Security IP icon


DPA Workstation Analysis Platform

Designed for security chip vendors, product companies, testing labs, and government organizations, the DPA Workstation (DPAWS) 9 analysis platform is the world’s premier side-channel analysis solution that offers an out of the box solution for testing against FIPS 140-3 and ISO/IEC 17825 requirements. It includes all the hardware, software and training needed to evaluate and certify secure devices. DPA Workstation is available with Riscure fault injection (FI) products, offering complete fault injection functionality as well as differential fault analysis (DFA).

How the DPA Workstation Analysis Platform works

DPAWS 9 includes an integrated suite of hardware, and data visualization software, for testing and analyzing the vulnerabilities of cryptographic chips and systems to power and electromagnetic (EM) side-channel attacks. With an intuitive, easy-to-use interface, DPAWS 9 enables users to quickly and easily identify and address potential security flaws in systems and SoCs. Using DPAWS 9, an analyst can collect power consumption and EM signal emissions from a cryptographic device performing operations using secret keys.

Previously, side channel attack testing was a long, cumbersome exercise in custom-built command line code. It was normally only performed by highly-trained, experienced engineers. The DPAWS 9 systems offers a Windows-based, intuitive user interface that allows test and security engineers to perform this analysis quickly and efficiently. Collected signals are examined using simple power and electromagnetic analysis (SPA/SEMA) or more powerful differential power and electromagnetic analysis (DPA/DEMA) to identify exposure of secret keys. The DPAWS 9 system provides the ability to test against many of the side channel attacks specified in the FIPS 140-3 and ISO/IEC 17825 requirements.

Log-in to access the DPA Support portal.

Introduction to Side-Channel Attacks eBook

Introduction to Side-Channel Attacks

Side-channel attacks conducted against electronic gear are relatively simple and inexpensive to execute. Such attacks include simple power analysis (SPA) and Differential Power Analysis (DPA). As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.

What’s Included

DPAWS 9 includes everything needed to collect, process and analyze algorithms and devices. Custom test fixtures are included for analysis of smart cards and FPGA algorithms. Additionally, DPAWS 9 provides the flexibility to interface to your own devices. Signal probes, filters, and a wideband amplifier are provided with the DPAWS 9 to shorten startup time. A carefully selected digital oscilloscope and PCI data acquisition card facilitate a wide variety of data collection. Collections and analyses can be scripted using native Python or MATLAB modules. Powerful visualization and analysis tools are included to facilitate rapid and complete testing of hypotheses. Users also receive an in-depth training course covering both theoretical and practical aspects of side-channel analysis.

Optional Fault Injection by Riscure

Riscure Fault Injection offers a comprehensive set of features to perform FI testing on embedded devices. FI users can test whether a key can be extracted by inducing faults in a chip’s cryptographic operations, by bypassing a check such as an authentication or lifecycle state, or changing the program flow on a chip. Rambus partners with Riscure to provide the most comprehensive and integrated side-channel test capability available. Riscure FI is integrated with DPAWS 9 and can be purchased as an option.

Solution Offerings

Supports Complete DPA Workflow

  • Users can perform every stage of the side-channel analysis process:
    • Exploration
    • Acquisition
    • Signal/Pre-Processing
    • Prediction
    • Analysis/Partition
    • Hypothesis Evaluation
  • Project Library Management System
    • Simple organization of test and analysis scripts in addition to the collected data
  • Integrated Help System
    • Increase productivity and effectiveness of DPAWS with easy to use FAQs, wizards and knowledge base

Scripting modules for efficient development of collection and analysis scripts

  • Scope interface
  • Device-under-test (DUT) interface
  • Unified dataset API
  • Cryptographic algorithm support
  • Test data generators
  • Interface to trace viewer
  • Scripting utilities

Powerful data visualization software

  • Intuitive interface – easy to learn and use
  • View collected traces
  • SPA and trace difference analysis
  • View results of DPA
  • Supports alignment and other processing tools
  • Integrates with scripting modules
  • Accommodates display of very large traces and data sets

Ease of Data Acquisition

  • Supports efficient data capture from multiple A/D sampling devices and manipulation of very large data sets.
    • Interface with network-connected digital oscilloscopes.
    • Interface with PCI A/D sampling cards.
    • Waveform filtering, alignment, and compression routines.

