Secure-IC

France

Secure-IC recently achieved ten years in business of growth and progression, during which time, the company has expanded globally. With presence in 20 countries across 5 continents, Secure-IC has established a thought leadership position in the security world. Secure-IC sets itself apart by accompanying customers along the IC design process by providing best in class protection technologies, integrated secure elements and security platforms to reach the best available certification required for different markets.  Combining a full set of analysis platforms with best of breed set of security technologies & backed by almost 40 families of international patents, Secure-IC is considered a leader in cyberspace security embedded systems.  Secure-IC protects companies against attacks and guarantees at each stage of the design process that the absolute optimal security level is reached.  The best of breed technologies that are provided stem from the company’s commitment to the research community in order to foresee future major threats, tackle problems with innovative solutions & empower the intricate work of the industry standardization bodies.  The company provides Silicon proven technology, pioneering in AI for embedded security, post quantum & hybrid, and state-of-the-art synthesis of attacks/ countermeasures.   The embedded security system lines can be better recognized as SecuryzrTM,  Laboryzr, TM and Expertyzr TM  with the latter offering analysis tools and guaranteeing certification readiness and security assurance.

Services

Securyzr

Secure-IC is able to supply embedded Hardware Security Modules that can act as trust anchors that protect the security setup of a company.  A hardware security module is a IP block which can be embedded into every device to answer security functionalities such as root-of-trust and key management.

Secure-IC Securyzr provides the core security services required to build a security architecture for a wide variety of devices : mobile, connected object, payment device, smart card, ECU, Set-Top-Box, and HSM.

 

Key features

  • Customizable API
  • Proven Security & Certification ready (market specific and security certified)
  • Full digital solution

Personalised market solutions

 

Security functions

  • End-to-end, best of breed solutions
  • Root-of-trust: Secure Boot and Secure Secret Storage (unique ID, secret key)
  • Security Monitoring: Secure Debug, Lifecycle Management
  • Strong tamper resistance: fault injection and perturbation attacks resilience
  • Data protection ensured

Laboryzr

LABORYZR allows a security evaluation at both layers of an embedded system: the IC and the Software layers respectively. The VIRTUALYZR is in charge of the pre-silicon stage which targets the design source itself. The ANALYZR allows a post-silicon evaluation based on a real chip or device. LABORYZR does more; it also provides the CATALYZR which is dedicated to the evaluation of any software implementation.

 

LABORYZR includes 3 tools:

 

– VIRTUALYZR tool is the only one tool which allows to evaluate side-channel security during this pre-silicon design stage, from the first source code of IP (Intellectual Property) toward SoC Layout (GDS2) just before going to foundry.

– ANALYZR tool does physical security evaluation on real physical chip/board. It includes all material platforms to perform SCA measurements and FIA injection, then analysis.

– CATALYZR tool offers support to the LABORYZR solution with software evaluation reporting options.

Analyzr (Post silicon evaluation)

Analyzr is the most advanced post-silicon security evaluation platform on the market. The target to evaluate can be any embedded system, ranging from testing chips as FPGA, ASIC and Micro-controllers to end-user devices such as IoTs, smartphones, smart cards and automotive eletronic circuits.– VIRTUALYZR tool is the only one tool which allows to evaluate side-channel security during this pre-silicon design stage, from the first source Our scientists have authored some of the most advanced and highly regarded side-channel analysis and protection methodologies.

 

Advanced Modules

  • Preprocessing
  • 6D-Cartography
  • NICV Analysis
  • Fault Exploitation (DFA)
  • Report Generation
  • ISO-17825 standard

Key Features

  • State-of-the art attacks
  • Single integrated tool for Side-Channel Analysis and Fault Injection Attacks
  • Classic & advanced techniques
  • Analyze standard or self –authored algorithms
  • Unique ability to analyze leakage at the bit level, and precisely measure security-level
  • Real-time acquisition, analysis and processing
  • Intuitive graphical interface
  • Standard packages for beginner or expert users
  • Customizable packages
  • One-button, analysis reports automatically generated
  • FIPs-140 and ISO-17825 ready

Virtualyzr (Pre silicon evaluation)

VIRTUALYZR is an electronic design automation (EDA) software tool dedicated to pre-silicon security evaluation. The tool is easy to integrate within the design conception flow and allows a security check point at all design levels, namely RTL, Post Synthesis, Place-and-Route and Layout. Moreover, the analysis is end-to-end: from the design source, IP or SoC, to the full security report generation. Security vulnerabilities are extracted from any cryptographic, non-cryptographic or functional (bus, memories) implementation.

 

Two types of analysis are possible :

  • Black box-based analysis assumes that the secret is unknown and tries to recover the secret information. This allows measuring the extent of an attacker: how much time he needs to break the system. The Virtualyzr provides the last and powerful analyses existing for SCA and FIA.

 

  • White box-based analysis assumes that the secret is known and tries to focus on how such secret is behaving. In this context, the Smart-SIC Virtualyzr provides powerful metrics based on advanced statistical computation derived from the recent literature of physical analysis.

