[author: Christopher Furlough]

Understanding how hardware and firmware/software work together to perform desired functions or tasks is an important enabler to unlocking the value of intellectual properties in the systems (including embedded systems) area. Many patents require both hardware and certain algorithmic features which are often implemented in firmware. Based on an understanding of various embedded systems and their operations, our firmware analysis capability can extract a target device’s firmware and analyze it against claim elements of a patent. This helps our clients unlock system level patents in areas where it would have been difficult to do so previously.

The process of identifying Evidence of Use (EoU) for patented technologies can be intricate and potentially costly. This is particularly true when considering the deeply embedded nature of patented functionalities within products and methodologies. Accessing information regarding these functionalities is often challenging, requiring specialized techniques and tools.

In his paper, Software and Firmware Analysis, Reverse Engineering & Testing for Establishing Evidence of Use or Non-Use, software/firmware development and reverse engineering expert Christopher Furlough explores three primary approaches which are commonly employed in the quest for Evidence of Use (EoU):

Analysis of publicly available information: This involves scouring publicly accessible data related to infringing products or applications. While this approach can be cost-effective, it may yield limited relevant information, especially for products like Apple devices where source code accessibility is restricted.

Device, system, and applications testing: Testing provides a more direct means of obtaining EoU by assessing functionalities associated with products or methodologies. Although more costly than the first approach, testing can effectively uncover crucial insights, albeit sometimes requiring inference to establish functionality implementation.

Reverse Engineering (RE): RE involves dissecting a product or system to reveal its structural features, composition, and functions. In the realm of software and firmware, RE entails accessing and analyzing code to understand functionality implementation. While often the costliest approach, RE can provide essential EoU when other methods fall short.

A tailored approach to meet the unique requirements of clients’ EoU claims, often necessitates combining these approaches while managing costs. Specifically, for inventions reliant on software and/or firmware, this paper delineates tools and methodologies for establishing EoU. It outlines the differences between software and firmware, their development and distribution mechanisms, and the challenges posed by each.

Software RE involves accessing and analyzing publicly available source code to understand functionalities, aided by tools for code analysis and emulation. Conversely, firmware RE is more complex due to limited accessibility and custom file formats. Methods for obtaining firmware include both software-based solutions (e.g., downloading from manufacturers' websites) and hardware-based approaches (e.g., ISP adapters, JTAG debuggers).

Disassembling and decompiling obtained firmware is crucial for analysis, involving steps like de-encryption and re-formatting. Tools like Ghidra facilitate this process, offering features for disassembly, decompilation, and code analysis. Dynamic program analysis complements static analysis, involving techniques like instrumentation to monitor software performance and behavior during runtime.

The journey to uncover EoU for patented technologies begins with assembling the required expertise including IP, testing and/or RE, as well as technical expertise in the technology of interest.

Expertise in IP helps the technical experts focus their efforts on what is needed to demonstrate EoU and provides a bridge between the technical experts involved in uncovering this EoU and the legal aspects of IP where clients are often patent attorneys.

Expertise in testing and/or reverse engineering this technology is necessary to evaluate and select appropriate instrumentation and methodologies to access and analyse the structure or function of interest. Finally, experts in the technology areas of interest are needed to guide the testing and reverse engineering, and to analyze the results to provide the EoU.

This multifaceted approach, blends analysis of publicly available data, rigorous testing, and sophisticated reverse engineering techniques, contributing to a comprehensive understanding of patented functionalities and their implementation within products and methodologies.