About Us

CTS-Labs is a cyber-security consultancy firm specializing in ASIC and embedded systems security. It was founded with a vision to create and promote a secure development environment and practices for chip manufacturers.
 
With very limited support from development environments to write secure code on ICs (Integrated Circuits), it is very difficult to develop a secure chip to withstand hackers trying to exploit its weaknesses. Today, with the adoption of IoT (Internet of Things) and self-driving cars, we already are seeing a growing number or attackers successfully exploiting chips and firmware code.

Our specialists focus on consulting and providing research for clients worldwide and helping clients to adopt and integrate the most up-to-date security mechanisms for their chip development process.

We consider our main strength to be our ability to keep track of new developments in the hardware security sector, new types of attacks, standards, compliance guidelines, tools, and infrastructures. We then aggregate the know-how in the field, and supply our customers with the most up to date security guidance and research.

The Company

The word CTS in CTS-Labs stands for Catenoid (en.wikipedia.org/wiki/Catenoid) which is a minimal surface discovered by Leonhard Euler in 1744. If you take two rings with soap film, the shape between them will be a catenoid which minimizes the surface of the soap film while connecting the two rings.

The analogy is that one ring is the Integrated Circuit, the other is the user, and we aim at minimizing the attack surface in between them with specific focus on the Firmware and the embedded code environment.

​Name Origin

Vision

We think that as technology advances, the amount of ICs (Integrated Circuits) worldwide will increase exponentially. We are already seeing this with IoT (Internet of Things) and self-driving cars. Whereas in PC viruses, usually the implications are limited to data-loss, financial loss and privacy loss, the potential risk of ICs in devices can be the loss of property and even risk to human lives (e.g. medical devices).

Unfortunately, the security level of most chips is equivalent to the PC software security in ~2003 (before Blaster jump-started the security industry). Stuxnet significantly raised awareness to Skada systems, but the PC chips and ICs spread around the world, unfortunately, are still extremely unsecure. The world is headed in that direction. In this industry, we must be several steps ahead of the attackers, simply because the stakes are too high.