DOCSLIB.ORG

Reverse Engineering of Legacy Real-Time Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Reverse Engineering of Legacy Real-Time Systems !""# !" # $ % & '(() * +,-+.'/ *0 1)/.1+./-/-.).- 2 34 44 & 5 6& 7 !"#$ "!%& $& " " &"& ""#' (" )# &%& # * '+ + ", - , . / - 01 // & , / , 2- ,3 + 01 ,3 4. , , ,-- 00 / 01 / 5 67 8+ 5 9::;5 66< --5 5 '1/, 3 65 = ,+ 33 7 4 " ( 5 + 4 > & 4 / 0-> " 5 + 01 ,3 4. , , "?4 % - - . / 0 4 + - 0 /45 4 / 00 . ? 3 - + . 33 0+ 4 2-3 4 ? 0+ 5 /5 4- +- % + 4 4 +- . -8 3 0 . ?+ / 0 . - " 4. - 3 0 - 4 4. / / / @. 5 - 4 A+ - 0 . - 3 . 4. / '@ 5 + - 4-3 2 5 / 4 ? +- + . - 3 45 -, / . 0+ / 0 00 4 0 - 0 4 . - 00 4+ 3 4 00 4 3 4 @+ ? + 0+5 0 4 4 0 + + ? - 0 4 "44+ - @+ ? + 0+ 0 +4. 3 4 5 ?+ / % 2 B . +4 0 - . 0 +- - /5 . . 33 + 3 3 4 . 3? - 0 ? / - 0 /4 % - - &. - . / - 0 . - ? . + / . 2 4+ &. 4 / 4 - +4. 4 2 @ 4. 4--+ 4 5 - 3 4 - 3+ , 5 @. 4. @ - / 0 4+ " - 0 ?4 5 . - 4 4 3?? 4 4 2 4+ - A+ - &. - . 4+ +- 4 0 . / - 5 @. 4. - 4-3 . - ? . + - . ? -3 - . ? + ?. + 4 %+ 4 23 - . 4 23 - 5 @ . 3 0- @, 0 +- 4 + 0 C+- D - / - . / . - / @ . + - . 5 / 4 33 / 0 - 0 4 5 @. 4. @ 0 8 4 0 + 0 ? / &. +4. 8 4 3 0- 5 . - - +4 0 0 . 4 6E<6%9F ( G;F%G6%F<F<%;%< Svensk sammanfattning Området för denna avhandling är hållbar utveckling av befintliga industriella programvarusystem. I avhandlingen presenteras en nyutvecklad metod för att automatiskt skapa systemmodeller som bl. a. kan användas för att undersöka konsekvenser av tänkta systemutvecklingar och -förändringar. Genom tidig information om vilka förändringar som är genomförbara så ökar möjligheterna till återanvändning av existerande programvara vilket kan vara ett kostnads- effektivt alternativ till nyutveckling. För ett befintligt programvarusystem inne- bär detta hållbar utveckling, då det till en viss brytpunkt är billigare att under- hålla och vidareutveckla det befintliga systemet jämfört med att bygga om sys- temet från grunden. Metoden som presenteras i avhandlingen kan användas till att skjuta denna brytpunkt framåt i tiden och på så sätt uppnås större lönsamhet över systemets hela livscykel. Huvuddelen av underhålls- och vidareutvecklingskostnaden för industriella programvarusystem beror på att systemen är så komplexa att konsekvenserna av en planerad förändring i systemet inte går att överblicka innan förändrin- gen är genomförd. Om förändringar inte kan utvärderas innan de är imple- menterade leder detta i värsta fall till att en förändring som inte uppfyller sys- temkraven implementeras, vilket kan medföra onödiga kostnader i såväl tid som resurser. Det är alltså önskvärt att så tidigt som möjligt kunna avgöra om en förändring är möjlig eller inte med avseende på systemkraven. Ett möjligt sätt att avgöra detta är att undersöka abstrakta prototyper (modeller) av sys- temet tillsammans med en tilltänkt förändring. Detta kräver dock en modell av systemet, vilken oftast inte är tillgänglig eftersom konstruktion och uppda- tering av modeller normalt är för kostsamt att utföra manuellt och därför inte sker. Metoden för automatisk modellering som presenteras i avhandlingen byg- ger på analys av inspelningar från programvarusystem under drift. Inspel- ningarna innehåller information om systemets funktion inklusive tidsbeteende och metoden extraherar systemets struktur. Metoden har implementerats och utvärderats i en fallstudie på ett styrsystem för en industriell robot och i ett kontrollerat experiment. Experimentet har genomförts i ett ramverk som har utvecklats för detta syfte. Tanken är att ramverket i framtiden även ska kunna användas för att jämföra olika metoder för automatisk modellering. Genom detta arbete visas att modellering (till viss grad) kan automatiseras och att de genererade modellerna kan användas för att undersöka konsekvenser av sys- temförändringar. Till Rebecca This is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning. (Sir Winston S. Churchill, 1942.) Acknowledgments How can one man