piracy
                 
                  Supporting Traders since 1994

Algorithmic Trading Tools
for Professional Traders

 

(Excerpts From Wikipedia, the Free Enciclopedy)

Reverse engineering

Reverse engineering (RE) is the process of discovering the technological principles of a device/object or system through analysis of its structure, function and operation. It often involves taking something (e.g., a mechanical device, an electronic component, a software program) apart and analyzing its workings in detail, usually with the intention to construct a new device or program that does the same thing without actually copying anything from the original. The verb form is to reverse-engineer.

Reverse engineering is essentially science, using the scientific method. (Conversely, engineering could be thought of as 'reverse science'). Sciences such as biology and physics can be seen as reverse engineering of biological 'machines' and the physical world respectively. In computer science, reverse engineering is arguably the only subfield that is truly a science, the rest of the field being constructive 'forward' engineering.

In the United States and many other countries, even if an artifact or process is protected by trade secrets, reverse-engineering the artifact or process is often lawful as long as it is obtained legitimately. Patents, on the other hand, require a public disclosure of an invention, and therefore patented items don't necessarily have to be reverse engineered to be studied. One common motivation of reverse engineers is to determine whether a competitor's product contains patent infringements or copyright infringements.

Types and applications of reverse engineering

As computer-aided design has become more popular, reverse engineering has become a viable method to create a 3D virtual model of an existing physical part for use in 3D CAD, CAM, CAE and other software. The reverse engineering process involves measuring an object and then reconstructing it as a 3D model. The physical object can be measured using 3D scanning technologies like CMMs, laser scanners, white light digitizers or computed tomography. The measured data alone, usually represented as a point cloud, lacks topological information and is therefore often processed and modeled into a more usable format such as a triangular faced mesh, a set of NURBS surfaces or a CAD model. Applications like Imageware, Rapidform or Geomagic are used to process the point clouds themselves into formats usable in other applications such as 3D CAD, CAM, CAE or visualization.

Reverse engineering is often used by military in order to copy other nations' technology, devices or information, or parts of which, have been obtained by regular troops in the fields or by intelligence operations. It was often used during the Second World War and the Cold War. Well-known examples from WWII include:

  • Jerry can: British and American forces noticed that the Germans had gasoline cans with an excellent design. They reverse engineered copies of those cans. The cans were popularly known as Jerry cans.
  • Tupolev Tu-4: A number of American B-29 bombers on missions over Japan were forced to land in the USSR. The Soviets, who did not have a similar strategic bomber, decided to copy the B-29. Within a few years they had developed the Tu-4, a near perfect copy.
  • V2 Rocket Technical documents for the V2 and related technologies were captured by the Western Allies at the end of the war. Soviet and captured German engineers had to reproduce technical documents and plans, working from captured hardware, in order to make their clone of the rocket, the R-1, which began the postwar Soviet rocket program that led to the R-7 and the beginning of the space race.

Reverse engineering software or hardware systems which is done for the purposes of interoperability (for example, to support undocumented file formats or undocumented hardware peripherals), is mostly believed to be legal, though patent owners often contest this and attempt to stifle any reverse engineering of their products for any reason.

On a related note, black box testing in software engineering has a lot in common with reverse-engineering. The tester usually has the API, but his goals are to find bugs and undocumented features by bashing the product from outside.

Other purposes of reverse engineering include security auditing, removal of copy protection ("cracking"), circumvention of access restrictions often present in consumer electronics, customization of embedded systems (such as engine management systems), in-house repairs or retrofits, enabling of additional features on low-cost "crippled" hardware (such as some graphics card chipsets), or even mere satisfaction of curiosity.

Reverse engineering is also used by businesses to bring existing physical geometry into digital product development environments, to make a digital 3D record their own products or assess competitors' products. It is used to analyze, for instance, how a product works, what it does, what components it consists of, estimate costs, identify potential patent infringement, etc.

Value engineering is a related activity also used by business. It involves deconstructing and analysing products, but the objective is to find opportunities for cost cutting.

Finally, reverse engineering often is done because the documentation of a particular device has been lost (or was never written), and the person who built the thing is no longer working at the company. Integrated circuits often seem to have been designed on obsolete, proprietary systems, which means that the only way to incorporate the functionality into new technology is to reverse-engineer the existing chip and then re-design it.

Reverse engineering is also used to check if some network service may be exploited via network.

