Reverse engineering

from Wikipedia, the free encyclopedia

Reverse engineering ( English ; German: reverse development , reconstruction , abbreviation: RE ; also post-construction ) describes the process of extracting the construction elements from an existing finished system or a mostly industrially manufactured product by examining the structures, states and behavior . A plan is thus created again from the finished object .

In contrast to a functional simulation, which can also be based on analyzes according to the black box principle, reverse engineering is aimed at reproducing the object at hand largely exactly.

In order to verify the insights gained , an attempt is often made to make a 1: 1 copy of the object, on the basis of which it is fundamentally possible to carry out further development.

Areas of application


In order to examine hardware for the purpose of replication, z. In the GDR , for example, methods were developed in which a chip die was removed in layers (by grinding or selective etching) and then the layers were examined using a microscope in order to find out the functionality and its hardware basis. In this way, a Z80 replica was created as the U880 . These reports are credible as some companies still offer and successfully provide such services today.


Especially with regard to software , this is usually understood to be one of the three following processes:

In the first case, decompilers are often used, which largely automatically recover the source code of a program from its binary code. If this is not always possible, the machine code that can be determined directly from the binary code of the program with a disassembler can also be analyzed manually, which, however, represents a noticeable difficulty. It can i. d. Usually not the entire program source code can be determined, because z. B. Comments never and local object names rarely appear in the available binary code . In spite of everything, the result is often sufficient for the respective purpose, e.g. B. for the behavior analysis of a software system or as an aid in troubleshooting a bug.

Reverse engineering is also often necessary if, for example, the developers of an operating system that is free software want to write a device driver for a specific device , because the knowledge required for this is in many cases secret. But here it is often enough to sniff the communication to and from the device in question, i.e. the second method. It is generally not necessary to disassemble or decompile an existing device driver, for example from a non-free operating system.

Another field of application source code reconstructions of abandonware become computer game classics such. B. Another World to u. a. To be able to port to current platforms.

In the third case, however, in contrast to reverse engineering, one speaks of code feedback , especially during the software development process , when source code obtained from a design specification is modified manually and the modified source code is transferred back to the model of the design specification in order to be able to be further processed there (especially for single source CASE tools). This is also possible if, for advanced and extensive software projects, there is no design specification, for example in UML , and is to be generated later.

mechanical engineering

The reverse engineering process using the example of a Silver Arrow , built in 1954. A point cloud (2) with 98 million measuring points was generated from the original (1) in 14 hours of measuring time. These were reduced to axially parallel cuts at a distance of two centimeters (3), on which a CAD model (4) was constructed in around 80 working hours. On the basis of the CAD model, a replica (5) on a scale of 1: 1 was finally made.

In mechanical engineering, objects with freeform surfaces in particular are subjected to reverse engineering. In mechanical engineering, free-form surfaces are mainly found in automotive engineering (car body), primary and forming technology and in the energy machinery sector (turbine and compressor blades). In the narrower sense, this is about the digitization of grown, i.e. H. Naturally created objects such as hand-processed objects from the design field of automobile construction or hand-made design studies that are subject to further computer-aided processing, e.g. B. manufacturing, flow or FEM simulation should be made accessible. The application of these solutions specially developed for mechanical engineering also for other areas, such as B. medicine or art, has found its way for several years. Today more and more complex objects or objects that have been embellished by designers are being developed. Reverse engineering can save a lot of time and money in development.

Another reverse application is the target - actual comparison. It is z. B. an injection-molded part is modeled on CAD , manufactured, digitized again by reverse engineering and compared with the target part on the computer.

Reverse engineering encompasses both the return of the characteristics of an object to a reproducible starting model and the strategic considerations of how this return should take place. This includes both the selection of a number of physically present objects from which an optimal object is statistically determined, and the functional consideration of points of interaction with corresponding objects. This is the only way to minimize the original manufacturing tolerances and thus a deterioration in the returned data. (Avoidance of the " silent mail " principle)

Photo-optical or laser-assisted 3D scanners are usually suitable for digitization . The actual reverse process settles after the scanning. This means that it forms the interface between the point cloud generated by the scanner and a CAD model with certain object and surface properties. The automated 3D scanning and the geometry comparison are therefore also suitable for quality testing and constant quality monitoring in production.

Initially, it is not about copying existing constructions in the sense of industrial espionage. The methods used in reverse engineering are, in principle, suitable for product piracy.

The generation of the geometry properties can be divided into two categories:

  • Parameterized feedback: Simple geometric elements are placed on the point cloud and combined to form a whole. These are mainly spheres, circles, surfaces of the second, third and fourth degree, etc.
  • Non-parameterized feedback: This method is used for objects that have no explicit geometric properties. A kind of fishnet stocking is pulled over the entire object. The meshes of the stocking form the surfaces of the CAD model. These areas no longer have any actual geometric elements and are subdivided by a large number of smaller areas known as grids .

Legal Aspects


Many companies prohibit the reverse engineering of their products through corresponding license conditions . The analysis of logs is not legally affected because the software itself is not the subject of the investigation. In addition, such a license clauses in many countries generally valid because the users of the law, the one thing right is entitled to verify the application of safety (see also Trojan horse ) or troubleshoot an acquired their software product in reverse engineering to undergo. The pure investigation of things that belong to you may be assigned to the freedom of research, so that the corresponding license clauses do not apply either.

Often such license clauses serve the purpose of deterrence and are therefore to be understood as a unilateral expression of will or, depending on the form, as a prophylactic, unilaterally presented legal opinion, which may not be confirmed and thus no longer valid in an independent legal review. In the software sector , one often speaks of the so-called “ Shrink Wrap License ”, which is generally dubious in Germany.

