Our Offers

Security assessment lab

We support our customers on the path to security certification

The laboratory annually evaluates more than 200 complex security products, ranging from electronic chips to complete hardware systems. It has numerous public or private accreditations (Common Criteria, EMVCo, GlobalPlatform, PCI PTS, FIPS 140-3, SESIP (pending), SBMP, etc.)

From initial design to certification, our teams of experts have been supporting you for 25 years in securing your products and solutions. Our security assessment laboratory is independent of any publisher or manufacturer. We belong to a totally independent group from the industry.

Our customers are public organizations or private companies, mostly international, operating in all areas where security is a concern.

Our test capacities are extensive and adaptable according to your needs and your product constraints:

  • Fault injection (Laser, EM, Power)
  • Listening station, protocol analyzers, capture Probing and micro probing
  • Opening of parts (chemical, mechanical)
CESTI microscope electronique

Backed by an electronic group, we have advanced tools for hardware evaluation (X-Ray, FIB, microscopy, chemistry). Constantly evolving, we develop our own software and hardware attack tools, allowing us to carry out comprehensive expertise.

Our laboratory is constantly evolving and benefits from significant investment in equipment, software and R&D, allowing us to maintain ourselves at the state of the art.

We offer all of the following services:


Training : preparation for certification
  • Common Criteria, ITSEF
  • PCI / FIPS
  • Site audit
Design and conception: assistance in securing products and architectures
  • Secure coding
  • Hardware
Hardware documentation writing: help with certification
  • Security target, CC documents
  • Product guide
  • Architecture documentation
  • Site audit
  • Certification preparation


Pre-assessment : préparation for certification
  • Preparatory expertise for certification (CSPN, CC, FIPS, PCI, etc.)

Penetration tests
  • Hardware and software (White, gray or black box)
  • Stress tests
  • Code review
  • Documentation
  • Technical architecture
  • Cryptanalysis
  • Cryptographic attacks (SideChannel)
  • Protocol evaluation


Site audit
  • Common Criteria
  • EMVCo
State schemes
Bank schemes
  • EMVCo, Visa, Mastercard, Discover, Amex, GIE-CB
Private schemes
  • Global Platform – SE
  • GSMA eSA (pending)
  • MIFARE 3.1 & Felica
  • PCI : PCI-PTS, PCI-SPoC (in progress)
  • PAYCERT ( GIE-CB) : SAFIRE (evaluation of firmware HSM)
  • PSA certified