Reverse engineering (English: ), also known as reverse engineering, is a process of technological imitation

Reverse engineering (English: ), also known as reverse engineering , is a process of technical imitation, that is, reverse analysis and research on a project standard product, so as to deduce and obtain the product's processing flow, organizational structure, functional performance specifications, etc. design elements to produce products that are similar in function but not identical. Reverse engineering originated from hardware analysis in commercial and military fields. Its main purpose is to deduce the design principle of the product directly from the analysis of the finished product when the necessary production information cannot be easily obtained.

Reverse engineering may be mistaken for a serious infringement of intellectual property rights, but in practice, it may protect intellectual property rights owners. For example, in the field of integrated circuits, if a company is suspected of infringing intellectual property rights, reverse engineering technology can be used to find evidence.

motivation

Reverse engineering is required for the following reasons:

• Interface Design: Due to interoperability , reverse engineering is used to find out the collaboration protocol between systems.
• Military or Commercial Secrets: Stealing the latest research or product prototypes of an enemy or competitor.
• Improve documentation: When the original documentation is insufficient, and when the system is updated without the original designer, reverse engineering is used to obtain the required data to supplement the description or understand the latest status of the system.
• Software upgrades or updates: Reverse engineering is used to understand existing or legacy software systems to assess the effort required to update or port systems due to functional, compliance, security, etc. requirement changes.
• Make unlicensed/unauthorized copies.
• Academic/Learning Purposes.
• Removes copy protection and spoofed login permissions.
• File loss: The situation of reverse engineering is often that the file of a certain special device has been lost (or not at all), and the person in charge of the project cannot be found at the same time. The complete system often needs to be redesigned based on the old system, which means that the only way to integrate the original functions for the project is to use reverse engineering to analyze the existing fragments and redesign them.
• Product Analysis: Used to investigate how a product works, what its components are made of, estimate its budget, and identify potential infringements.

application

Equipment

With the popularity of computer-aided design , reverse engineering has become a method that can construct 3D virtual models through CAD , CAM , CAE or other software based on existing physical components . The process of reverse engineering uses the method of measuring the dimensions of actual objects and making them into 3D models. Real objects can be scanned by 3D scanning technologies such as CMMs, laser scanners, structured light source converters, or X-ray tomography. Size measurement. These measurements are usually considered as point clouds , lacking topological information and at the same time are often produced in more useful formats such as polygonal meshes, NURBS curves or CAD models. Since the point cloud itself is not as intuitive as the model in the 3D software, software such as 3-matic, Imageware , PolyWorks, Rapidform, or Jiemo provides the ability to turn the point cloud into a visual image, or be used by other applications The function of the format recognized by software such as 3D CAD, CAM, CAE.

Reverse engineering will also be used in business activities that require the application of real geometry in a virtual digital development environment, such as digitizing 3D data of one's own products or competitors. Through this method, it is possible to analyze the operation mode of the product, the composition of components, estimate the budget and identify potential infringements.

Value engineering is a similar approach applied in business. But the purpose of value engineering is to find cost savings by deconstructing and analyzing the product.

software

Due to the ambiguity of the specific meaning of the term "reverse engineering" as it is used in the field of software engineering ("soft engineering" for short), Chikofsky and Cross wrote an article to clarify and distinguish "reverse engineering" from various similar the concept of. According to the article, reverse engineering is a process of analyzing a target system with the aim of identifying the various components of the system and their relationships, and reconstructing the representation of the system in other forms or at a higher level of abstraction (Representations). Software reverse engineering can also be seen as "reverse development cycle". Under this definition, reverse engineering a software program is similar to reversing the development steps in the traditional waterfall model , that is, restoring the output of the implementation phase (ie, the software program) back to the idea made in the design phase. Software reverse engineering is only a process of detection or analysis, it does not change the target system (otherwise it becomes software reengineering).

Software anti-tampering technologies are used to curb reverse engineering and re-engineering of proprietary software. There are two types of reverse engineering in practical applications. First, the source code for the software is available, but the higher-level parts have little or no documentation or are no longer applicable or missing. Second, the software has no source code available, and any effort to find its source code is known as reverse engineering. Most people are familiar with the second use of the word. Reverse engineering of software can use clean room techniques to avoid copyright infringement.

Black-box testing and reverse engineering in software engineering have a lot in common, but black-box testers often provide APIs for testing, and the purpose of testing is to find program vulnerabilities and undocumented features through external attacks.

