Device Security
Consultancy
Improve the security of your product’s design and implementation.
Our services
Device Security
Device Security
Testing
Evaluate your product’s security and verify your assumptions on security.
Device Security
Training
Develop the embedded security knowledge and skills of your workforce.
We add value to your business
Going the extra mile for providing the best Device Security expertise possible.
Knowledge
We leverage our extensive knowledge on device-level security (e.g. Secure Boot, TEEs) and advanced testing techniques (e.g. Fault Injection) for securing your product.
Moreover, our insightful training program and other innovative services can significantly contribute to your company’s knowledge development.
Expertise
We have tested, broken and secured countless secure products, at a professional lab level. Across multiple industries and against all range of adversaries.
We have witnessed first-hand the progress of security in the last 10 years within a wide variety of devices used by different markets (e.g. Mobile, Payment, Automotive, Industrial, IoT).
Research
Research is a core activity at Realize. We actively pursue areas of interest to us and our customers. You can read our research results on our blog on this website.
We would be happy to help you with the identification of new ways to attack or secure your product’s software and hardware.
Perspective
We take in your product’s design or implementation as a whole, aiming to contribute to its security from its hardware foundations to its critical software layers.
We always analyze devices or components thereof with an eye for the system it operates in. We adapt our approach to the needs and threats applicable for your use case or business case.
Recent Projects
Secure Code Review
Trusted Application
We reviewed the code of a TA, executed within a TEE, which implemented a DRM solution.
We identified multiple vulnerabilities that can be exploited from the REE or other TAs, by attackers with and without physical access to the device.
Secure Architecture Review
System-on-Chip (SoC)
We reviewed the security architecture of a modern SoC implementing the ARMv8 architecture.
We found multiple vulnerabilities and weaknesses in the SoC’s OTP controller, TZASC and TZPC. Also, we identified several potential fault injection vulnerabilities.
Penetration Test
Embedded Device
We used a (hardware) flash programmer to extract the software from the device and performed binary analysis.
We identified multiple exploitable vulnerabilities that can be exploited by attacker with and without physical access to the device.
Architecture Review
TEE Operating System (OS)
We used our TEE expertise to support a manufacturer during the design and implementation of a TEE OS.
As our services were requested during the development phase, we were able to guide the manufacturer towards a stronger implementation before the product’s release.
Private TEE Training
Manufacturer and Security Lab
We gave our TEEPwn training in a private setting to the personnel of a manufacturer and a security lab.
During these trainings the attendees worked their way through many hands-on exercises, immediately applying the concepts received during lectures.
Secure Code Review
ROM bootloader
We reviewed the code of a ROM bootloader implemented by a System-on-Chip (SoC).
We identified multiple vulnerabilities in the recovery mode implemented by the ROM code, which could be exploited by an attacker with physical access.
The crew at Raelize, Cristofaro Mune and Niek Timmers, bring technical excellence coupled with several years of experience in the cybersecurity field both from a hardware and a software perspective. I have followed their work over the past decade. They have managed to demonstrate on several occasions ‘making the theoretical, practical’. If you really want to learn about controlled attacks on secured environments, be it secure boot, or be it secure enclave, the folks at Raelize have got you covered!
We are extremely honored to have had Niek Timmers and Cristofaro Mune as trainers at our flagship events nullcon & hardwear.io since the last two years. Their research has always caught the attention of the technical audience and the industry definitely learns a lot of from their publications. We wish them both great success.
Latest Posts
Measuring Billions of Traces Per Day using Segmented Memory
Side Channel Analysis (SCA) attacks generally speaking consisting of three phases: acquisition, …
Read moreEspressif ESP32: Glitching The OTP Data Transfer
Modern System-on-Chips (SoCs) include security critical features which are often configured securely …
Read moreEspressif ESP32: Breaking HW AES with Electromagnetic …
In our previous blog post, we’ve shown how we extracted the secret key from the ESP32’s …
Read moreContact Us
Contact Details
Feel free to contact us, we will be happy to listen and support.
Meeuwenlaan 20, 3055 CL, Rotterdam, The Netherlands
Email: info@raelize.com
VAT: NL861445934B01
KVK: 78549477
While Raelize is a young company, it already has an impressive amount of knowledge and experience. I have worked with both Cristofaro and Niek, and recommend them for their high ethical and quality standards.