Digital systems are becoming increasingly complex, and their security has largely improved over the last decades. However, this level of security is not homogeneous, and especially remains relative to an effort put in place to conduct a given set of attacks. In this project we aim to study attacks on computer systems by taking as examples smartphones and connected objects. We approach the problem via several axes, with the purpose to create a French community that is recognized in vulnerability research and exploitation. A notable characteristic of these complex targets is that they can generally no longer be attacked using a single technique or exploiting a single vulnerability, due to the deployment of numerous protections. For this reason, the REV project is tackling this task at multiple levels by addressing all layers, hardware, software and communication interfaces (web and IoT). For this, one of the project's objectives is to combine several tools and approaches simultaneously: for example, memory analysis will benefit from advances in hardware attacks, and will be used to develop exploits. This broad-spectrum analysis is fundamental today: as an illustration, hardware attacks can be combined with software attacks, software attacks can be based on weaknesses in the micro-architecture or require advanced network interactions. Moreover, the impact of attacks and exploits nowadays goes far beyond malicious use, allowing for instance to forensically investigate complex systems such as smartphones. The question also arises from an ethical and legal point of view, and this is a major societal issue: to which extent is it possible to use these techniques, in particular for law enforcement, from an ethical or legal point of view. What is the possible use of these attacks, when should they be corrected ("responsible disclosure") or used, and in what legal framework?
The project aims at spin-offs on different applications, forensics but also the correction of vulnerabilities. These two spin-offs are antagonistic and are at the heart of many societal debates. One of the fundamental issues concerns the correction of identified vulnerabilities: should they be corrected and disseminated, in order to protect users (citizens as well as state services), or on the contrary kept allowing the extraction of information by law enforcement agencies? This project will approach this aspect from the point of view of legal research.
Coordinator: Aurélien Francillon (EURECOM)