Scientific direction Development of key enabling technologies
Transfer of knowledge to industry

PhD : selection by topics

See all positions [+]

embedded elapsed-time attestation

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-10-2021

SL-DRT-21-0089

christine.hennebert@cea.fr

Cyber security : hardware and sofware (.pdf)

With the emergence of a protocol that secures a history of transactions on a peer-to-peer network, Bitcoin introduced the first decentralized digital currency in 2009. The security of the Bitcoin protocol is based on the proof of work and common rules and procedures among peers in the network who participate in the consensus, i.e. the choice of the next block of data to be added to the shared and replicated ledger. The proof of work has two major drawbacks. On the one hand, it ensures security by design by requiring nodes participating in the consensus to work with a computing intensity corresponding to the maximum of Moore's law, which is obviously very energy consuming. On the other hand, the parallelization of this proof process with an implementation in ASICs makes the system vulnerable to Sybil-type attacks by recentralizing resources. The mining pools exploit this vulnerability. The present thesis topic aims at building a proof for embedded and resource constrained objects, which ensures the security of a transaction history at low power. The work will focus on the embedded implementation of the proof mechanism on a system-on-module platform using a TPM 2.0 (Trusted Platform Module) security hardware component as root-of-trust. The solution introduced will have to be robust to the above-mentioned drawbacks and vulnerabilities.

Download the offer (.zip)

Fault injection and integrity of edge neural networks: attacks, protections, evaluation

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-02-2021

SL-DRT-21-0159

pierre-alain.moellic@cea.fr

Artificial intelligence & Data intelligence (.pdf)

One of the major trends of Artificial Intelligence is the large-scale deployment of Machine Learning systems to a large variety of embedded platforms. A lot of semi-conductor practioners propose "A.I. suitable" products, majoritarely with neural networks for inference purpose. The security of the embedded models is a major issue for the deployment of these systems. Several works raised threats such as the adversarial examples or the membership inference attacks with disastrous impact. These works consider the ML aglorithms through a pure algorithmic point of view without taking into consideration the specificities of their physical implementation. Moreover, advanced works are compulsory for physical attacks (i.e., side-channel and fault injection analysis). By considering a overall attack surface gathering the theoretical (i.e. algorithmic) and physical facets, this subject propose to analyze Fault Injection Analysis threats (FIA) targeting the integrity of the model (fooling a prediction) of embedded machine learning systems and the development of appropriate protections. Several works have studied physical attacks for embedded neural networks but with usually naive model architecture on 'simple' 8-bit microcontrolers, or FPGA or at a pure simulation level. These works do not try to link the fault models or the leakages with well-known algorithmic threats. Being based on the experience on other critical systems (e.g., cryptographic primitive), the main idea of this PhD subject will be to jointly analysis the algorithmic and physical world in order to better understand the complexity of the threats and develop efficient defense schemes. The works will answer the following scientific challenges: (1) Caracterization and exploitation of fault models: how to exploit fault injection mechanisms (laser, EM, glitching) to fool the prediction of a model with minimal perturbations. (2) Evaluation of the relevance of classical countermeasures (such as redundancy-based techniques) for this kind of systems and threats. (3) Develop new protections suitable to embedded neural networks.

Download the offer (.zip)

Autonomous network management solution for deterministic networks using Artificial Intelligence (AI) techniques

Département Intelligence Ambiante et Systèmes Interactifs (LIST)

Laboratoire Systèmes Communiquants

01-02-2021

SL-DRT-21-0178

siwar.benhadjsaid@cea.fr

Communication networks, IOT, radiofrequencies and antennas (.pdf)

The objective of the thesis is to explore and evaluate the gain that could bring the Artificial Intelligence (AI) techniques to the network management solutions for deterministic networks. The goal is to help deterministic networks to ensure the preservation of the quality of service (QoS) during the routing of end-to-end data flow no matter what changes are made to the network. This will allow to design an autonomous network management solution that is able to configure deterministic networks in the most appropriate way and adapt the configuration when needed (e.g. new terminal connecting to the network, unexpected high latency for certain critical flows, change of the topology caused by the reorganization / reconfiguration of components of the production chain in the factory etc.). This solution will use artificial intelligence methods to learn from experience the conditions that lead to non-compliance with application flow requirements (high latency, low bandwidth, etc.). Learning takes place to recognize, upstream, the situations that may lead to non-compliance with the constraints of application flows and also to predict the effects of changes in input data (new terminal, reorganization of the plant, etc.) on the level of QoS provided to flows in transit. Based on such knowledge, the solution will anticipate QoS degradation situations and, consequently, will decide and push the adequate network reconfiguration which will make it possible to respect the constraints associated with each application flow.

