HomeThe Bluewater BlogReverse Engineering

Bluewater has been involved in several projects with the goal of replacing a legacy system because either the original supplier was no longer available, parts had become non-existent, or simply for a reduction in maintenance costs. Typically the systems are relatively simple, but without any technical details, they can be difficult to divulge. Because the systems predate the advent of the Internet, interface details and user manuals are quite difficult to come by. We have performed this type of reverse engineering task when developing our DDS system, which we designed to replace legacy tape drives in telephone exchanges. The telephone exchange that needed replacing, as a whole, continued to function correctly and fulfill its fundamental tasks, but the maintenance costs of the tape drives was becoming prohibitive. For the DDS system, Bluewater was informed that there was a single interface called Pertec. An Internet search yielded a pinout and limited protocol information. Upon beginning investigation at the customer's site, it was discovered that there were in fact 3 very different interfaces. Pertec, Kennedy and a custom cartridge tape interface that may well have a standardized name but no one could tell us!  The DDS uses a Snapper 255 CPU module. The FPGA on the Snapper 255 was invaluable in allowing us to alter the 'hardware interface' to suit these varied interfaces as we came to understand their nuances. The process is a tedious one. Using a high-speed logic analyser and custom analysis software we would perform an operation on the original tape unit, then repeat the same operation on our unit and look at the respective waveforms. From this, we were able to determine what was significant and what was inconsequential. We then would modify our system to match the original system and repeat ad-infinitum (or so it feels when doing so). The goal is to slowly bring our system up so that it matches the original in all possible usage cases. The obvious downside of this is that we only replicate and verify functionality that we can exercise. If the original system is configured slightly differently, then we have to expand our model to match this. We have systems working flawlessly for years with one customer, but for any new customer, we prefer to visit in person and verify their particular set-up. It's a very time consuming task - and not a very glorious one at that. But at the end of the day, we have replicated legacy systems with only limited details and given them a new lease on life. Along the way we added more modern features such as solid state storage, lower power consumption, remote access and control. Whilst working on these projects in recreation I often have a thought for anyone who - in 20 years time - may have to reverse engineer a SATA or PCI-E interface. Hopefully, documentation for these will still be around and in more detail for them, as what we have had to work with has been next to nothing.