owe so much to so many? Now that this journey is coming to an end, this is a relevant question. Though, by definition, thesis writing is in large portions a one man job, it never ceases to amaze me how much help and support you need to do something on your own. There have been multiple points of failure in the conception of this thesis, meaning that there are a lot of people that I could not have done without, and I am glad that it seems as if all has worked out in the end. Thank you all! The first specific thank yous go to my supervisors and my financiers: The work presented here has been skillfully supervised by Professor Hans Hansson and Professor Sasikumar Punnekkat and carried out within the SSF projects SAVE and PROGRESS. The great quality of the supervision and co-operation has been instrumental in producing this thesis. I would like to thank them both for starting to teach me the art of weighing my written words on a silver scale, and for all the other positive effects they have had on my writing. I am not there yet, but I hope that I have improved! I would like to thank Dr. Henrik Thane for introducing me to debugging of real-time systems and valuable supervision during my first three years as a Ph.D.-student, when this subject was my focus. During the course of this work, there has been extensive co-operation with fellow Ph.D.-student Johan Kraft (formerly Andersson), resulting in co-author- ships on both accounts. Thank you Professor Christer Nordström for support during my time at the department, and as an excellent teacher during my un- dergraduate studies. A number of people have helped in reading drafts of the thesis: Professor Hans Hansson, Professor Sasikumar Punnekkat, Dr. Thomas Nolte, Professor Paul Pettersson, Professor Bengt Jonsson at Uppsala Univer- sity, Dr. Insik Shin, Dr. Cristina Seceleanu, Dr. Henrik Thane, Daniel Sund- mark, Ylva Boive, Professor Christer Nordström, Professor Mikael Nolin, and Johan Kraft. I would also like to thank my previous co-workers Daniel Sund- mark, Anders Pettersson, and Lars “Lalle” Albertsson (SICS). Daniel, Anders, and I have shared the same office space for almost my entire time at the de- partment; thanks for putting up! I have had fruitful discussions with Profes- sor Dmitrii Silvestrov and Dr. Anatoliy Malyarenko at IMa@MDH, and Olga Grinchtein and Therese Berg from Uppsala University. During the initial parts viii of my Ph.D.-studies, I was employed by the Swedish Institute of Computer Science (SICS). Thank you all at the CNA-lab at SICS! Regarding help with specific technicalities and specifics of the thesis, I would like to acknowledge the fruitful co-operation we had with Stefan Bygde concerning the comparison measure for discrete distributions (see Section 8.3), and Johan Kraft and ABB Robotics for the case study in Chapter 7. Dr. Gus- tav Öquist and I sketched the first concepts of the evaluation framework over a couple of alcohol-infused malt-beverages (see Figure 8.1, Page 113). Professor Dmitrii Silvestrov and Dr. Anatoliy Malyarenko introduced me to Classifica- tion (see Section 9.4.6). I am also very grateful to Arkitektkopia in Västerås for swift and professional printing of this thesis. From the department, I generally thank you all for creating a good envi- ronment, and especially the following: Johan Kraft, Hans Hansson, Sasiku- mar Punnekkat, Daniel Sundmark, Anders Pettersson, Thomas Nolte, Dag Ny- ström, Jonas Neander, Ewa Hansen, Harriet Ekwall (thanks for all the help and the talks), Else-Maj Silén, Monica Wasell, Ylva Boive, Johan Fredriksson, Larisa Rizvanovic, Frank Lüders, Mats Björkman, Marcus Lindgren, Marcus Nilsson; and, though he has moved on to Germany, Professor Gerhard Fohler who initiated this beginning which is, perhaps, now ending. Thank you all! During this work, I have spent a lot of time at the department of course, but since moving back to Stockholm I have found two other creative