5

All,

My company is in the situation where we are using an embedded control system from another company in another country. We do not have the source code or the schematics to this system, and the manufacturer doesn't want to release them, seemingly at any price or under any terms. We are thus stuck with a 6 month turn around to get even a small modification done, and they can basically charge any amount they want.

Legal aspects aside, would it be at all feasible to reverse engineer the embedded code back into C? Do any companies exist that could do this for us?

Thank you, Fred

ire_and_curses
  • 68,372
  • 23
  • 116
  • 141
fred basset
  • 9,774
  • 28
  • 88
  • 138
  • How do you know it was written in C? –  May 01 '10 at 16:47
  • One important detail you left out is what hardware it's using. – Mark Rushakoff May 01 '10 at 17:05
  • Don't know it was written in C and don't know the CPU yet, was only asked the question yesterday. Next week I'll have time to disassemble one of the machines and see what CPU & other chips it's using. – fred basset May 01 '10 at 17:10
  • 7
    *Legal aspects aside?* You can't just put the legal aspects aside. if the software license says you can't reverse engineer it, then legally you can't reverse engineer it. If you didn't want those license terms, you shouldn't have bought that product. – Ira Baxter May 01 '10 at 17:11
  • 4
    "if the software license says you can't reverse engineer it, then legally you can't reverse engineer it" - that's an over-simplification. Such clauses might be limited by statute or common law in your jurisdiction, or even by constitutionality or legal possibility (someone who never accepted the license isn't bound by it, although they might face other copyright-related issues). But if you play jurisdictional games, do you really want to be the guy who could be hit with a lawsuit or worse if he ever goes to the country of origin of the vendor? – Steve Jessop May 01 '10 at 17:19
  • If his company paid for the product, and it comes with a license, they'll have a hard time arguing they didn't agree to the license. And yes, I did oversimplify; I'm not a lawyer, but I think Jessop's point is the right one: you don't want to get tangled up in a legal mess, so check your license terms first. – Ira Baxter May 01 '10 at 17:28
  • 1
    Sure, non-applicability of the entire license was just an extreme example. It could sometimes count for a third party, or maybe if the (hardware) product was purchased without seeing the license first? But as you say not a loophole you want to get caught halfway through. My point is more that if it's really important, don't just check the license terms, because licenses can in effect lie to you, if they have terms which are unenforceable or which have subtle exceptions or legal meanings of words used. Get your *lawyer* to reverse-engineer the license and programmers stick to software ;-) – Steve Jessop May 01 '10 at 18:16
  • possible duplicate of http://stackoverflow.com/questions/2272581/reverse-engineering-c-programs – Hans Passant May 01 '10 at 18:41
  • 1
    ... further to what I was saying, here's an example from the Java (binary) license, which I picked on a whim: "Unless enforcement is prohibited by applicable law, you may not modify, decompile, or reverse engineer Software". So, is enforcement prohibited by applicable law or not? The license certainly isn't going to tell me, because Sun/Oracle doesn't particularly want me doing any of those things even if they can't legally prevent me. Hence, it's off to the lawyers if I want to reverse-engineer software with a license like that. – Steve Jessop May 01 '10 at 19:00
  • This system is from a white goods manufacturer in Japan, I doubt we even got a software license but will definitely check. – fred basset May 01 '10 at 20:10
  • Some countries (.au) explicitly allow reverse engineering; so that software/hardware licenses may be inapplicable. – Tim Williscroft May 04 '10 at 01:14

6 Answers6

4

There are plenty of companies that will re-implement the embedded control system without reverse engineering the one you are using now, as long as you know that system's requirements.

Doug Currie
  • 40,708
  • 1
  • 95
  • 119
  • Doug, could you suggest a company which could do this? We'd be interested in talking to them. – fred basset May 01 '10 at 17:11
  • Re-implementing a complex system from scratch is pretty expensive, takes a long time, and often fails. There are lots of companies that are happy to take your money to do this because expensive means cash transfer from you to them. (I do reengineering for a living, and this is almost never the right answer for the customer). And this is embedded software: are you going to reimplement the hardware too? – Ira Baxter May 01 '10 at 17:32
  • @user258526, go to a chip manufacturer's web site, such as http://www.microchip.com, and look for design partners. Disclaimer: my company does this kind of work (contract embedded electronics and software development). – Doug Currie May 01 '10 at 18:07
  • My company would treat it largely as a new design, with the existing system serving as a working model to guide those design decisions that aren't well specified by requirements. If the existing design is based on obsolescent chips, there can be advantages to a new design. Look for a company that will do the work under "work for hire" or similar terms and assist your engineering department in understanding the design. You might continue to use them, but at least you will own the result. Disclaimer: this is what I do for a living too. – RBerteig May 19 '10 at 01:51
2

Quite a big "it depends".

The mapping from source -> object code is (mathematically speaking) not reversible, so you can't recover the source code. But if you have the object code it's not all that hard to come up with some kind of source that compiles to the same object code, or at least which has the same effect - that's just disassembly/assembly.

Depending how creative your decompilation process is, though, the C code might come out looking a lot like assembler. So I'd question the quality of code I'd likely get back from a third-party - "C code" doesn't mean "C code that's easily maintainable by our C programmers", and it might be really quite hard to produce the latter.

Also note that an embedded controller "written in C" might actually have quite a lot of assembler in it in their source code. So either you allow assembler in your reverse-engineered version or you don't. If you don't it may be impossible to reproduce the functionality in C. If you do, then where do you draw the line - in the extreme you could just disassemble their source and not have any proper C code at all. You can't necessarily tell from examining the object code which bits were written in C and which weren't.

All this of course leaving aside the legal issues. It's probably unwise to leave aside the legal issues, especially as it seems you're buying this system as a physical object, and you possibly have no legal basis to separate the code from the hardware at all.

Steve Jessop
  • 273,490
  • 39
  • 460
  • 699
2

See answers to reverse engineering c programs

In particular, see my answer referencing "Pigs to Sausages". The company behind that paper can do a quite good job of converting assembler back to C, if the assembler in question doesn't do things you can't state in C (such as, "Set the Stack Pointer Register...").

[I have nothing to do with the Pigs-to-Sausages guys except having met and having a great deal of respect for their technical lead.]

Community
  • 1
  • 1
Ira Baxter
  • 93,541
  • 22
  • 172
  • 341
0

Assuming you are able to retrieve the binary code out of the system, disassembling and combing through it should be no problem. Actually turning the assembler code into maintainable C code poses a big problem. Depending on the size of the system, this will take a lot of time manually (re-)writing the code into something useable.

To my knowledge, in some countries, it is legal to reverse engineer a system to ensure compatibility with your software. But this may require clean-room reverse engineering.

Wikser
  • 810
  • 7
  • 11
0

If you are looking for companies to help reverse engineer, you might want to sniff around who publishes in the Working Conference on Reverse Engineering. Find some work there that impresses you and ask those people whom to hire.

Norman Ramsey
  • 198,648
  • 61
  • 360
  • 533
0

You might be better off starting an embedded team in house. In the same time it'd take you to do 4-5 software changes, with the right team you could have fully owned hardware and software designs, plus in-house expertise that can implement changes quickly.

... not to mention the amount of money you'd save on markup if the product has any considerable volume.

Jeff Lamb
  • 5,755
  • 4
  • 37
  • 54