Report

RISE Annual Report (2019-2021)

The Research Institute for Secure Hardware & Embedded Systems has published the RISE Annual Report 2019-2021.

This report summarises RISE’s events and activities since 2019, including their annual conference, and the achievements of the eight RISE-funded research projects. Significant research outputs to date include:

  • Plundervolt – an attack developed as part of the University of Birmingham funded project which exploited vulnerabilities with Intel’s Software Guard Extensions, leading to errors that could leak secret information such as encryption keys.
  • Thunderclap – research by the University of Cambridge team that identified vulnerabilities with USB and Thunderbolt interface standards and which provided security recommendations for hardening systems that were incorporated into the USB 4 standard.
  • The Apple Pay vulnerability discovered by the University of Surrey’s RISE project which showed that Apple Pay in Express Transit mode if used with a Visa card could be abused to make an Apple Pay payment to any shop terminal, of any value, without the need for user authentication