Tag Archives: forensic engineering

Bob Zeidman Named IEEE Outstanding Engineer in the Region 6 Central Area

Software forensics pioneer earns third honor from renowned industry organization

CUPERTINO, Calif. Sept. 29, 2015Zeidman Consulting, a research and development contract firm specializing in digital hardware design, software design and software forensics, announced today that founder and president, Bob Zeidman, secured the Outstanding Engineer Award from the Institute of Electrical and Electronics Engineers’ (IEEE) Region 6 Central Area. Zeidman was honored for his significant advances in the field of software forensics. The IEEE Region 6 Central Area includes Central California, Northern Nevada and Hawaii.

The IEEE Awards program recognizes professionals who have made substantial contributions to technology and the engineering profession. An expert in a variety of engineering fields, Zeidman is distinctly renowned for his pioneering work in software forensics. Zeidman is credited for using software forensics to turn previously subjective information into empirical evidence. He has personally consulted on more than 150 court cases involving billions of dollars in disputed intellectual property, the software forensics tools he developed have been used in litigation worldwide, and his book, “The Software IP Detective’s Handbook,” is considered the standard textbook for software forensics.

Today’s announcement represents Zeidman’s third Outstanding Engineer award from the IEEE; earlier this year, he earned the prize in the IEEE’s Santa Clara Valley Section. Zeidman was nominated by IEEE Fellow Ralph Bernstein for his “accomplishments in the field of software forensics, which he pioneered by turning a subjective process into a quantitative measure and a reliable methodology.”

“This award is not only recognition of my contributions to software forensics, but also a tribute to the value and significance of this field,” said Zeidman. “I am proud to accept this honor and to know that my work has helped bring justice, fairness and efficiency to many tech legal disputes.”

About Bob Zeidman
Bob Zeidman is an inventor and entrepreneur whose ventures include Zeidman ConsultingZeidman TechnologiesSoftware Analysis and Forensic Engineering, Z EnterprisesSamAnna Designs, and Swiss Creek Publications. Bob holds 22 patents and earned degrees in physics and electrical engineering from Cornell University and Stanford University.

SAFE Corporation Awarded Seventh Patent for CodeSuite® Software Forensics Tool

SourceDetective searches the Internet to defend against charges of copying

CUPERTINO, CA (June 3, 2015) – Software Analysis & Forensic Engineering Corporation, the leading provider of forensic tools for software copyright and trade secret analysis, recently earned a seventh patent covering its CodeSuite® tool for comparing software code to help detect copyright infringement.

US patent 9,043,375, “Searching the Internet for Common Elements in a Document in Order to Detect Plagiarism,” covers CodeSuite’s innovative SourceDetective® functionality. While other “software plagiarism detection” tools perform a comparison of code and provide an indication of copying, SourceDetective takes the analysis further by searching the Internet to determine whether code in two different programs – including open source code – might be third-party code.

CodeSuite is the only commercially successful tool for comparing computer source code and object code to find infringement. It has been used successfully in more than 70 intellectual property litigations worldwide, and is recognized by the United States Patent and Trademark Office (USPTO) as a unique invention.

“I developed CodeSuite to overcome the inaccuracies common to other tools that can result in false positives and false negatives,” says Bob Zeidman, president of SAFE Corporation and inventor of CodeSuite. “Too much is at stake for the people and companies involved in IP litigation to rely on false results of any kind.”

CodeSuite 4.7 is available now and can be purchased on a term license or project basis. Project pricing is based on the size of code analyzed and the specific function used for the analysis. More information, and free trial licenses, can be requested by contacting sales@SAFE-corp.biz.

SAFE Corporation Awarded Patent Number Six for its CodeSuite Software Forensics Tool

The CodeCross function of CodeSuite compares functional source code to commented-out source code

CUPERTINO, CA (February 9, 2015) – Software Analysis & Forensic Engineering Corporation, the leading provider of forensic tools for software copyright and trade secret analysis, had its sixth patent allowed covering its CodeSuite® tool for comparing software code to help detect copyright infringement.

This latest patent is entitled “Detecting Plagiarism in Computer Source Code” and covers the CodeCross functionality that compares functional code to non-functional code. CodeSuite is the only commercially successful tool for comparing computer source code and object code to find infringement that has been accepted by the courts. It has been used successfully in over 70 intellectual property litigations worldwide. CodeSuite has been recognized by the USPTO as a unique invention. Our customers agree.

“Other programs that compare software don’t provide any understanding about the comparison or the results,” according to Gary Stringham of Gary Stringham & Associates, who has used CodeSuite in his expert witness cases. “Things match or they don’t. Only CodeSuite allows me to delve into the reasons for the matches, search the Internet for comparable third-party code, and then systematically filter out false positives. This means I can focus on possible infringement very quickly. Or, if nothing is left after filtering, I have a very strong argument against infringement.”

