Reverse en­gi­neer­ing software

Reverse en­gi­neer­ing orig­i­nates from me­chan­i­cal en­gi­neer­ing. Even today, 3D scanning, computer to­mog­ra­phy, ul­tra­son­ic mea­sure­ment, and other methods are used to obtain in­for­ma­tion in order to un­der­stand how a machine or me­chan­i­cal device works. Reverse en­gi­neer­ing literally reverses the en­gi­neer­ing process in which com­po­nents of a product are designed and assembled to create a func­tion­al device.

Reverse en­gi­neer­ing aims to uncover in­for­ma­tion on how a product’s in­di­vid­ual com­po­nents function, helping you gain a complete un­der­stand­ing of each component and the system as a whole. This is precisely why this process is often applied to competing products: in order to be able to improve or adapt a product and survive in the com­pet­i­tive market. Reverse en­gi­neer­ing has many other uses and is not limited to hardware. But how and why is reverse en­gi­neer­ing used for software?

Reverse en­gi­neer­ing code allows pro­gram­mers to reverse the de­vel­op­ment and pro­duc­tion processes of software and gain a valuable look behind the scenes of a program. The de­con­struc­tion and reverse en­gi­neer­ing of software provides insight into the source code of an ap­pli­ca­tion. If the code is known, software can be read by experts without any issues. It is then possible for them to un­der­stand, rewrite, or rebuild the program's ar­chi­tec­ture, func­tion­al­i­ty, and internal struc­tures. The un­der­stand­ing of a soft­ware's processes gained from the reverse en­gi­neer­ing of software also allows errors in the program to be rectified. In software de­vel­op­ment, reverse en­gi­neer­ing is mainly used for the de­vel­op­ment of new products and the trou­bleshoot­ing or analysis of competing products.

Reverse en­gi­neer­ing is required both for the in­ves­ti­ga­tion of in­dus­tri­al­ly man­u­fac­tured products and for the re­con­struc­tion of software. The re­con­struc­tion of software usually describes one of the following three processes:

• The de­vel­op­ment of software source code
• Tracking the rules of a com­mu­ni­ca­tion protocol
• The sub­se­quent creation of a prototype

A source code is the text of a computer program written in a pro­gram­ming language. The computer au­to­mat­i­cal­ly converts this human-readable text into a machine-readable language. In order to be able to open up software source code, the trans­la­tion of the machine languages must be reversed. A de­com­pil­er is used for this purpose. This is a computer program that generates a human-readable source code from the binary machine code. This process of re­trans­lat­ing the machine-readable binary code into a human-readable source code takes place au­to­mat­i­cal­ly.

If the binary code cannot be com­plete­ly re­con­struct­ed, a dis­as­sem­bler can be used. This program converts the binary-coded machine language into a human readable assembler language, which is then manually analyzed. In most cases it is not possible for pro­gram­mers to re­con­struct the complete source code. In principle, this isn't a problem, since reverse en­gi­neer­ing code is more about un­der­stand­ing the grand scheme of things, rather than being able to map the original code com­plete­ly. Even partial codes can be used to perform be­hav­ioral analyses of the software or to correct errors. Software de­vel­op­ers in par­tic­u­lar very often use de­com­pil­ers and dis­as­sem­blers.

Reverse en­gi­neer­ing is also used when de­vel­op­ers want to write drivers for operating systems but the knowledge about the exact func­tion­ing and structure of the operating system is secret. With the help of a “sniffer,” the rules of a com­mu­ni­ca­tion protocol are made ac­ces­si­ble. The sniffer is a software tool for analyzing data traffic in a network. For example, the tool can detect anomalies in the data exchange between two devices. The eval­u­a­tion of such com­mu­ni­ca­tion methods provides pro­gram­mers with in­for­ma­tion about which rules the cor­re­spond­ing protocol follows.

In this case, the term “code feedback” is used rather than “reverse en­gi­neer­ing.” The re­con­struct­ed source code of software is modified and trans­ferred into a prototype to be processed there further. Now, software projects with the graphical modeling language UML can be completed and sub­se­quent­ly generated.

Reverse en­gi­neer­ing code can be used in different areas to ac­com­plish tasks, including:

• Testing and quality man­age­ment of software
• Further de­vel­op­ment of software
• In­ves­ti­ga­tion of network com­mu­ni­ca­tion protocols
• Detection of computer viruses, trojans, extortion software, and other malicious programs
• Moving or main­te­nance of abandoned programs
• Search for software bugs
• General ex­am­i­na­tion of a file format for your own un­der­stand­ing
• Improve software com­pat­i­bil­i­ty with third-party platforms and software
• Use of un­doc­u­ment­ed platform functions

In addition, reverse en­gi­neer­ing software can be used to analyze competing products. Although many companies prohibit the reverse en­gi­neer­ing of their products and state this in their licensing terms, the analysis of protocols is not legally affected. This is the case because the software itself is not subject to in­ves­ti­ga­tion by reverse en­gi­neer­ing tools. In addition, such licensing clauses don’t apply in many countries. The users of purchased software are legally entitled to apply reverse en­gi­neer­ing in order to check its ap­pli­ca­tion security and to correct errors.

Reverse en­gi­neer­ing software provides pro­gram­mers and de­vel­op­ers with valuable insight into how digital ap­pli­ca­tions work. This enables targeted trou­bleshoot­ing and can provide helpful input for de­vel­op­ing new software.