ACM SIGSOFT Software Engineering Notes Page 1 July 2005 Volume 30 Number 4

Why Teach Reverse Engineering?

Muhammad Raza Ali
[email protected]

Abstract
2. Another interesting method to analyze system is to study it’s
Software reverse engineering is a fascinating discipline of software different versions.
engineering. But it has failed to attract attention from students.
Largely due to the facts that many universities around the world do 3. Code Coverage is a technique to help in constructing a code-
not offer relevant courses, developing new software has always pathway map.
been considered superior then to maintain existing systems. But
owing to the arrival of the internet, and client-server technology. 4. Kernel access is used to run device drivers and insert
Many organizations wish to adapt their existing systems. Thus the addresses into kernel memory.
trend has somewhat shifted towards software evolution and
maintenance. And now, more than ever before we need software 5. Leftover data in shared buffers can be used to extract
engineers who can work effectively with legacy systems. In this important information regarding the system and expose its
paper I wish to highlight importance of incorporating Reverse vulnerabilities.
engineering concepts and techniques into software engineering
curriculum. I will start with a brief overview of reverse 6. Often APIs are studied to point functions that can cause
engineering concepts, and then discuss advantages of teaching problems.
reverse engineering.
Learning the Art
Keywords
Main purpose of my paper is to convince academics who are
involved in designing software engineering curriculum at
Legacy systems, software engineering, software reverse universities especially at undergraduate level and also those who
engineering, reengineering, program understanding, software can take this course in university. Owing to ever changing nature
evolution and maintenance, obfuscate, Internet, and plagiarism. of real world problems and merging of various diverse fields,
engineering education as a whole is undergoing continuous
Introduction evolution. And reverse engineering provides students a taste of
industrial practice along with academic research.
Reverse engineering can roughly be defined as taking a final
product, dissecting it to understand its functionality, obtain design The importance of Reverse engineering concepts has been realized
and other useful information. And Software Reverse Engineering by many universities and it is being used as a tool in many
is to analyze system’s code, documentation and behavior to create disciplines of science and engineering. Approach of Rowan
system abstractions and design information. And understanding University [3] for instance is to instill maximum confidence in its
internal system complexities. While having access only to external engineering students to work on various multi-disciplinary real
behavior. And it is the first phase of reengineering process. world problems. And they are using Reverse Engineering projects
There are three different of approaches to the system analysis to achieve their goal. And the goal is produce practicing engineers
employing reverse engineering. who have adaptability, flexible and innovative thinking and can
take calculated risks.
White Box analysis consists of analyzing and understanding
program’s code without running it. This ‘static analysis’ approach Another interesting research was conducted at University of
is used to produce not only the potential program but also to obtain Missouri-Rolla [5], by introducing reverse engineering techniques
information regarding characteristics of the code. and encouraging students to study actual real world products. And
Black box analysis involves checking program behavior by inputs. the results were very encouraging. 77 % students thought that by
It is usually done before white box analysis. It is often used to introducing reverse engineering methodology reinforced concepts
specify areas for white box analysis. taught during lectures. And further 82% wanted it to be
Third approach is Gray-Box Analysis. In which black and white incorporated in future courses especially design courses. And it
box analysis is used together. Some parts of the system made practical work more fruitful and fun.
treated as a black box while others looked at more closely using
white box analysis. Benefits to Software Engineering Students

Using above mentioned approaches software engineers usually use Sometimes, in software industry when it comes to skill set there is
one of the following methods. a very thin line between a person with a software engineering
degree and a computer science degree. This is due to the fact that
1. Using the tedious approach of stepping through the code from many software engineers prefer to work in application
initial input. This method is called Input tracing. development. However, as a software engineer I have always felt
ACM SIGSOFT Software Engineering Notes Page 2 July 2005 Volume 30 Number 4

