This research aims to investigate the effectiveness of scenario-based testing as a comprehensive and robust approach for evaluating ASs' performance while enhancing their safety and reliability with respect to regulations and standards. The primary objective of this thesis will be to investigate the benefits of scenario-based testing for automated systems and its compliance with regulations...

Learn more

Fuzzing is an automatic test generation technique. It consists in repeatedly executing a program with automatically generated inputs, in order to trigger crashes, symptoms of underlying bugs in the code, which can then be fixed. A major challenge in this area is moving from indiscriminate exploration of how programs work to artful guidance towards the...

Learn more

The general context of this thesis is the cyber-security of embedded systems. The research background of this thesis is tied to the automatic application of counter-measures against the so-called physical attacks, which encompass observation attacks (side-channel attacks) and perturbation attacks (fault-injection attacks). The CEA List is working on COGITO, a compiler toolchain based on LLVM...

Learn more

Because program analysis is an undecidable problem, static analyzes fall into 2 categories: - Sound analyses, which calculate an over-approximation of all the program's behaviors, and make it possible to verify the absence of errors. - Complete analyses, which calculate an under-approximation of the possible behaviors of the program, and allow errors to be found....

Learn more

Fuzzing is a dynamic testing technique that enables vulnerabilities to be discovered very efficiently. Hundreds or even thousands of vulnerabilities are detected (and repaired) every year in the software we use. When we try to transpose the fuzzing approach to embedded systems, we are faced with a number of problems: the source code is not...

Learn more

Nowadays, we have four FHE cryptosystems, namely TFHE, BFV/BGV and CKKS, which are becoming a kind of standards for FHE use in practice. However, each of these schemes suffer from some kind of limitations of their own. Some allow for computations over large plaintexts, while some allow for unbounded number of operations. In some schemes...

Learn more

The goal of this PhD subject is to study the capabilities of laser fault injection to extract cryptographic secret or to by-pass security mechanisms. This study will focus on System-on-Chip targets. First, the PhD student will explore new methods to optimize laser fault injection on System-on-Chip. The next topic that will be addressed by the...

Learn more

Work carried out within the CEA-Leti has shown that physical attacks can be a threat to the security mechanisms of SoCs (System-On-Chips). Indeed, fault injections by electromagnetic disturbance have already led to an elevation of privileges by authenticating with an illegitimate password, or more recently have made it possible to circumvent one of the highest...

Learn more

With a strong context of regulation of Artificial Intelligence (AI) at the European scale, several requirements have been proposed for the "cybersecurity of AI". Among the most important concepts related to the security of the machine learning models and the AI-based systems, "security-by-design" is mostly linked to model hardening approaches (e.g., adversarial training against evasion...

Learn more

Join our dynamic research team at CEA-List within the DSCIN division for a PhD opportunity in the field of hardware security and formal analysis of processor micro-architectures. The focus of this research is the formalization and analysis of countermeasures against fault injection attacks on open-source processors. Operating at the cutting edge of cyber-security for embedded...

Learn more

Images, and therefore the sensors that generate them, must respond to the challenges posed by their illicit use, either to divert their content through deep fakes, or for unauthorized access. The concept of trusted imagers responds to the need to ensure the security, authentication or encryption of images as soon as they are acquired. Based...

Learn more

Embedded cryptography on smartcards can be vulnerable to side-channel attacks, based on the interpretation of the information retrieved during the execution of the algorithm. This information leak is generally measured at the hardware level thanks to a consumption signal or electromagnetic radiation. Many methods, based mainly on statistical tools, exist to exploit these signals and...

Learn more

In recent work [RTAS 2021], we have demonstrated the benefits of a static analysis guided for analyzing low-level system programs, going so far as to be able to automatically verify the absence to the point of being able to automatically verify the absence of privilege escalation in an embedded operating system kernel as a consequence...

Learn more

With a strong context of regulation of AI at the European scale, several requirements have been proposed for the "cybersecurity of AI" and more particularly to increase the security of AI systems and not only the core ML models. This is important especially as we are experience an impressive development of large models that are...

Learn more

Providing assurances that autonomous systems will operate in a safe and secure manner is a prerequisite for their deployment in mission-critical and safety-critical application domains. Typically, assurances are provided in the form of assurance cases, which are auditable and reasoned arguments that a high-level claim (usually concerning safety or other critical properties) is satisfied given...

Learn more

Traditional public-key cryptography algorithms are considered broken when a large-scale quantum computer is successfully realized. Consequently, the National Institute of Standards and Technology (NIST) in the USA has launched an initiative to develop and standardize new Post-Quantum Cryptography (PQC) algorithms, aiming to replace established public-key mechanisms. However, the adoption of PQC algorithms in Internet of...

Learn more

Context: The widespread utilization of connected devices that process sensitive information necessitates the creation of new secure systems. The prevalent attack, referred to as power side-channel, involves the retrieval of encryption key information by analyzing the power consumption of the system. Integrating the system with its power supply management blocks can conceal the consumption of...

Learn more

The cybersecurity of our infrastructures is at the very heart in the digital transition on-going, and security must be ensured throughout the entire chain. At the root of trust lies the hardware, integrated circuits providing essential functions for the integrity, confidentiality and availability of processed information. But hardware is vulnerable to physical attacks, and defence...

Learn more