Hacker News new | past | comments | ask | show | jobs | submit login
Automated PCB Reverse Engineering (2017) [pdf] (usenix.org)
59 points by lainon on Sept 28, 2018 | hide | past | favorite | 9 comments

I've always been super interested in reverse engineering from a young age when I first started changing application flows by breaking them down in NASM and MASM.

Since then I have always looked into variations of the technique delving into specific components and architectural pieces.

The PCB as an embedded device gives a similar field of exploration.

I'd highly recommend people do similar things, it really teaches you a heck of a lot as a software engineer.

“lack of inexpensive methods”?? have they not heard of, wait what’s it called, China?

Is this available as a service anywhere?

Literally everywhere in China.

This article is from 2017, but it seems the authors are not very familiar with how the industry already does it --- automatic probing machines can recover the netlist without needing to inspect the layers directly.

In fact, what they did, which is just image recognition, is probably one of the least time-consuming steps. Of course, it doesn't work for parts that have the markings removed either.

Yeah, and for PCB's which are worthy of reverse engineering, there is still A LOT of work to do beyond getting the netlist and components. On the other hand circuit designs, in most cases, closely follow datasheet recommendations or reference designs around the core components, so there's a lot of angles that can solve this problem.

The paper, however, seems to be motivated for goals like penetration testing and MITM attacks on hardware _without_ destroying it-- like what "Agent Q" might do in a James Bond film (after Bond is able to pocket the circuit board and deliver it to the lab in an ESD safe pouch).

The far more common and boring scenario would be reverse engineering for the purpose of knock-off products. Not very sexy. Also, do-able in many cases by just noting a few key components, extracting eeprom/flash content and then consulting datasheets.

In this podcast episode (https://reverseengineering.libsyn.com/014-ferrycast) they mention the dirtyPCB's service mentioned in the other comment and some other similar ones.

I'd recommend the whole podcast (Unnamed Reverse Engineering podcast) to anyone interested in hardware RE.

Hundreds in china, thousands in US. huge 4 layer pcb "work accomplished by Integrated Sensor Technologies, located in Goleta California" = $5K https://www.gofundme.com/amiga-4000-replica-with-schematics

In China, if you have a small-size, random circuit board from a electronic product, you can get the PCB layout and full semantic reverse engineered for reproduction by some firms in Shenzhen as low as 150 USD. I think the smaller firms are completely powered by underpaid human engineers...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact