Hardware security

In today’s global and strictly connected world, the Internet of Things is everywhere where it is necessary to take responsibility for monitoring and controlling devices and entire systems, as well as supervising processes, important from the enterprises’ point of view. The idea of interconnected devices, once considered a scenario from the future, today is a fact and a part of our reality. Almost all devices using advanced electronics can be connected to the network and to the cloud, raising concerns and an urgent need for constant investment in the development of security measures. 

The implementation of the Internet of Things on such a large scale opens up unprecedented opportunities to generate, collect and process data in real time. Its full potential gives limitless space for innovation. Its proper functioning however requires building a high level of digital trust and gaining certainty as to the security of used measures.

The solutions proposed by AFINE allow to efficiently identify flaws in security and, as a consequence, to get rid of them before they are noticed by attackers.

Depending on your individual needs, we can offer you:

• testing of IoT (Internet of Things) devices,
• identification of systems,
• decapping integrated circuits,
• reading the firmware,
• physical attacks on integrated circuits,
• reading of secured memories (e.g., FLASH, EEPROM),
• designing digital circuits and making prototypes,
• digital circuit protection design.

As the world becomes more computerized, the devices we use every day (such as drones, Internet of Things equipment and alarm and access systems) communicate with each other using the radio band. 

Many of these devices process confidential data on where we live, work, and what we do. When intercepted by cybercriminals, this information could be misused. That is why proper protection of devices using the radio band is necessary in order to use them in a safe way.

Services by AFINE include the verification of the radio communication channel for maintaining confidentiality, integrity, and availability of transmitted data. 

Depending on your individual needs, we can offer you:

• radio communication analysis: determining the bandwidth used, communication method and protocols,
• verification of radio communication in terms of ensuring the confidentiality of transmitted data (to prevent someone from eavesdropping on sensitive data sent over a radio channel),
• verification of radio communication in terms of ensuring availability, i.e., the possibility of disrupting the transmission, which may result in loss of control over the device,
• verification of radio communication in terms of ensuring integrity (to avoid the possibility of performing unauthorized operations),
• model of authentication and authorization of commands for devices (to prevent intruders from taking control of the device),
• assessment of the implementation of standard radio communication protocols, such as RFID or Wi-Fi networks.

Firmware is low-level software that can be found in cameras, computers, consoles, telephones, TV sets and Internet of Things devices. It allows the operating system of a given hardware to communicate with its individual components. It can also act as the operating system for the entire device. 

Although so important for the operation of devices that we use every day, the firmware is often designed without taking into account its security (especially when it comes to preventing physical attacks). This is dangerous because it can expose the device to cyberattacks, which may be aimed at spying on users, stealing data or taking control of the equipment. Firmware attacks can be difficult to detect, so prevention is the best way to fight them.

AFINE specializes in the analysis of firmware for errors, potentially existing backdoors, and the ways of implementing functionalities. Depending on the protections used, we download the firmware from the device, and we decipher and locate susceptibility within the code. We also verify whether the attacker may try to permanently replace the code within the firmware to add an unauthorized functionality.

Depending on your individual needs, we can offer you:

• analysis of the options of reading firmware from the layout,
• analysis of the possibility of placing unauthorized firmware code for component,
• analysis of the cryptographic protection of the code (e.g., encryption of the section to avoid reading and to perform retroactive analysis),
• analysis of the existence of backdoors,
• analysis of binary code for typical safety errors for a given architecture.