified as literary work , but under the EU directive, the kind of data which makes up design documents for software, hardware or interfaces will rarely be entitled to copyright protection. However, where a significant investment has been made in compiling the data, then it may nonetheless be protected by the sui generis right . No specific reverse engineering rights are given under the sui generis right (despite the inclusion of such a right in the first draft ).

It is not yet clear whether "substantial" means "expensive", or just "not trivial". COPYRIGHT AND DESIGN RIGHT

In the UK at least, copyright law makes no concessions to reverse engineering. The position will inevitably change somewhat in the specific fields of computer software and semiconductor topographies, but where any design document other than a computer program or a semi-conductor topography is copied then normal copyright law will prevail.

For a three dimensional product, in general, reverse engineering need not recreate any of the design documents which lie behind the product. An analysis program might generate a table of computer- aided design (CAM) control data quite different to those from which the product was made. Further, in many countries, copyright does not offer protection to utilitarian three dimensional articles .

However, where the reverse engineering process does recreate design documents, copyright or (in the UK) Design Right infringement may occur. For example, if reverse engineering of a PCB regenerates the net list from which it was produced , then the net list will be a copyright infringement. The same is true where a computer program is reproduced.

The "fair use" defence to copyright infringement permits copying where this is for the purposes of research or private study. However, in the UK, this does not extend to any commercial research or study, as would be involved in reverse engineering . In the specific case of computer software, decompilation is expressly not "fair dealing" .

The position in the US is quite different; there, in the Sega Enterprises v Accolade and Atari Games Corp v. Nintendo cases, the intermediate copies produced by reverse engineering were held to be excused by the equivalent "fair use" defence.

CONFIDENTIALITY

Reverse engineering gives no general right to breach obligations to keep information confidential. For example, in Stac Electronics v. Microsoft Corp. , Stac (who defeated Microsoft in a patent infringement action) were themselves held to have committed a trade secret violation by reverse engineering features of a beta version of MS DOS, with which they had been supplied in confidence, and then using the reverse engineered information in their own product. The award of $13.6 million against them would have been significant, if they had not won a much larger amount from Microsoft.

The position is more difficult where a product is widely distributed, but with a contract of sale which purports to include a confidentiality clause; it is not clear that a court would support a transparent attempt to portray as confidential something which was on open sale. Where reverse engineering of a software product is permitted under the EU Directive interoperability, then UK law will not enforce a contractual term to the contrary . CONCLUSION

There are thus legitimate and illegitimate reasons for wanting to reverse engineer software products, chips, printed circuit boards and other hardware products, and firmware (i.e. mask-programmed or similar embedded software products).

A genuine competitor will try to reduce their use of the intermediate description generated by reverse engineering to the absolute minimum necessary, to avoid copying, whereas a pirate will attempt to use the reverse engineered code to the maximum extent possible and add the minimum of independently created material, to make the product a "lookalike" in so far as possible, and to reduce the amount of effort they use.

References:

Behrens, A and Levary, R "Practical Legal Aspects of Software Reverse Engineering" Communications of the ACM, Vol 41, No 2 February 1998

Byrne, Eric J., "A Software Re-engineering Process Model", 2nd International Conference on System Integration, 1992.

Linda H rosen berg Unisys federal systems

RGC Jenkins & Co on reverse engineering.

Stern, R "Reverse Engineering of Software as Copyright Infringement - An Update: Sega Enterprises Ltd v. Accolade Inc" [1993]

Www. Wikipedia.org/en/reverse engineering.