Protecting Customers and Intellectual Property with Excelsior JET
A success story by Eric Byres, Chief Technology Officer
and Michael Thomas, Lead Developer
Byres Security Inc.
Anyone who has worked on a Java project based on the Eclipse Rich
Client Platform (RCP) knows how powerful and valuable RCP can be.
Unfortunately not all developers realize that there is little
protection for their code and embedded resources in the deliverable
content they distribute. With the abundance of knowledge and tools for
Java disassembly in existence, anyone can obtain a detailed
understanding of the inner workings of and intellectual property
contained within a RCP application with very little effort.
Of course this is not an issue that only plagues RCP applications,
but affects Java applications as a whole. For this reason, Java based
products (RCP or otherwise) can seem better suited to open-source
projects. So when developing a commercial product using RCP, an extra
level of protection is required to protecting your Java bytecode from
being reverse engineered and this can be a difficult task.
Byres Security develops an application called the Tofino Central
Management Platform which is used for managing security appliances in
critical SCADA applications such as nuclear power plants and oil
pipelines. This package is RCP-based, since it allows flexibility in
adding plug-ins and is largely OS independent, but the ease of reverse
engineering Java code was a serious concern for us for several
First of all, the protection of our customer's industrial
installations is crucial. The pluggable and extendable nature of RCP
provides a great architecture for development, but leaves the final
product open to being extended and experimented with by individuals
(i.e. hackers) who may not have our customer's best interest at heart.
We are confident in our abilities to provide smart solutions which
cannot be exploited despite reverse engineering, but compilation
provides our customers with that extra level of comfort in knowing we
have a doubly secure product.
Second, like many high tech companies, our intellectual property is
key to our success and must be protected. Our security technologies are
at the leading edge of our industry and competitors would love to
reverse engineer our products and produce a comparable solution.
Without protection from reverse engineering, we would be far too
susceptible to the theft of our intellectual property.
When it comes to Eclipse RCP applications, our research indicated
that Excelsior JET was really the only solution for code protection.
Its ahead-of-time (AOT) compilation of Java bytecode makes the process
extremely simple and effective - there was no easier way to protect our
RCP application from reverse engineering. Once Excelsior JET was used
on our ready-for-release bytecode, our Quality Assurance (QA) team was
able to demonstrate that the resulting application met or exceeded all
required functions with only two issues that were resolved in less than
a day. And on top of the protection, came the added benefits of an
embedded JVM for easy distribution and increased performance from the
AOT compilation and optimization.
In summary, Excelsior JET really is the only solution for our RCP
based product. It is also the best solution we could hope for. We
recommend the use of Excelsior JET for anyone developing a Java
application containing sensitive code or vital intellectual property
which must be protected.