THE PROBLEM: Nowadays, several certification schemes exist, such as Common Criteria, EMVCo & FIPS, being a reference on ICs’ level of security. Though, by excluding invasive attacks, these certification schemes leave chip makers & buyers with uncertainty on real IC protection against piracy and counterfeiting:

  • Chip buyers can find it hard to choose the best solution offering the optimum balance between security and price for their specific applications
  • Chip markers cannot guarantee that the ICs on the field can face real world attacks for the duration of their customers’ products’ lifetime on the market


  • We conduct security evaluations from A to Z by following our methodology consisting in imaging and reversing the chip’s internal, then analyzing its weaknesses, and performing the attack if needed. We elaborate Risk Assessment reports including all produced results (images, netlist,…) and the description of the found weaknesses and attacks methods.


  • Chip buyers have technical valuable information that help them make a sound choice on the best security at the right price
  • Chip makers
    • Have a “red team” view on their design
    • Can more easily fight piracy when appropriate
    • Can provide new concrete technical selling points on security to their customers
Embedded Data / Evidence Extraction ROM is the only memory on a chip which is hard-wired at production and can never be altered. For that reason ROM is the most relied upon data in any piece of hardware. When extraction of the ROM code needs to be evaluated, whether it be a few kilobytes or several gigabytes, we can physically read that data out from the chip and back into a binary file that can subsequently be decoded and understood. Flash memories content can be extracted as well with invasive and analytical techniques.