Cyrus is structured around seven themes :
Validity and reliability of information in the cyberspace: Security systems and components often make assumptions about data and metadata, particularly those used in security decision-making processes (authentication, access and flow control, intrusion detection, risk analysis, etc.). However, it is important to ensure explicitly that these assumptions are verifiable: vulnerabilities frequently arise implicit assumptions about data that can be exploited if an attacker succeeds in corrupting them. The research work under this theme aimed at defining a methodology and a logical reasoning engine for determining the origin and validity of information made available on the Web from any non-trustworthy source or using untrustworthy paths.
Technical urbanization of cybersecurity: The research work related to this theme, on the one hand is about designing cybersecurity zones in the technical view of a the Information System (IS) urbanization during the definition activities of the IS life cycle. And on the other hand, the formal definition of the assistance to both the developer to design an application architecture and to the operator to test the technical response to cybersecurity requirements. This research work is based, in particular, on urbanization strategies of the IS, architectures of the enterprise, meta-modeling and model engineering.
Personal data - privacy and cyber security: Outsourced or open data often include identifiable and sensitive or potentially sensitive information that is no longer under the control of its owners. Data confidentiality and integrity are no longer guaranteed. Research carried out under this theme deals with ways to ensure that sensitive data remain adequately protected and that moral or physical owners keep control over the access to and use of such data while allowing easy investigations for the needs of cyber protection, cyber defense and cyber crime.
Cybersecurity policy: The work focuses on revising policies and security models (access control, use control and flow control) of software, hardware or physical systems to take into account technological advances, new systems targeted by cyber attacks and adapt them to the context of cyber security.
It is also about managing the proof of the cyber security properties that these new policies and models are supposed to guarantee as well as their deployments in complex and heterogeneous systems and systems of systems like industrial systems.
Cyber intrusion detection and responses:The work carried out on this theme is of two types. The first category aims to provide new intrusion detection solutions able of detecting new zero-day attacks, including real-time analysis. Innovative means are used to achieve the aforementioned objectives (like extend existing anomaly detection solutions to exploit large-scale data from heterogeneous sources, search for weak signals which can be assimilated to new attacks or to atypical attacks that are difficult to detect by the usual means, etc.
The second category focuses on remediation and response to intrusions. This includes identifying methodologies and functions for risk estimation and return on investment in responses and developing decision support tools for cyber attack management and maintenance of normal operating conditions(ensuring cyber resilience).
Cyber security of embedded systems and connected objects: the main topics tackled here are (a) memory protection using physical isolation ot the applications, (b) network on chip (NOC): fundamental questions addressed concern the guarantee of the flow of information, the absence of data leakage, the confidentiality and integrity of data, the setting up of security perimeters and the updating of security policies, (c) hardware acceleration, (d) securing wireless networks in particular in industriel system environments and (e) security of android operating system and applications.
Radiofrequency and electromagnetic hardware for cyber security: The research work under this theme deal with (a) surveillance, through physiological sensors and actuators, (b) electromagnetic mask shielding solution, (c) identification interface secured solutions for access to mobile terminals and (d) textile and multimaterial shielding solutions for the EM protection of people and weared equipment.