Reverse Engineering

Shaochun Xu
Computer Science University of Windsor

Contents

What is Reverse Engineering (RE)? Why do we need Reverse Engineering? Scope and Tasks of Reverse Engineering Different Approaches RE tools Conclusions

What is Reverse Engineering ?

You

have an unexpected case:

You finished one course project using Java Your program runs OK But, by accident, you delete the java file How to hand in your project?

What is Reverse Engineering ?

You

have an unexpected case:

You finished one course project using Java Your program runs OK But, by accident, you delete the java file How to hand in your project?

Reverse

Engineering

What is Reverse Engineering ?

Waterfall Model of software development
Requirement analysis design

Implementation
Testing and Maintenance

What is Reverse Engineering ?

Forward Engineering Requirements Design

Source Code
Behavior

What is Reverse Engineering ?

Forward Engineering Reverse Engineering

Requirements Design

Source Code
Behavior

What is Reverse Engineering ?

Abstraction System
Reverse Engineering Abstraction Forward Engineering Re-Implementation

Old system

New System

What is Reverse Engineering?

RE

encompasses any activity that is done to determine how a product works, to learn the ideas and technology that were used in developing that product. RE can be done at many levels
RE

generally belongs to Software Maintenance

The Early Days of RE

Law

of Software Revolution (Lehman, 1980)

Fundamental

strategies for program comprehension (Brooks, 1983) Taxonomy of Reverse Engineering (Chikofsky&Cross, 1990) WCRE (Working Conference on R.E., 1990) IWPC (Int. Workshop on Program Comprehension)

Why do we need RE ?

Recovery Assisting

of lost information with maintenance

providing proper system documentation identification of side effects and anomalies

Migration

to another hw/sw platform

software reuse

Facilitating

Why do we need RE ?
Benefits

maintenance cost savings quality improvements competitive advantages software reuse facilitation

Difficulties of Reverse Engineering

Gap

between problem /solution domain Gap between concrete and abstract Gap between coherency/disintegration Gap between hierarchical/associational

Scope and Task of Reverse Engineering

program

understanding
Problem/Application domain

Mapping

Program/Implemen. domain

Scope and Task of Reverse Engineering

Redocumentation

and/or document

generation Recovery of design approach and design details at any level of abstraction Identifying reusable components and components that need restructuring Recovering business rules Understanding high-level system description.

Discovery of Abstraction
Discovery

of abstraction in large system

maintenance purpose evolution purpose reengineering purpose

Levels of abstractions

Application
Application concepts, business rule, policies

Function
Logical and functional specification, non-functional requirement

Structure
Data and control flow, dependency graphs Structure and subsystem charts Architectures

Implementation
Symbol tables, source text

Different Approaches
Restructuring

Transformation from one representation to another at the same level,

Requirements Design Source code Behavior

Different Approaches
Reverse

Engineering

Design Recovery
reproduce all the info for understanding the system

Re-documentation
provide different views of the system Re-Engineering

first phase --understanding the system second phase--forward engineering

Different Approaches
Abstraction System
Reverse Engineering Abstraction Forward Engineering Re-Implementation

Old system

New System

Reverse Engineering Tools

Analysis

Tools Browsers Object Server Task Oriented Tools

Example--Java Decompiler
How

to recover bytecode from .class file under Unix/Win with JDK?

% javap -c <filename> % javap -help (to see the options)

Java

Decompilers

ClassCracker http://www.pcug.org.au/~mayon/ DeCafe Pro" from DeCafe, France at

http://decafe.hypermart.net/index.htm

SourceAgain" from Ahpah corp at http://www.ahpah.com

Example--Java Decompiler
ClassCracker

2 Interface

Example--Java Decompiler
Components

of ClassCracker 2

Java decompiler
retrieves Java source code from Java class files

Java disassembler
produces Java Assembly Code

A Java class file viewer

displays Java class file structures.

Example--Java Decompiler
Features

of ClassCracker 2

User visual interface. Can decompile class files within zip or jar files. Conversion mode (JAVA, JASM or JDUMP) is selectable A Batc Mode allows multiple class files to be decompiled simultaneously more...

Example--Java Decompiler
ClassCracker

2 System Requirements

All platform (Window/Linus/Unix) JDK /JRE

Do

not believe it?

(==>myClass.class)

From myClass_origin.class ==>myClass.java

% javac myClass.java

% diff myClass.class myClass_origin.class

Example--Java Decompiler
ClassCracker

2.0--want to try it?

Free download at http://www.pcug.org.au/~mayon/classcracker/ ccgetdemo.html Only first three methods are decoded.
Bridge

1.0---Free

http://www.geocities.com/SiliconValley/Brid ge/8617/jad.html

Conclusions
Reverse RE

Engineering is a new research area among software maintenance includes activities of understanding the system and recovery info from system

Program

understanding is the most important subset of Reverse Engineering

of abstraction is key issue

Discovery

Questions ?