environments: the study halls of Kungliga Biblioteket (eng. National Library of Sweden) at Humlegården and the Ritorno Café by Vasaparken. In fact, Ritorno also de- serves honorable mention due to their porridge breakfast, their egg & anchovy sandwich, and last but not least their liberal views on coffee refills and use of wall sockets. Thank you all who have provided me with distractions that prevented me from, like Jack Nicholson in The Shining, writing a book filled with the proverb “All work and no play makes Joel a bad boy”: Mikael Bendtsen, Maria Engvall, Johnnie Blom, Ruth McNamara, Fredrik Mannerstedt, Gustav Öquist, Malin Hjalmarsson, Peter Vouri, Stefan Lundgren, Camilla Urgell, Daniel Osser, Elin Malmberg, Jocke Ekström, Anu Lindquist, Ingvar Åkerblad, Kotten Öquist, Livia, Malin, and Niclas Ulltin, Ann-Sofie Berg, Johan and Birgitta Kraft, Jonas Neander, Ewa Hansen, Emanuel Sparring, and Anneke Söderquist. I want to thank my large family: Morfar, Mamma, Pappa, Mia, David, Monica, Bianca, Hannes, Micha, Bengt, Jeff, Laban, Marre, Mimmi, Hasse, Kristian H, Sara, Tessan, Kimmen, Eva, Bernt, Gunnel, Mats, Emma, Mats, Ingrid, Erik, Dagmar, Ingrid, Anita, Petra, Magnus, Lotus, Kristian A, Katta, Emilia, Tore, Hanna. I want to thank Luis and Rosa for a lovely time in Ense- ix nada, it was great seeing you again in Sweden! Thank you Bengt and Jeff for the great time you showed me and Johan in Sydney during RTCSA06! Finally, I thank my wonderful wife and favorite travel companion Rebecca for being who she is! Thank you all! Joel Gustaf Huselius Ritorno in May, with spring finally here. Publications Mr. Huselius has authored or co-authored two theses, nine peer-reviewed pa- pers, and two technical reports. A subset of these publications are directly related to this thesis. Related publications 1. “Evaluating the Quality of Models Extracted from Embedded Real-Time Software”, Joel Huselius, Johan Kraft, Hans Hansson, and Sasikumar Punnekkat. In Proceedings of the 14th Annual IEEE International Con- ference and Workshop on the Engineering of Computer Based Systems, pages 577-585.
Load more

Recommended publications
  • Reverse Engineering Digital Forensics Rodrigo Lopes October 22, 2006
    Reverse Engineering Digital Forensics Rodrigo Lopes October 22, 2006 Introduction Engineering is many times described as making practical application of the knowledge of pure sciences in the solution of a problem or the application of scientific and mathematical principles to develop economical solutions to technical problems, creating products, facilities, and structures that are useful to people. What if the opposite occurs? There is some product that may be a solution to some problem but the inner workings of the solution or even the problem it addresses may be unknown. Reverse engineering is the process of analyzing and understanding a product which functioning and purpose are unknown. In Computer Science in particular, reverse engineering may be defined as the process of analyzing a system's code, documentation, and behavior to identify its current components and their dependencies to extract and create system abstractions and design information. The subject system is not altered; however, additional knowledge about the system is produced. The definition of Reverse Engineering is not peaceful though, especially when it concerns to court and lawsuits. The Reverse Engineering of products protected by copyrighting may be a crime, even if no code is copied. From the software companies’ point of view, Reverse Engineering is many times defined as “Analyzing a product or other output of a process in order to determine how to duplicate the know-how which has been used to create a product or process”. Scope and Goals In the Digital Forensics’ scope, reverse engineering can directly be applied to analyzing unknown and suspicious code in the system, to understand both its goal and inner functioning.
