We are one of the world’s most trusted IoT security labs, and a certification report from us will not only prove you’ve met requirements from Amazon, AT&T or ANSSI (CSPN), but also give you valuable insights on how to make your product more secure.
As an Amazon-Authorized Security Lab, we offer independent security assessments to prove you meet the security requirements for Alexa Built-in devices using Amazon Voice Service (AVS), as well as improve the long-term security of your product.
As an AT&T-Authorized Security Lab for the AT&T and FirstNet® networks, our independent security assessments will allow you to provide AT&T with the report necessary to gain official certification, as well as highlight any opportunities to improve your security posture and protect your product.
As an ANSSI-Authorized Security Lab, we offer independent security assessments to provide evidence that you meet the security requirements for ANSSI’s Certification de Securité de Premier Niveau. We can also give you advice on how to protect your product throughout its entire lifecycle.
As an Authorized Security Lab, we understand what it takes to help you successfully pass the most demanding security certification processes. Our advanced labs have already helped hundreds of clients across many industries secure their connected products.
We will issue a report that you can submit for validation and certification, but we can also offer you a wide range of services and technologies that can help ensure your product and ecosystem provide best-of-class robustness against all current and future threats.
Side Channel Analysis refers to the use of information leakage related to an event which is obtained through secondary phenomenon, such as changes in power consumption or magnetic field emission.
When protections such as masking are not sufficiently efficient, it can lead to the recovery of secrets from the operation of an electronic device. Often these secrets are cryptographic keys.
Fault attacks modify the behavior of a system, by disrupting the code executed by semiconductors.
It may allow access to restricted functionality or information (keys, parameters or code) and can simplify cryptographic attacks compared to brute force attacks. It can also be used as an enabler to perform further attacks such as code dump.
Invasive techniques are performed with powerful tools for imaging (SEM) and circuit edit (FIB).
Reverse engineering allows the identification of specific logic and circuit edit tools can remove (nano-etching) or deposit materials (nano-soldering) with nanometer precision. These capabilities can be used to cut and connect circuitry within a device, allowing a permanent modification of the behavior of the chip, as well as to create probe points for accessing signals of interest.
Flawed functions and exposed network services may lead to the compromise of an entire network or system.
They allow an unverified user to steal data or gain further access, elevating privileges to administrator level, tamper with a device or get insights on means to develop targeted attacks. The extraction and the analysis of a firmware and memory content can highlight maintenance or supervisor accounts, injection flaws, buffer overflows, format strings or firmware update and secure boot vulnerabilities.