Logo Lab-STICCFrom sensors to knowledge: Communicate and decide

Cyber

The laboratory is developing a very strong expertise in cybersecurity. It has a wide range of skills related to cybersecurity issues in the fields of software and hardware architectures, communications and networks, critical systems and risks related to the human factor. Seven teams contribute to the cyber program and develop complementary contributions.

 

In a few lines, from the consideration of the human factor to the securing of hardware architectures, the work of the teams can be broken down as follows: the FHOOX team is interested in the management of cyber crises from the human perspective. The IRIS team deals with security problems related to critical systems. The Maths&Net team develops work in the field of data analysis applied to network metrology. The SI3 team designs and develops methods, algorithms and solutions for securing the physical layer of communications and transmission systems. The P4S team works mainly in the field of design and maintenance of systems in which software is central. The ARCAD team develops work related to the design of secure hardware architectures. And the 2AI team studies hardware security issues in embedded AI systems.

 

In more detail, the contributions of the teams to the cyber program are:

 

The FHOOX team is interested in modeling and evaluating the cognitive activity of cyber defense operators during the various phases of managing a cybersecurity crisis.

To do so, it relies on the analysis of the psychophysiological responses of operators related to stress and mental load.

It also seeks to better understand the adaptation mechanisms within cyber teams, particularly in terms of intra-team communications and technical and social support actions between operators.

Finally, it aims to develop adaptive environments for training operators, in order to improve crisis management and reinforce skills in critical situations. This involves generating customized training scenarios based on the detection of situations that cause high levels of on-call time for operators and/or a drop in performance.

 

The IRIS team deals with safety issues related to critical systems. Critical systems cover a wide variety of domains such as transportation, energy and water distribution, chemical and pharmaceutical manufacturing...

The objective of the IRIS team is to prevent or mitigate the threat of malicious activities and to strengthen the architecture of these systems. Their fields of application range from civil to military contexts and concern the confidentiality, integrity and availability of these systems.

To ensure the security of these systems, the IRIS team focuses on three research themes:

  •   Cyber protection (watermarking, encryption, security policy management and enforcement, dynamic security segmentation...);
  •   Cyber defense (intrusion detection systems, detection model, adaptive response, autonomous cyber defense...);
  •   And cyber-resilience (by design, interdependencies between security and safety...).

 

The Maths&Net team develops work in the field of data analysis applied to network metrology.

The analyzed measurements are of various nature, and depend on the use case: performance (delays, page loading time), traffic (packets, flows), or metrics at the equipment level. The applications may concern failure diagnosis, quality of service or quality of experience characterization, or even the detection of computer attacks.

The analysis methodologies come from the field of machine learning. The Math&Net team is particularly interested in the detection of novelties in unsupervised or semi-supervised clustering and in the contributions of explainable artificial intelligence to the field of network data analysis. She often favors Bayesian approaches for modeling and statistical inference in data analysis.

It also has expertise in the field of acceleration (hardware or software) and real-time flow processing algorithms for traffic analysis. The team also has work around network architectures and the contributions of software defined networks (SDN), in the field of distributed algorithms, and on game theory to characterize the interactions between actors.

 

The SI3 team designs and develops methods, algorithms and solutions for securing the physical layer of future communications and transmission systems (IoT, Industry of the Future, Space, 5G & Beyond, ...) and also in order to test the standards and systems deployed or to carry out the "reverse engineering" for their institutional partners in defense or regulation. Their areas of interest include: stealthy or low probability of interception communications, security and authentication of communications by radio fingerprinting, smart jamming and self-jamming using Full-Duplex schemes and also secure quantum communications systems.

 

The P4S team works mainly in the field of design and maintenance of systems in which software is central. In this context, their activities are mainly oriented around the quality assurance of the software and the system architecture. For this, the P4S team develops methods and tools in the field of modeling and verification. Thus, it contributes to the field of cybersecurity by:

  • The production of verification tools such as the OBP model checking tool and its use for the verification of security properties of a software in the design phases but also during the life of the software for its maintenance in security condition;
  • The proposal of methods and tools to facilitate the development of obfuscated software, for example by facilitating the composition of obfuscation or by allowing a fine traceability between the obfuscated binary and the source program;
  • The integration of the security approach to design in model engineering and software engineering methods and tools.

Among many possible application domains, their work is mainly focused on critical software for transportation, aeronautics and space and in the context of the industry of the future around the digital twin.

 

The ARCAD team is a multidisciplinary team in electronics and computer science that designs, implements, validates and evaluates hardware architectures and design tools. The team develops work related to the design of secure hardware architectures. The team members propose secure architectures for microcontrollers and embedded processors, cryptographic units, reconfigurable architectures for security and design protections against physical attacks (covert channel attacks and fault injection) and logical attacks (attacks exploiting the microarchitecture, software attacks).

In addition, the ARCAD team develops secure low-level software libraries and tools for the design of secure hardware architectures.

 

Finally, the 2AI team studies hardware security issues in embedded AI systems. Related activities are aimed at technology research for ASIC and FPGA-SoC platforms to democratize sustainable electronic systems. The 2AI team considers secure and low-power platforms as the key features of these systems. Therefore, the goal is to build on their experience to:

  •   Provide design space exploration approaches and tools;
  •   Evaluate and propose low energy techniques;
  •   Characterize the power consumption of hardware and embedded systems.

Finally, it focuses on platforms running AI applications.

Contact : Guy GOGNIAT