Catalyzr

The CATALYZR provides unique features to evaluate and correct a software source code:

  • Quickly assess the code against the most efficient attacks on software code
  1. Side-Channel Attacks, Micro-architectural
  2. Best attacker model considered (no noise, reproducible, perfect synchronization)
  3. Focused only on the relevant functions
  • Evaluate the implementation of countermeasures
  • Have a direct feedback on the vulnerabilities at the code level
  • Integrate it in automated testing framework
  • One tool for all cyber-physical attacks: Timing and Amplitude, Micro-architectural attacks

The tool allows going from a Source Code up to:

  • the Leakage Assessment Report with the detail of the detected leakages and their criticality
  • the Leakage Investigation Report with the modules and lines of code to correct

 

The Leakage Assessment is done with the state-of-the-art attacks on software implementations. It provides metrics to detect and quantify the leakages and try to exploit it from a hacker standpoint. This is done thanks to a library of advanced processing executed in an automatic and generic workflow.

 

With the Leakage Investigation, Secure-IC tool brings a huge added value to designers. It helps interpreting the results and understanding what the origin of the leakage is. It provides a full identification of vulnerabilities for an early correction.

Embedded Security Evaluation as a Service

Before the design, during the design, and after the design, Secure-IC supplies Evaluation as a service for governments, design houses, HW/SW applications developers and end-user technology manafacturers.

The end goal is to help companies be ready and succeed at any level of standard certification.

Within the Evaluation as a service solution, you can;

  • Check compliance of target evaluation to standard certification levels
  • Test the target evaluation against advanced attacks
  • Review code design and structure
  • Review security design & integration level
  • Select algorithmic and specification level
  • Select appropriate countermeasure
  • Pre-silicon evaluation analysis
  • Software analysis
  • White box/ Black box evaluation

IP Cores

Tunable Cryptography

Cryptography technologies with a Tri-Dimensional trade-off of speed vs area vs security to cover customers’ needs, from Symmetric Cryptography to Asymmetric Cryptography and Hash functions.

 

Key Features

 

  • Tunability for consumer requirements
  • Security (different levels, SCA, FIA)
  • Modes
  • Area
  • Power consumption
  • Throughput
  • Security evaluation
  • Before delivery, internal security evaluation
  • Secure-IC’s Virtualyzr tool: Pre-Silicon Security Evaluation tool
  • Check that it is impossible to find all or part of the secret key
  • Above state-of-the-art embedded counter-measures

True Random Number Generator

Random number generation is a keystone in security.

 

True Random Number Generator (TRNG) resilient to harmonic injection for statistically independent sets of bits generation and Deterministic Random Bit Generator (DRBG) for high bitrates requirements.These random generators are compliant with commonly used  statistical tests suites.

 

Secure-IC offers TRNG compliant with SP 800-90C.

 

  • TRNG
  • 2 types of entropy source
  • Based on metastability
  • Based on ring oscillator
  • Full digital entropy source
  • Fast: Raw output = 1-random bit per 1 clock cycle
  • Compliant with:
  • NIST (SP 800-90B)
  • AIS-31 (tunable from PTG.1 up to PTG.3 classes)
  • Embedded health tests for failure / attack detection
  • Embedded strong post-processing for further attack mitigation
  • PRNG: CTR-DRBG
  • Designed with AES
  • Compliant with:
  • NIST (SP 800-90A)
  • CAVP validated

 

Key Features

 

  • Fully digital:
  • Lower area
  • Easy implementation
  • Easy transferable to any Design Kit
  • High security and safety
  • Resilient to coupling with internal periodic signal (metastability only)
  • Resilient to external harmonic injection (metastability only)
  • Robust against process, temperature and voltage variations
  • Post-silicon fine tuning to ensure high-level functional safety

Physically Unclonable Function

Tamperproof secret generation with high entropy and reliability

 

  • Free-RAM PUF
  • Design with standard cell library
  • Easy transferable to any Design Kit
  • No helper data (depending of the targeted reliability)
  • Aging experiment achieved
  • PUF vs OTP:
  • Secret is extracted from silicium vs Secret is written in silicium
  • Secret stored in OTP can be reversed
  • OTP needs redundancy

 

Key Features

 

  • Uniqueness
  • Each device has its own signature
  • Steadiness
  • The PUF response is not sensitive to noise
  • Randomness
  • Good bit entropy
  • Robustness against attacks
  • Physical cloning (always true for a PUF)
  • Mathematical cloning (by modeling)
  • Flexible and Customizable
  • Answer the various tradeoffs
  • Secure-IC PUF

 

Proven performances on all criteria : Uniqueness, Steadiness, Randomness

Digital Sensor

Universal fully-integrated fault attack sensor

 