    [Show full text]
  • 245533753-MIT.Pdf
    THE VULNERABILITY OF TECHNICAL SECRETS TO REVERSE ENGINEERING: IMPLICATIONS FOR COMPANY POLICY By Cenkhan Kodak M.S. in Electrical and Computer Systems Engineering (2001) University of Massachusetts at Amherst Submitted to the Systems Design and Management Program In partial fulfillment of the requirements for the degree of Master of Science in Engineering and Management At the MASSACHUSETTS INSTITUTE OF TECHNOLOGY FEBRUARY 2008 © 2008 Cenkhan Kodak. All rights reserved. The author hereby grants to MIT permission to reproduce and Distribute publicly paper and electronic copies of this thesis document in whole or in part in any medium now known or hereafter created Signature of the Author: m- /7 Systems Desigq and Management Program r\ Ja iry 2008 Certified by: 7 Professoi ,ric von Hippel Thesis Supervisor, MIT mSchgQl o•.Ma genfer t Certified by: MASSACHUSES INSTITUTE= Pat Hale OF TEOHiNOLOGY Director, Systems Design and Management Program MAY 0 6 2008 I-I .a,:IARCHIVES -2- THE VULNERABILITY OF TECHNICAL SECRETS TO REVERSE ENGINEERING: IMPLICATIONS FOR COMPANY POLICY By Cenkhan Kodak Submitted to the Systems Design and Engineering Program On February 04 2008, in Partial Fulfillment of the Requirements for the Degree of Master of Science in Engineering and Management Abstract In this thesis I will explore the controversial topic of reverse engineering, illustrating with case examples drawn from the data storage industry. I will explore intellectual property rights issues including, users' fair-use provisions that permit reverse engineering. I will also explore the nature of the practice via several types of analyses including: the costs and benefits of reverse engineering; the practical limitations of reverse engineering; and a layered approach to reverse engineering as it applies to complex systems.
    [Show full text]
  • Software Security and Reverse Engineering
    Software Security and Reverse Engineering What is reverse engineering? Today the market of software is covered by an incredible number of protected applications, which don't allow you to use all features of programs if you aren't a registered user of these. Reverse engineering is simply the art of removing protection from programs also known as “cracking”. In Some other words cracking is described as follows: - “When you create a program you engineer it, in fact you build the executable from the source-code. The reverse engineering is simply the art of generate a source-code from an executable. Reverse engineering is used to understand how a program does an action, to bypass protection etc. Usually it's not necessary to disassemble all code of the application not only the part of the application that we are interested must be reversed. Reverse engineering used by a cracker to understand the protection scheme and to break it, so it's a very important thing in the whole world of the crack.” In short: - "Reverse Engineering referred to a way to modify a program such that it behaves as the way a reverse engineer wish." “Cracking is a method of making a software program function other than it was Originally intended by means of investigating the code, and, if necessary, patching It.” A Little bit of history Reveres egg. Most probably start with the DOS based computer games. The aim is that a player has full life and armed in the final stage of the game. So what a reverse egg.
    [Show full text]
  • Soft Robotic Hand Prosthesis Using Reverse Engineering and Fast Prototyping
    Proceedings of the 1 st Iberic Conference on Theoretical and Experimental Mechanics and Materials / 11 th National Congress on Experimental Mechanics. Porto/Portugal 4-7 November 2018. Ed. J.F. Silva Gomes. INEGI/FEUP (2018); ISBN: 978-989-20-8771-9; pp. 953-966. PAPER REF: 7452 SOFT ROBOTIC HAND PROSTHESIS USING REVERSE ENGINEERING AND FAST PROTOTYPING Hugo D’Almeida, Tiago Charters, Paulo Almeida, Mário J.G.C. Mendes (*) Instituto Superior de Engenharia de Lisboa (ISEL), Instituto Politécnico de Lisboa, Lisboa, Portugal (*) Email: [email protected] ABSTRACT The present work aimed to develop a soft robotic prosthesis of the human hand using reverse engineering and fast prototyping. This project arises in response to some limitations of the current conventional prostheses, namely aesthetic, mechanical and cost, that fail to fulfil the needs of its users, for example with soft objects. The hand prosthesis design involved the acquisition and processing of a medical image of the user's hand, followed by a modelling process which proved to be highly complex, and finally the obtainment of a real model (by 3D printing) of the prosthesis. The results obtained proved to be satisfactory in the approximation of the hand morphology, low cost and the designed mechanical properties. However, due to some technological limitations (the used 3D printers), and more specifically in the physical conception of the model, its functionality is yet to be proved with the pneumatic control. Keywords: Soft robotics, reverse engineering, fast prototyping, hand prosthesis. INTRODUCTION The human hand can be considered the most used tool by the man in the execution of the daily tasks, and its loss leads to physical and psychological damages.
