Some representative projects undertaken for clients by SoftwareLitigationConsulting.com include:
Source code examination:
- Numerous source-code examinations under protective order, to show infringement, non-infringement, invalidity, or working/practicing of patent (e.g. to show “domestic industry” in ITC actions), and for copyright and trade-secret cases
- Construction of scripts to partially automate source-code examination (e.g. to extract relevant functions from 100 different versions of source-code tree on other side’s source-code computer)
- For trade-secrets case, designed and wrote software to generate spreadsheet to find similarities between over 1,000 Java source code files found on defendant’s computer on the one hand, with Java source code contained in plaintiff’s PVCS version-control archive on the other.
- In copyright case, automated comparison among over 1 million lines of source code (C/C++, Java, Visual Basic, HTML, resource scripts, help scripts, etc.) produced by defendants and plaintiffs, to find percentage overlap, while filtering out common boilerplate code, and code “constrained” by the application domain; reported results in terms of Altai abstraction-filtration-comparison test.
- In copyright case, examined source code to show evolution of software over five versions, measuring percentage overlap between each, and showing that despite minimal overlap between first and last version, defendant’s first version (stipulated to be based on plaintiff’s software) acted as “scaffolding” within which defendant’s final version was constructed.
- Correlated logged changes to source code in version-control system, with changes to vendor’s contemporaneous public documentation at archive.org (Wayback Machine).
- Tokenization and structural testing of source-code similarity between plaintiff’s and defendant’s code, written in different programming languages but with alleged copying.
- Wrote script to locate changes to specific functions in Java source code, across dozens of produced versions of source code.
- Performed copyright comparison between two source-code trees located on different non-networked computers, using lists of most prevalent non-common tokens from each source-code tree.
Software reverse engineering:
- Numerous inspections of binary/object code in software products, internet services, and mobile devices, to show (or rebut) patent infringement
- Designed and wrote software that uses Java decompiler to automatically find similarities between plaintiff’s and defendant’s binary Java .class files, without access to source code.
- Designed and wrote software that uses Win32/x86 disassembler to automatically compare DLLs and other compiled binary Win32 software, without access to source code. In addition to being used in several software litigation projects, this technique is described in a three-part series: Andrew Schulman, “Finding Binary Clones with Opstrings and Function Digests,” Dr. Dobb’s Journal, July 2005 (Part I), August 2005 (Part II), September 2005 (Part III).
- In antitrust case, designed and wrote software to automatically inspect binary code files to determine inter-module dependencies, and thereby partition system of over 2,000 DLLs into separable components.
- In antitrust case, using Windows ToolHelp API, designed and wrote software to determine the modules used uniquely by (and therefore comprising) Win32 applications running on Windows XP.
- In patent case, using Windows NT kernel device drivers, designed and wrote software to measure use of litigated microprocessor special flags by each process on NT/Win2K/XP systems.
- In antitrust and trade libel cases, given error messages displayed by defendant’s product when plaintiff’s software is run, used Windows and DOS disassemblers and debuggers to trace back from the error messages to the lines of code that produced them; wrote reports assessing whether the error messages were technically necessary, bugs, or deliberate incompatibilities.
- In patent case, used packet sniffers to examine encrypted communications between defendant’s client software and plaintiff’s server.
- In antitrust case, wrote device drivers to help attach external Tekronix counting device to Pentium debug registers, to measure usage or non-usage of operating-system features.
- In antitrust and European competition cases, designed and wrote scripts to verify whether software to be removed from system under court order was, in fact, truly and completed removed.
- Used packet sniffer to verify compliance of client/server communications with web site privacy notice.
- Used sequences of API calls in binary code as “fingerprints” to show similarity between defendant’s and plaintiff’s code, for which source code was not yet produced in discovery.
- In patent case, did BlueTooth Low Energy (BLE) packet monitoring, correlating data in BLE packets with tagged data in XML/JSON from web packet capture.
- In patent case, watched changes made to MySql and encrypted SqlLite (SqlCipher) databases, using “diff” between before & after snaphots of process memory on Android device.
- In patent case, correlate iOS and Android event logging with source code, creating timeline of code execution.
- Preparatory to source-code examination, created map of iOS classes/methods from disassembly and class dump of iOS Simulator files from XCode.
- Preparatory to source-code examination, created map of classes/methods from C++ disassembly and Java decompilation, with function-signature demangling.
- Claim charts in patent litigation (infringement contentions, non-infringement, invalidity, ITC domestic industry, etc.)
- Expert reports and sworn affidavits
- After comparing claims table based on plaintiff’s patent on the one hand with pseudocode for defendant’s software on the other, constructed demonstrative exhibits showing divergence between patent claims and allegedly infringing software.
- Wrote software to partially automate ranking of patent portfolios, based upon intrinsic and extrinsic factors; used software to rank portfolio of over 500 software patents based on relevance to potential infringer’s technology.
- Based on examination of publicly-available information regarding voicemail system used by defendant, determined defendant’s ability to respond to discovery request by keyword-searching archived voicemails.
- As demonstrative exhibit for trial in antitrust case, constructed timelines showing correlation between defendant’s internal emails and code in its shipping product.
For various tools and resources used, see Pinterest board on reverse engineering on source-code exam for litigation.