Inspector FI – Fault Injection – offers all features to perform fault injection testing on smart card technology. Our hardware components cover accurate, reliable and thus predictable, clock and voltage glitching, and advanced optical attacks with purpose-built laser equipment. Fault injection attacks – also known as perturbation attacks – change the normal behaviour of a chip by inducing an exploitable fault. With Inspector FI, a user can test if a key can be extracted by inducing faults in a chip’s cryptographic operations, bypass a check such as an authentication or a lifecycle state, or change the program flow of code on the chip.
Used by organisations worldwide, the integrated modular platform of Inspector combines analysis and fault injection test modules. Pushing the boundaries for off-the-shelf Fault Injection testing hardware, Riscure Inspector is valued by analysts for the flexibility and top end specifications. Custom designed hardware and software enable government institutions, security evaluation laboratories and chip manufacturers around the globe to perform time efficient, reproducible, cutting edge security research.
Contact us directly at firstname.lastname@example.org for more information.
The all-in-one solution for detailed control over the entire side channel testing process.
One solution for voltage, clock and optical laser perturbation testing and Differential Fault Analysis (DFA) of chip technology.
A powerful instruction set to program any fault injection attack scenario. Scenarios can be developed from the user interface or the IDE if more control is desired.
Multi-in-time and multi-location laser equipment custom-designed for fault injection testing together with our renowned partner, Opto.
Differential Fault Analysis
DFA modules for implementations of popular encryption algorithms, including RSA, AES and 3DES.
Cutting edge hardware
Our hardware provides high power glitches in the nanosecond range and accurate control without losing flexibility.
Stable platform which enables performing fault attacks using a multitude of parameters, either fixed, random or ordered.
Accurately trigger a fault injection attack using the icWaves. Rather than time, icWaves allows triggering on the actual waveform.
Bi-yearly updates for Inspector, dedicated help desk, extensive documentation and training from security professionals.
Optimized for outstanding FI results, our hardware is designed with the requirements of the user and business in mind without losing flexibility. Ease of use, effortless configuration and seamless integration with Inspector SCA software or extend your own platform using the SDK on selected devices.
The Inspector FI software comes pre-installed on an included workstation
Inspector FI software contains advanced hardware control options from the Inspector FI software, perturbation modules to configure the VC Glitcher and Diode Laser Station to test a specific fault injection scenario on a target and cryptanalytic modules to perform DFA after the faults have been injected.
Reach optimal performance with a system configuration ideal for Inspector. The workstation matches best with our software and hardware products and is updated regularly.
Your device under test is as important as the measurement and fault injection equipment you use in the set-up. Having accurate control of the device and being able to generate a reliable trigger can be daunting. Tight hardware integration, software flexibility and extendability make the task less challenging while creating a stable but flexible set-up.
DFA analysis modules
Inspector FI supports calculating keys based on faulty outputs using Differential Fault Analysis (DFA) techniques. DFA relies on comparing the correct and faulty outputs, using Fault Injection hardware. Algorithms supported out of the box are AES, DES and RSA. As Inspector features an open development platform it is possible to implement new DFA modules to fit your target better.
Riscure allows you to stay up-to-date on these developments and up-to-speed with the tool. We provide regular software updates, host the annual Inspector User Workshop and take care of your support question and hardware repairs.
Introducing faults in hardware during cryptographic operations or decision points can lead to undesired behavior in the device under test and compromise security functions. Commonly used situations are skipping or modifying conditional statements for hash checking, authentication or bypassing secure boot implementations. The perturbation modules can be configured from both the user interface and code for all Inspector FI or custom hardware.
Inspector user training
Tailored to the demand
The training that is supplied with Inspector is modular of structure to tailor to the demands and knowledge of the trainees. Knowledge on side channel analysis and Java is useful, but not required. All training components use training cards that are supplied with inspector. When the trainees return back home after the training, they can practice their new skills on these cards along with extensive tutorials. Depending on your needs, we can provide a training that meets your requirements.
Bookings can be made via email@example.com or your local reseller. Attendees are free to move their training 2 weeks in advance of the original starting date to another slot, when seats are still available. The full amount needs to be paid in advance of the training, no guarantees can be made regarding your booking if the amount is not received on time. Cancellation fees apply.
Riscure Inspector is regularly updated to improve side channel and fault injection testing efficiency, user experience and introduce fixes. New software releases are available free of charge to customers who purchased one of our Subscription Packages.
Check the latest release notes for Inspector SCA and FI here.
Updates on new developments
The world keeps moving: every year new attacks and methods are introduced. To keep you up-to-date we select practical attacks and make these available to our users.
For optimal performance of the software read the latest specifications of the PC workstation that we supply.
Tutorials, manuals, FAQ, release notes, software updates, issue tracking and much more can be found on our support portal. Please sign up and login at: https://support.riscure.com/
An annual user workshop
We organize two-day User Workshop where we will present the latest developments in side channel analysis and fault injection testing and provide practical tips. The User Workshop is free of charge to Riscure Inspector subscribers or legacy Support Contract holders.
We have a full-time support team to help with any issues you might face while doing your work. Our skilled people will try to get you back on track as fast as possible.
Riscure Inspector subscription
Riscure Inspector is available via the annual software subscription. We deliver Inspector to organisations in line with our Inspector Sales Policy. During the duration of subscription, the Riscure Inspector is kept up-to-date and users are invited to the annual Inspector User Workshop.
Access to a dedicated technical support desk.
Keep your Inspector setup up-to-date with software and hardware improvements.
Attend the annual Inspector User Workshop.
Subscription packages available to meet your specific needs and priorities.
Quarterly updates with performance and stability improvements as well as new features.
Legitimate business only
Inspector FI is a powerful tool that is are designed to determine the security strength of technology. However, it could potentially also be used to retrieve secrets for malicious or fraudulent purposes. Riscure only sells and distributes Inspector to organisations that can prove to have a legitimate business reason for using it.
The customer can demonstrate that it manufactures, integrates or issues technology which is not intended to illegally circumvent a security mechanism in another product.
We do background checks
Most of our customers are large and well-known international organisations. However, if we do not know of the customer’s organisation, we first perform a background check and verify their location, scope and type of business that they are in.