Scientific direction Development of key enabling technologies
Transfer of knowledge to industry

PhD : selection by topics

See all positions [+]

Safety/Security Modeling for Security Characterization of Industrial Control Systems

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-10-2021

SL-DRT-21-0031

Cyber security : hardware and sofware (.pdf)

Industrial systems are often used to monitor and control a physical process such as energy production and distribution, water cleaning or transport systems. They are often simply called Supervisory Control And Data Acquisition (SCADA) systems. Due to their interaction with the real world, the safety of these systems is critical and any incident can potentially harm humans and the environment. Since the Stuxnet worm in 2010, such systems increasingly face cyberattacks caused by various intruders, including terrorists or enemy governments [1]. As the frequency of such attacks is increasing, the security of SCADA systems becomes a priority for governmental agencies [2]. One of the main research axis in cybersecurity of industrial systems deals with combination of safety and security properties. Safety relates to applicative properties of the system (e.g. chemical properties for a chemical factory); while security properties take into account how an intruder can harm the system. As show in [3], combining safety and security is a challenging topic as these properties can be either dependent, strengthening, antagonist or independent. As show in [4], combining both safety and security in a common modeling is challenging as both come with sources of combinatorial explosion. Moreover, there are tools used either for security or safety analyzes but currently no tool is able to handle both aspects at the same time. In this context, we propose a Ph.D thesis revolving around modeling of industrial systems taking into account both safety properties of the physical process and security properties. Besides the definition of an accurate, yet automatically analyzable modeling framework/language, many aspects can be part of the subject. For instance, programmable automata (PLC) configuration files could be generated from this model in order to only deploy programs validated beforehand. PLC vulnerabilities could be studied (firmware reverse engineering, protocol fuzzing) in order to test the technical feasibility of found attacks. Finally, in a certification context, security analyzes on the model could include requirements from standards such as IEC 62443 [5] to help evaluation process. Références [1] J. Weiss, Protecting industrial control systems from electronic, Momentum Press, 2010. [2] ANSSI, Managing cybersecurity for ICS, ANSSI, 2012. [3] L. Piètre-Cambacédès, Des relations entre sûreté et sécurité, Paris: Télécom ParisTech, 2010. [4] M. P. a. A. K. M. Puys, Generation of applicative attacks scenarios against industrial systems, Nancy: FPS'17, 2017. [5] IEC-62443, Industrial communication networks - Network and, International Electrotechnical Commission, 2010.

Download the offer (.zip)

embedded elapsed-time attestation

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-10-2021

SL-DRT-21-0089

christine.hennebert@cea.fr

Cyber security : hardware and sofware (.pdf)

With the emergence of a protocol that secures a history of transactions on a peer-to-peer network, Bitcoin introduced the first decentralized digital currency in 2009. The security of the Bitcoin protocol is based on the proof of work and common rules and procedures among peers in the network who participate in the consensus, i.e. the choice of the next block of data to be added to the shared and replicated ledger. The proof of work has two major drawbacks. On the one hand, it ensures security by design by requiring nodes participating in the consensus to work with a computing intensity corresponding to the maximum of Moore's law, which is obviously very energy consuming. On the other hand, the parallelization of this proof process with an implementation in ASICs makes the system vulnerable to Sybil-type attacks by recentralizing resources. The mining pools exploit this vulnerability. The present thesis topic aims at building a proof for embedded and resource constrained objects, which ensures the security of a transaction history at low power. The work will focus on the embedded implementation of the proof mechanism on a system-on-module platform using a TPM 2.0 (Trusted Platform Module) security hardware component as root-of-trust. The solution introduced will have to be robust to the above-mentioned drawbacks and vulnerabilities.

Download the offer (.zip)

Fault injection and integrity of edge neural networks: attacks, protections, evaluation

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-02-2021

SL-DRT-21-0159

pierre-alain.moellic@cea.fr

Artificial intelligence & Data intelligence (.pdf)

One of the major trends of Artificial Intelligence is the large-scale deployment of Machine Learning systems to a large variety of embedded platforms. A lot of semi-conductor practioners propose "A.I. suitable" products, majoritarely with neural networks for inference purpose. The security of the embedded models is a major issue for the deployment of these systems. Several works raised threats such as the adversarial examples or the membership inference attacks with disastrous impact. These works consider the ML aglorithms through a pure algorithmic point of view without taking into consideration the specificities of their physical implementation. Moreover, advanced works are compulsory for physical attacks (i.e., side-channel and fault injection analysis). By considering a overall attack surface gathering the theoretical (i.e. algorithmic) and physical facets, this subject propose to analyze Fault Injection Analysis threats (FIA) targeting the integrity of the model (fooling a prediction) of embedded machine learning systems and the development of appropriate protections. Several works have studied physical attacks for embedded neural networks but with usually naive model architecture on 'simple' 8-bit microcontrolers, or FPGA or at a pure simulation level. These works do not try to link the fault models or the leakages with well-known algorithmic threats. Being based on the experience on other critical systems (e.g., cryptographic primitive), the main idea of this PhD subject will be to jointly analysis the algorithmic and physical world in order to better understand the complexity of the threats and develop efficient defense schemes. The works will answer the following scientific challenges: (1) Caracterization and exploitation of fault models: how to exploit fault injection mechanisms (laser, EM, glitching) to fool the prediction of a model with minimal perturbations. (2) Evaluation of the relevance of classical countermeasures (such as redundancy-based techniques) for this kind of systems and threats. (3) Develop new protections suitable to embedded neural networks.

