Projects and Partners

Our team is/was involved in several networks

European :

National :

Regional :

 

ANR-Archi-SecMicro-Architectural Security

Funding: ANR AAP Générique 2019
42-month project (2019-2023)

Attacks exploiting micro-architectural vulnerabilities, such as Meltdown, Spectre, Rowhammer etc, are on the rise. Modern day SoCs see an increase in complex design features, such as Branch Prediction, Out-of-Order execution, Cache coherency protocols, integrated GPUs/FPGAs, new non volatile memories. The security aspect of these new architectures and technologies remain under-studied. This project aims at modeling the architectural problems with a virtual platform based on gem5. it will be used for penetration testing, evaluate the performance cost of countermeasures, anticipate new attacks and propose protections. These latter are validated on platforms based on ARM and RISC-V processors. The major impact of this project will be through the creation of a community around our virtual platform.

Partners

  • Telecom ParisTech (Coordinateur)
  • Université Jean Monnet, Lab. H. Curien
  • Université de Montpellier, LIRMM
  • CNRS, IRISA,
  • Secure-IC

Contact
lilian.bossuet (at) univ-st-etienne.fr

VASOCVers l’Audit de Sécurité des Objets Connectés

2017,2021

Fundings : Projet région AURA appel à projet 2017
40-month project (2017/2021)
Web site: https://vasoc.limos.fr/

The VASOC project aims to raise awareness and education about the security of Internet of Things (IoT) or smart objects. Its objective is to help companies to set up internal audits thanks to a knowledge base and suitable tools.
It should results in the creation of a reference group from academia and industry in the Auvergne Rhône-Alpes region dealing with this subject. This group can help companies in their security process.

Partners

  • LIMOS Université d’Auvergne (Coord.)
  • Lab. H. Curien
  • Object-As-A-Service
  • Agaetis
  • Openium
  • Braincube
  • Elkya
  • Les Mowdoo

Contact
lilian.bossuet (at) univ-st-etienne.fr

Safe-AirSafety Evaluation of Aircraft Systems using Virtual Platforms

2017,20212

Fundings : Projet région AURA appel à projet 2017
40-month project (2017/2021)

Confronted  with  increasingly  stringent  requirements  for  certification  in  operational  safety, companies in the field of transport are looking for new methods to assess the robustness of complex digital integrated systems. In particular, our industrial partners in this project, THALES Valence and AEDvices consulting, are interested in the robustness of flight systems used in aeronautics. Integrated systems, due to the evolution of technologies, are increasingly sensitive to disturbances caused, for example, by atmospheric particles. Beyond aeronautical systems and transport systems in general (automotive, railway, etc.), the results of this project concern all the integrated systems used in critical applications: energy generation systems (nuclear power plant), medical implants...  
The aim of the project is to propose a new approach to allow a more precise evaluation of the level of robustness of critical complex digital systems very early in development.

Partners 

  • INP Grenoble LCIS (Coord.)
  • INP Grenoble TIMA
  • Lab. H. Curien
  • THALES Avionics
  • AEDvices consulting

Contact
lilian.bossuet (at) univ-st-etienne.fr

FUI-PILASProcédés d’injection laser avancés pour analyses sécuritaires

Funding: 22nd FUI – Route des lasers, MINALOGIC and SCS labels
36-month project (2017-2020)

The PILAS project plans to develop a system and methodology of advanced laser fault injection, enabling security evaluators to improve their capabilities to identify and exploit new attack scenarios. This process will be applied to different hardware and software component to validate its efficiency and improve its performance. 

Partners

  • Sagem Identity & Security (Coordinator)
  • STMicroelectronics
  • Université Jean Monnet, Lab. H. Curien
  • Alphanov
  • Serma Safety & Security

Contact
lilian.bossuet (at) univ-st-etienne.fr

Convention DGAEtude sur les techniques de mesure embarquée du jitter et leurs implantations dans les circuits électroniques.

2016,2019

Fundings: convention de subvention DGA
48-month project (2016-2019)

The main objective of the project is to study and propose precise modeling of noise sources inside electronic devices and the digital processing of noisy signals in order to propose a stochastic model for different types of P-TRNG principles. The main objective is to give an estimation of the entropy rate per bit.
After studying existing models and/or new proposals, we expect to propose measurement methods and embedded tests, as close as possible to the entropy source, to guarantee that the generated entropy per bit is sufficient.
One very important part of this work is to propose digital simulations of P-TRNG principle that can be used, knowing the characteristics of an input jitter, to find back these characteristics with the proposed measurement methods and/or embedded tests.

Partners

  • Université Jean Monnet, Lab. H. Curien
  • Direction générale de l'armement, Bruz

Contact
florent.bernard (at) univ-st-etienne.fr

H2020-HECTORHardware Enable CrypTO and Randomness

2015,2018

Funding: European H2020 project
36-month project (2015-2018)
Web site: https://hector-project.eu/

It is commonly accepted that the way cryptographic algorithms are implemented in hardware is at least as important as their mathematical robustness. Side-channel-attacks and hardware-attacks in general represent the most severe threats to modern cryptographic systems. This tension between mathematical security, implementation security and efficiency is addressed by the HECTOR project. HECTOR consortium pursues a hardware-aware approach for the design of efficient and secure-by-design random number generators (RNGs), Physically Uncloneable Functions (PUFs) and Cryptographic primitives. This will enable demonstrating practical security levels, easier and faster certification and more efficient and globally competitive implementations.