Download the offer (.zip)

Distributed resource allocation for meshed networks of mobile users in shared spectrum

Département Systèmes (LETI)

Laboratoire Sans fils Haut Débit

01-09-2021

SL-DRT-21-0186

mickael.maman@cea.fr

Communication networks, IOT, radiofrequencies and antennas (.pdf)

In future 5G wireless networks, it is imperative to easily deploy and manage a private network of mobile users such as a fleet of vehicles or UAVs. The objective of this thesis is to define a distributed resource allocation for mesh networks of mobile users in the shared spectrum through resource pooling (time/frequency) and efficient management of directional antenna beams. While existing studies focus on maximizing the performance of static backhaul multi-beam mesh networks, we are interested in collaborative local/distributed learning between mobile users. The first step of this thesis will be to integrate a realistic model of sub 6-GHz and/or mmW directional antennas in a network simulator. A trade off between the spatiality of the directivity, the antenna efficiency and the complexity of the algorithm will be made for point-to-point and point-to-multipoint communications. Moreover the antenna configurations will be contextualized between the communication, discovery or tracking phases. The second step of this thesis will concern the design of the distributed resource allocation protocol during different stages of the network life: deployment, self-optimization and self-healing. A trade-off will be made between the type and latency of antenna (re)configuration, the accuracy of beam alignment, the channel coherence time for mobile users (volatile connectivity) and the convergence time of the scheduling.

Download the offer (.zip)

Automatic design of secure hardware architectures

Département Systèmes et Circuits Intégrés Numériques

Laboratoire Environnement de Conception et Architecture

01-10-2021

SL-DRT-21-0190

caaliph.andriamisaina@cea.fr

Cyber security : hardware and sofware (.pdf)

Embedded systems are more and more ubiquitous and interconnected; they are an attractive target for security attacks. The security aspect is thus becoming more and more important when designing these systems, as a vulnerability in one system can compromise an entire infrastructure of connected systems. Thus, each system contributes to the construction of a global chain of trust. Moreover, given the increasing complexity of the applications running on these systems, it is becoming increasingly difficult to meet all security criteria (for instance application isolation, system authentication, secret and private data protection, communications protection). The design of these systems therefore requires an in-depth analysis of the various security constraints to which they are subject, based on a threat model associated with the potential attacker. While extra-functional design objectives such as performance, power consumption and area are generally well taken into account during the very early stages of embedded system design, security is still generally considered afterwards, leading to security solutions seen as an addition to the initial system. This design approach needs to be reconsidered in order to develop solutions that integrate security by construction and no longer as an additional element. The objective of this thesis is thus to take into account the security constraints in addition to the performance, power consumption and area constraints during the design space exploration (DSE) of hardware architectures in order to automatically generate an architecture optimized with respect to all these constraints. This study will begin with an analysis of the threat models in particular with respect to hardware attacks and existing countermeasures at the hardware level. Then, the security modeling and quantifying in the context of DSE will be carried out, as it will be essential to clearly characterize the techniques and approaches for taking into account the security needs of the systems. From this step, the candidate will propose a DSE flow of hardware architectures taking into account security constraints, in addition to power consumption, performance and area constraints. The goal is to be able to analyze the security, area, power consumption and performance trade-offs according to the designers' specifications at both functional and non-functional levels. This flow will then be applied to a practical case of hardware architecture design in order to validate the developed DSE approach. The developed solutions will have to demonstrate their level of robustness with respect to the security constraint in order to guarantee the security of the systems while respecting and optimizing the other design constraints.

Download the offer (.zip)

Proof of functional equivalence of binary codes in the context of programs hardening

Département Systèmes et Circuits Intégrés Numériques

Laboratoire Fonctions Innovantes pour circuits Mixtes

01-10-2021

SL-DRT-21-0192

damien.courousse@cea.fr

Cyber security : hardware and sofware (.pdf)

The general context of this thesis is the cyber-security of embedded systems. The research background of this thesis is tied to the automatic application of counter-measures against the so-called physical attacks, which encompass observation attacks (side-channel attacks) and perturbation attacks (fault-injection attacks). The CEA List is working on COGITO, a compiler toolchain based on LLVM for the automatic application of software counter-measures against physical attacks. Given a source-level implementation of an unprotected program, our toolchain produces an optimised binary program including targeted counter-measures, such that the compiled program is hardened against a specified threat model. Two key points are today crucial to trust the compiled programs: 1. the proof of robustness of programs produced by our toolchain, 2. the proof that adding counter-measures does not alter the functionality of the target programs. This thesis will target the second point: bringing formal guarantees about the functional correctness of the secured programs. We will use sound and exhaustive symbolic reasoning, supported by BINSEC (). BINSEC is an open-source toolset developed at CEA List to help improve software security at the binary level. It relies on cutting-edge research in binary code analysis, at the intersection of formal methods, program analysis, security and software engineering. The PhD thesis will be hosted at the CEA in Grenoble, in a multidisciplinary environment including experts in embedded software, cyber-security, hardware design, and machine learning. Short-term stays at the DILS at the CEA in Saclay will be planned throughout the three years of the thesis to collaborate with experts and developers of BINSEC.

Download the offer (.zip)

138 Results found (Page 1 of 23)
1 - 2 - 3 - 4 - 5  next   last

See all positions