

US looking for revolutionary binary code system - coondoggie
http://www.networkworld.com/community/blog/us-looking-revolutionary-binary-code-system

======
timtadh
The article title is bad and misleading. Here is what DARPA (not the US) is
looking for:

A system to analyze legacy binary applications and "slice" out the functional
components allowing them to be encapsulated and run separately as part of new
more secure systems. It is assumed that the source code for the legacy system
was lost long ago.

Specifically Darpa is looking for :

\- Automatically analyzing and identifying binary executable functional
components.

\- Automatically slicing and extracting identified binary functional
components into reusable programming modules, including defined inputs and
outputs.

eg. performing a "projection" of the program. removing all instructions not
related to calculating the inputs to the functional component. This is also
sometimes called dependence analysis or taint analysis and has ~30-40 years of
research. see: Frank Tip, “A survey of program slicing techniques,” Journal of
programming languages, vol. 3, 1995, p. 121–189.

\- Combining static and dynamic binary analysis to increase understanding and
function of binary executables.

\- Exploring formal verification methods to prove functional component
properties.

\- Developing intermediate representation language to support program slicing.

\- Developing core technology to enable exploration and research for the BET
program.

~~~
peterbotond
and there are many other companies to benefit from this. reminds me a bit when
i needed to reverse engineer a sourceless binary and write a wrapper to its
important parts.

yes, the article title is bad.

------
GnarfGnarf
Wouldn't be easier to have a more formal process for saving the source code?
Like how real engineers maintain schematics and blueprints?

As an alternative, DARPA could prescribe that all the executables they
commission come with embedded source.

~~~
marshray
Oh sure NOW you give us that great advice... :-)

I'm sure a lot of source does get saved. Nevertheless, if your task were to
secure legacy government systems as quickly and strongly as possible, you're
going to pray for a breakthrough like this. It's not practical to walk up to a
PC and, even with full authorization, dig up all the source code to the
software that's running on it.

Even then, some things really are more noticeable by looking at the executable
and often this is the side the attacker will be looking at. If you don't have
the same or better capabilities than your adversary to analyze this side of
it, you're effectively blind to your backside.

------
saurik
A decade or two ago, someone proved that it was impossible to accurately
separate code from data in general x86 (and then made a tool that sort of
almost worked as best he could, with something like 99% accuracy). Does it
scare anyone else that we are apparently in the position of putting forward
grants to solve known-impossible problems? :(

------
sehugg
I would imagine that improved reverse engineering techniques would also help
to dissect botnets, viruses, P2P networks, and other sorts of obfuscated
software.

I'd rather believe that than believe that the DoD has lost a significant
portion of its code base for its critical applications.

------
jinushaun
Sounds like an exciting way to drag old working binaries into the modern age,
but how will they overcome dynamically linked libraries? Wouldn't they
basically just be reimplementing WINE? How old are these apps? Ada? Fortran?
Cobol? Win32? Maybe I'm just very ignorant on this subject.

~~~
marshray
I imagine a lot of work will involve simulating the execution environment. A
WINE-like infrastructure might be a component of that, but I also hear about
people doing this type of thing at the virtual machine level.

------
ww520
A better way to encapsulate and componentize older binary-only software is to
create VM for them. VM is so prevalent these days. It's much easier to build a
VM for older software than reverse engineering the old software.

