default banner

Catalyzr™ Security Risk Assessment (SW)

Increase your cyber security with software assessment tools

Assessing the security of software is as important as assessing the security of hardware. Software is complex and can sometime be easily breached. That is why risk assessment is a must when evaluating the security of a software implementation.

Software assessment tools with Catalyzr™

Fully Compliant with Certification Standards

Secure-IC supports its customers reach their desired certification levels with general certifications such as Common Criteria, FIPS-140, ISO, SESIP ; but also to reach their target in more specific standards such as CC AVA_VAN up to level 5, ISO/IEC 17825, OSCCA..

CATALYZR™ Features

  • Diagnose (Leakage detection)
  • Verify (Leakage Characterization and Exploitation)
  • Cure (Fast correction by developer)

 

 

 

 

 

Control-Flow based

The Catalyzr™ performs a static analysis at source code level:

  • Step-1: Source code preparation
  • Step-2: Analysis of dependencies between sensitive variable and control-flow
  • Step-3: Identification of leakage patterns
  • Step-4: Analysis of the vulnerabilities

 

Fault Injection

Static faults injection (persistent fault) within instructions and registers: exhaustively, Monte-Carlo based or through advanced configuration. Followed with a Dynamic analysis of the code to detect potential persistent fault vulnerabilities.

Dynamic faults. Fault the control-flow of an application (ex: instruction jump/bypass).

Learn more about Fault Injection Analysis

Crypto Misuse Verification

  • Catalyzr™ for Continuous Integration leverage a tool-based approach to guide the correct usage of crypto-APIs, then developers can benefit from the expertise and experience of cryptographic specialists, ensuring more robust and secure implementations of cryptographic functionality within their applications.

Combined Infrastructure

From Build & Test up to Full Automation

Graphical User Interface for Analysis Build & Test

  • User-friendly interaction
  • Allows unitary testing
  • User has access to ready-to-use Use Cases or build his own including homemade development
  • Easy to integrate to your regression test system

Command Line Interface for Full Automation

  • Full scripting-based
  • Allows automatic and chaining testing for end-to-end evaluation
  • Suitable to feat CPU debugger
  • Easy to integrate to your regression test system

 

Advanced Expertise & Transfer Knowledge

  • SCA & FIA Market Methodologies: SmartPhone, IoT, Microcontroller, Automotive, FPGA, SmartCard, Side Channel Analysis for Reverse Engineering…

More information about Expertyzr™ 

Contact