The company has developed two software suites which simulate some of the ‘popular’ methods of cyberattack. SideChannel Studio simulates side-channel attacks whereby cyber criminals measure physical characteristics, such as power consumption or EMI when a secret key is used for an operation. They use these measurement to determine the secret value, without leaving a trace.
FaultInjection Studio performs a special-purpose fault simulation. mimicking the other cyberattack, fault injection. This is when the hacker causes faults in chip operation, such as disrupting the circuit function, or increasing frequency to disrupt and then analyses and compares the faulty behaviour with the normal behaviour to determine the value of the secret key.
Using the simulation output, SideChannel Studio and FaultInjection Studio perform the same tests and mount the same attacks that a certification lab would and then check whether there are any signs of leakage. The software tools make it possible to perform security verification during the chip design process, says FortifyIQ, in the same way as developers perform functional verification.
SideChannel Studio and FaultInjection Studio support industry-standard design data formats and can be readily integrated into an existing design flow. Using SideChannel Studio in the pre-silicon stage, designers can be certain the device will pass the Test Vector Leakage Assessment (TVLA) tests necessary for the NIST (National Institute of Standards and Technology) certification.