Contact Us

Edge Devices: Enable Secure AI & Cryptography at the Edge

Safeguarding energy, water, and transportation systems with certifiable hardware and software security

The compute paradigm is shifting: what once ran in centralized data centers is increasingly executed at the edge, closer to sensors, users, and real-time decisions. From smart cameras and wearables to medical devices and industrial controllers, today’s edge platforms must not only compute, but also do so securely. But physical exposure, constrained power, and rising AI workloads make the edge a uniquely challenging environment for security.

FortifyIQ delivers hardware and software cryptography solutions that enable secure processing and AI inference directly on the edge, protecting data, keys, and AI models against real-world physical attacks with minimal performance or power overhead.

Security Challenges Unique to Edge Devices

Physical Accessibility

Edge devices are often deployed in uncontrolled environments, making them susceptible to side-channel attacks (SCA), fault injection attacks (FIA), and probing.

Low Power, Low Area Requirements

Battery-powered and thermally limited designs restrict the feasibility of conventional hardware security protections.

Local AI Inference Exposure

As AI models move onto devices, they become targets for theft or tampering, especially if models or weights reside unprotected in memory.

Latency Sensitivity

Real-time responsiveness is essential for many edge applications, limiting tolerance for cryptographic overhead.

Legacy or Inflexible Hardware

Many edge systems can’t add new silicon but still need secure cryptography to meet compliance and functional safety requirements.

Rising Security Compliance Demands

Global standards such as SESIP, EN 303 645, and NIST 8259 increasingly apply to constrained devices and require physical security resistance.

  • Side-Channel Attacks (SCA) exploit physical leakage,  like power consumption or EM emissions, to extract cryptographic keys.
  • Fault Injection Attacks (FIA) alter voltage, timing, or other conditions to force cryptographic errors and break secure flows.

 

FortifyIQ provides resistance to both SCA and FIA, at minimal performance or power cost, across hardware and software implementations.

Why FortifyIQ ?

FortifyIQ provides cryptographic and AI model protection for edge devices with industry-leading efficiency and resilience to physical attacks. From high-assurance IP cores and Roots of Trust to hardened software libraries and silicon validation tools, all are engineered to provide uncompromising security, with seamless integration.

  • Enables the Shift from Data Center to Edge – Our pipelined, SCA/FIA-resistant cryptographic hardware and real-time AI protection allow high-value inference and decision-making to move securely to the edge.
  • AI Model Protection – Keep models encrypted in memory and decrypt them only during execution, bound to the device’s RoT. Prevents both theft and tampering.
  • Secure Even Without Hardware Crypto – FortifyIQ’s hardened software libraries bring side-channel and fault injection protection to edge devices that lack secure hardware. Ideal for legacy or ultra-low-cost systems where secure hardware isn’t available or affordable.
  • Low Power, Low Area, High Throughput – Cryptographic implementations rival or outperform non-hardened alternatives in Power, Performance, and Area (PPA), with no need to trade off security for performance.
  • Proven Security – Hardware IP cores are mathematically proven secure (AES, HMAC), AES is Common Criteria AVA_VAN.5 validated, all cores are validated in simulation, on FPGA, and in silicon (where applicable); Our software libraries are TVLA-verified with over 100K traces and zero detectable leakage.
  • Compact Roots of Trust – Secure boot, key provisioning, and AI model access control from a tiny, certifiable RoT.
  • Compliance-Ready – FIPS 140-3, Common Criteria AVA_VAN.5, SESIP, EN 303 645, NIST 8259 certifiability, even on constrained or legacy platforms.
  • Soft Macros for Maximum Flexibility – All FortifyIQ IP cores and RoTs are delivered as synthesizable RTL (soft macros), allowing seamless integration into SoCs, MCUs, MPUs, and FPGAs. They’re foundry-agnostic and portable across technology nodes, while offering the same high security level, from 40nm industrial-grade to bleeding-edge FinFET processes.
  • Integration-Agnostic, Standard-Compatible – FortifyIQ’s hardened AES core integrates just like any standard AES implementation, no custom instructions, interfaces, or toolchain modifications required. You get drop-in SCA/FIA protection with no integration friction.
  • Minimal Overhead, Maximum Performance – FortifyIQ IP rivals or outperforms non-hardened crypto in terms of power, performance, and area (PPA). Our designs are optimized for low-latency, high-throughput edge environments, including ultra-compact footprints for MCUs and constrained SoCs.
  • SCA/FIA Protection Across All Implementations – Hardware IP cores are formally proven secure (e.g., AES, HMAC), and software cryptography is TVLA-verified (>100K traces) with zero leakage, protecting against real-world physical attacks, including power analysis and glitching.
  • Compliance-Ready – FortifyIQ solutions are designed to meet the most stringent physical security standards: FIPS 140-3 (up to Level 4), Common Criteria AVA_VAN.5, SESIP Level 3 and higher, and EN 303 645, with documentation, verification outputs, and certification support included.