  • Monitors for abnormal operating conditions
  • Small digital circuits monitoring behavior, conditions
  • Raises an alarm when situation becomes critical
  • System engineer decides action to perform w/alarm
  • Sensitive to the following
  • Temperature
  • Voltage
  • Clock frequency
  • Laser exposure, EM exposure
  • “Global vs. localized” threats
  • Global: Temperature, voltage, clock frequency (single-sensor)
  • Local: EM or surface-level laser attack (multi-sensor)
  • IP is completely Digital which makes it…
  • Difficult to locate because it is melted in the circuit/logic/standard cells
  • Easier to port to a new technology
  • “True-time” hardware alarm (predictable latency)

 

Key Features

 

  • A unique sensor for multiple kind of attacks
  • Fully Digital
  • No calibration after design

Active Shield

Active shielding and detection against invasive attacks

 

  • Active shield against circuit edition
  • Modification of the circuit to cut lines (verification, locks, etc.)
  • Done when there is no power, with a FIB
  • Active shield protection
  • FIB back-side circuit edition has been reported recently, but is complex and limited
  • So the attacker must break into the chip front-side
  • With Secure-IC Active Shield structure, it is difficult to
  • Remove the shield
  • Edit the circuit (in the low levels)
  • Redraw the shield

 

Key Features

 

  • Random cryptographically-generated patterns to detect integrity violations
  • Fully digital
  • Low area
  • Easy transferable to any Design Kit
  • No calibration after design

Scrambled Bus

Probing and tampering resilient interconnect

 

  • Protecting bus against malevolent probing/tampering
  • Protect against High-order attacks
  • Configurable security parameters
  • Number of probes
  • Number of faults
  • Transparent for the bus masters and slaves

 

Key Features

 

  • Cryptographically secure masking
  • Tunability for consumer requirements
  • Security
  • Latency
  • Area
  • Frequency
  • Transparent for bus masters and slaves
  • Adaptable to various bus protocols

Memory Ciphering

Memory protection against reverse engineering and tampering

  • Protecting raw memory content from malevolent access
  • Memory protection from the beginning it is written
  • Available with zero latency or high frequency
  • Light implementation
  • Fault injection detection available as an option

Key Features

 

  • Tunability for consumer requirements
  • Security
  • Latency
  • Area
  • Frequency
  • Word size
  • Cryptographically secure Ciphering Algorithm
  • Fault Injection detection

Secure Clock

Side-channels and fault injection anti-synchronization tool

 

  • Data from attacks are pieced together through precise timing
  • Secure Clock introduces jitter to complicate things for attacker
  • By introducing frequency changes randomly over time
  • Desynchronizes the activity of the circuit

Secure Boot

Highly secured root of trust

 

  • Security Objectives
  • Ensure the executed code has not been tampered
  • Ensure the executed code comes from a trusted party
  • Ensure the firmware’s confidentiality
  • Ensure updates security
  • Addressed Threats
  • Firmware tampering
  • Invasive probing
  • Side-channel analysis
  • Fault injection analysis
  • Invasive hardware modifications (FIB)
  • Root of trust establishment is required
  • Initial trust in the hardware platform
  • Initial trust in the executed software

 

Key Features

 

  • Tunability for consumer requirements:
  • Security
  • Various options: public/private key authentication – SCA – FIA – PUF
  • Area
  • Performance
  • Ensure Secure Firmware Update
  • Security evaluation
  • Before delivery, internal security evaluation
  • Secure-IC’s Virtualyzr tool: Pre-Silicon Security Evaluation tool
  • Check that it is impossible to find all or part of the secret key

Smart Monitor – AI for Cybersecurity

Embedded Cyber-security powered by AI

.

Create collective intelligence between IPs and other whistleblowers

  • Sources of information are diverse, abundant
  • Signals could come from on-chip analog sensors, digital sensors, software reports…
  • from opportunistic media (weak signals) = Indice of Compromission (IoC)

By leveraging diversity and complementary

  • Sensitive to physical vs logical malfunctions
  • Able to detect permanent problems vs transient issues
  • Instantiated multiple times

Key Features

Gain assurance in Threat Detection

  • Additional signals are aggregated for security event detection: multimodal analysis
  • Learning phase to “lock down the perimeter” of attack
  • Confidence & Robustness – Reduce false alarms and false positive event

The right decision at the right time in full knowledge

  • Anatomy of an attack (nature, temporality, locality, intensity, attack phase…)
  • Gain advantage over attackers (attack diagnosis): reverse the advantage
  • Built an on-chip security Headquarter to react properly – Security strategy

Business Intelligence

  • Know your device’s every-day life
  • Attack typology and statistics for ≠ device categories, geographic areas, technology nodes

Cyber Escort Unit

Hardware-enabled Cyber-security protection for embedded systems, computers and IoT devices

Fill the security gap between SW cybersecurity and HW embedded security

High security for nearly zero impact on performances

Ideal for Secure Boot & protection of security-critical and crypto applications

Forensics reporting, threat analysis → reverse the advantage

Differentiator: High symbolic impact on the market

Think ahead: Ahead of DARPA’s SSITH program

 

Key Features

  • No processor modification
  • Agnostic for the program
  • Real-time detection – no latency as for SW solutions
  • Resilient to cyber-attacks because inaccesible to hackers and to advanced FIA such as EMFI