A security researcher wants to deconstruct software to determine how it works. What is this type of analysis called?

The type of analysis referred to in the question is known as reverse engineering. This process involves taking a completed software application and analyzing it to understand its components, functionality, and inner workings. Researchers and security professionals often employ reverse engineering to discover vulnerabilities, identify malicious code, or understand proprietary algorithms within the software.

Reverse engineering typically includes dissecting the software’s binary code or bytecode without access to its original source code. This is distinct from static analysis, which examines the code without executing it, or dynamic analysis, which involves running the program in a controlled environment to observe its behavior in real-time. Side-channel analysis, on the other hand, involves gaining information from the physical implementation of a system.

In summary, reverse engineering is specifically focused on dissecting software to understand its design and operations, making it the correct answer in this context.