Other purposes of reverse engineering include: security review, removing copy protection (aka cracking), bypassing access restrictions often found in consumer electronics, customizing embedded systems (such as engine management systems), internal product repairs or updates, Inexpensive, less-featured hardware, such as some graphics chipsets, to add extra functionality, or just to satisfy curiosity.

binary software

The reverse engineering of the binary code of the final program is called "code reverse engineering", or RCE ( Reverse  Code Engineering ) for short . For example, we can use Jad to decompile the binary code of the Java platform . A famous case of reverse engineering is the BIOS in an IBM personal computer that was first implemented by a non- IBM company , which launched the IBM PC compatible industry and made IBM PC compatible the mainstream computer hardware platform for many years. An example of a group that enjoys software reverse engineering is CORE ( Challenge Of Reverse  Engineering ,  which means "challenge reverse engineering") . In the United States, software reverse engineering is protected as long as it follows the fair use provisions of copyright law . Successful software reverse engineering projects include:

• Samba : An open source project that allows non- Windows systems to share files with Windows systems. Since Microsoft does not disclose information about the Windows file sharing mechanism, Samba must be reverse engineered to emulate the same behavior on non-Windows systems.
• Wine : does the same for the Windows API ,
• OpenOffice.org : Reverse engineer Microsoft Office file formats.
• ReactOS : Make every effort to be compatible with NT Windows systems in terms of ABI and API , so that software and drivers written for Windows can run on it.
• WindowsSCOPE: Used to monitor and analyze the live content of Windows system memory.

binary software technology

There are many ways to implement software reverse engineering, mainly three:

1. Analyze observations made through information exchange. Most commonly used for protocol reverse engineering, involving the use of bus analyzers and packet sniffers . After accessing the computer bus or network connection and successfully intercepting the communication data, the bus or network behavior can be analyzed to create a communication implementation with the same behavior. This method is especially suitable for reverse engineering of device drivers . Sometimes, tools specially made by hardware manufacturers, such as JTAG ports or various debugging tools, can also help reverse engineering embedded systems. For Microsoft Windows systems , a popular low-level debugger is SoftICE .
2. Disassembly is to use a disassembler to translate the original machine code of the program into an assembly code that is easier to read and understand . This applies to any computer program, and is especially useful for people unfamiliar with machine code. A popular related tool is Interactive Disassembler .
3. Decompilation , that is, borrowing a decompiler to try to reproduce the source code in the form of a high-level language from the machine code or bytecode of the program .

source code

Many UML tools involve importing source code to generate UML diagrams, ie "reverse engineering".

Integrated Circuits and Smart Cards

Reverse engineering to analyze the smart card is invasive and destructive, the smart card is scraped off layer by layer and photographed with an electron microscope. This technology can completely reveal the hardware and software parts of the smart card. The main problem is to put everything in the correct order to find out how each part works. Engineers hide passwords and operations by scrambling memory locations, such as busscrambling. Sometimes it is even possible to use probes to directly measure the voltage while the smart card is running, and designers use sensors to detect and prevent it. Breaking smart cards used in payments is difficult, and only the big chipmakers use those specialized devices. Moreover, the return on this method is too low compared to other security mechanisms such as shadow accounts.

military

Reverse engineering is often used in the military to copy other countries' technology, equipment, information or parts thereof obtained from conventional forces or intelligence activities on the battlefield. It was often used in World War II and the Cold War. Notable examples from WWII include:

• German Barrels: The British and American troops noticed that the German Army had a wonderfully designed oil barrel, so they reverse engineered copies of these barrels. These are loosely referred to as "portable jerrycans".
• Type 4 7.5cm anti-aircraft gun: The reverse engineering of the Bofors 75mm caliber M1929 anti-aircraft gun captured by Japan from the Chinese battlefield produced the Type 4 7.5cm anti-aircraft gun and used it with the Japanese Type 98 6-ton tractor. The towing speed can reach The speed is 45 kilometers per hour, and it has the ability to quickly put in combat.
• Tupolev Tu-4: Three B-29 Superfortresses bound for Japan crash-land in the Soviet Union. The Soviet Union did not have a similar strategic bomber, so it decided to copy the B-29. A few years later they developed the Tu-4, an almost perfect replica.
• V-2 Rocket: Technical documentation and related technology for the V2 was captured by the Western Alliance at the end of the war. Soviet and captured German engineers used captured components to reconstruct technical documents and drawings for the production of substitutes for this missile. The R-1 kicked off the post-war Soviet missile picture, all the way to the R-7, and led to the space race.
• The K-13/R-3S missile (NATO designation AA-2'Atoll ) is a Soviet reverse engineered replica of the AIM-9 Sidewinder. Early legend has it that a Taiwanese AIM-9B hit a Chinese MiG-17 without exploding, the missile remained in the fuselage, and the pilot returned to base with the missile. According to the information released by the Soviet Union, it was obtained from the wreckage of a US Navy fighter jet that crashed in China.
• BGM-71 TOW Missile: In March 1975, negotiations between Iran and Hughes Missile Systems on TOW and Maverick missile cooperation were halted due to disagreements over the price system, and the ensuing revolution of 1979 ended all plans for such cooperation. Iran has successfully reverse engineered the missile and is now producing their own replica: the Toophan.

Related Laws

In the United States and many other countries, products or processes are protected by trade secrets, and can be reverse engineered as long as the product or process is reasonably obtained. Patents require publication of the invention, so patents do not require reverse engineering to be researched. One motivation for reverse engineering is to determine whether a competitor's product infringes a patent or infringes a copyright.

Reverse engineering of software or hardware systems for the sake of interoperability (for example, to support undocumented file formats or hardware peripherals) is considered legal, although patent holders often object and try to suppress the exploitation of their products for any purpose. Performed reverse engineering.

