Next Generation Emulation banner
1 - 18 of 18 Posts

·
Registered
Joined
·
6 Posts
Discussion Starter · #1 ·
It is quite easy to program emulator of processor or console if you have information on it, but if you want to create an emulator of system that is not explored, the only way to get info is reverse engineering. I only know how to reverse engineer software, and i want to understand how to reverse engineer hardware. If someone know what is it and what tools is needed, please give your piece of advice.
 

·
Emu author
Joined
·
1,488 Posts
It's not necessarily easy to program an emulator even if you have information on it, who told you that? :eek: At least not if you want it to be reasonably efficient..

Reverse engineering hardware... part of this is reverse engineering the software that makes extensive use of the hardware. In the case of a console, that'd be looking at the games and contextually deriving what certain things do. The BIOS is one of the more useful pieces of software you can look at since it encapsulates functionality in a straightforward manner.

Then, to go any further than that, you need the console, of course. It's all just a matter of trying things and seeing what happens - you're not actually reverse engineering the hardware from a level lower than what a low-level programmer sees, since this is all that's important for an emulator.

- Exo
 

·
Registered
Joined
·
774 Posts
Well, no matter how little information is availible on the hardware you're trying to reverse engineer you should always be able to find some info on it. If you can get your hands on an official devkit for the hardware it would be a goldmine of information. If there is no info availible on the exact model of CPU you need there may be similar CPUs which are better documented that you can use as a starting point. Same applies to the video/sound chipset. Going in and reverse engineering hardware without knowing the first thing about what you're dealing with would be an excercise in futility. Is there a specific system you're looking at? If so then just say so, cause I'm sure there are a few people here who could help you find more info on it.

One thing you should keep in mind, if you cannot find any info on the opcode set for your target CPU then you are going to have you work cut out for you. Frankly I dunno how the heck you'd go about deciphering an opcode set from scratch, but I know it wouldn't be easy. Even if you did get it figured out somewhat, theres no way you could escape at least a few innacuracies in your results. Some opcodes do completely different things depending on the value of certain register, so the results would look unpredictable if you didn't figure this out. This is really the kind of task best left to people who already have an emulator or two under their belt, because they would know to a certain degree what to expect in terms of opcode behavior.

At any rate, once you've gathered all the information you can, the next thing you do is set up an enviornment for excecuting code on the hardware (i.e. a coder's cable for the DC connected to your PC.) Then get ahold of some binaries written for it, preferably including it's BIOS since other binaries may depend on initializations it does, and examine them in a dissassembler for the CPU it uses. If you can't find one then write one using whatever info you can get on the CPU's opcode set. Code for a dissassembler will be useful for emulator debugging later on anyway.

From this point on the rest of the reverse engineering will be primarily experimenting with reads and writes in the code your looking at which are to the regions allocated to the hardware you want to reverse engineer. Just take a look at the code and make you best guess at what it's trying to go, then mess around with it and see what happens when the code is excecuted. A remote debugging client would be helpful for this so you'll want to consider making one using what you know about the CPU and performing I/O to the whatever port you can find on the console that you can buy or buld an interface for connecting to your PC. Then you could do stuff like examine the systems memory, break at certain points in the code, ect. Of course if you had a devkit then these features would probobly be included.

Well I'm by no means an expert on this, I'm just going with my best guess on how I'd approach it based on my experiences in low-level programming. I hope one of the emu authors that frequents this board takes notice of this thread. They could definately give you some good advice on the matter.
 

·
Transcended
Joined
·
1,416 Posts
I'm a disassembler by nature... and take it from me, you DON'T want to do it from scratch. ___Xzyx987X covered it pretty well. I'm just gonna add one point. Oftentimes, there are "features" in the instruction set / CPU which defy logic. Meaning, there's no darn reason for it to work that way, but it does. So , be careful.

Get the docs and devkit.

Good luck!
 

·
Transcended
Joined
·
1,416 Posts
Universal excuse. :lol:

Xeven said:
Well.. "its a feature not a bug" :p
 

·
Memories are all I have..
Joined
·
423 Posts
ok..hope im not retriving an old thread, but for the sake of e threadstarter and those that wanna learn reverse engin,
heres one of those "game" sites on it. Basically the creator gives you a puzzle, ya gotta solve it using reverse engin. Each time you solve it you'll get alot of info and tech's on reverse engine
In response to the threadstarters Q, im not too sure if this guy covers hardware reverse engin on the later puzzles since i never got that far, but maybe you can check it out
http://3564020356.org
 

·
pee comes out the weewee
Joined
·
79 Posts
his site seems to have guides about many things, the further you get, the more info you recieve i suppose, at first level you get a power browsing document, this second riddle is quite hard though.

Edit: lol, i didnt' look very much, there are many things that are offered. not just a power browsing document
 

·
Registered
Joined
·
6 Posts
Discussion Starter · #14 ·
I think that zenogais right, i'm on fourth level and there is nothing on topic, but finding solutions for those riddles is much fun. By the way, zenogais do you know something interesting about reverse engineering hardware.
 

·
Registered
Joined
·
774 Posts
In order to circumvent copyright it is, according to the DCMA. Other than that, no. I think that only applies to the US though, not sure about anywhere else.
 

·
Registered
Joined
·
1,577 Posts
Under Sect. 1201 (f) Reverse Engineering exception of the DMCA, it is legal to reverse engineer for the purpose of writing interoperable software.

I've seen that site mentioned earlier on Hackergames.net. Never given it a go yet though.
 

·
<B><font color="lightyellow" size = "1">A BIG BAD
Joined
·
5,568 Posts
uhh, lesson 1's one freaking long tut :heh: okay, so that's already stated :p
 
1 - 18 of 18 Posts
Top