Security

Security objectives

At Tiempo Secure, we believe that security must be proved not only on paper, but also by expert reviews and by extensive testing. This is why we request highly skilled security experts to assist us in ensuring that our products and our organization are compliant with the highest level of security while we are following Common Criteria (ISO 15408) rules.

We also conduct regular security testing campaigns, with our customers and with well recognized laboratories, with the aim to develop and enhance our hardware security countermeasures.

The objective of the independent certification program currently ongoing at Tiempo Secure is to get a Common Criteria certification by end of 2015.

Security management organization

Tiempo Security Manager is responsible for

  • Site security
  • IT security
  • Technology development security
  • Documentation control process

Tiempo security policy and procedures

Tiempo security policy has been established to protect against all threats, whether internal or external, deliberate or accidental, the information assets belonging to our company, to our customers, partners, and providers

Tiempo security procedures include the following items:

  • Physical security
  • Controlling access to offices, systems and data
  • Security training
  • Internet, email, communications, material shipping
  • Storage, destruction and back-up of data
  • Use of portable devices

Tiempo security benefits

Tiempo delay-insensitive clockless design technology allows designers to implement hardware security countermeasures that are much more efficient in terms of security and/or cheaper in terms of additional hardware than equivalent countermeasures implemented on synchronous designs

  • For side channel attacks, techniques like random delay insertion and jitter on power supplies can be used more easily/extensively as Tiempo clockless designs are delay-insensitive; constant Hamming weight is also an intrinsic property of Tiempo designs thanks to its dual/multi-rail data encoding ;
  • For attacks using fault injections, Dual/multi-rail data encoding can be easily used for wrong code detection, whereas such fault detections require substantial additional hardware on synchronous designs; the handshake protocol of Tiempo logic can also be used for bit flip detection, whereas synchronous designs require significant hardware overhead to implement such a mechanism.

Tiempo product evaluations

CESTI-LETI performed an campaign of attacks on a clockless secured MCU chip prototype designed by Tiempo (TEAM16s)

“To this date, following front-side laser perturbations and without any specific physical preparation of the device, the DES coprocessor as well as the TAM16s core, both without countermeasures, do not show any exploitable weakness”

“As of today, the DES coprocessor of the TEAM16s circuit with the security counter-measures activated is resistant to observation attacks”

Tiempo is currently executing a security certification plan (EMVCo, Common Criteria) for its new smartcard chip product TESIC-SC