Fault Injection

  • Flexible: A powerful instruction set to program any fault injection attack scenario. Scenarios can be developed from the user interface or the IDE if more control is desired.
  • Time-independent triggering: Accurately trigger a fault injection attack by triggering on the actual waveform rather than elapsed time.

Multiple Devices and Sensors

  • Data collection environment is compatible with multiple device interfaces, form factors, and sensor types.
    • Device types
      • FPGA (including DPAD reference platform)
      • SoC
      • Smartcards and embedded platforms
    • Sensor support
      • Direct power measurement
      • Field probes (electric, magnetic)

Cipher Support

  • Analyze a full range of standard ciphers and hashing algorithms:
    • Turnkey support for AES, DES, RSA, ECC, SHA-256
    • Selection functions regularly updated to support new vulnerabilities

Analysis Versatility

  • DPAWS can be used for simple device characterization to advanced DPA.
    • Simple Power/EM Analysis (SPA/SEMA)
    • Trace pair differentials
    • Differential Power/EM Analysis (DPA/DEMA)
    • High-Order Differential Power Analysis (HO-DPA)
    • Fault Injection by Riscure (optional)

Analysis Workbench

  • DPAWS device interface and data collection environment
  • Signal processing
  • Hypothesis generation
  • Optimized DPA analysis utilities
  • Analysis tools


  • Oscilloscope and PCI high-speed sampling card
  • Test fixtures included:
    • DPAD FPGA testing platform
    • Smart card test fixture
  • Test probes, filters, and signal amplifier

Analysis Software

  • DPAWS modules for scripting
  • DPA Integrated Analysis Application for side-channel test
  • Custom tools for:
    • Signal processing
    • Trace Data Alignment
    • Hypothesis generation / sorting
    • Highly optimized DPA analysis
    • Higher-order analysis
    • Visualization
  • Source code which allows for customization and adaptation of the Test Environment
  • Scripting and source code development environment
  • Visual Studio License
  • Integrated Help Section
    • FAQs, tutorials and wizards


  • Workstation-class PC
  • Oscilloscope
  • PCI high-speed sampling card
  • DPAD FPGA test fixture
  • Smart card test fixture
  • Probe set
  • Filter set
  • Wideband Signal Amplifier

Documentation and Training Materials

DPAWS 9 includes hands-on training and ongoing technical support. Customers receive a 5-day training course at our Rambus, San Francisco office. Trainees learn fundamentals of SPA and DPA, device data collection, and workstation analysis workflows.

  • 5-day training focus areas:
    • Simple Power Analysis
    • Differential Power Analysis
    • Electromagnetic Analysis
    • Advanced DPA topics
    • Certifying DPA-resistant products
  • Hands-on training topics:
    • DPA Workstation operation
    • Scripting for collection and analysis
    • Device data collection
    • Signal Processing
    • Trace Data Alignment
    • SPA analysis
    • DPA data analysis
    • Test Vector Leakage Analysis

We offer optional training on advanced analysis topics and analysis support.

Protecting Electronic Systems eBook thumbnail

Protecting Electronic Systems from Side-Channel Attacks

Side-channel attacks comprise a wide range of techniques including Differential Power Analysis, Simple Power Analysis, Simple Electromagnetic Analysis, Differential Electromagnetic Analysis, Correlation Power Analysis and Correlation Electromagnetic Analysis. An effective layer of side-channel countermeasures should therefore be implemented via hardware (DPA resistant cores), software (DPA resistant libraries) or both. After layered countermeasures have been implemented, systems should be carefully evaluated to confirm the cessation of sensitive side-channel leakage.


Security Icon

DPA Countermeasures

DPA Countermeasures are fundamental techniques for protecting against Differential Power Analysis (DPA) and related side-channel attacks. Consisting of a broad range of software, hardware, and protocol techniques, DPA Countermeasures include reducing leakage, introducing amplitude and temporal noise, balancing hardware and software, incorporating randomness, and implementing protocol level countermeasures.