Software Protection to Deter Malicious Forensic Data Collection and Exploitation Published Nov. 23, 2011 By Augustine Vu Sensors WRIGHT-PATTERSON AIR FORCE BASE, Ohio -- In response to a Department of Defense (DoD) need for software protection technologies to deter malicious forensic data collection and exploitation, GrammaTech has developed new technology that alleviates the extra costs involved in constructing systems that incorporate reconfigurable hardware. The technology frees the developer from the burden of joint software/ hardware design and development, allowing system prototyping to be performed completely within the software domain. GrammaTech's software partitioning tool can be used to automatically partition the software into separate components that will either be targeted at reconfigurable hardware or remain within the software domain. The power of this technology is that it provides the DoD system developer with substantial flexibility, resulting in cost savings and an improved ability to develop secure systems. Reconfigurable computing systems provide a number of benefits to the system developer. Combining the flexibility of software with the speed of hardware, field-programmable gate arrays (FPGAs) can play a key role in software protection. By recasting critical program information (CPI) encoded in software as a custom circuit specification, the CPI can be moved out of band from a traditional central processing unit (CPU) and placed in an environment inaccessible to commonplace software reverse engineering tools. However, taking advantage of reconfigurable technology adds to the complexity of system design. Decisions must be made regarding which portions of an application should be implemented in hardware and which should remain in software. The system must be architected to account for the partitioning, including support for communicating between the different components. Routine development tasks, such as testing and debugging, require additional overhead due to the added complexity of the system as a whole. In addition, developers must have sufficient expertise to work directly with hardware development tools. During this Small Business Innovation Research (SBIR) Phase II effort, GrammaTech developed new technology that alleviates the extra costs involved in constructing systems that incorporate reconfigurable hardware. This SBIR effort has resulted in the development of a tool suite that is widely applicable and offers strong anti-forensics protection. The technology will provide an effective, generalized method of code translation that excises code from a program and offloads it on to reconfigurable hardware. This software partitioning tool will alleviate some limitations of modern translation technology by utilizing GrammaTech's static analysis expertise for code refactoring. In addition to software protection applications, it is envisioned that this technology will also have market applicability to the embedded systems community.