FortifyIQ Provides

AI Model Protection

As AI models migrate to edge hardware, FortifyIQ protects them from theft, tampering, and reverse engineering:

  • On-the-fly encryption and decryption of AI models during execution; models are never exposed in memory
  • RoT-anchored access control: only authorized firmware can decrypt and run the model
  • Tamper-resistance during inference to ensure model integrity

 

FortifyIQ’s full AI inference protection suite, including runtime integrity checks and device-bound model execution, is in advanced development. Contact us for the early access.

Cryptographic IP and Software

Whether you build with silicon or must rely on software:

  • Hardened AES, HMAC, RSA, ECC, etc., and PQC cores in Hardware and Software
  • Drop-in Roots of Trust (RoTs) to support secure boot, firmware validation, telemetry signing, and secure updates
  • Post-quantum readiness through ML-KEM and ML-DSA (in HW and SW)

 

FortifyIQ’s hardened cryptographic software achieves up to 100 Mbps on legacy edge processors (e.g., 1.2 GHz ARM cores in mobile or IoT devices), and up to 900 Mbps on modern high-performance CPUs (e.g., 3.4 GHz laptop-class processors). This range ensures effective protection across diverse edge deployments, from constrained embedded systems to compute-rich gateways.

Pre- and Post-Silicon
Security Tools

For chipmakers and integrators, FortifyIQ provides full-spectrum tools to ensure physical attack resistance:

  • Side-Channel Studio – Pinpoints power and electromagnetic leakage at design (RTL) and gate-level.
  • Fault Injection Studio – Simulates clock/voltage/laser attacks for fault-resilience validation.
  • Certification-Ready Outputs – Supports FIPS 140-3, Common Criteria AVA_VAN.5, and SESIP pre-certification.
  • Seamless Integration with Functional Assessment Tools – Easily integrate into functional verification flows, reusing existing testbenches to streamline the security evaluation.

Use Cases:
Secure Compute
& AI at the Edge

Medical Devices

Protect patient data, firmware, and AI-powered diagnostics

Smart Cities & Infrastructure

Secure model-based edge decisions in cameras, sensors, and access control

Automotive Edge Nodes

Protect ML models and ECUs in ADAS and vehicle-to-X applications

Consumer Electronics & Wearables

Secure AI personalization, facial recognition, and voice processing

Industrial IoT

Enable AI-driven predictive maintenance or control in tamper-prone environments

Unlocking AI and Cryptographic Trust at the Edge

By protecting AI inference and cryptographic operations from real-world physical attacks, all with minimal overhead, FortifyIQ enables secure, certifiable edge platforms that don’t need to rely on the data center. Whether you’re building next-gen edge silicon or upgrading deployed devices, FortifyIQ gives you the tools to secure computation at the point of action.

Contact Us
Fortify’s AES security evaluation by SGS

“Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”

” The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own.”

Request Technical Details