Applus+ around the world
Close Countries Panel
Close Divisions Panel
Applus+ DIVISIONS
Energy & Industry Division
Industrial and environmental inspection, vendor inspection, technical assistance, non-destructive testing (NDT) and technical staffing for all type of industries.
Logo RTD Logo VELOSI Logo NORCONTROL Logo Intec Logo K2
Logo Ingelog Logo JAN Logo Kiefer Logo Novotec Logo NRay
Logo PTJava Logo Skc Logo XRay Logo Qualitec
Laboratories Division
Multidisciplinary laboratories.Testing and engineering for product development. Conformity testing and product certification. SYSTEMS CERTIFICATION.
Logo Applus Laboratories Logo Applus Certification
Automotive Division
Statutory vehicle inspection services and emission & gas testing solutions worldwide.
Logo Applus Automotive Logo Applus ITVE Logo NCT Logo Applus Bilsyn Logo K1
Logo Technologies Logo ITVs Logo Riteve
IDIADA Division
Design, engineering, testing and homologation services for the automotive industry worldwide.
Logo Applus IDIADA
News

Applus+ Laboratories develops new technique for attacking secure chips: Lateral Laser Fault Injection

24/09/2019
The attack was publicly unveiled in August at the FDTC security conference in Atlanta, USA. The method of attack was devised in the course of the laboratory’s R&D work. Applus+ Laboratories specialises in carrying out security evaluations on hardware and software products, using cutting-edge methodology to detect vulnerabilities in IT products.
Security solutions involving hardware protection are currently one of the most robust methods of protecting information. In order to be able to evaluate a product’s level of security, its potential weaknesses must first be assessed and attack campaigns waged using up-to-the-minute penetration techniques.
 
Applus+ has a benchmark security laboratory and a wealth of experience in evaluating secure chips. Through their research and development activities, our experts have developed a new attack methodology known as Lateral Laser Fault Injection.
 
Applus+ experts presented the new attack technique at the FDTC conference in Atlanta on 24th August. They also outlined the set-up used and the consequences of this attack. Over the coming months, this work will also be presented in Europe.
 
What does the new attack, Lateral Laser Fault Injection, involve?
Injecting security faults via laser attack is one of the most effective ways of generating faults in processes. Such attacks enable an attacker to alter chip behaviour, disturb cryptographic operations and extract passwords and other confidential information.
 
For this method to work, the laser’s light must be able to access the sensitive part of the chip (the silicon). In security evaluations to date, access has been attempted from the chip’s front side or back side (depending on the wavelength of the light source).
 
The new encapsulation techniques employed by industry to reduce the size of devices, such as 3D silicon integration, make it difficult to remove a chip or to gain access to the sensitive silicon areas as chips are stacked one on top of the other. In addition, to protect chips from laser attacks, new countermeasures have emerged to protect these sensitive zones.
 
Lateral Laser Fault Injection Attack - Applus+ Laboratories
In this new context, Applus+ experts undertook a research project to assess the feasibility of using the lateral side of the chip as an attack surface. Applus+ Laboratories sits on the security industry’s key forums and working groups looking at the potential weaknesses of secure chips. The aim of these groups is to develop reliable evaluation methods incorporating the very latest attack techniques. Their work supports industry in developing measures to counter new attack techniques and enables the evaluation of a product’s resilience to cyberattack.
 
Site map