In order to obtain the ideas and functional elements implicit in a copyrighted computer program and there are legitimate reasons to obtain it, when disassembly is the only way to obtain it, according to the law, disassembly is a fair use of copyrighted works.

in fiction

• memory rift

see also

• Antikythera Mechanism
• Benchmarking
• bus analyzer
• clean room design
• code fusion
• Sony PlayStation Emulator
• decompile
• Digital Millennium Copyright Act (DMCA)
• Forensic Engineering
• interactive disassembler
• Knowledge Mining Metamodel
• logic analyzer
• Value Engineering

Extended reading

• Reverse Engineering for Beginners, D. Yurichev. ( Page archive backup at).
• Eilam, Eldad. . John Wiley. 2005: 595. ISBN 0764574817.
• Raja Vinesh, Fernandes Kiran J. . Springer. 2008: 242. ISBN 978-1-84628-855-5.

reference

1. ^   Varady, T; Martin, R; Cox, J. (PDF). Computer-Aided Design. 1997,  29  (4): 255–268 [2019-01-18].  doi:10.1016/S0010-4485(96) 00054-1 . (Original content archived  (PDF) on 2011-09-28).
2. ^   Chikofsky, EJ; Cross, JH (PDF). IEEE Software. January 1990,  7 : 13–17 [2019-01-18].  doi:10.1109/52.43044 . (  Archived from the original (PDF) on 2018-04-17 ).
3. ^  Warden, R. . London, England: Chapman & Hall. 1992: 283–305.
4. ^   Chuvakin, Anton; Cyrus Peikari. 1st. O'Reilly. January 2004 Retrieved 2006-05-25. ( Archived from the original on 2006-05-22).
5. ^   Samuelson, Pamela & Scotchmer, Suzanne. . Yale Law Journal. 2002,  111  (7): 1575–1663 [2019-01-18].  JSTOR 797533. doi  :10.2307/797533 . ( Archived from the original on 2010-07- 15).
6. ^  Wolfgang Rankl, Wolfgang Effing, Smart Card Handbook (2004)
7. ^   T. Welz: Smart cards as methods for payment (2008), Seminar ITS-Security Ruhr-Universität Bochum, " Archive at http://www.crypto.rub.de/its_seminar_ws0708.html  Archive.is , archive date 2012- 07-24"
8. ^  David C. Musker: Protecting & Exploiting Intellectual Property in Electronics, IBC Conferences, 10 June 1998
9. ^   Although the gun mount structure is similar to the Bofors anti-aircraft gun, the diameter and weight of the gun are relatively close to the 1931 76mm anti-aircraft gun imported from the Soviet Union. The possibility that Japan mixed the two types of anti-aircraft guns cannot be ruled out .
10. ^   "Japanese cannon" Akira Takeuchi and Jiro Sayama co-authored Publishing joint company Showa 61 p376
11. ^   Sega v. Accolade, 203 F.3d 596 (9th Cir. 1993)

external link

• Crackmes.de, the longest running and most complete Crackmes web page on the internet. Free Reverse Code Engineering training material
• Video RCE, the biggest Reverse Code Engineering Video Library, with hundreds of free video tutorials
• IITAC, the Reverse Code Engineering and IT Security Training/Audit Institute a leading consulting institute, home of the above free RCE resources
• Reverse Code Engineering: The complete resource for RE of software. Archives of the most important Reverse Code Engineering sites  ( page archive backup , stored at)
• OpenRCE: Reverse Engineering Portal  ( page archive backup , stored in)
• MoDisco: (Model Discovery), an Eclipse Project on Model Driven Reverse Engineering
• ERESI: The ERESI Reverse Engineering Software Interface  ( page archive backup , stored in) for RCE on UNIX
• Radare: Advanced CmdLine Hexadecimal Editor, Disassembler and Debugger  ( page archive backup , stored in) multi-platform full-featured RCE tool
• Program transformation wiki on Reverse Engineering  ( Page archive backup , stored at)
• Introduction to Reverse Engineering Software  ( page archived at), preprint of a book by Mike Perry and Nasko Oskov.
• Reverse Engineering Shapes  ( page archived at), article by Tamás Várady
• Online Resource for Reverse Engineering Software  ( page archive backup , stored at)
• Article on legal considerations by David C. Musker
• CNN: How Soviets copied America's best bomber during WWII  ( page archive backup , at)
• Very good RE definitions from Software Engineering
• Architecture-Driven Modernization group at OMG  ( page archive backup , stored at)
• Reverse Engineering Delivers Product Knowledge Aids Technology Spread - Article in Electronic Design by Dick James, Senior Technology Adviser, Chipworks
• Chikofsky, EJ; JH Cross II (January 1990). "Reverse Engineering and Design Recovery: A Taxonomy in IEEE Software". IEEE Computer Society: 13–17. (page  archived at ) - Original Paper hosted at cs.cmu .edu
• Reverse Engineering Applications Creaform 3D Reverse Engineering Services

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.