    [Show full text]
  • Reverse Engineering Is Reverse Forward Engineering)
    RE- ENGINEERING The reengineering of software was described by Chikofsky and Cross in their 1990 paper, as "The examination and alteration of a system to reconstitute it in a new form" . Less formally, reengineering is the modification of a software system that takes place after it has been reverse engineered, generally to add new functionality, or to correct errors. This entire process is often erroneously referred to as reverse engineering; however, it is more accurate to say that reverse engineering is the initial examination of the system, and reengineering is the subsequent modification. Re-engineering is mostly used in the context where a legacy system is involved. Software systems are evolving on high rate because there more research to make the better so therefore software system in most cases, legacy software needs to operate on a new computing platform. 'Re-engineering' is a set of activities that are carried out to re-structure a legacy system to a new system with better functionalities and conform to the hardware and software quality constraint. FORWARD ENGINEERING Forward engineering is the opposite of reverse engineering. In forward engineering, one takes a set of primitives of interest, builds them into a working system, and then observes what the system can and cannot do. Forward engineering is the foundation of synthetic psychology (Braitenberg, 1984; Dawson, 2004; Pfeifer & Scheier, 1999). Braitenberg has argued that forward engineering is likely to produce simpler theories than reverse engineering because the latter tends to attribute behavioural complexities to the internal mechanisms of the agent. Braitenberg calls this the law of uphill analysis and downhill synthesis.
    [Show full text]
  • Reverse Engineering a Legacy Software in a Complex System: a Systems Engineering Approach
    Reverse engineering a legacy software in a complex system: A systems engineering approach Maximiliano Moraga Yang-Yang Zhao University College of Southeast Norway University College of Southeast Norway Kongsberg, Norway Kongsberg, Norway +47 94195982 +47 31009699 [email protected] [email protected] Copyright © 2018 by Maximiliano Moraga and Yang-Yang Zhao. Published and used by INCOSE with permission. Abstract. In a complex system, a legacy software as a component is determined by various factors beyond its own capability. Lack of knowledge that shaped software, which is often the case of a legacy software, can prohibit appropriate maintenance and development to comply with the system needs. To reverse engineering legacy software for a fit with the overall system of interest is a daunting task. Existing techniques of reverse engineering are mostly from a purely technical point of view and for the single discipline of software engineering. Thus, this paper aims for an approach to properly reverse engineer the reasoning behind the legacy software developments in a complex system. By jointly apply the CAFCR model and the reverse engineering, a roadmap is created to guide incremental developments of legacy software in a complex system, which benefits both the maintenance of existing implementation and realization of new functionalities for improved system performance. Introduction Software development has the growing importance for many business successes. One critical issue for an existing business is the maintenance and continuous development of its software. With increasing competition, existing businesses have a tremendous pressure on the fast pace upgrading which left no time for the software to be re-created and re-implemented.
    [Show full text]
  • Towards Efficient Instrumentation for Reverse-Engineering Object Oriented Software Through Static and Dynamic Analyses
    Towards Efficient Instrumentation for Reverse-Engineering Object Oriented Software through Static and Dynamic Analyses by Hossein Mehrfard A dissertation submitted to the Faculty of Graduate and Postdoctoral Affairs in partial fulfillment of the requirements for the degree of Doctor of Philosophy in The Ottawa-Carleton Institute for Electrical and Computer Engineering Carleton University Ottawa, Ontario © 2017 Hossein Mehrfard Abstract In software engineering, program analysis is usually classified according to static analysis (by analyzing source code) and dynamic analysis (by observing program executions). While static analysis provides inaccurate and imprecise results due to programming language's features (e.g., late binding), dynamic analysis produces more accurate and precise results at runtime at the expense of longer executions to collect traces. One prime mechanism to observe executions in dynamic analysis is to instrument either the code or the binary/byte code. Instrumentation overhead potentially poses a serious threat to the accuracy of the dynamic analysis, especially for time dependent software systems (e.g., real-time software), since it can cause those software systems to go out of synchronization. For instance, in a typical real-time software, the dynamic analysis result is correct if the instrumentation overhead, which is due to gathering dynamic information, does not add to the response time of real-time behaviour to the extent that deadlines may be missed. If a deadline is missed, the dynamic analysis result and the system’s output are not accurate. There are two ways to increase accuracy of a dynamic analysis: devising more efficient instrumentation and using a hybrid (static plus dynamic) analysis.
