Parallel Perspectives: Reverse Engineering for Generation Multi-X

Reverse engineering large systems today requires multiple analysts trying to understand multi-threaded software running on multicore/multiprocessor hardware that covers multiple instruction sets. Today\´s "multi-X" world requires new analysis tools revealing a wide range of perspectives -- static and dynamic, detailed and abstract. Our goal is to design tools to support low-level program comprehension tasks ranging from malware analysis to mainframe code-base evolution. This paper presents the design and implementation of a prototype Integrated Comprehension Environment (ICE) with multiple analysis plugins designed to provide reverse engineers with the perspectives they need to analyze today\´s software. Leveraging the simplicity of the Reverse Engineering Intermediate Language (REIL), this prototype provides plug in modules designed to correlate low-level and high-level perspectives of both static and dynamic information. Our goal is to determine if this generalized design may in fact enable tool sets to be unhinged from specific instruction sets, permitting the same analysis modules to be applied to code bases made for drastically different architectures, such as x86 versus HLASM.