Chip & System Security Testing 
Reconciling how and how in a single and collaborative platform empowering experts.
SOLUTIONS

  • > Side Channel Analysis

    Ready-to-use side channel tools to assess cryptography algorithms.

  • > Fault Injection: Laser, EM & Glitching

    Make sure your chip withstands different techniques of physical fault injections.

  • > Firmware Security Analysis

    Qualify embedded code binaries without physical devices and benches.

  • > Security Failure Analysis

    Photoemission analysis to explore internal information in a chip.

  • > Vulnerability Research

    Dynamic analyses at a system level for investigating potential vulnerabilities.

TECHNOLOGIES

  • > Data Science Platform

    esDynamic is a complete data focused platform to leverage the know-how of your team for complex analyses.

  • > esFirmware Engine

    Assess the security of the firmware of IoT devices against logical and physical attacks.

  • > esReven Engine

    Record and replay vulnerability researches within reverse engineering processes and tools.

PROFESSIONAL SERVICES

  • > Cybersecurity Training

    Grow your expertise with training modules driven by a coach.

  • > Hardware Evaluation Lab

    High-end laboratory capabilities specialized in hardware security evaluations.

Mobile & Backend Security Testing 
Onboard your Mobile Engineering Team into your security challenges with hands-on training, security verifications, and more.
EXPERTISE

  • > Mobile App Security

    Know the threats and risks of your Mobile App.

  • > DevSecOps

    Integrate the security protections verification in your CI/CD pipeline.

SOLUTIONS

  • > Mobile App Security Testing (MAST)

    esChecker SaaS: automating the security testing of your mobile app binary.

PROFESSIONAL SERVICES

  • > Mobile App Penetration Testing

    Testing the resiliency of your Mobile App, SDK or RASP tool.

  • > Backend Penetration Testing

    Testing the resiliency of your Web App, API or Backend Systems.

  • > Coaching for Mobile App Developers

    Providing insights into the mobile app threats and how attackers work by a learning-by-doing approach.

Our Company 
Passionate about security and wanting to work in an exciting and innovative environment? Full time and internship opportunities starting 2023.
OUR COMPANY

  • > Events

CAREERS

  • > Meet our experts

  • > Open positions

    Join our team!

FOLLOW US
Blog
Contact us
eShard
/
Security in Integrated Circuit
/
Fault Injection

What is a Hardware Fault Injection?

A hardware fault injection exploits a physical disruption, mostly ephemeral, to create a logical error. When the logical fault is exploitable, an attacker may severely harm a system. There are different ways to create such a physical disruption: laser fault injection, near field electromagnetic fault injection or power glitching.
Request a free demo
Oscilloscope Security in Chip
EM Fault Injection Kit Probres Electromagnetic

How to qualify a product against hardware fault injection?

Qualifying a hardware product against fault injection requires a laboratory setup in line with the latest developments to anticipate new threats and mitigate risks.

To assess the resistance of your hardware against fault attacks, you need to:

  • Carry out state-of-the-art fault injection campaigns and explore many parameters
  • Consolidate knowledge by gathering, visualising, filtering and exploiting data
Know more about our Fault Injection Kits
Laser Fault Injection Bench

What is Laser Fault Injection by eShard ?

In a close partnership with ALPhANOV, the Laser Fault Injection tool combines ALPhANOV’s excellence in laser and optic systems, together with eShard’s scientific platform.

The resulting solution allows the implementation of Laser Fault Injections at the state-of-the-art.

✅ Simple or double fault injection laser. The smallest and most powerful spot of the industry.

✅ Different laser sources, with a focus on near infrared for back-side.

✅ Back-side imaging with a unique system allowing chip and laser observation while pulsing.

✅ Get further with extra features, such as spot size parameter, tip tilt table, etc.

Download our brochure

What is Power & Clock Glitching Fault Injection by eShard?

At eShard, we propose a ready to use glitching hardware setup that has been designed to fault complex designs such as FPGAs. The hardware bench includes:

  • A high end oscilloscope that is sufficient for fault injection
  • A waveform generator selected for successful glitching The hardware comes integrated with eShard’s Fault Injection Software Platform.
Laser & EM Fault Injection tool bench

What is EMFI Electromagnetic Fault Injection tools by eShard?

At eShard, we have developed our own technology to inject near field electromagnetic pulses. We designed dedicated EMFI probes to inject faults in modern devices, such as SoC (System on Chip) with recent technologies.

  • Sets of injection probes with varying size, inductance and transmittance characteristics
  • Adapted to a commercial pulser
  • Quality of the pulse achieves a high level of quality
Download our brochure
Fault injection-Software Solution esDynamic

Why using esDynamic scientific platform for hardware fault injections ?

