Software vulnerabilities due to memory management errors are among the easiest to exploit. To prevent an attacker from injecting its own arbitrary code (shellcode), modern systems commonly enforce a Data Execution Prevention (DEP), often implemented as segment permissions (Write xor Execute – W^E). Yet, Code-Reuse Attacks have emerged to circumvent the DEP protections. Thanks to...

Learn more Apply

Providing assurances that autonomous systems will operate in a safe and secure manner is a prerequisite for their deployment in mission-critical and safety-critical application domains. Typically, assurances are provided in the form of assurance cases, which are auditable and reasoned arguments that a high-level claim (usually concerning safety or other critical properties) is satisfied given...

Learn more Apply

With a strong context of regulation of AI at the European scale, several requirements have been proposed for the quot;cybersecurity of AIquot; and more particularly to increase the security of complex modern AI systems. Indeed, we are experience an impressive development of large models (so-called “Foundation” models) that are deployed at large-scale to be adapted...

Learn more Apply

The first worldwide deployment of a blockchain dates back to 2010 with Bitcoin, which introduced a completely digital monetary system and a crypto-currency, bitcoin. Within Bitcoin, all transactions are publicly accessible and traceable, which should generate trust between stakeholders. However, the traceability of transactions, and ultimately of the crypto-currency, does not imply the traceability of...

Learn more Apply

The cybersecurity of our infrastructures is at the very heart in the digital transition on-going, and security must be ensured throughout the entire chain. At the root of trust lies the hardware, integrated circuits providing essential functions for the integrity, confidentiality and availability of processed information. But hardware is vulnerable to physical attacks, and defence...

Learn more Apply

The blockchain is based on a consensus protocol, the aim of which is to share and replicate ordered data between peers in a distributed network. The protocol stack, embedded in the network's peer devices, relies on a proof mechanism that certifies the timestamp and ensures a degree of fairness within the network. The consensus protocols...

Learn more Apply

Side-channel attacks, such as analyzing a processorapos;s electrical consumption or electromagnetic emissions, allow for the recovery of sensitive information, including cryptographic keys. These attacks are particularly effective and pose a serious threat to the security of embedded systems. This thesis focuses on combining low-impact software countermeasures to strengthen security against side-channel attacks, an idea that...

Learn more Apply