Download the offer (.zip)

Autonomous network management solution for deterministic networks using Artificial Intelligence (AI) techniques

Département Intelligence Ambiante et Systèmes Interactifs (LIST)

Laboratoire Systèmes Communiquants

01-02-2021

SL-DRT-21-0178

siwar.benhadjsaid@cea.fr

Communication networks, IOT, radiofrequencies and antennas (.pdf)

The objective of the thesis is to explore and evaluate the gain that could bring the Artificial Intelligence (AI) techniques to the network management solutions for deterministic networks. The goal is to help deterministic networks to ensure the preservation of the quality of service (QoS) during the routing of end-to-end data flow no matter what changes are made to the network. This will allow to design an autonomous network management solution that is able to configure deterministic networks in the most appropriate way and adapt the configuration when needed (e.g. new terminal connecting to the network, unexpected high latency for certain critical flows, change of the topology caused by the reorganization / reconfiguration of components of the production chain in the factory etc.). This solution will use artificial intelligence methods to learn from experience the conditions that lead to non-compliance with application flow requirements (high latency, low bandwidth, etc.). Learning takes place to recognize, upstream, the situations that may lead to non-compliance with the constraints of application flows and also to predict the effects of changes in input data (new terminal, reorganization of the plant, etc.) on the level of QoS provided to flows in transit. Based on such knowledge, the solution will anticipate QoS degradation situations and, consequently, will decide and push the adequate network reconfiguration which will make it possible to respect the constraints associated with each application flow.

Download the offer (.zip)

Distributed resource allocation for meshed networks of mobile users in shared spectrum

Département Systèmes (LETI)

Laboratoire Sans fils Haut Débit

01-09-2021

SL-DRT-21-0186

mickael.maman@cea.fr

Communication networks, IOT, radiofrequencies and antennas (.pdf)

In future 5G wireless networks, it is imperative to easily deploy and manage a private network of mobile users such as a fleet of vehicles or UAVs. The objective of this thesis is to define a distributed resource allocation for mesh networks of mobile users in the shared spectrum through resource pooling (time/frequency) and efficient management of directional antenna beams. While existing studies focus on maximizing the performance of static backhaul multi-beam mesh networks, we are interested in collaborative local/distributed learning between mobile users. The first step of this thesis will be to integrate a realistic model of sub 6-GHz and/or mmW directional antennas in a network simulator. A trade off between the spatiality of the directivity, the antenna efficiency and the complexity of the algorithm will be made for point-to-point and point-to-multipoint communications. Moreover the antenna configurations will be contextualized between the communication, discovery or tracking phases. The second step of this thesis will concern the design of the distributed resource allocation protocol during different stages of the network life: deployment, self-optimization and self-healing. A trade-off will be made between the type and latency of antenna (re)configuration, the accuracy of beam alignment, the channel coherence time for mobile users (volatile connectivity) and the convergence time of the scheduling.

Download the offer (.zip)

Automatic design of secure hardware architectures

Département Systèmes et Circuits Intégrés Numériques

Laboratoire Environnement de Conception et Architecture

01-10-2021

SL-DRT-21-0190

caaliph.andriamisaina@cea.fr

Cyber security : hardware and sofware (.pdf)

Embedded systems are more and more ubiquitous and interconnected; they are an attractive target for security attacks. The security aspect is thus becoming more and more important when designing these systems, as a vulnerability in one system can compromise an entire infrastructure of connected systems. Thus, each system contributes to the construction of a global chain of trust. Moreover, given the increasing complexity of the applications running on these systems, it is becoming increasingly difficult to meet all security criteria (for instance application isolation, system authentication, secret and private data protection, communications protection). The design of these systems therefore requires an in-depth analysis of the various security constraints to which they are subject, based on a threat model associated with the potential attacker. While extra-functional design objectives such as performance, power consumption and area are generally well taken into account during the very early stages of embedded system design, security is still generally considered afterwards, leading to security solutions seen as an addition to the initial system. This design approach needs to be reconsidered in order to develop solutions that integrate security by construction and no longer as an additional element. The objective of this thesis is thus to take into account the security constraints in addition to the performance, power consumption and area constraints during the design space exploration (DSE) of hardware architectures in order to automatically generate an architecture optimized with respect to all these constraints. This study will begin with an analysis of the threat models in particular with respect to hardware attacks and existing countermeasures at the hardware level. Then, the security modeling and quantifying in the context of DSE will be carried out, as it will be essential to clearly characterize the techniques and approaches for taking into account the security needs of the systems. From this step, the candidate will propose a DSE flow of hardware architectures taking into account security constraints, in addition to power consumption, performance and area constraints. The goal is to be able to analyze the security, area, power consumption and performance trade-offs according to the designers' specifications at both functional and non-functional levels. This flow will then be applied to a practical case of hardware architecture design in order to validate the developed DSE approach. The developed solutions will have to demonstrate their level of robustness with respect to the security constraint in order to guarantee the security of the systems while respecting and optimizing the other design constraints.

Download the offer (.zip)

155 Results found (Page 1 of 26)
1 - 2 - 3 - 4 - 5  next   last

See all positions