USA
Side-channel attacks are a major threat for hardware devices, including but not limited to:
Protection against these attacks is a major challenge. Even if a defense is designed, it is necessary to produce silicon and verify that it is indeed robust – and in many cases it is not. If that happens, after finding and fixing the program an additional production cycle is necessary, costing significant amounts of money and product delay time.
FortifyIQ is an award-winning startup perfecting the breakthrough methods of fighting vulnerabilities to side-channel attacks in hardware at the microchip design stage, pre-silicon. These attacks include Differential Power Analysis (DPA), Simple Power Analysis (SPA), Electromagnetic Emissions Analysis (EMEA), and Fault Injection Analysis (FIA).
For its comprehensive next-generation portfolio of tools, FortifyIQ received the Cybersecurity 1st place winner award from Milipol 2019.
FortifyIQ offers:
By checking resistance of your device to side-channel attacks at the pre-silicon stage, you can potentially save — in tapeout, masks, and fab run — millions of dollars and several months in your product development process.
PowerIQ is a proprietary revolutionary software suite with built-in patented mathematical modeling for power consumption simulation that replaces the need to physically measure the actual device’s power consumption. PowerIQ simulates power consumption traces from a cryptographic hardware device based on a standard textual representation of the device’s circuitry. The traces are subsequently used by the TraceIQ tool to assess resistance to side-channel attacks.
It is much faster and less expensive to use PowerIQ in the pre-silicon stage than to use an oscilloscope to obtain power consumption traces from the actual physical device after it is built.
In order to find out whether your device is vulnerable to side-channel attacks, we analyze its power consumption traces, and (in the case the device is vulnerable) we find the source of the information leakage, so you can fix it at the pre-silicon stage and repeat this development cycle until the design is not vulnerable anymore.
TraceIQ analyzes traces (either simulated traces produced by PowerIQ or traces measured on the actual device) and attempts to extract the secret key using various mathematical methods of trace analysis. In the case that TraceIQ succeeds to extract the key (which means that the device is vulnerable), it is possible to receive information about the leakage source, e.g. types and specific instances of leaky cells, exact timing of the leakage etc. In particular, TraceIQ can detect leakage caused by transient state transitions of gates in the middle of clock cycles (“glitches”).
FortifyIQ offers a set of secure, patented, proprietary IP cores that are already protected from side-channel attacks like DPA, SPA, and FI. These can be integrated into your SOCs (systems-on-chip).
FortifyIQ IP Core Advantages
Our IP Cores have unparalleled capabilities and functionality for FPGA, IC, ASIC, and SoC designers.
Operation Modes and Architectures
Operation modes and architectures are listed below. Customers can order the Core with any combination of features and modes according to their needs, with FortifyIQ staff’s guidance.
AMBA Interfaces adopted for integration into SoCs
Regardless of the interface, the Core has wide entropy input for effective key masking. The exact width is dependent on the configuration.
FortifyIQ is a U.S.-based company, and our products are based on the following NIST (National Institute of Standards and Technology, U.S. Department of Commerce, https://www.nist.gov) standards:
