Kudelski IoT Security IP Audit Provides High Level of Confidence for Semiconductor Manufacturers Seeking Common Criteria Certification
August 27, 2024

Kudelski IoT Security IP Audit Provides High Level of Confidence for Semiconductor Manufacturers Seeking Common Criteria Certification

Advanced Security Solution Ensures Manufacturers are Prepared for the Next Generation of Security Regulations

Cheseaux-sur-Lausanne, Switzerland and Phoenix (AZ), USA – August 27, 2024 – Kudelski IoT, a division of theKudelski Group (SIX: KUD.S), a global leader in digital security and IoT solutions, announced today that its KSE5 Security IP has been rigorously tested by Applus+ Laboratories, a worldwide leader in the testing, inspection and certification sector, and confirmed to deliver a high-assurance level of robustness for Common Criteria certification.The KSE5 Security IP security solution for semiconductors can be used in the Automotive, Medical, Payments, Defense, and other industries creating devices that require the highest level of security possible.

These sectors face increasing threats from sophisticated cyberattacks. They require cutting-edge levels of embedded security to protect sensitive data, ensure operational integrity, guarantee safety, and maintain customer trust. The challenge lies in integrating security solutions that not only meet stringent regulatory standards but also provide reliable, adaptable, and robust protection against evolving threats over time.

Applus+ Laboratories conducted a comprehensive technical assessment of the KSE5 Security IP following the Common Criteria evaluation processes. The evaluation process included a white-box vulnerability assessment and penetrationtesting, ensuring the highest level of security robustness as defined by a specified set of Security Functional Requirements (SFRs).

The assessment results confirmed that the KSE5 Security IP meets and exceeds the stringent criteria for CC EAL 4+ certification, achieving a high assurance level. This level corresponds to the AVA_VAN.5 assurance level, which according to the Joint Interpretation Library, demonstrates the KSE5 Security IP’s ability to withstand attacks of a high attack potential for attack methods within the domain of Smart Cards and Similar Devices. KSE5 has been assessed to be compliant with the requirements as defined in the Common Criteria Protection Profile (PP0084), and in addition, it has been enhanced to include the securitization of external programmable memory; a requirement now addressed by the new Protection Profile (PP0117).

Frédéric Thomas, CTO at Kudelski IoT, emphasized the importance of this evaluation: “This independent assessment by Applus+ Laboratories, a highly reputable, independent laboratory, validates the robustness of our KSE5 Security IP. It is a clear indication of our expertise and commitment to delivering security solutions that our customers can trust fortheir critical applications.”

Thomas continued: “Enabling our customers to achieve high-assurance certification sets us apart from our competitors. It also assures our clients that integrating our security IP into their product will meet stringent security requirements,both now and in the future, including future support for post-quantum cryptography. This is particularly crucial for industries where the threat landscape is constantly evolving, and security is paramount.”

Kudelski IoT is currently working with a leading semiconductor company to integrate KSE5 into their SoC design. Once the integration is complete, the chip will be submitted for Common Criteria PP0117 EAL 4+ certification, marking another step forward in securing the future of high-security devices.

About Kudelski IoT

Kudelski IoT is the Internet of Things division of Kudelski Group and provides end-to-end IoT solutions, IoT product design, and full-lifecycle services to IoT device manufacturers, ecosystem creators, and end-user companies. These solutions and services leverage the group’s 30+ years of innovation in digital business model creation; hardware, software and ecosystem design and testing; state-of-the-art security lifecycle management technologies and services and managed operation of complex systems. For more information about Kudelski IOT, please visit www.kudelski-iot.com.  

About Kudelski Group

The Kudelski Group (SIX: KUD.S) is a world leader in digital business enablement technologies that encompass digital content security, cybersecurity, and IoT.

NAGRAVISION provides end-to-end convergent media solutions to the digital entertainment industry including services and applications requiring access control and rights management to secure the revenue in digital television, internet, mobile and interactive applications.

Kudelski Security is an innovative, independent provider of tailored cybersecurity solutions to help enterprises and public sector institutions assess risks and vulnerabilities and protect their data and systems.

Kudelski IoT provides end-to-end solutions, IoT product design, and full-lifecycle services to IoT device manufacturers, ecosystem creators and end-user companies.

The Kudelski Group is headquartered in Cheseaux-sur-Lausanne, Switzerland and Phoenix (AZ), USA with offices in 32 countries around the world. For more information, please visit www.nagra.com.

Media contacts

Christopher Schouten avatar
Christopher Schouten
Kudelski IoT
Senior Director Marketing
Marc Demierre
Kudelski Group
Director Corporate Communications