Due to the constant increase and versatility of IoT devices that should keep sensitive information private, Side-channel Analysis (SCA) attacks on embedded devices are gaining visibility in the industrial field. The integration and validation of countermeasures against SCA can be an expensive and cumbersome process, especially for the less experienced ones. Additionally, current certification procedures require to attack the devices under test using multiple SCA techniques and attack vectors, often implying a high degree of complexity.

The goal of this paper is to introduce a new automatic way to ease one of the most crucial and tedious steps of profiling attacks i.e. the points of interest (POI) selection and hence assist the SCA evaluation process. To this end, we propose the usage of Estimation of Distribution Algorithms (EDAs) in the SCA field to perform the point of interest selection step together with the profiling and key recovery steps. This contribution allows an automated optimization of the attack, avoiding the need to manually perform various types of analyses with different POI combinations. We showcase our approach on several experimental use cases, including attacks on unprotected and protected AES implementations. In addition, we introduce a new public dataset containing power traces taken from distinct copies of the same device and perform attacks over this dataset using our method, dismissing in this way the portability issue.

由于应将敏感信息保密的物联网设备的不断增加和多功能性，对嵌入式设备的侧信道分析 (SCA) 攻击在工业领域越来越受到关注。针对 SCA 的对策的集成和验证可能是一个昂贵且繁琐的过程，尤其是对于经验不足的人。此外，当前的认证程序需要使用多种 SCA 技术和攻击向量来攻击被测设备，这通常意味着高度的复杂性。

本文的目标是引入一种新的自动方法来简化分析攻击中最关键和最繁琐的步骤之一，即兴趣点 (POI) 选择，从而协助 SCA 评估过程。为此，我们建议在 SCA 领域使用分布算法估计 (EDA) 来执行兴趣点选择步骤以及分析和密钥恢复步骤。这种贡献允许对攻击进行自动优化，避免需要使用不同的 POI 组合手动执行各种类型的分析。我们在几个实验用例中展示了我们的方法，包括对未受保护和受保护的 AES 实现的攻击。此外，