Understanding How Reverse Engineers Make Sense of Programs from Assembly Language Representations

This dissertation develops a theory of the conceptual and procedural aspects involved with how reverse engineers make sense of executable programs. Software reverse engineering is a complex set of tasks which require a person to understand the structure and functionality of a program from its assembly language representation, typically without having access to the program\u27s source code. This dissertation describes the reverse engineering process as a type of sensemaking, in which a person combines reasoning and information foraging behaviors to develop a mental model of the program. The structure of knowledge elements used in making sense of executable programs are elicited from a case study, interviews with subject matter experts, and observational studies with software reverse engineers. The results from this research can be used to improve reverse engineering tools, to develop training requirements for reverse engineers, and to develop robust computational models of human comprehension in complex tasks where sensemaking is required

A reverse engineering process for mechanical engineering systems

This thesis presents a literature review of current reverse engineering technologies and processes, with an emphasis on tools commonly used in Software Reverse Engineering (SRE). Using the foundation of the literature review, the thesis will then propose a standard process, referred to as A Reverse Engineering Process for Mechanical Engineering Systems (REPMES). The REPMES tool is intended to enable engineers to understand how current products work. Additionally, REPMES may allow engineering design teams to more effectively revise their product designs through competitive benchmarking. The REPMES is illustrated through application to case studies of a consumer flashlight and an automotive torque converter. Unlike the field of Software Reverse Engineering (SRE), there is not currently a published standardized procedure to successfully implement reverse engineering of mechanical engineering systems. The REPMES process introduced here differs from SRE in that the target for SRE is to understand the inner workings of a computer program or system. However, REPMES has to account for the materials used, the limitations of the same materials, the physical conditions under which the system must operate, the mean time between failure, manufacturing processes and tolerances, and a variety of other factors not typically encountered in software systems. Following the introduction and illustration of REPMES using the flashlight case study, the REPMES tool will be applied to the analysis of a traditional mechanical device, a torque converter, to evaluate the robustness of the REPMES in the context of a typical application. Use of the REPMES will be demonstrated to provide a thorough understanding of torque converter operation, design, and manufacturing. The REPMES structure will be employed to provide a list of recommended improvements to the baseline torque converter, following benchmarking against competitive technologies

A document-like software visualization method for effective cognition of c-based software systems

It is clear that maintenance is a crucial and very costly process in a software life cycle. Nowadays there are a lot of software systems particularly legacy systems that are always maintained from time to time as new requirements arise. One important source to understand a software system before it is being maintained is through the documentation, particularly system documentation. Unfortunately, not all software systems developed or maintained are accompanied with their reliable and updated documents. In this case, source codes will be the only reliable source for programmers. A number of studies have been carried out in order to assist cognition based on source codes. One way is through tool automation via reverse engineering technique in which source codes will be parsed and the information extracted will be visualized using certain visualization methods. Most software visualization methods use graph as the main element to represent extracted software artifacts. Nevertheless, current methods tend to produce more complicated graphs and do not grant an explicit, document-like re-documentation environment. Hence, this thesis proposes a document-like software visualization method called DocLike Modularized Graph (DMG). The method is realized in a prototype tool named DocLike Viewer that targets on C-based software systems. The main contribution of the DMG method is to provide an explicit structural re-document mechanism in the software visualization tool. Besides, the DMG method provides more level of information abstractions via less complex graph that include inter-module dependencies, inter-program dependencies, procedural abstraction and also parameter passing. The DMG method was empirically evaluated based on the Goal/Question/Metric (GQM) paradigm and the findings depict that the method can improve productivity and quality in the aspect of cognition or program comprehension. A usability study was also conducted and DocLike Viewer had the most positive responses from the software practitioners

Graph Similarity and Its Applications to Hardware Security

Hardware reverse engineering is a powerful and universal tool for both security engineers and adversaries. From a defensive perspective, it allows for detection of intellectual property infringements and hardware Trojans, while it simultaneously can be used for product piracy and malicious circuit manipulations. From a designer’s perspective, it is crucial to have an estimate of the costs associated with reverse engineering, yet little is known about this, especially when dealing with obfuscated hardware. The contribution at hand provides new insights into this problem, based on algorithms with sound mathematical underpinnings. Our contributions are threefold: First, we present the graph similarity problem for automating hardware reverse engineering. To this end, we improve several state-of-the-art graph similarity heuristics with optimizations tailored to the hardware context. Second, we propose a novel algorithm based on multiresolutional spectral analysis of adjacency matrices. Third, in three extensively evaluated case studies, namely (1) gate-level netlist reverse engineering, (2) hardware Trojan detection, and (3) assessment of hardware obfuscation, we demonstrate the practical nature of graph similarity algorithms