 

Reverse engineering of software
 

The term "reverse engineering" as applied to software means different things to different people, prompting Chikofsky and Cross to write a paper researching the various uses and defining a taxonomy. From their paper:

Reverse engineering is the process of analyzing a subject system to create representations of the system at a higher level of abstraction.[1]

It can also be seen as "going backwards through the development cycle".[2] In this model, the output of the implementation phase (in source code form) is reverse engineered back to the analysis phase, in an inversion of the traditional waterfall model.

Reverse engineering is a process of examination only: the software system under consideration is not modified (which would make it reengineeringThis entire process is often erroneously referred to as reverse engineering; however, it is more accurate to say that reverse engineering is the initial examination of the system, and reengineering is the subsequent modification.

.(The reengineering of software was described by Chikofsky and Cross in their 1990 paper, Reverse Engineering and Design Recovery: A Taxonomy, as "the examination and alteration of a system to reconstitute it in a new form". Less formally, reengineering is the modification of a software system that takes place after it has been reverse engineered, generally to add new functionality, or to correct errors.)

In practice, two main types of reverse engineering emerge.
In the first case, source code is already available for the software, but higher level aspects of the program, perhaps poorly documented or documented but no longer valid, are discovered. In the second case, there is no source code available for the software, and any efforts towards discovering one possible source code for the software are regarded as reverse engineering. This second usage of the term is the one most people are familiar with.

Binary software

This process is sometimes termed Reverse Code Engineering or RCE.[3] As an example, decompilation of binaries for the Java platform can be accomplished using ArgoUML. One famous case of reverse engineering was the first non-IBM implementation of BIOS which launched the historic PC clone industry.

In the United States, the Digital Millennium Copyright Act exempts from the circumvention ban some acts of reverse engineering aimed at interoperability of file formats and protocols, but judges in key cases have ignored this law, since it is acceptable to circumvent restrictions for use, but not for access.[4] 
(from  http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00001201----000-.html
Violations Regarding Circumvention of Technological Measures(
A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title. The prohibition contained in the preceding sentence shall take effect at the end of the 2-year period beginning on the date of the enactment of this chapter. )
Aside from restrictions on circumvention, reverse engineering of software is protected in the U.S. by the fair use exception in copyright law. [5]

The Samba software, which allows systems that are not running Microsoft Windows systems to share files with systems that are, is a classic example of software reverse engineering, since the Samba project had to reverse-engineer unpublished information about how Windows file sharing worked, so that non-Windows computers could emulate it. The Wine project does the same thing for the Windows API, and OpenOffice.org is one party doing this for the Microsoft Office file formats.

Binary software techniques

Reverse engineering of software can be accomplished by various methods. The three main groups of software reverse engineering are:

  1. Analysis through observation of information exchange, most prevalent in protocol reverse engineering, which involve using bus analyzers and packet sniffers for example for listening into a computer bus or computer network connection, revealing the traffic data underneath. Behaviour on the bus or network can then be analyzed for producing a stand-alone implementation that mimics the same behaviour. This is especially good for reverse engineering of device drivers. Sometimes reverse-engineering on embedded systems is greatly helped by tools deliberately introduced by the manufacturer, such as JTAG ports or other debugging means. In Microsoft Windows low-level debuggers such as SoftICE are popular.
  2. Disassembly using a disassembler, meaning the raw machine language of the program is read and understood in its own terms, only with the aid of machine language mnemonics. This works on any computer program but can take quite some time, especially for someone not used to machine code. The Interactive Disassembler is a particularly popular tool.
  3. Decompilation using a decompiler, a process that tries, with varying result, to recreate the source code in some high level language for a program only available in machine code or bytecode.

 

Notes

  1. ^ Chikofsky, E.J., J.H. Cross II (January 1990). "Reverse Engineering and Design Recovery: A Taxonomy in IEEE Software". IEEE Computer Society: 1317.
  2. ^ Warden, R. (1992). Software Reuse and Reverse Engineering in Practice. London, England: Chapman & Hall, 283305.
  3. ^ Chuvakin, Anton, Cyrus Peikari (January 2004). Security Warrior, 1st ed., O'Reilly. Retrieved on 2006-05-25.
  4. ^ US Code: Title 17,1201. Circumvention of copyright protection systems. Retrieved on 2006-05-25.
  5. ^ See Pamela Samuelson and Suzanne Scotchmer, "The Law and Economics of Reverse Engineering", 111 Yale Law Journal 1575-1663 (May 2002).

Copyright itservice.net 2009

 

Copyright itservice.net 2009

Copyright itservice.net 2009