It is well known that every end contains a beginning. Researchers at the Horst Görtz Institute for IT Security (HGI) at the Ruhr University Bochum are working on recovering the initial construction plan from already finished microchips - and have now for the first time developed a unique, open-source tool for Hardware Reverse Engineering: "HAL" (Hardware Analyzer) is intended to help analyze the raw data extracted by reverse engineering efficiently and automatically. The researchers are now calling for participation in the open source project.
Reverse Engineering is a highly relevant field of research
The reverse engineering of hardware is a complex process that is being researched by Professor Christof Paar at the Chair of Embedded Security in Bochum. The field of research is of the highest relevance, as the current debate about the Chinese telecommunications company Huawei shows. The security of Chinese technology is being debated internationally in politics and business for worrying about hidden backdoors.
Hardware reverse engineering is used to locate such backdoors in hardware. In addition, the technology helps, for example, to detect piracy and possible patent infringements or to establish compatibility between products.
HAL analyses raw data automatically
In comparison to software reverse engineering, for which many analysis tools already exist, there has been no universal tool for examining the extracted hardware network lists. This is where researchers Marc Fybriak, Sebastian Wallat and Max Hoffmann came in and started developing HAL about four years ago. "Previously, the analysis was done completely manually or with the help of specific scripts without a shared basis. Like a toolbox, HAL offers a standardized platform for all further analyses," they explain. Based on existing solutions from the field of software reverse engineering, the functional scope of HAL can be extended by plug-ins. With these additional modules, properties of the net lists can be examined more precisely: For example, it would be possible for HAL to automatically recognize all elements of the net list that are the security features of the chip with an appropriate plug-in. The possibilities of visualization and simulation create the framework for further investigations.
Call for participation
HAL is available as an open source project on Github with a MIT licence, so it can be used and extended by the community free of charge. The scientists therefore invite all interested people to join. For the future, the developers hope that HAL will save other researchers a lot of time and effort. "Since HAL combines all basic functions, researchers can fully concentrate on new algorithms. This also increases compatibility between research codes of different scientists, who previously had to do without a common basis." So more time to concentrate on the essentials - this is how HAL elementarily can help to advance research in the field of IT security.
Clicked:
https://github.com/emsec/hal
Contact:
Julia Laska/ Christina Scholten
Marketing and PR
Horst Görtz Institute for IT-Sicherheit (HGI) / Cluster of Excellence CASA
Ruhr-Universität Bochum
Tel: +49-(0)234-32-27130
E-Mail: hgi-presse AT rub.de
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.