You are the experts and esDynamic scientific platform empowers expert for their fault injection experimentations. It is a ready to use solution designed to make sure you stay in control. Reconciling the know and the how into a unique know-how content.

  • esDynamic integrates all the fault injection experimental flow: from the instrumentation to the faulty behavior exploitation
  • Manage Integrated Circuits characterization with extensive scans
  • Create heatmaps
  • Exploit faults with DFA (Differential Fault analysis) on various algorithms
Learn more about esDynamic

Our clients

Empty.png

Open-IC.png

"Purchase and installation went really great. Support responds very fast and is helpful in all questions. Offers also remote sessions for troubleshooting and for practice. Before the purchase we were offered a 30 day trial version (free of charge)."

Close.png

seta.png

Empty.png

Training program

Ecosystems move fast, so do the cybersecurity challenges. Your team must remain up-to-date and master the last security threats because your business and your customers are at stake.
Intermediate
Differential Fault Analysis on symmetric algorithms
Coach: Guillaume Vinet
With this module, you will learn about the main Differential Fault Attacks on AES. You will get familiar with the Piret & Quisquater DFA targetting the AES final rounds and the Kim & Quisquater DFA targeting the AES key schedule. During this training, you will learn how to compute differentials, characterize faults and recover a secret key from faulty AES outputs.
See more details
Novice
Side Channel Marvels Tools & Double Fault Injection Attack
Coach: Guillaume Vinet
This practical course introduces the Side Channel Marvels framework. You will learn how to use its different modules to visualise a binary execution, to perform a CDA or DFA, and finally to recover the master key. This module is also composed of a White-Box challenge that shall be defeated with a double fault attack.
See more details
Intermediate
Laser Fault Injection with esDynamic
Coach: Guillaume Vinet
Using the [esDynamic](https://eshard.com/esdynamic) platform, you will learn how to control ALPhANOV's laser equipment and implement a fault campaign. You will learn how to perform a multi-dimensional scanning, and log results of your campaing. You will learn how to use the delay generator and setup your injection trigger to precisely inject a fault during the device execution. During the practice session, you will get the opportunity to inject a successful laser fault on a device.
See more details
Starter Kit Chip Security by eShard

Starter Kits

Fault injection may turn out to be a powerful means to compromise a device. The ability to secure a system against fault injection depends on the ability to apprehend the technique. It requires practical expertise. Starter kits have been designed to provide the knowledge of practical attacks on recent use cases. They show the complexity of identifying a weakness. Starter kits provide a set of hardware and knowledge to create an in-house reference for practical attacks. For your internal knowledge and training purposes.

  • Hardware kits on modern SoC (System on Chip)
  • Each step of the practical fault injection is described in detail
  • From the bench setup to the final exploitation exhibiting the secret
esCoaching Cybersecurity Training

Grow your Expertise

Getting up to speed in fault injection requires knowledge of the technique and practical experience. Together with ALPhANOV, a dedicated training was designed to cover all aspects of professional laser fault injections. Delivered on site in ALPhANOV’s training centre, this training will cover both the theoretical and practical aspects of a successful fault injection on a real device.

  • Understanding the laser system and the related safety
  • Setting up a laser fault injection campaign to characterize a device
  • Creating a heatmap and exploiting the results
Oscilloscope Security in Chip

Our specialized lab

Our team of experts is available for specialized Fault Injection audits. They have long track records in practical Fault injection experiments with a variety of techniques : Power & Clock Glitch, Electromagnetic Fault Injection, Laser Fault Injection (in partnership with ALPhANOV).

Our experts combined with our high-end laboratory, equipped with high end Fault Injection capabilities lead to best in class Fault Injections evaluations. Our recent works included:

  • Black box security evaluation of a Secure Element chip - Glitch and SCA
  • Evaluation of the resistance of a SE chip against fault injections - LFI & EMFI
  • Detecting and exploiting HW & SW AES implementations on a modern SoC - LFI & EMFI
Know more

Interested

Contact us
CopyRights eShard 2023.
All rights reserved
Privacy policy | Legal Notice
SECURITY TESTING SOLUTIONS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability ResearchMAST: Mobile Application Security Testing
TECHNOLOGIES
Data Science PlatformesFirmware EngineesReven Engine
PROFESSIONAL SERVICES
Cybersecurity TrainingHardware Evaluation LabPenetration Testing for Backend and WebAppPenetration Testing for Mobile Applications
COMPANY
About usJoin our team!EventsBlog