Revealing Reality Through Reverse Engineering

Insecure computer systems in the wild can enable consequences ranging
from crime to mass surveillance to (in the case of cyberphysical
systems) physical destruction or even death. But how can anyone know
if a particular computer system is insecure? One can rely on the
representations of the system designers or manufacturers; however, the
history of computers is replete with examples of claims that products
are secure which are subsequently proven false. This is, in part,
because computer systems tend to exhibit unanticipated, unintended, or
poorly-understood behaviors that have complex interactions. As a
result, the best way to learn about the security of a system is to
take a detailed look at the hardware and software that comprise the
system, and their interactions. In the common case where hardware
designs and software source code are not available, reverse
engineering the system is often the best way to derive ground-truth
data on how the system functions.

In this talk, I'll describe some of my recent research where reverse
engineering played a key role, covering TLS implementations with
backdoors as well as cyberphysical systems. I'll also describe the
scientific nature of reverse engineering as well as the positive,
real-world impact reverse engineering can have on security and safety.

Stephen Checkoway is an Assistant Research Professor in the Department
of Computer Science at Johns Hopkins University and a member of the
Johns Hopkins University Information Security Institute. Checkoway's
research focuses on the security of embedded and cyberphysical
systems. He has demonstrated exploitable vulnerabilities in such
embedded systems as electronic voting machines, laptop webcams,
automobiles, and airport scanners. He received his Ph.D. in Computer
Science from the University of California, San Diego in 2012.