Secure embedded systems: the dedicated Thales lab that measures component reliability and security
About 100 experts at Thales's E2Lab (Expertise and Evaluation Laboratory) spend their days evaluating the reliability and security of electronic components used in sectors such as space, defence, transportation, security, banking, telecoms and ID management. Close to 100 customers rely on the lab's results, and they're particularly demanding because their applications are so critical.
More than 20 years ago, the French space agency CNES turned to Thales to test and evaluate the electronic and opto-electronic components used in its satellite systems. This long-standing partnership has been a key opportunity for Thales to develop an advanced test platform and a set of world-class capabilities that are now available to all our customers. E2Lab still works closely with CNES, and the partners now share an ultra-modern, 1,500 sq.m facility in Toulouse.
The lab has three main activities:
• Electrical diagnostics and characterisation of electronic components designed for harsh environments and extreme conditions (space, defence, automotive, transportation, research, energy, etc.): electrical testing, temperature testing, characterisation of complex circuits, test bench prototyping, failure analysis, etc.).
Today Thales is one of the leaders in France in electrical and technical diagnostics and characterisation of opto-electronic components for space applications.
• Evaluation/certification of security products by Thales's Information Technology Security Evaluation Facility (ITSEF), which employs a team of about 40 ethical hackers to uncover physical vulnerabilities or software flaws in customer applications. The team uses evaluation schemes and protocols defined by recognised certification bodies and payment security organisations (see box) and serves customers from all over the world (United States, Japan, France, South Africa, etc.), most of them in the financial services, avionics and defence industries.
The ITSEF uses a whole array of techniques to evaluate the security of its customers' products, including vulnerability analysis, security design reviews, software code audits and penetration testing.
Thales is now a leading player in qualification and evaluation of embedded secure components for mobile payment, fare collection and other mobile solutions.
E2 Lab was the first accredited laboratory to evaluate a Host Card Emulation (HCE) mobile payment application for Visa Ready certification, and the first to complete an EAL-7 (Evaluation Assurance Level) evaluation under the Common Criteria standards.
• Security consulting and security assurance in support of Thales's cybersecurity consulting practice: security evaluation, vulnerability analysis, penetration testing, etc.
Recognised excellence
- The only reliability and security testing platform of its kind on the market
- Proven credentials in electrical, physical and reliability characterisation of electronic components, and knowledge leader in digital and opto-electronic technologies
- World-class Information Technology Security Evaluation Facility (ITSEF)
- Security assurance for multiple markets
- Long-standing partnership with French space agency CNES
Certifications and accreditation: ANSSI (France’s national agency for information system security), ISO 9001 :2008, ISO17025
Secure payment evaluation schemes: VISA, MasterCard, EMVCo, AMEX, Discover, JCB
Networks: Anadef, Groupe Obso AFNOR ,GP, etc.
E2 Lab on YouTube
Further reading:
- Cybersecurity consulting and evaluation on thalesgroup.com
- HCE mobile payments: Thales issues its first Visa Ready security certification on thalesgroup.com
- Ethical hackers vs. cyberpirates sur thalesgroup.com
- Security product certification (in French) on ANSSI website