Evaluating distributed generation impacts with a multiobjective index

Evaluating the technical impacts associated with connecting distributed generation to distribution networks is a complex activity requiring a wide range of network operational and security effects to be qualified and quantified. One means of dealing with such complexity is through the use of indices that indicate the benefit or otherwise of connections at a given location and which could be used to shape the nature of the contract between the utility and distributed generator. This paper presents a multiobjective performance index for distribution networks with distributed generation which considers a wide range of technical issues. Distributed generation is extensively located and sized within the IEEE-34 test feeder, wherein the multiobjective performance index is computed for each configuration. The results are presented and discussed

Modelling of cryogenic cooling system design concepts for superconducting aircraft propulsion

Distributed propulsion concepts are promising in terms of improved fuel burn, better aerodynamic performance, and greater control. Superconducting networks are being considered for their superior power density and efficiency. This study discusses the design of cryogenic cooling systems which are essential for normal operation of superconducting materials. This research project has identified six key requirements such as maintain temperature and low weight, with two critical components that dramatically affect mass identified as the heat exchanger and compressors. Qualitatively, the most viable concept for cryocooling was found to be the reverse-Brayton cycle (RBC) for its superior reliability and flexibility. Single- and two-stage reverse-Brayton systems were modelled, highlighting that double stage concepts are preferable in specific mass and future development terms in all cases except when using liquid hydrogen as the heat sink. Finally, the component-level design space was considered with the most critical components affecting mass being identified as the reverse-Brayton compressor and turbine

Systematic evaluation of design choices for software development tools

[Abstract]: Most design and evaluation of software tools is based on the intuition and experience of the designers. Software tool designers consider themselves typical users of the tools that they build and tend to subjectively evaluate their products rather than objectively evaluate them using established usability methods. This subjective approach is inadequate if the quality of software tools is to improve and the use of more systematic methods is advocated. This paper summarises a sequence of studies that show how user interface design choices for software development tools can be evaluated using established usability engineering techniques. The techniques used included guideline review, predictive modelling and experimental studies with users

An approach for real world data modelling with the 3D terrestrial laser scanner for built environment

Capturing and modelling 3D information of the built environment is a big challenge. A number of techniques and technologies are now in use. These include EDM, GPS, and photogrammetric application, remote sensing and traditional building surveying applications. However, use of these technologies cannot be practical and efficient in regard to time, cost and accuracy. Furthermore, a multi disciplinary knowledge base, created from the studies and research about the regeneration aspects is fundamental: historical, architectural, archeologically, environmental, social, economic, etc. In order to have an adequate diagnosis of regeneration, it is necessary to describe buildings and surroundings by means of documentation and plans. However, at this point in time the foregoing is considerably far removed from the real situation, since more often than not it is extremely difficult to obtain full documentation and cartography, of an acceptable quality, since the material, constructive pathologies and systems are often insufficient or deficient (flat that simply reflects levels, isolated photographs,..). Sometimes the information in reality exists, but this fact is not known, or it is not easily accessible, leading to the unnecessary duplication of efforts and resources. In this paper, we discussed 3D laser scanning technology, which can acquire high density point data in an accurate, fast way. Besides, the scanner can digitize all the 3D information concerned with a real world object such as buildings, trees and terrain down to millimetre detail Therefore, it can provide benefits for refurbishment process in regeneration in the Built Environment and it can be the potential solution to overcome the challenges above. The paper introduce an approach for scanning buildings, processing the point cloud raw data, and a modelling approach for CAD extraction and building objects classification by a pattern matching approach in IFC (Industry Foundation Classes) format. The approach presented in this paper from an undertaken research can lead to parametric design and Building Information Modelling (BIM) for existing structures. Two case studies are introduced to demonstrate the use of laser scanner technology in the Built Environment. These case studies are the Jactin House Building in East Manchester and the Peel building in the campus of University Salford. Through these case studies, while use of laser scanners are explained, the integration of it with various technologies and systems are also explored for professionals in Built Environmen