Secure Embedded Systems: The Threat of Reverse Engineering

Companies releasing newly designed embedded products typically recoup the cost of development through initial sales, and thus are unlikely to welcome early competition based around rapid reverse engineering of their products. By contrast, competitors able to shorten time-to-market though reverse engineering will gain design cost and market share advantages. Reverse engineering for nefarious purposes appears to be commonplace, and has significant cost impact on industry sales and profitability. In the Embedded Systems MSc programme at Nanyang Technological University, we are aiming to raise awareness of the unique security issues related to the reverse engineering of embedded systems. This effort is largely through devoting 50% of the secure embedded systems course, ES6190 to reverse engineering (the remainder to traditional security concerns). This paper covers the reverse engineering problem scope, and our approach to raising awareness through the secure embedded systems course. A classification of hardware reverse engineering steps and mitigations is also presented for the first time, with an overview of a reverse engineering curriculum. Since the quantity of published literature related to the reverse-engineering of embedded systems lies somewhere between scarce and nonexistent, this paper presents a full overview of the topic before descussing educational aspects related to this.