Contact Us

FortifyIQ
Security Assurance

FortifyIQ delivers security IP with measurable, verifiable, and repeatable assurance.

Every product undergoes rigorous validation at multiple stages, RTL/netlist, FPGA, silicon, and in software (our libraries), using our FortiEDA tools which implement industry-standard TVLA methods, and real-world attack testing. Independent lab validation, solid mathematical foundations, and algorithmic protections support their high assurance security. After release, our IP cores are often validated and/or certified by third-party labs either as standalone blocks or integrated in complete secure chips.

Because our IP is highly tunable, no single certification can cover every customer configuration. Instead, we validated the core protection algorithm at the highest security level (Common Criteria AVA_VAN.5). Customers benefit from documentation packages, validation results, and academic references that support their own certification efforts.

1. Validation with FortiEDA

FortifyIQ validates the security of all products, including hardware IP cores and software cryptographic libraries, using our Side-Channel Studio and Fault Injection Studio (collectively referred to as FortiEDA). These tools perform Welch’s t-test (TVLA) and a complete range of side-channel (SCA) and fault-injection (FIA) evaluations at every stage of development:

1

RTL / netlist design stage (for hardware IP)

2

FPGA prototype board (for pre-silicon hardware and software validation)

3

Final in-silicon product (for fabricated chips, including AES RAMBAM, AES STORM, PKA, and more in process)


4

Compiled cryptographic libraries (evaluation on FPGA boards and real processors, validated on platforms ranging from ARM Cortex-M3/M4, ARM Cortex-A53, and x86-64 to modern multicore processors, using compilers such as GCC and ARM Compiler 6 )

The tools can both generate traces in simulation and analyze traces captured from a physical oscilloscope. This enables us to identify leakage at the gate level, confirm resilience against active attacks, and provide assurance long before deployment, whether in silicon or in software-only environments.

Massive trace acquisition at exceptional speed, scaling from single-core to multi-core and multi-machine setups, supports security validation with traces well beyond the amount required for FIPS 140-3 and Common Criteria.


2. Coverage of Attack Classes

Our validation covers all known categories of physical attacks, actively testing resilience besides checking for leakage:

Side-Channel Attacks (SCA)
  • Differential & Correlation Power Analysis (DPA, CPA)
  • Electromagnetic Analysis (EMA)
  • Timing attacks
  • Higher-order and template attacks
  • Cache and memory-based attacks (relevant to software implementations)
Fault Injection Attacks (FIA)
  • Differential Fault Analysis (DFA)
  • Statistical Ineffective Fault Analysis (SIFA, light-SIFA)
  • Safe-error and instruction/data skipping
  • Voltage, clock, and electromagnetic glitching

These ensure resilience against both overt and stealthy fault attacks, which could otherwise compromise keys or intermediate secrets without triggering detectable errors.

3. Evidence Through Measurement

FortifyIQ backs its claims with measurable results:

AES cores
validated against over 1 billion measurements (TVLA traces) with no detectable leakage.
HMAC-SHA2
based on the Threshold Implementation with zero leakage: validated against 100 million TVLA measurements with no detectable leakage.
HMAC-SHA2

validated with 100 million measurements, tested against the known HMAC hardware attacks with no information leakage.

Public Key Accelerators (PKA - RSA, ECDSA, ECDH, EdDSA, etc.)

validated in silicon with both side-channel and fault-injection testing.


These results exceed the requirements of Common Criteria AVA_VAN.5, SESIP (level 5) and FIPS 140-3 Levels 3 and 4.

4. Security Proven Designs with Validation

AES RAMBAM
Validated by SGS Brightsight to AVA_VAN.5 (the highest Common Criteria vulnerability level). Additionally validated internally against 1 billion TVLA measurements, and backed by a peer-reviewed mathematical foundation.
AES STORM

Features a formal security proof of side-channel security. Validated against 15 million measurements with no leakage, and silicon tested.

HMAC-SHA2 (TI-based)

Uses a patented variant of the Threshold Implementation paradigm, mathematically proven to resist all known side-channel attacks on HMAC in hardware. Validated with 100 million traces.

Both RAMBAM and STORM are validated in simulation, FPGA, and silicon, proving resilience beyond lab conditions.

5. Configurable and Implementation - Agnostic IP

FortifyIQ delivers hardware IPs as soft macros and software IPs with hundreds of configuration options for fine-tuning of performance, power, area, and redundancy (security parameter level). Because no single certification can represent every configuration, we certified AES RAMBAM, our core algorithmic protection, (which is the most difficult element to validate), to the highest level (AVA_VAN.5). Our products all meet this security level.

Quoting from SGS Brightsight Laboratory’s AVA_VAN.5 validation of our core algorithm:

“The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own.”

Our protections are purely algorithmic, thus implementation-agnostic, avoiding the pitfalls of manual countermeasure integration. As long as our simple integration guidelines are followed, there will be consistent, high-assurance protection across all configurations.

6. Certification Support

FortifyIQ aligns its validation methods with FIPS 140-3 and Common Criteria, and supports customers with:

Documentation packages
including validation data and academic references.

Independent validation reports, such as SGS Brightsight’s AES certification.

Security foundations
based on mathematical articles and security proofs, providing a unique basis for high-assurance certification.

Support
from design to certification, as a security partner, to help customers achieve their targeted certification.

This combination streamlines the customer’s certification process, reducing risk, cost, and time to market.

Summary

FortifyIQ provides transparent and thorough security assurance

  • Validation at netlist/RTL, FPGA, and in silicon with proprietary EDA tools.
  • Coverage of all SCA and FIA attack classes.
  • Evidence backed by billions of measurements.
  • Independent third-party validations and mathematical foundations.
  • Support for customer certification with tailored documentation throughout their certification process, from design to certification labs.

This approach ensures that FortifyIQ IP delivers high-assurance protection across all devices, from legacy embedded systems to advanced cloud platforms.

FortifyIQ AES Algorithm
AVA_VAN.5 Evaluation & Validation Summary
SGS Brightsight Common Criteria Laboratory
Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”
“The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own
Request Technical Details