From our premises in Maidenhead we offer a range of consultancy services to clients around the world, providing consulting (including training) covering all aspects of Common Criteria, including specialist hardware related consultancy and training, CESG Commercial Product Assurance (CPA) related consultancy and a FIPS 140 managed service.
SiVenture offers consultancy support to clients across a range of security areas:
SiVenture has a team of experienced evaluators who are available to support you through the preparation stages of a CC project, by assisting with the development of the necessary supporting documentation, either by providing template documents for you to complete, or by integrating with your development team to produce the documentation on your behalf. This has the benefit of allowing your design team to concentrate on their core role of developing product.
Common Criteria (smartcard based products)
Smart card use is growing rapidly. Increasing microprocessor capacity creates new opportunities but at the same time opens the door to problems and threats that were previously unknown.
New highly specialized attack techniques are being developed and publicized in tandem with the evolution of chip technology and its applications.
Unresolved weaknesses in underlying cryptographic implementation and in other chip-based security measures can undermine your business and have the potential to destroy customer confidence.
SiVenture looks at the security of chips and hardware devices from an independent point of view. Because we did not design your technology and we understand the attacker's approach, we can the find the faults that may remain undetected by an internal test team. Then we can help you fix the hardware or software, enabling you to produce a better product.
CESG Commercial Product Assurance
CPA is now live, with pilot evaluations completed in a number of areas, and several security characteristics have been published and are available for vendors to submit products for CPA evaluation. SiVenture was the only lab to be involved in both pilot evaluations and, thus, is best placed to be able to match your requirements with those of the scheme and to identify a cost and time efficient route to certification. SiVenture, as the only test lab accredited for both CPA and Common Criteria, is the only lab able to offer the opportunity of achieving both CPA and CC certification from a single evaluation project. For further details please see our CESG Commercial Product Assurance page.
SiVenture are able to provide you with a fully managed FIPS 140 service, allowing you to achieve algorithm and module certification in the minimum of time. Algorithm certification to, for example, FIPS 197 for AES implementations, can be completed in very short order, often in periods of less than one week, leading to certification of your algorithm implementation by the Cryptographic Algorithm Validation Program. We can also support you in the development of your product, and the necessary deliverables, and manage the validation laboratory on your behalf, providing a completely outsourced service, leading to certification by the Cryptographic Module Validation Program, also known as FIPS 140.
In addition to Consulting, SiVenture offers a range of workshops and training programs which cover chip attack, crypto design and formal evaluation methodologies. These include non-specialist sessions for board members as well as detailed technical sessions for engineers where we provide practical support.