that Software engineers should work on things that are more we need Software engineering graduates who have can adapt
challenging and indeed software reverse engineering is an fast and cope with this intermingling of disciplines. Reverse
adventure not meant for faint hearted. . And studying reverse engineering is one teaching tool which can provide confidence
engineering will certainly develop necessary skills. In this section I and skills to do so. Students should be encouraged to
will try to explain how software engineering students can benefit: undertake projects involving of study of real life products of
versatile nature.
1. Better and deeper understanding is the first and foremost
advantage of teaching reverse engineering concepts. Valuable By employing reverse engineering in assignments and projects
knowledge is gained regarding software and hardware programming and design skills can be vastly improved.
functionality. Along with, understanding of file systems, and Teachers should encourage students to self analyze their
protocols etc. These things beyond the ‘pretty’ IDE are very program/design by reverse engineering to point out limitations
important. Hackers and crackers, for instance, have long and remove them. Or they can analyze assignments of their
bragged their better and deeper understanding of system level peers. This experience can be very useful as often companies
details. And in the last few years’ software community has analyze products of their competitors to check for potential
been forced taken notice after they unlocked popular infringement [2]. And also in a scenario where there is lack of
commercial software license managers. And now some fixed standard, and a particular company is trying make it’s
experts recommend software developers and engineers to product compatible with another product i.e.
attend hacker conventions [1]. As these conferences show Interoperability[2].
their passionate pursuit of technical excellence and learning
for the love of it, these characteristics should be inculcated Programs written by students are very small and
through classroom. Since this ‘software underworld’ is straightforward compared to what they will do in the industry.
adventurous and they are ready to think out of the box their Realizing this, a very unique and fruitful research was
skills are often at par with their qualified counterparts. conducted [9]. It focused on using open source software as a
classroom material. Instead of designing and implementing
Practice with reverse engineering techniques improves ability new systems students were asked to modify one of the given
to understand a given system quickly and efficiently. This open source systems. This experience is valuable as often
skill has serious economic effects when software engineers software engineers have to deal and maintain code written by
are called upon to solve problems pertaining to software other people. And it not only enhanced programming
evolution. As fifty to ninety percent of the time, depending experience of students in terms of size of code and
upon the system under consideration is spent on program development methods. But also generates discussions on
understanding [6]. And reverse engineering is used as a topics such software piracy and ethics, which seldom feature
significant aid to program comprehension and from there, in class activity.
recovery of higher level abstractions [4, 7].
One very critical question that is asked before choosing a
Due to the shift towards Web technology companies are now major is its job scope especially when you are in a developing
adapting their systems to Web. And experts agree that reverse economy. Same applies for available optional courses;
engineering has helped tremendously in solving legacy system students tend towards courses with obvious benefit. Reverse
issues. And reverse engineering is now ready to be taught in engineering knowledge will be a valuable addition to one’s
computer engineering and software engineering curricula [8]. skill set. As more companies realize the importance of this
skill to cut cost of maintaining legacy systems and to
Reverse engineering no doubt is difficult, time consuming and minimize risks in software evolution [8]. Pressed by industrial
painstaking but it is very informative as well. You will come requirement there is a lot of scope for research as researchers
across many people who have used reverse engineering for work on developing better reverse engineering methodologies.
better understanding of various software technologies, and And focus on software maintenance and reengineering has
learned things as advanced as operating system programming evolved as a central part of software engineering research
[2, 8]. [20]. And it is believed that legacy system relevant issues will
now be an essential part software literature [11, 12];
It is worth mentioning here that software engineering
education has benefited a lot form ‘open source’ movement. 3. Since reverse engineering a system is a difficult, patient job it
Many educators are using it to teach software engineering helps one’s PROBLEM SOLVING SKILLS. And more
courses . Just as students in other disciplines including art, law often than not, the determining factor of one’s career success.
learn a lot by studying works of others software engineering Strong analytical and problem solving skills are very
students can benefit a lot by looking code written by more important when dealing with legacy system and software
experienced programmers. integration issues. Not every time we are required to build a
system from scratch. Existing systems are sometimes
2. Software industry is perhaps the most rapidly changing requiring maintenance and modification. Usually fresh
industry. Not only it is advancing itself with breakthroughs graduates are unable to work on a such a project due to no
but consequently it has changed practices in other fields of experience in software reverse engineering and re-
science and engineering. Fascinating fields like Bio- engineering. But many universities have realized it’s
informatics are attracting researchers and students alike. So, importance and some educators are even using GNU software
ACM SIGSOFT Software Engineering Notes Page 3 July 2005 Volume 30 Number 4