However, in the event of an infringement being discovered , you may be obliged to pay a contractual penalty . Under certain circumstances, one may very well have submitted to this form of individual contract binding in a completely legal manner, whereby it is mostly about prototypes or small series that still contain considerable amounts of trade secrets . For this reason, discounts are often granted in favor of the buyer (in return for the reduced possibility of use), or an attempt is made to at least cover the seller's real risks (e.g. through betrayal of secrets) to a certain extent with the above-mentioned contractual penalty. Furthermore, the method of temporary lending is also used for sensitive objects .

Encryption and obfuscation have been used in computer technology for a long time , although this is primarily intended to make reverse engineering more difficult, but increasingly also because it could bring the amended copyright law with regard to copy protection and the associated penalties into effect. An example is the indictment of the Russian Dmitry Sklyarov in the USA under the DMCA legislation for the decoding of protected text documents in 2001 . In October 2003, however, the US Congress allowed four amendments to the DMCA to pass. a. Define the purpose of archiving digital works as a temporary exception and allow the necessary techniques such as reverse engineering again.

“3. Computer programs and video games distributed in formats that have become obsolete and which require the original media or hardware as a condition of access. ... The register has concluded that to the extent that libraries and archives wish to make preservation copies of published software and videogames that were distributed in formats that are (either because the physical medium on which they were distributed is no longer in use or because the use of an obsolete operating system is required), such activity is a noninfringing use covered by section 108 (c) of the Copyright Act. "

In November 2006, has the Library of Congress of the United States a permanent exception to the DMCA agreed that the bypassing of copy protection allows software is that are no longer sold or supported by the copyright holder ( abandonware ) so therefore archiving and digital preservation without fear Prosecution is possible.

If you use the result of reverse engineering for commercial replication, you will be confronted with the large number of industrial property rights (e.g. plagiarism ) in a similar way as is the case with the results of completely normal independent research and development can be (e.g. through patents ).

Technology and electronics

Reverse engineering for the purpose of replicating technical objects often aims to reduce development costs and risks and to compensate for a lack of in-house know-how. It is therefore often not accepted or even opposed by the original manufacturer. This is also about product liability, because imitation products often lack quality. Original manufacturers therefore protect themselves against imitation by covering up or legally safeguarding their originality through concealed product identification (tags). The replica is always illegal at least if foreign patents are infringed or if the product is marked as an original part. But even if unprotected ideas of others are used, there may be a copyright infringement. Highly integrated circuits evade reverse engineering due to their structure sizes in the nanometer range. The designations of the built-in integrated circuits are often removed from printed circuit boards .

Reverse engineering differs from technical re-engineering in that the technical documentation is available in the latter and the functionality is to be simulated or expanded using modern means.

See also


  • Dennis Yurichev: Reverse Engineering for Beginners. Online book: German version:
  • Pamela Samuelson, Suzanne Scotchmer: The Law and Economics of Reverse Engineering. In: Yale Law Journal. Vol 111, No. 7, May 2002, pp. 1575-1664. (PDF) ( Memento from February 15, 2012 in the Internet Archive )
  • E. Eilam: Reversing: Secrets of Reverse Engineering. John Wiley & Sons, 2005, ISBN 0-7645-7481-7 .
  • HJ van Zuylen: The REDO Compendium. Reverse engineering for software maintenance. John Wiley & Sons, Chichester et al. 1993, ISBN 0-471-93607-3 .
  • Matthias Pierson, Thomas Ahrens, Karsten Fischer: Intellectual property law . Verlag Vahlen, 2007, ISBN 978-3-8006-3428-6 .
  • Marcus von Welser, Alexander González: Brand and product piracy, strategies and approaches to combating it. Wiley-VCH, 2007, ISBN 978-3-527-50239-4 .
  • Vinesh Raja, Kiran J. Fernandes: Reverse Engineering-An Industrial Perspective. Springer, 2008, ISBN 978-1-84628-855-5 .
  • Christine Schöne: Reverse engineering for freeform surfaces in process chains in production engineering. Dr Hut, 2009, ISBN 978-3-86853-103-9 .

Individual evidence

  1. ^ Blake Patterson: A Fascinating Look Under the Hood of "Another World"., December 26, 2011, accessed October 14, 2013 .
  2. ^ Fabien Sanglard: "Another World" Code Review., December 23, 2011, accessed on January 14, 2013 (English): “ I spent two weeks reading and reverse engineering further the source code of Another World (“ Out Of This World ”in North America). I based my work on Gregory Montoir's "binary to C ++" initial reverse engineering from the DOS executable. I was amazed to discover an elegant system based on a virtual machine interpreting bytecode in realtime and generating fullscreen vectorial cinematic in order to produce one of the best game of all time. "
  3. P. Lempp, RJ Torick: Software Reverse Engineering: An Approach to Recapturing Reliable Software. 4th Annual Joint Conference On Software Quality and Productivity, Crystal City, VA; 1st - 3rd March 1988.
  4. ^ C. Teutsch: Model-based Analysis and Evaluation of Point Sets from Optical 3D Laser Scanners. volume 1, Shaker Verlag , 2007, ISBN 978-3-8322-6775-9 .
  5. Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies (PDF)
  6. Emma Boyes: Abandonware now legal., November 27, 2006, accessed January 11, 2013 .
  7. a b What Is the Difference Between Reverse Engineering and Re-Engineering? on Sciencing , accessed Nov. 4, 2019