Contact Us

FortiEDA/
Side-Channel Studio

Pre-Silicon Security Validation Against Side-Channel Attacks

Overview

FortifyIQ’s Side-Channel Studio is a pre-silicon EDA tool suite designed to identify, analyze, and mitigate side-channel vulnerabilities in hardware designs from RTL through GDSII by simulating power traces, running statistical leakage tests, and applying advanced attacks. Side-Channel Studio empowers designers to secure cryptographic IP and systems early in the development lifecycle.

Key Benefits

Early Vulnerability Detection:

Identify leakage at RTL, gate-level netlists, or post-layout stages.

High-Speed Analysis:

Parallelized trace acquisition scales trace acquisitions and allows using all available CPUs.

Precise Leakage Pinpointing:

Isolate vulnerable modules, signals, or individual gates.

Seamless Integration:

Works with major SystemVerilog simulators via DPI; auto-generates testbenches and Makefiles

Certification Readiness:

Validate against FIPS 140-3, Common Criteria, and SESIP prior to submission.


Tools in Fault Injection Studio

ScopeIQ

Simulates power consumption and generates traces compatible with oscilloscope formats (.npy, .trc, .trs)

ScoreIQ

Performs leakage analysis with TVLA, DPA, template attacks, and deep learning attacks

DebugIQ

Per-gate, per-clock-cycle debugging to identify leakages with fine granularity

PinpointIQ

Precisely localizes leaky gates and signals for targeted mitigation

GlitchIQ

Evaluates glitch-induced side-channel leakage using robust probing models

GtestIQ

Statistical verification of glitch-related measurements

ParallelIQ

Enables multi-core and distributed trace acquisition for high-throughput analysis

Primary Use Cases

Security verification of cryptographic IPs and SW (AES, SHA2, RSA, EdDSA, PQC)
Evaluation of algorithmic and structural countermeasures against side-channel attacks
Pre-certification assessment before FIPS, CC, or SESIP submission
Post-silicon analysis of measured traces
Research and development of new attacks and protections

Technical Highlights

Capability

Description

Integration

Integrates with functional verification workflows via DPI.

Parallel Trace Engine

Multi-threaded acquisition and processing of up to billions of traces.

Leakage Pinpointing

Identifies modules, signals, or gates causing leakage.

Analyzer Engines

TVLA, DPA, template, deep learning.

Simulation Support

RTL to gate-level and post-layout; FPGA and silicon-compatible.

Automation & APIs

Auto-generates testbenches and Makefiles; CLI and Python API.

Trace Formats

Exports standard formats for interoperability.

Read Whitepaper
Fortify’s AES security evaluation by SGS

“Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”

” The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own.”

Request Technical Details