Independent Verification Testing

"Trust but Verify"

Often vendors make claims on their products and solutions. It is equally important for users and customers to ensure that the products or solutions that they are purchasing, are performing as claimed. Unlike other analysis methods which target at finding flaws, Trojans and backdoors, in independent verification testing, the focus is on verifying that the products and solutions security properties are functioning as claimed.

Independent verification testing is not a generic functional test. Using a doctor as an analogy, independent verification testing is actually a specialist test. It is not going through a standard health screening, but seeing a specialist who can verify the heart of the product - security properties. Every product and solution is designed with a set of security properties - a set of security functions for it to fulfill its security objectives. For example, a hardware security module (HSM) is expected to securely generate and protect the cryptographic keys. A normal functional test can verify that the HSM can generate keys but does the HSM really generate secure and random cryptographic keys? 

This is where independent verification testing comes in. CBIS Labs' Cryptographic Testing Laboratory has the capabilities to conduct detail independent testing to verify the randomness of the cryptographic keys generations, anti-tampering mechanisms and all cryptographic and security functionalities. With such verification tests conducted, customers can truly be assured that they are buying what they see.