Blog

From Classical Smartcards to Integrated Secure Elements

From Classical Smartcards to Integrated Secure Elements

In this paper Riscure expert provide insights into the complex evaluation of integrated Secure Element (iSE) in System-on-Chip (SoC).
Broadband service providers – a security view

Broadband service providers – a security view

This paper provides insights into the security of broadband service providers.
Demystifying Secure Development for Devices & Apps

Demystifying Secure Development for Devices & Apps

Riscure worked together with Trustonic to accumulate the essential knowledge about secure development of mobile applications.
Security Pitfalls in TEE Development

Security Pitfalls in TEE Development

This paper describes an outlook of the most important future TEE security topics.
Attacking AUTOSAR using Software and Hardware Attacks

Attacking AUTOSAR using Software and Hardware Attacks

This paper describes several scenarios how software and hardware attacks can compromise the security of AUTOSAR-based automotive ECUs.
Hardening Secure Boot On Embedded Devices for Hostile Environments

Hardening Secure Boot On Embedded Devices for Hostile Environments

We present an approach for secure boot design, which can be used as a starting point for a complete hardened secure boot solution.
PEW PEW PEW: Designing Secure Boot Securely

PEW PEW PEW: Designing Secure Boot Securely

We present our vision on secure boot design for embedded devices by means of clear, concrete, practical and easy-to-follow recommendations.
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses

Secure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses

This talk presents a fault simulator created using existing open-source components and without requiring a detailed model of the underlying hardware.
Security implications of accepting transactions on smartphones

Security implications of accepting transactions on smartphones

One of the most exciting innovations in the payment chain for retailers today is the potential of utilizing commercial-of-the-shelf (COTS) smartphones for Point-of-Sale terminals, also known as ...
My journey at Riscure: Anjana Miyar

My journey at Riscure: Anjana Miyar

Anjana Miyar is a Senior Security Analyst at Riscure North America. Anjana’s specialty lies in software security testing. Unlike many others, Anjana did not have prior security experience before ...
Security Highlight: Compromising printers via malicious third-party cartridges

Security Highlight: Compromising printers via malicious third-party cartridges

This fall, HP Inc. published an article describing a buffer overflow vulnerability in their printer software which would allow an attacker to obtain persistent remote code execution on the ...
Tunable Replica Circuit

Tunable Replica Circuit

At the Black Hat 2022, Daniel Nemiroff presented a talk on Tunable Replica Circuits. Riscure CTO of North America, Jasper van Woudenberg had an opportunity to listen to this presentation. Here ...
My journey at Riscure: Caroline Favrot Lee

My journey at Riscure: Caroline Favrot Lee

Caroline Favrot Lee is the Operations Director for Riscure North America. Caroline originally joined Riscure in 2012 as an accountant and office manager for the Riscure North American office, ...
Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

The story of Riscure, like with many other technology businesses, started in the garage. Dissatisfied with the quality of then available hardware testing tooling, Marc Witteman founded Riscure ...
My Journey at Riscure: Pascal van Gimst

My Journey at Riscure: Pascal van Gimst

  How did you join Riscure? I was working in a research institute called TNO, where I was doing chip security testing in a group of 10 people. One of those people was Marc ...
Security Highlight: Glitched on Earth by Humans

Security Highlight: Glitched on Earth by Humans

  The Black Hat conference always brings up interesting and current research within the device security industry. Jasper van Woudenberg attended the latest conference, ...
Getting to know Electro-Magnetic Fault Injection

Getting to know Electro-Magnetic Fault Injection

The Electro-Magnetic Fault Injection (EM-FI) method involves creating an electromagnetic field over the chip that could cause a change in the chip’s behavior. We can use it to try to bypass a ...
Security Highlight: Post Quantum Crypto – are we done yet?

Security Highlight: Post Quantum Crypto – are we done yet?

The US standards institute recently completed the third round of the Post Quantum Crypto (PQC) standardization process. This milestone was long-awaited, and even though we are one step closer to ...