At present, most software is released in the form of executable code. Using Static MCU Firmware Disassembly Tool, it can be easily analyzed to find its loopholes and core algorithms, and then illegally modify or steal its intellectual property.

In order to prevent such illegal behaviors, many softwares use technologies such as program fingerprints and program watermarks, but these technologies still can’t protect the software from IC program attacks and piracy very effectively.

Static Disassembly Tool can also analyze programs that implement these program protection technologies, thereby isolating or destroying these watermarks and fingerprints, making their preventive effect invalid.

However, if the program itself has the performance of anti-static disassembly, it can increase the difficulty for an mcu attacker to analyze the executable code and thus play a role in software protection.

After researching the basic algorithms implemented by the static disassembler and the assembly-level code of a large number of programs, I discovered that: using a technique we call control flow hiding can achieve the purpose of preventing or interfering with the effective disassembly of the mcu binary static disassembler. That is, it can make the executable program itself have the performance of anti-static disassembly.

“Control flow hiding” technology is to transform the assembly code level program using a certain method to hide the key points of the program to determine the static control flow of the program as much as possible or forge some key points related to the control flow of the program to confuse the static reaction. Assembly tools to get incorrect static program control flow and thus incorrect disassembly results.