Catalyzr™ Security Risk Assessment (SW)
Increase your cyber security with software assessment tools
Assessing the security of software is as important as assessing the security of hardware. Software is complex and can sometime be easily breached. That is why risk assessment is a must when evaluating the security of a software implementation.
Software assessment tools with Catalyzr™
Fully Compliant with Certification Standards
Secure-IC supports its customers reach their desired certification levels with general certifications such as Common Criteria, FIPS-140, ISO, SESIP ; but also to reach their target in more specific standards such as CC AVA_VAN up to level 5, ISO/IEC 17825, OSCCA..
CATALYZR™ Features
- Diagnose (Leakage detection)
- Verify (Leakage Characterization and Exploitation)
- Cure (Fast correction by developer)
Control-Flow based
The Catalyzr™ performs a static analysis at source code level:
- Step-1: Source code preparation
- Step-2: Analysis of dependencies between sensitive variable and control-flow
- Step-3: Identification of leakage patterns
- Step-4: Analysis of the vulnerabilities
Fault Injection
Static faults injection (persistent fault) within instructions and registers: exhaustively, Monte-Carlo based or through advanced configuration. Followed with a Dynamic analysis of the code to detect potential persistent fault vulnerabilities.
Dynamic faults. Fault the control-flow of an application (ex: instruction jump/bypass).
Learn more about Fault Injection Analysis
Crypto Misuse Verification
- Catalyzr™ for Continuous Integration leverage a tool-based approach to guide the correct usage of crypto-APIs, then developers can benefit from the expertise and experience of cryptographic specialists, ensuring more robust and secure implementations of cryptographic functionality within their applications.
Combined Infrastructure
From Build & Test up to Full Automation
Graphical User Interface for Analysis Build & Test
- User-friendly interaction
- Allows unitary testing
- User has access to ready-to-use Use Cases or build his own including homemade development
- Easy to integrate to your regression test system
Command Line Interface for Full Automation
- Full scripting-based
- Allows automatic and chaining testing for end-to-end evaluation
- Suitable to feat CPU debugger
- Easy to integrate to your regression test system
Advanced Expertise & Transfer Knowledge
- SCA & FIA Market Methodologies: SmartPhone, IoT, Microcontroller, Automotive, FPGA, SmartCard, Side Channel Analysis for Reverse Engineering…