Steffen Becker, Carina Wiesen, and Nils Albartus, Ruhr University Bochum, Max Planck Institute for Cybersecurity and Privacy; Nikol Rummel, Ruhr University Bochum; Christof Paar, Max Planck Institute for Cybersecurity and Privacy
Understanding the internals of Integrated Circuits (ICs), referred to as Hardware Reverse Engineering (HRE), is of interest to both legitimate and malicious parties. HRE is a complex process in which semi-automated steps are interwoven with human sense-making processes. Currently, little is known about the technical and cognitive processes which determine the success of HRE. This paper performs an initial investigation on how reverse engineers solve problems, how manual and automated analysis methods interact, and which cognitive factors play a role. We present the results of an exploratory behavioral study with eight participants that was conducted after they had completed a 14-week training. We explored the validity of our findings by comparing them with the behavior (stategies applied and solution time) of an HRE expert. The participants were observed while solving a realistic HRE task. We tested cognitive abilities of our participants and collected large sets of behavioral data from log files. By comparing the least and most efficient reverse engineers, we were able to observe successful strategies. Moreover, our analyses suggest a phase model for reverse engineering, consisting of three phases. Our results further indicate that the cognitive factor Working Memory (WM) plays a role in efficiently solving HRE problems. Our exploratory study builds the foundation for future research in this topic and outlines ideas for designing cognitively difficult countermeasures (“cognitive obfuscation”) against HRE.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Steffen Becker and Carina Wiesen and Nils Albartus and Nikol Rummel and Christof Paar},
title = {An Exploratory Study of Hardware Reverse Engineering {\textemdash} Technical and Cognitive Processes},
booktitle = {Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020)},
year = {2020},
isbn = {978-1-939133-16-8},
pages = {285--300},
url = {https://www.usenix.org/conference/soups2020/presentation/becker},
publisher = {USENIX Association},
month = aug
}