The First International Cryptographic Module Conference
September 24-26, Gaithersburg, MD
Bringing experts together from around the world to confer on the topic of cryptographic modules.
What atsec offers
Embedded systems typically use specialized firmware, hardware, ASIC’s, and FPGA. They are often deployed in a hostile environment such as one that is environmentally challenging, inaccessible, or very accessible to the point of offering attackers greater opportunity to stress or access the devices. The security considerations for these devices are specialized and technical in nature.
Whether your device is a sensor, a control, an instrument, a network appliance, or provides other functionality, it will likely need to meet stringent specifications for physical security.
Many of our customers need to harden their devices to meet the specifications of standards such as FIPS 140-2 or FIPS 201. Others have consulted with us because they know that their devices are destined for inhospitable environments. atsec offers:
- Penetration testing and physical security assessment
- Enclosure hardening: e.g. materials recommendations
- Tamper resistance: e.g. component potting, tamper resistant fasteners
- Tamper evidence: e.g. tamper evident labels, paints and tamper evident seals
- Tamper detection: e.g. micro-switches, tamper detecting membranes and sensors
- Tamper response: e.g. automatic zeroization and physical destruction
- Mitigation of probe attacks: e.g. passive (oscilloscope); injector; nano, pico or micro probes, and energy probes
- Mitigation of machining attacks: e.g. manual, mechanical, water, chemical, laser, and sandblasting
- Expert advice on TEMPEST, clock glitching, etc.
Our hardware engineers have decades of experience and are acclaimed industry leaders on this topic. We have been consulted by several major device manufacturers and researchers including large global blue-chips, small- and medium-sized businesses, and research facilities.
Why our service is important to you
Once embedded systems are field-deployed, they are often disregarded for maintenance since it is very expensive to make field service trips or recall devices. Devices with security flaws provide opportunities for litigation, loss of data confidentiality, device integrity, or loss of service. Public recalls or bad press about security flaws can severely impact your company.
Embedded system designers know that the more attacks that can be mitigated during design and development, the more reliable, secure, and commercially successful the product will be.
To access some markets (for example, government markets), formal certification is often required. Some requirements documents specify formal certification.
For more information
Please refer to our resource pages.