INDUSTRIES

Semiconductor Manufacturer Services & Solutions

We ensure the security and robustness of our semiconductor clients’ products based on more than 25 years of research, analysis, development and operational excellence working with the world's largest SoC innovators.

Download the Fact Sheet
Semiconductor manufacturers IoT security illustration

Our mission

We empower you to build and sell secure products throughout their entire lifecycle

We have a unique portfolio of services and solutions that give SoC manufacturers critical insights and proven technologies to help them meet the quickly evolving regulatory and customer expectations around security.

build chipset icon

Build secure, validated chipsets

We make your product secure by offering design, security assessment and pre-certification support, as well as a Secure IP block that enables advanced, efficient key management and late provisioning for any connected device. 

Lifecycle management in IoT security

Enable efficient lifecycle management

We provide the technology  and infrastructure required to effectively manage security risks and operational complexity. We provide means to efficiently and securely handle key material both in-factory, as well as simplifying in-field provisioning. 

HOLISTIC 360° OFFERING

Ingredients for building a secure chipset, from design to operations

From initial threat assessment through ongoing lifecycle management, Kudelski IoT offers semiconductor manufacturers a wide variety services and solutions to help you protect your reputation, meet customer demand and comply with increasing IoT security regulatory requirements.

Secure IP – a Kudelski HW Root of Trust

  • Immutable device identity
  • Hardware key protection and key management
  • Secure storage, isolation, anti-tampering
  • Cryptographic functions
  • Secure interfaces
  • Security services for SoC and device
  • Support for Secure Boot and lifecycle management

Threat Assessment &
Risk Analysis

  • Identification of assets, risks, probabilities and impact
  • System- and device-wide threat analysis
  • Market-specific TARA such as ISO 21434, IEC 62443, EN 303645, ED203A

Lab Evaluation

  • Validate the effectiveness of countermeasures and security controls
  • Non-invasive low-cost attacks
  • State of the art side channel attacks
  • Electrical and EM glitch, DPA, laser multi-location, multitemporal hardware attacks

keySTREAM Lifecycle Management

  • Onboarding and provisioning
  • PKI-as-a-service
  • Security monitoring
  • Secure Firmware Updates
  • JTAG management

Validation & Certification

  • Remediation analysis
  • CSPN certification (accredited lab)
  • PSA and SESIP pre-certification support

Secure Design and Development

  • Architecture assessment
  • Security consulting
  • ROM and firmware review
  • Tailored research program
  • Licensing of test tools
Semiconductor Manufacturers Fact Sheet

Fact Sheet

Semiconductor Manufacturer Services & Solutions

Learn more about how we can help you build and validate secure IoT SoCs

Get the PDF

BEHIND THE SCENES

Our IoT Security Labs ensure you stay one step ahead of hackers

Using advanced tools in our state-of-the-art Swiss labs, we carry out a wide variety of tests and attacks on your technology in order to provide you with actionable security insights. Below are just a few of the techniques we use.

A person testing a device for iot security in the Kudelski iot labs

Side Channel Analysis

Side Channel Analysis refers to the use of information leakage related to an event which is obtained through secondary phenomenon, such as changes in power consumption or magnetic field emission.

When protections such as masking are not sufficiently efficient, it can lead to the recovery of secrets from the operation of an electronic device. Often these secrets are cryptographic keys.

  • Power and electromagnetic analysis
  • Differential Power Analysis, Correlation Power Analysis, Mutual Information Analysis
  • In-house developed trace processing suite
A person doing an iot security assessment

Fault Injection

Fault attacks modify the behavior of a system, by disrupting the code executed by semiconductors.

It may allow access to restricted functionality or information (keys, parameters or code) and can simplify cryptographic attacks compared to brute force attacks. It can also be used as an enabler to perform further attacks such as code dump.

  • Laser, Electro-magnetic and electrical glitch injection
  • Multi-location, multi-fault laser and Electro-magnetic capability with fast repetition
  • Real-time multiple fault synchronization to internal events
  • Differential fault analysis, key and date extraction
A person working in the iot security labs

Imaging & IC Modification

Invasive techniques are performed with powerful tools for imaging (SEM) and circuit edit (FIB).

Reverse engineering allows the identification of specific logic and circuit edit tools can remove (nano-etching) or deposit materials (nano-soldering) with nanometer precision. These capabilities can be used to cut and connect circuitry within a device, allowing a permanent modification of the behavior of the chip, as well as to create probe points for accessing signals of interest.

  • Device teardown
  • Sub-micron imaging and circuit modification
  • Scanning Electron Microscope (SEM)
  • Focused Ion Beam (FIB)
  • Localized circuit reverse engineering
A person working in the kudelski iot security labs

SW Attacks & Pentest

Flawed functions and exposed network services may lead to the compromise of an entire network or system.

They allow an unverified user to steal data or gain further access, elevating privileges to administrator level, tamper with a device or get insights on means to develop targeted attacks. The extraction and the analysis of a firmware and memory content can highlight maintenance or supervisor accounts, injection flaws, buffer overflows, format strings or firmware update and secure boot vulnerabilities.

  • White-box security evaluation of source code
  • Security coding guidelines / best practices
  • Micro-code extraction, de-obfuscation, decompilation and reverse engineering
  • Embedded device penetration testing
  • Software defined radio signal processing
  • Common Vulnerabilities and Exposures (CVE) detection
Insights

Articles related to Semiconductor Manufacturers

Read more Insights

GET IN TOUCH

Contact us to learn more

For more information about our Semiconductor Manufacturers offering, contact us….