Reverse Engineering Activities Research Articles

An empirical examination of the reverse engineering process for binary files

Reverse engineering of binary code file has become increasingly easier to perform. The binary reverse engineering and subsequent software exploitation activities represent a significant threat to the intellectual property content of commercially supplied software products. Protection technologies integrated within the software products offer a viable solution towards deterring the software exploitation threat. However, the absence of metrics, measures, and models to characterize the software exploitation process prevents execution of quantitative assessments to define the extent of protection technology suitable for application to a particular software product. This paper examines a framework for collecting reverse engineering measurements, the execution of a reverse engineering experiment, and the analysis of the findings to determine the primary factors that affect the software exploitation process. The results of this research form a foundation for the specification of metrics, gathering of additional measurements, and development of predictive models to characterize the software exploitation process.

DPVK - An Eclipse Plug-in to Detect Design Patterns in Eiffel Systems

Design patterns are not only beneficial to the forward engineering process but also help in design recovery and program understanding, typical reverse engineering activities. In this paper, we introduce DPVK, a reverse engineering tool to detect pattern instances in Eiffel systems. In order to get better detection results, we analyze many different patterns and examine Eiffel software in terms of both static structure and dynamic behaviour. DPVK is implemented as an Eclipse plug-in to ensure better compatibility and extensibility.

Supporting iterations in exploratory database reengineering processes

Key technologies like the World Wide Web, object-orientation, and distributed computing enable new applications, e.g., in the area of electronic commerce, management of information systems, and decision support systems. Today, many companies face the problem that they have to reengineer pre-existing information systems to take advantage of these technologies. Various computer-aided reengineering tools have been developed to reduce the complexity of the reengineering task. A major limitation of current approaches, however, is that they impose a strictly phase-oriented, waterfall-type reengineering process, with little support for iterations. Still, such iterations often occur in real-world examples, e.g., when additional knowledge about the legacy system becomes available or when the legacy system is modified during an ongoing migration process. In this paper, we present an approach to incremental consistency management that allows to overcome this limitation in the domain of database systems by integrating reverse and forward engineering activities in an intertwined process. The described mechanism is based on a formalization of conceptual schema translation and redesign transformations by graph rewriting rules and has been implemented and evaluated with the Varlet database reengineering environment.

Dynamic analysis for reverse engineering and program understanding

The main focus of program understanding and reverse engineering research has been on modeling the structure of a program by examining its code. This has been the result of the nature of the systems investigated and the perceived goals of the reverse engineering activities. The types of systems under investigation have changed, however, and the maintenance objectives have evolved. Many legacy systems today are object-oriented and component-based. One of the most prominent maintenance objectives is system migration to distributed environments, most notably the World Wide Web, for interoperation with other systems. This new maintenance objective has a great impact on the types of models expected as products of reverse engineering. As the traditional static software analysis techniques keep their valuable role in program comprehension, additional techniques, especially those focusing on run-time analysis of the subject systems, become equally important. In this paper, we focus on the analysis of the system's dynamic behavior, as it pertains to understanding the system's processes and uses. We give an overview of currently used dynamic reverse engineering techniques and identify some challenges yet to be tackled.

AN INCREMENTAL OBJECT-ORIENTED MIGRATION STRATEGY FOR RPG LEGACY SYSTEMS

We present a strategy for incrementally migrating legacy systems to object-oriented platforms. The migration process consists of six sequential phases and encompasses reverse engineering and reengineering activities. The aim of reverse engineering is to decompose programs into components implementing the user interface and components implementing application domain objects. The identification of objects is centred around persistent data stores and exploits object-oriented design metrics. Wrapping is the core of the reengineering activities. It makes new systems able to exploit existing resources, thus allowing an incremental and selective replacement of the identified objects. The migration strategy has been defined and experimented within the project ERCOLE (Encapsulation, Reengineering and Coexistence of Object with Legacy) on legacy systems developed in RPG for the IBM AS/400 environment.

Identifying objects in legacy systems using design metrics

Many organisations are migrating towards object-oriented technology. However, owing to the business value of legacy software, new object-oriented development has to be weighed against salvaging strategies. The incremental migration of procedurally oriented systems to object-oriented platforms seems to be a feasible approach, although it must be considered as risky as redevelopment. This approach uses reverse engineering activities to abstract an object-oriented model from legacy code. The paper presents a method for decomposing legacy systems into objects. The identification of objects is centred around persistent data stores, such as files or tables in the database, while programs and routines are candidates for implementing the object methods. Associating the methods to the objects is achieved by optimising selected object-oriented design metrics. The rationale behind this choice is that the object-oriented decomposition of a legacy system should not result in a poor design, as this would make the re-engineered system more difficult to maintain.

A new archetype for competitive intelligence

From the Publisher: McGonagle and Vella maintain that competitive intelligence as we know it is just the first step toward the creation of true corporate intelligence. Their book explores ways in which new channels of communication and new uses of information and intelligence will change corporations, and how these changes can be anticipated in an organization's strategic planning, crisis management, benchmarking, reverse engineering, and defensive intelligence activities. In doing so, they introduce readers to new techniques, such as shadow benchmarking and factual management analysis. Readable, with useful checklists, forms, reminders, and drawings from real world cases, this book will be essential reading for executives in the public and private sectors, and their colleagues in the academic business community.

PROGRAMMABLE REVERSE ENGINEERING

Program understanding can be enhanced using reverse engineering technologies. The understanding process is heavily dependent on both individuals and their specific cognitive abilities, and on the set of facilities provided by the program understanding environment. Unfortunately, most reverse engineering tools provide a fixed palette of extraction, selection, and organization techniques. This paper describes a programmable approach to reverse engineering. The approach uses a scripting language that enables users to write their own routines for common reverse engineering activities, such as graph layout, metrics, and subsystem decomposition, thereby extending the capabilities of the reverse engineering toolset to better suit their needs. A programmable environment supported by this approach subsumes existing reverse engineering systems by being able to simulate facets of each one.

Reverse-engineering and intermodular data flow: A theoretical approach

Starting from the need for formalization and models to represent and repeat reverse-engineering activities, this paper presents a proposal in the field of data flow analysis. In particular, the authors propose a formal model for a practical approach to the reconstruction of intermodular data flow associated with the structure charts of a Pascal software system. Specific matrices extracted straight from code are presented and matrix calculation is then exploited to obtain a final matrix containing all the information needed for the reconstruction of the data flow. Finally, this flow is reconstructed by means of transformations on the elements in this matrix.