Donwload a printable version of the WCRE 2007 program: pdf

Ira D. Baxter
CEO, Semantic Designs, Inc.
Home page

Donald J. Reifer
Reifer Consultants, Inc., USA
Home page

Title: Reengineering Tools: A Perspective from the Trenches

October 28, 2007; 11:00am - 12:15am

Nelson+Denman Room

Software systems are growing in size (tens of millions of lines), complexity (application, number of languages and implementation technologies involved), and age (decades). The larger the size, the larger the investment, and the more important it becomes to preserve that investment. As with remodeling houses, demands for new functionality and the need to integrate with newer technology often require massive changes to the software base. These two factors suggest that massive software remodeling will become long-term steady-state phenomena for these systems. Software change scale suggests that automation is necessary to accomplish this remodeling.

Semantic Designs has been building the DMS® Software Reengineering Toolkit to support these kinds of tasks in commercial contexts. DMS consists of a set of integrated compiler-like technologies, composed to solve custom reengineering problems. Scale and integration are a key theme. This talk will examine some applications of DMS (e.g., to large C and C++ systems) to motivate the technologies behind DMS. It will sketch the technologies used and their shortcomings in functionality, scale and usability, and suggest future directions. The talk should be of wide interest to reverse- and re-engineering researchers by exhibiting needs driven by very practical concerns.

Title: The Dark Side of Software Reverse Engineering

October 29, 2007; 11:00am - 1:00pm

Nelson+Denman Room

During the past decade, substantial advances have been made in the field of software reverse engineering. Tools and techniques that have been developed for program understanding, design recovery and reengineering and/or refactoring have been commercialized and deployed to reduce the software maintenance burden. However, along with the good comes the dark side of software reverse engineering. These same tools and techniques can be and have been used for nefarious purposes. Take the disassemblers/debuggers used for exploring binary programs for which source code is not available. Besides being able to figure out what functions the software performs and in what manner, these tools can be used to identify sensitive information hidden in the code (data, algorithms, etc.). For example, such tools can be used to get at this sensitive information even when it is guarded, obfuscated or encrypted. In addition, those tools and techniques employed to figure out how a program works can also be used to determine how it breaks. For example, exploiters can use the same exceptions that were put into the code to improve safety to crash the system. The challenge posed to the reverse engineering community is to find ways to prevent the misuse of their technology along with its proper use.