“CodeSuite has survived every challenge in court that it’s ever faced,” says Bob Zeidman, president of SAFE Corporation and inventor of CodeSuite. “Judges and juries like the quantitative, objective measurements produced by CodeSuite when they’re produced by a qualified expert trained in the tool. We provide online certification courses that give lawyers confidence that the expert knows how to use the tool and produce rock solid results that will stand up to scrutiny in court.”

CodeSuite 4.7 is available now and can be purchased on a term license or project basis. Project pricing is based on the size of code analyzed and the specific function used for the analysis. Pricing varies from $10 per megabyte for CodeCross® to $400 per megabyte for CodeMatch®. A six-month unlimited use license for CodeSuite is $50,000. A limited feature version of the program, CodeSuite-LT, is available for a six-month unlimited license for $3,000. Free trial licenses can be requested by contacting sales@SAFE-corp.biz.

Was the Microsoft Empire Built on Stolen Goods?

The history of the computer industry is filled with fascinating tales of sudden riches and lost opportunities. Take that of Ronald Wayne, who cofounded Apple Computer with Steve Wozniak and Steve Jobs but sold his shares for just US $2,300. And John Atanasoff, who proudly showed his digital computer design to John Mauchly who later codesigned the Eniac, typically recognized as the first electronic computer, without credit to Atanasoff. Perhaps the most famous story of missed fame and fortune is that of Gary Kildall. A pioneer in computer operating systems, Kildall started the company Digital Research and wrote Control Program for Microcomputers (CP/M), the operating system used on many of the early hobbyist personal computers, such as the MITS Altair 8800, the IMSAI 8080, and the Osborne 1, before IBM introduced its own PC. Kildall could have been the king of personal computer software, but instead that title went to his small-time rival Bill Gates. For years, rumors have circulated that the code for the original DOS operating system sold by Microsoft is actually copied from the CP/M operating system developed by Digital Research.

A couple years ago we took it upon ourselves to search out the original code and use CodeSuite to determine the truth once and for all. Our research was summarized in a popular (and not-so-popular) article in IEEE Spectrum entitled Did Bill Gates Steal the Heart of DOS? If you haven’t read it, you should. It’s a fun read but it only summarizes our exhaustive results using our tools and procedures for finding copied code. The article generated a lot of controversy and we always intended to publish the full technical details of our analysis, but it’s surprising how many people don’t like our conclusion and wouldn’t publish my paper. But now the full academic paper entitled A Code Correlation Comparison of the DOS and CP/M Operating Systems is available online in the Journal of Software Engineering and Applications. If you want to know the details, and you want to know the truth, it’s in the article and the details are in the paper.

S.A.F.E. Releases CodeSuite 4.7

Software Analysis and Forensic Engineering has just released a new version  of CodeSuite that has some really great new features.

 

PID  spreadsheets

What’s  a PID? It’s a partial identifier. Or more specifically, a partially matching identifier. That’s where two identifiers in code almost match. So for example, the identifiers identifier1 and confident_boy share the partial identifier (or “PID”) ident. CodeMatch has always been able to correlate PIDs and use that in calculating the identifier correlation score as a component of the entire correlation score between two source code files. But there can be so many PIDs that users got blurry-eyed trying to view them all and find suspicious ones in a CodeMatch HTML report. So we came up with a solution. You can now export the PIDs from a CodeSuite database into a spreadsheet. You can see not only the PIDs, but the original identifiers that share the PIDs. Now you can sort and select, cut and paste, and generally look for clues to copying in a simple spreadsheet.

 

FileIdentify™

Part of our process for finding copying has been to first find all the source code files in a directory of files so that you know what to examine. However, there are lots of source code files, and some can be missed. Some programming languages are a bit uncommon and you may not recognize the source code files. Well, we found a solution to that too. The new FileIdentify function of CodeSuite allows you to point at a folder and generate a spreadsheet containing all of the file extensions in that folder and all subfolders. If CodeSuite recognizes the (potential) programming language, it will put that information in the spreadsheet too.

 

XML

From the beginning of CodeSuite, when there was only CodeMatch, the database has always been a fully documented text file that anyone can view. This allows our customers to make their own tools to extract data and statistics from a CodeSuite comparison, and some customers have created some very interesting utilities. Our database format was simple, but grew more complex over the years. Now we have a function in CodeSuite that converts any CodeSuite database into XML so that you can use off-the-shelf tools to examine it, translate it, or write utilities to extract data and statistics.

