Electromagnetic Fault Injection (EMFI) Test Equipment

Electromagnetic Fault Injection (EMFI)

Rent, buy or lease electromagnetic fault injection (EMFI) test equipment for IC susceptibility and security testing.

EMFI tests use an intense, localized EM pulse to induce a temporary malfunction, or "glitch," in an IC's operation. An attacker can exploit these glitches to bypass security mechanisms or extract secret information.

Attack techniques:
- Secure boot bypass: An EM pulse is timed to disrupt memory transfers or code-signing verification during startup, forcing the system to boot with unauthorized firmware.
- Instruction skip: An attacker can disrupt the processor's program flow to skip critical security-related instructions, such as checks for authentication or cryptographic operations.
- Data corruption: Injecting a fault can corrupt data in memory or registers, potentially allowing an attacker to manipulate system behavior.
- JTAG protection bypass: For devices with debug interfaces like JTAG, an EM pulse can be used to temporarily disable security protections that prevent access.
Methodology:
- An EMFI test setup includes a specialized tool (like a ChipSHOUTER) to generate a high-current, transient pulse, which is sent through a coil near the target IC.
- Test operators use precise positioning systems and timing triggers to control the exact location and moment the EM pulse is delivered.
- By carefully varying the pulse's intensity, duration, and timing, they can induce specific, desired faults.

Electromagnetic Fault Injection (EMFI)

Langer ICI-DP Double Pulse Magnetic Field Attack Generator

SKU: 18864
- Ideal for pre-certification IC evaluation to Common Criteria (CC) FIPS140-3, ISO21434 for automotive, OSCCA, IEC62443 and more
- First and still only double pulse magnetic injection system on the market
- Short learning curve, fast setup, easy to use software, online videos and customer support available
- Fully integrated positing systems and IC scanners available
- Check the compliance level of your chips (Common Criteria, FIPS, ISO/IEC, SESIP..)
Inquire for Lead Time

VIEW PRODUCT Cart
Langer EMV ICI 03 L-EFT Set IC EM Pulse Injection

SKU: 2511-4

Repetition frequency: 0.1 Hz - 20 kHz

Rise time: < 2 ns

Polarity (set by software): + / - / alternating

Trigger-pulse delay (typ.): 100 ns - 450 ns

Trigger-pulse delay (Timer Mode): 200 ns - 100 ms

Typically In Stock

VIEW PRODUCT Cart
Langer EMV ICI E450 L-EFT Pulse E-Field Source Set

SKU: 2511-3
- 1x ICI E450 L-EFT, Pulse E-Field Source
- 1x BPS 202, Burst Power Station
- 1x BPS 202-Client, BPS 202-Client Software / USB
- 1x NT Ex EU, Power Supply Unit
- 1x ICI 01 L-EFT acc, Accessories
In Stock

VIEW PRODUCT Cart
Langer EMV ICI I900 L-EFT Pulse Current Probe Set

SKU: 2511-2
- 1x ICI I900 L-EFT, Pulse Current Source (FBBI)
- 1x BPS 202, Burst Power Station
- 1x BPS 202-Client, BPS 202-Client Software / USB
- 1x NT Ex EU, Power Supply Unit
- 1x ICI 01 L-EFT acc, Accessories
In Stock

VIEW PRODUCT Cart
Langer EMV ICI HH500-15 L-EFT Pulse Magnetic Field Source Set

SKU: 2511-1
- 1x ICI HH500-15 L-EFT, Pulse Magnetic Field Source
- 1x BPS 202, Burst Power Station
- 1x BPS 202-Client, BPS 202-Client Software / USB
- 1xNT Ex EU, Power Supply Unit
- 1x ICI 01 L-EFT acc, Accessories
In Stock

VIEW PRODUCT Cart

Electromagnetic Fault Injection (EMFI)

Electromagnetic Fault Injection (EMFI)

Langer ICI-DP Double Pulse Magnetic Field Attack Generator

Langer EMV ICI 03 L-EFT Set IC EM Pulse Injection

Langer EMV ICI E450 L-EFT Pulse E-Field Source Set

Langer EMV ICI I900 L-EFT Pulse Current Probe Set

Langer EMV ICI HH500-15 L-EFT Pulse Magnetic Field Source Set