to teach advanced courses in reverse engineering [10]. And is difficult to reverse. And develop sound protection schemes.
teaching reverse engineering to graduates has opened a new Like Microsoft recommends to developers working with .NET
and exciting avenue for their career. And skills they develop technology to obfuscate their code making it’s reversing hard
while working with legacy systems will give them an edge. and time consuming [17]. Software developers and security
Especially when we take into account the changing trend in experts are being urged to master the art of reverse
software industry. Traditionally software practitioners have engineering because industries like antivirus industry survive
focused mainly on development of new software. But with on it’s professionals ability to quickly understand binary code
scenarios like Y2K and migration towards the internet of viruses and Trojans [16]. And before long next generation
companies are devoting more to understanding of legacy of computing students, might be required to study
systems. Even if the system is to be retired, it has to be unconventional topics like viruses and worms in classroom
understood as new system will be functionally similar to the [19].
existing one. Arrival and acceptance of internet as a universal
interface and rise of client server technology has definitely Conclusion
increased the demand for understanding legacy systems [11].
As around 70% of world’s source code is in COBOL and in After the 1990s the demand by all business sectors to efficiently
scientific communities FORTRAN has been the obvious and cost effectively adapt their systems to web interfaces has
choice. [13]. And code is usually a mess, design is poor and increased enormously. And software reverse engineering has been
quality documentation is often missing. This situation heralded as the promising technology to combat legacy system
demands trained and skillful software engineers who can work problems[8]. With this changing trend every software engineer
effectively and efficiently with legacy systems. And to meet must be educated and trained in software reverse engineering. It is
future requirements in software evolution and maintenance also suggested students should not be discouraged to use design of
software reverse engineering courses should be introduced as somebody as long as they acknowledge it. Because in software
an essential part of software engineering curricula. circles, taking anything, how small it might be. ‘unacknowledged’
is considered stealing. This is an advanced level technique and a
4. Many universities around the world offer reverse engineering great learning experience. This type of ‘plagiarism’ can be of great
at an advanced level and they are conducting research. But use [15]. And on the research side need will be there to develop
why is it important to make reverse engineering an essential better methodologies, tools etc. And if look at the publications of
part of the curricula at undergraduate level at all universities. past few years Research in maintenance and reengineering has
flourished [20]. Thus reverse engineering is opening a new and a
As we know that traditional software engineering syllabus is fascinating field for computer scientists and software engineers in
‘forward engineering’ based. As a result developing new both industry and academia.
software is considered far superior. That’s why new graduates
are hardly interested in working with legacy systems and they
lack the essential skills to do so. And as long as we don’t References
software reverse engineering principles and students do not
gain hands-on experience with small or medium scaled legacy
system, this trend will continue. And we need people to do the [1] Gregroy Conti (2005): Why Computer Scientists Should
‘dirty work’. And a lot of stress is now being laid on teaching Attend Hacker Conferences, Communications of the ACM, March
reverse engineering concepts not only as a separate subject but 2005.
also part various other courses e.g. database reverse
engineering [14]. [2] Cem Kaner (1998): Article 2B and Reverse Engineering,
(www.badsoftware.com), July 1998.
Student at undergrad level is more receptive to things being
taught And approach to problem solving developed during 3]Debbie Barsotti (2003): Giving back in a big way,
four years of undergrad study will remain more or less the (www.progressiveengineer.com), March 2003.
same. Regardless which field of computing they choose later
on. Analytical skills gained through learning reverse [4]Leon Moonen (2002). Exploring Software Systems, (PhD
engineering principles will help software engineering Thesis University of Amsterdam, Faculty of Natural Sciences,
students. As reverse engineering encourages thinking ‘out of Mathematics and Computer Science), October 2002.
the box’.
[5] Robert. B. Stone (Dept. of Basic Engineering), Daniel A.
Software piracy and illegal reversing of the disassembly has McAdams (Dept. of Mechanical Engineering), The Touchy –Feely
been a major concern for the software manufacturers. Another Side of Engineering Education: Bringing hands-on Experience to
wonderful use of reverse engineering is to make illegal Classroom, University of Missouri-Rolla.
reversing difficult. Because sometimes to ‘defeat a crook you
have to think like one’. Reversers rely heavily on certain [6] Hausi Muller, Kenny Wong, Scott Tilley. Understanding
powerful editors and debuggers namely SoftIce, HexEdit, Software Systems Using Reverse Engineering Technology,
W32DASM etc. These tools are very powerful and by using Colloquium on Object Orientation in Databases and Reverse
nd
these tools you’ll know their strengths and limitations. And Engineering: The 62 Congress of “L’Association Canadiene
having this in mind you will be able to develop software that Francaise pour l’Avancement des Sciences (AFCAS)”; (May 16-
17; Montreal; Quebec; Canada).
ACM SIGSOFT Software Engineering Notes Page 4 July 2005 Volume 30 Number 4

