600.436 High-Assurance
Systems
Fall 01/System Security Realization
60
Reverse Engineering (2)
¨VERY Common
Practice, BUT…
–Labor intensive
–Doesn’t directly result in running code and is therefore considered “busywork” by those most qualified to do
it
•More abstract representations usually not kept current with the least abstract representation
–Few people are able to establish and maintain separation among abstract representations
•Worse here, since “out” is to refer to less (or usually least) abstract representation – “Read the Code!!”
–Natural focus is on what is built rather than what is needed