    [Show full text]
  • Reverse Engineering to Teach Scientific Concepts: Biomimetic Robot Systems Vivek Kumar1* 1Team Genius Mentor, CT, USA
    Reverse Engineering to Teach Scientific Concepts: Biomimetic Robot Systems Vivek Kumar1* 1Team Genius Mentor, CT, USA Abstract: This mentor presentation displays how Team Genius mentors teach concepts through the process of reverse engineering. It examines the current applications of re- verse engineering to teach both a scientific concept, in this case, biomimetics, and engi- neering concepts. To begin, we will describe existing robots and prototypes—from re- search labs of Stanford University and the Massachusetts Institute of Technology—with visual aids/models. Later, we will take apart (reverse engineer) working biomimetic LEGO robot prototypes. This structural and functional analysis will convey the biomi- metic concepts integrated within the robots. In the process of examining and reverse engi- neering biomimetic robots, the presentation will convey bioenvironmental concepts with practical application, as well as mechanical engineering strategies. This learning process is akin to one that can be used in a typical biological, environmental science, or engineer- ing classroom. Key Words: Robots, Biomimetics, RoboCupJunior, Environment, iRobot, ERI, Biology, Environmental Science, Education, Classroom, Reverse Engineering 1. Introduction: The educational community is of vital importance. This mentor presentation’s purpose is to explore and display new, innovative ways of presenting STEM (Science, Technology, Engineering, and Math) knowledge in a classroom en- vironment, via robotics. a. Team Genius was founded by Vivek Kumar, now a mentor, in 2010, as a private robotics team. Since its inception, it has won numerous awards, such as FIRST Robotics state championships, the FIRST Programming Awards, and the IEEE Engineering design awards. Team members now look to expand their love of science, innovation, and engineering to the in- ternational community.
    [Show full text]
  • Reverse Engineering in Product Manufacturing: an Overview
    DAAAM INTERNATIONAL SCIENTIFIC BOOK 2013 pp. 665-678 CHAPTER 39 REVERSE ENGINEERING IN PRODUCT MANUFACTURING: AN OVERVIEW KUMAR A.; JAIN, P. K. & PATHAK, P. M. Abstract: Reverse engineering plays vital role in the branch of the mechanical design and manufacturing based industry. This technique has been widely recognized as an important technique in the product design cycle. In regular computerized manufacturing environment, the operation order usually starts from the product design and ends with machine operation to convert raw material into final product. It is often essential to reproduce a CAD model of existing part using any digitization techniques, when original drawings or documentation are not available and used for analysis and modifications are required to construct a improved product design. In reverse engineering approach the important steps involved, are characterizations of geometric models and related surface representations, segmentation and surface fitting of simple and free-form shapes, and creating accurate CAD models. The chapter presents review on reverse engineering methodology and its application areas related to product design development. The product re-design and research with reverse engineering will largely reduced the production period and costs in product manufacturing industries. Key words: reverse engineering, scanning techniques, point cloud/STL data, CAD/CAM/CAE Authors´ data: Kumar A[tul], Jain, P[ramod] K[umar]; Pathak, P[ushparaj] M[ani], Mechanical & Industrial Engineering Department, Indian Institute of Technology, Roorkee, 247667, Uttarakhand India, [email protected], [email protected], [email protected] This Publication has to be referred as: Kumar, A[tul]; Jain, P[ramod] K[umar] & Pathak, P[ushparaj] M[ani] (2013) Reverse Engineering in Product Manufacturing: An Overview , Chapter 39 in DAAAM International Scientific Book 2013, pp.
    [Show full text]
  • Getting Revenge: a System for Analyzing Reverse Engineering Behavior
    Getting RevEngE: A System for Analyzing Reverse Engineering Behavior Claire Taylor Christian Collberg Department of Computer Science University of Arizona Tucson, AZ 85721 [email protected], [email protected] Abstract Code obfuscation is a popular technique used by white- ⓵ ⓶ ⓷ Generate 1 Script2 Challenge Script Generate Obfuscate Compile as well as black-hat developers to protect their software Asset Random p0.c p1.c p2.exe Program Program Program from Man-At-The-End attacks. A perennial problem has Seed1 Seed2 been how to evaluate the power of different obfuscation Solve Challenge ⓸ Analyze Results techniques. However, this evaluation is essential in order Reward ($) ⓹ Correctness Virtual Machine p3.c to be able to recommend which combination of techniques & Precision Reverse User p2.exe Engineering to employ for a particular application, and to estimate how Monitor Tools User ⓺ Analysis & long protected assets will survive in the field. We describe a Actions Visualization system, RevEngE, that generates random obfuscated chal- lenges, asks reverse engineers to solve these challenges Figure 1: System Overview. (with promises of monetary rewards if successful), monitors and collects data on how the challenges were solved, and verifies the correctness of submitted solutions. Finally, the technique. system analyzes the actions of the engineers to determine Attacks on obfuscation (known as reverse engineering the sequence and duration of techniques employed, with the or deobfuscation) aim to defeat the obfuscating transforma- ultimate goal of learning the relative strengths of different tions by extracting a close facsimile of the asset a from P 0. combinations of obfuscations. Much work has gone into developing methods to evalu- ate obfuscating transformations.
    [Show full text]
  • Metallurgical Engineering
    METALLURGICAL Innovation. Integrity. ENGINEERING Dependability. Dayton T. Brown, Inc.’s metallurgical lab is your resource for failure and engineering investigations, and metallurgical testing and analysis. Our comprehensive range of metallurgical services include: • Failure analysis ranging from aircraft structural components to electronics packaging • Detailed conformance-to-blueprint inspections • Fatigue and corrosion testing • Corrosion analysis and control • Wear/abrasion evaluations • Coating replacement evaluations • Weld evaluations • Reverse engineering programs • Development of advanced non-destructive testing techniques www.dtb.com ISO 9001:2015 and AS9100D Testing ACCREDITED Registered *Lab Code 200422-0 Accredited Test Lab *767.01, 767.02, 767.03 1195 Church Street, Bohemia, NY 11716-5014 USA Please direct all inquiries to: 1-800-232-6300 • email [email protected] A World of Engineering and Testing Visit our web site at: www.dtb.com TM Under One Roof * Please visit www.dtb.com for testing covered under our scopes of accreditation. DTB’s staff includes experienced metallurgists/materials engineers (M.S./Ph.D.) and technicians (Level 2/Level 3 in various NDI techniques). Our metallurgical lab is fully equipped with: • Scanning electron microscope with • Hardness measurement machines energy dispersive spectroscopy • Inverted optical metallograph • Arc emission spectroscope • High resolution digital imaging equipment • Metallographic sample preparation equipment • Advanced image analysis software • Stereomicroscopes • Comprehensive reference library and • Borescopes specifications database • Various non-destructive flaw detection testing techniques and equipment Failure Analysis The metallurgical lab has immediate access to in-house expertise in a wide range of technical specialties, including EMI/EMC, Shock and Vibration, Environmental Testing, Life Support Systems, Stress Analysis, Engineering Design, and Manufacturing Engineering.
    [Show full text]
  • Physical Inspection & Attack: New Frontier in Hardware Security
    Physical Inspection & Attack: New Frontier in Hardware Security M Tanjidur Rahman1, Qihang Shi, Shahin Tajik, Haoting Shen, Damon L. Woodard, Mark Tehranipoor and Navid Asadizanjani Abstract— Due to globalization, the semiconductor industry chip polishing, microscopy, probing, focus ion Beam is becoming more susceptible to trust and security issues. (FIB), X-ray imaging, laser voltage probing etc. have Hardware Trojans, i.e., malicious modification to integrated experienced significant advancement to facilitate these circuits (ICs), can violate the root of trust when the devices are fabricated in untrusted facilities. Literature shows as the techniques. Demand for higher yield and faster failure microscopy and failure analysis tools excel in the resolution and analysis and fault localization at smaller technology nodes capability, physical inspection methods like reverse engineering also catalyzed the progress and revolution in FA techniques and photonic emission become attractive in helping verify and tools. However, an adversary can use such FA such trust issues. On the contrary, such physical inspection methods and tools to attack a chip and compromise methods are opening new capabilities for an adversary to extract sensitive information like secret keys, memory content security through exposing assets – sensitive information, or intellectual property (IP) from the chip compromising intellectual property, firmware, cryptographic keys etc. [5]. confidentiality and integrity. Different countermeasures have Researchers showed that such physical inspection methods, been proposed, however, there are still many unanswered when used for physical attacking of a chip, are capable questions. In this paper, we discuss physical inspection/attack of compromising the confidentiality and integrity provided methods using failure analysis tools and analyze the existing countermeasures and security/trust issues related to them.
    [Show full text]