Job Opening: Software Forensic Engineer

Zeidman Consulting, a leading research and development company (and sister  company to SAFE Corporation), is looking to hire a full-time software forensic engineer. Acting as a high-tech sleuth, this person will analyze and reverse-engineer software using CodeSuite® and other state-of-the-art software tools, helping to resolve lawsuits involving hundreds of millions or billions of dollars. The employee will also work on one of several ongoing cutting edge research projects. These projects often lead to publication in academic journals, presentations at conferences, patents, and new product spinoffs. Past and ongoing projects include:

  • CodeMatch®, a program for comparing and measuring the similarity of different programs.
  • CodeGrid®, a computer grid-enabled version of CodeMatch®.
  • HTML Preprocessor™, a tool for breaking complex HTML pages into components consisting of text, pure HTML, JavaScript, images, etc.
  • RPG, a tool for automatically generating expert reports for copyright, trade secret, and patent litigation.

A successful candidate will need the following attributes:

  • At least a bachelor’s degree in computer science or equivalent. Advanced degree is preferred.
  • Excellent programming skills in one or more programming languages.
  • Ability to work independently on projects that are not well-defined.
  • Excellent verbal and writing skills for creating detailed specifications and reports.
  • Ability to work on multiple projects simultaneously and to switch projects suddenly as the need arises.
  • Enjoys working long hours on interesting projects, including weekends when projects hit critical periods.
  • Enjoys free time when projects are not in critical periods.

Zeidman Consulting pays above average salaries with profit-sharing and provides health insurance and paid time off for holidays, vacation, and illness. To apply, please email a resume to Info@ZeidmanConsulting.com.

Be a Pioneer in the Field of Software Forensics

I hope you’re all aware of my book The Software IP Detective’s Handbook: Measurement, Comparison, and Infringement Detection. It’s the first book on Software Forensics, a field that I pioneered at Software Analysis and Forensic Engineering and Zeidman Consulting. Whereas Digital Forensics deals with bits and files, without any detailed knowledge of the meaning of the data, Software Forensics deals with analysis of software using detailed knowledge of its syntax and functionality to perform analysis to find stolen code and stolen trade secrets. The algorithms described in the book have been used in many court cases. The book also describes algorithms for measuring software evolution, particularly as it relates to IP changes.

If you are a teacher, this is a great time to incorporate the materials in the book into your courses on software development, intellectual property law, business management, and computer science. There’s something for everyone in the various chapters of the book. Your students and you will be at the forefront of an important and very new field of study.

If you’re interested, please contact me.

HTML Preprocessor Released

S.A.F.E. recently released the HTML Preprocessor. The HTML Preprocessor is designed to transform web pages into files that are amenable to analysis by CodeSuite, DocMate, and other source code analysis tools. The HTML Preprocessor examines HTML files and other markup language files and extracts all embedded code into separate files. These files each contain only one kind of code that can be easily analyzed and compared using CodeSuite and DocMate. The code contained in these generated files are:

  • Scripts such as JavaScript and VBScript
  • Cascading style sheets (CSS)
  • Comment text containing HTML comments
  • Message text containing HTML user messages
  • HTML tags
  • Pure HTML
  • Pseudocode representation of the HTML

CodeSuite 4.4 and CodeSuite-LT 1.2 Released

S.A.F.E. recently released version 4.4 of CodeSuite and version 1.1 of CodeSuite-LT. The most important new feature of this version is that these programs now recognizes many different text encoding formats including ASCII, UTF-8, UTF-16, and UTF-32. Characters in alphabets other than the Latin alphabet used for English are now supported. For example, code with comments or strings in Japanese, Korean, Chinese, or Russian can be compared correctly.

The most significant change is to BitMatch. When examining binary object code to find text strings, you can now specify the encoding format of the file. If you’re not sure about the encoding, you can choose multiple formats.

As demand for our products increase outside the United States, we realized a need to support languages in those countries also.

The Software IP Detective’s Handbook

My book on software intellectual property, a labor of love (and hate) for the last two years, has just been published by Prentice-Hall. The book is intended for several different audiences including computer scientists, computer programmers, business managers, lawyers, engineering consultants, expert witnesses, and high-tech entrepreneurs. Some chapters give easy-to-understand explanations of intellectual property concepts including copyrights, patents, and trade secrets. Other chapters are highly mathematical treatments describing quantitative ways of comparing and measuring software and software IP. The first chapter of the book outlines which chapters are most important for the different audiences.

Overall the book covers the following topics:

  • Key concepts of software intellectual property
  • Comparing and correlating source code for signs of theft or infringement
  • Uncovering signs of copying in object code when source code is inaccessible
  • Tracking malware and third-party code in applications
  • Using software clean rooms to avoid IP infringement
  • Understanding IP issues associated with patents, open source, and DMCA

You can purchase your copy from Amazon.com here.