Fuzzing is an automatic test generation technique. It consists in repeatedly executing a program with automatically generated inputs, in order to trigger crashes, symptoms of underlying bugs in the code, which can then be fixed. A major challenge in this area is moving from indiscriminate exploration of how programs work to artful guidance towards the...

Learn more Apply

This research aims to investigate the effectiveness of scenario-based testing as a comprehensive and robust approach for evaluating ASsapos; performance while enhancing their safety and reliability with respect to regulations and standards. The primary objective of this thesis will be to investigate the benefits of scenario-based testing for automated systems and its compliance with regulations...

Learn more Apply

The general context of this thesis is the cyber-security of embedded systems. The research background of this thesis is tied to the automatic application of counter-measures against the so-called physical attacks, which encompass observation attacks (side-channel attacks) and perturbation attacks (fault-injection attacks). The CEA List is working on COGITO, a compiler toolchain based on LLVM...

Learn more Apply

Because program analysis is an undecidable problem, static analyzes fall into 2 categories: - Sound analyses, which calculate an over-approximation of all the programapos;s behaviors, and make it possible to verify the absence of errors. - Complete analyses, which calculate an under-approximation of the possible behaviors of the program, and allow errors to be found....

Learn more Apply

This PhD project aims at advancing the field of image sensor security through a comprehensive exploration of recent deep learning techniques applied to both robust and fragile invisible watermarking. In the specific context of embedded image rendering pipelines, this study aims to address the dual challenges of ensuring resistance against intentional attacks to break the...

Learn more Apply

Fuzzing is a dynamic testing technique that enables vulnerabilities to be discovered very efficiently. Hundreds or even thousands of vulnerabilities are detected (and repaired) every year in the software we use. When we try to transpose the fuzzing approach to embedded systems, we are faced with a number of problems: the source code is not...

Learn more Apply

With a strong context of regulation of Artificial Intelligence (AI) at the European scale, several requirements have been proposed for the quot;cybersecurity of AIquot;. Among the most important concepts related to the security of the machine learning models and the AI-based systems, quot;security-by-designquot; is mostly linked to model hardening approaches (e.g., adversarial training against evasion...

Learn more Apply

In the era of booming digitalization, our reliance on energy-hungry digital systems continues to surge. This voracious development, coupled with the threat of global warming, necessitates innovative solutions. Approximate Computing (AxC) is a design technique offering an attractive trade-off between computation errors and substantial energy reduction. This PhD proposal aims to push AxC to new...

Learn more Apply

Join our dynamic research team at CEA-List within the DSCIN division for a PhD opportunity in the field of hardware security and formal analysis of processor micro-architectures. The focus of this research is the formalization and analysis of countermeasures against fault injection attacks on open-source processors. Operating at the cutting edge of cyber-security for embedded...

Learn more Apply

The goal of this PhD subject is to study the capabilities of laser fault injection to extract cryptographic secret or to by-pass security mechanisms. This study will focus on System-on-Chip targets. First, the PhD student will explore new methods to optimize laser fault injection on System-on-Chip. The next topic that will be addressed by the...

Learn more Apply

Nowadays, we have four FHE cryptosystems, namely TFHE, BFV/BGV and CKKS, which are becoming a kind of standards for FHE use in practice. However, each of these schemes suffer from some kind of limitations of their own. Some allow for computations over large plaintexts, while some allow for unbounded number of operations. In some schemes...

Learn more Apply

Work carried out within the CEA-Leti has shown that physical attacks can be a threat to the security mechanisms of SoCs (System-On-Chips). Indeed, fault injections by electromagnetic disturbance have already led to an elevation of privileges by authenticating with an illegitimate password, or more recently have made it possible to circumvent one of the highest...

Learn more Apply

Images, and therefore the sensors that generate them, must respond to the challenges posed by their illicit use, either to divert their content through deep fakes, or for unauthorized access. The concept of trusted imagers responds to the need to ensure the security, authentication or encryption of images as soon as they are acquired. Based...

Learn more Apply

The CESTI laboratory in Grenoble is responsible for the safety evaluation of products (commercial or prototype). or prototypes). A wide range of tests can be carried out as part of these evaluations, including those designed to observe the target's behavior when faults are injected into integrated circuits. Fault injection consists of perturbing the system by...

Learn more Apply

Embedded cryptography on smartcards can be vulnerable to side-channel attacks, based on the interpretation of the information retrieved during the execution of the algorithm. This information leak is generally measured at the hardware level thanks to a consumption signal or electromagnetic radiation. Many methods, based mainly on statistical tools, exist to exploit these signals and...

Learn more Apply

In recent work [RTAS 2021], we have demonstrated the value of static analysis guided by an advanced dependent type system for the analysis of low-level system programs, going so far as to be able to automatically verify the absence of privilege escalation in an embedded operating system kernel as a consequence of the type-safety of...

Learn more Apply

With a strong context of regulation of AI at the European scale, several requirements have been proposed for the quot;cybersecurity of AIquot; and more particularly to increase the security of AI systems and not only the core ML models. This is important especially as we are experience an impressive development of large models that are...

Learn more Apply

Providing assurances that autonomous systems will operate in a safe and secure manner is a prerequisite for their deployment in mission-critical and safety-critical application domains. Typically, assurances are provided in the form of assurance cases, which are auditable and reasoned arguments that a high-level claim (usually concerning safety or other critical properties) is satisfied given...

Learn more Apply

Traditional public-key cryptography algorithms are considered broken when a large-scale quantum computer is successfully realized. Consequently, the National Institute of Standards and Technology (NIST) in the USA has launched an initiative to develop and standardize new Post-Quantum Cryptography (PQC) algorithms, aiming to replace established public-key mechanisms. However, the adoption of PQC algorithms in Internet of...

Learn more Apply