REV is structured in 6 work packages (WP).

WP 0

Managed by Aurélien Francillon

This WP covers administrative and scientific coordination, dissemination, the demonstration platform and a preliminary analysis of project requirements.

WP 1

Managed by Driss Aboulkassimi

Most published work on exploiting hardware attacks such as covert channel analysis and fault injection targets smart cards or microcontrollers, which are less complex than the SoCs (system on chips) embedded in smartphones. The main aim of this WP is to develop new techniques for exporting knowledge of physical attacks from a simple system to these complex devices.

WP 2

Managed by Clémentine Maurice

It is becoming increasingly important to combine software and hardware aspects in order to characterize a platform’s attack surface. In this WP, we are focusing on the interactions between software and hardware (notably via micro-architecture), and on low-level software, particularly in the forensic aspect.

WP 3

Managed by Sébastien Bardin

In this WP, the ambition is to make major advances in vulnerability research and exploitation, particularly on Android applications, their TEEs and underlying techniques.

WP 4

Managed by Vincent Nicomette

This “Application and communications aspects” WP focuses on analyzing vulnerabilities in specific applications and communication protocols, with a particular emphasis on Web applications and IoT communication protocols.

WP 5

Managed by Noémie Veron

This WP studies the legal framework for exploiting vulnerabilities in digital systems: this includes an analysis of existing standards (national and international), both as regards the exploitation of vulnerabilities by police forces, and the admissibility of digital evidence. A number of “red lines” will be drawn, as they are potentially highly prejudicial to rights and freedoms.