[7] Scott R. Tilley, Hausi A. Muller, Margaret-Anne Storey,

Kenny Wong: Programmable Reverse Engineering. This work is
supported by British Colombia advanced Systems Institute, IBM
Software Solutions Toronto, and IRIS Center for Excellence,
Natural Sciences and Engineering Council of Canada, Council of
British Colombia, and the University of Victoria.

[8] Scott R. Tilley, Hausi A. Muller, Margaret-Anne Storey,

Kenny Wong, Jens H. Jhanke, Dennis B. Smith(2000): Reverse
Engineering: A Roadmap, Taken from “The Future of Software
Engineering" , Anthony Finkelstein (Ed.), ACM Press 2000.

[9] David Carrington, Soon-Kyeong Kim (2003): Teaching

Software Design with Open Source Software, 33rd ASEE/IEEE
Frontiers in Education Conference, 5-8 Nov 2003, and Boulder,
CO.

[10] J.H Andrews and H.L Lutfiyya (2003): Experience with a

Software Maintenance Project Course, IEEE Trans. Education,
November 2003.

[11] Michael L. Nelson (1996): A Survey of Reverse Engineering

and Program Comprehension,
ODU CS 551-Software Engineering Survey, April 19 1996.

[12] S. Rugaber, K. Stirewart, and L. Wills (1995): The

Interleaving Problem in Program Understanding, 2nd Working
Conf. on Reverse Engineering, Toronto, Ontario, Canada, July 14-
16 1995.

[13] Edward Yourdon (1989): Structured Walkthroughs, Yourdon

Press 1989.

[14] Anthony Finkelstein (UCL), Jeff Kramer (Imperial College

London). Software Engineering: A Roadmap.

[15] J. Paul Gibson (2003): Software Reuse in Final Year

Projects: A Code of Practice, Report NUIM-CS-2003-TR-
12(National Uni. Of Ireland, Maynooth), November 2003.

[16] Cyrus Piekari, and Anton Chuvakin(2004): Security Warrior:

Know your Enemy, O’REILLY, February 2004.

[17] Gabriel Torok, and Bill Leach (2003). Obfuscate It Thwart

Reverse Engineering of Your Visual Basic .NET or C# Code,
MSDN® Magazine the Microsoft Journal for Developers,
November 2003.

[18] Brian Blong. Reverse Engineer to Learn .NET Better, (

www.blong.com/Conferences/DCon2003/
ReverseEngineering/ReverseEngineering.htm.)

[19] George Ledin Jr(2003): Not Teaching Viruses and Worms Is

Harmful, Communication of the ACM, January 2005.

[20]Ahmed E. Hassan, and Richard C. Holt: The Small World of

Reverse Engineering, Software Architecture Group (SWAG),
School of Computer Science, University of Waterloo, Canada.