REVERSIM: An Open-Source Environment for the Controlled Study of Human Aspects in Hardware Reverse Engineering
For researchers studying human factors in hardware security, ReverSim provides a reproducible platform to investigate cognitive aspects of HRE, which is currently under-explored.
ReverSim is an open-source environment that models hardware reverse engineering (HRE) subprocesses and integrates cognitive tests, enabling controlled studies with non-experts. Evaluations with 14 professionals and 170 novices/intermediates confirmed its realism and revealed correlations between cognitive processing speed and task performance.
Hardware Reverse Engineering (HRE) is a technique for analyzing integrated circuits. Experts employ HRE for security-critical tasks, like detecting Trojans or intellectual property violations, relying not only on their experience and customized tools but also on their cognitive abilities. In this work, we introduce ReverSim, a software environment that models key HRE subprocesses and integrates standardized cognitive tests. ReverSim enables quantitative studies with easier-to-recruit non-experts to uncover cognitive factors relevant to HRE. We empirically evaluated ReverSim in three studies. Semi-structured interviews with 14 HRE professionals confirmed its comparability to real-world HRE processes. Two online user studies with 170 novices and intermediates revealed effective differentiation of participant performance across a spectrum of difficulties, and correlations between participants' cognitive processing speed and task performance. ReverSim is available as open-source software, providing a robust platform for controlled experiments to assess cognitive processes in HRE, potentially opening new avenues for hardware protection.