Attack model for verification of interval security properties for smart card C codes.