Partners

  • Technikon, Austria (Coordinator)
  • Université Jean Monnet – Lab. H. Curien, France
  • Katholieke Universiteit Leuven, Belgium
  • Technical University of Graz, Austria
  • Thales Communications & Security SAS, France
  • STMicroelectronics SAS, France
  • STMicroelectronics SRL, Italia
  • Micronic a.s., Slovaquia
  • Brigtshight BV, Netherlands

Contact
fischer (at) univ-st-etienne.fr

FUI-TEEVATrusted Execution EVAluation

2015,20182

Funding: 20th FUI – SCS label
36-month project (2015-2018)

The TEEVA plans to evaluate the security of a trust execution environment (TEE) and then to compare this solution with white-box cryptography.

Partners

  • GEMALTO (Coordinator),
  • Université Jean Monnet, Lab. H. Curien
  • Université Montpellier, LIRMM
  • Ecoles des Mines de Saint-Etienne
  • Trustonic
  • PhoneSec

Contact
lilian.bossuet (at) univ-st-etienne.fr

ETAMACEtude d’attaques matérielles et combinées (logicielles-matérielles) sur des processeurs embarqués pour l’amélioration de la sécurité des applications mobiles communicantes

Fundings: ANRT (these CIfre) - GEMALTO
36-month project (2014-2017)

Partners

  • Université Jean Monnet, Lab. H. Curien
  • GEMALTO

Contact
lilian.bossuet (at) univ-st-etienne.fr

OTAN-SIPQCSecure Implementation of Post-Quantum Cryptography

2013,2016

Fundings : NATO Project SPS (Science for Peace and Security Program)
36-month project (2013/2016)
Web site: http://old2.re-search.info/overview

This project sets out to identify secure parameter sets and implementations for asymmetric encryption and digital signatures in a post-quantum setting:
•    On the cryptanalytic side, our objective is to identify realistic assumptions and parameter sets that can withstand a well-funded attacker, capable of running dedicated and highly optimized cryptanalytic devices.
•    On the implementation side, our objective is to provide implementations which can withstand common side-channel attacks, including physical (power analysis, electromagnetic analysis, etc.) and software-based (e.g., cache analysis).

Partners

  • Institute of Computer Science and Mathematics, Slovak University of technology (Coord.)
  • Lab. H. Curien
  • School of Computer Science, Tel Aviv University (Israël)
  • Departement of Mathematical Sciences Florida Atlantic University (USA)

Award
This project was awarded by the 2018 NATO SPS Partnership Prize for excellence in cooperation

Contact
fischer (at) univ-st-etienne.fr

ANR-SALWAREConception de matériel salutaire pour lutter contre la contrefaçon et le vol de circuits intégrés

2013,2017

Fundings: ANR JCJC-2013, FRAE, Région Rhône-Alpes – MINALOGIC Label
46-month project (2013-2017)
Web site: http://www.univ-st-etienne.fr/salware/

Fabless semiconductor industries are facing the rise of design costs of integrated circuits. This rise is link to the technology change and the complexity increasing. It follows that integrated circuits have become targets of counterfeiting and theft. The SALWARE project aims to study (theoretically and experimentally) salutary hardware design in order to fight against theft, illegal cloning and counterfeiting of integrated circuits.

Contact
lilian.bossuet (at) univ-st-etienne.fr

ANR-TSUNAMYHardware and software managemenT of data SecUrity iN A ManYcore platform

2013,20172

Funding: ANR INS-2013 – MINALOGIC and Images&Réseaux Labels
46-month project (2013-2017)
Web site: https://www.tsunamy.fr/trac/tsunamy

The TSUNAMY project addresses the problem of secure handling of personal data and privacy in manycore architectures. The economic and social issues are numerous as this type of architecture will be massively deployed in the future both in infrastructure such as "cloud computing" (main purpose of this project) and in most embedded systems constrained in resources and performance. It is essential to address the question of the definition of these architectures in terms of not only performance but also security to ensure adoption of these technologies by end users. Lack of trust will be a hindrance to economic development, the challenges are immense. To propose an efficient and secure solution it is necessary to propose hardware architectures with closely coupling of heterogeneous processing resources (some dedicated to the processing of data in clear and some dedicated for treatment of protected data). It is also necessary to rethink the relationship between software and hardware to ensure a protection in depth. Today these issues are too often neglected resulting in solutions developed at the end of the design cycle. It is essential to provide a breakthrough in these design approaches to provide trusted architectures by building hardware and software. The TSUNAMY project aims to propose a solution of trust building to execute many independent applications in parallel, safely and ensuring respect for the privacy of users.

Partners

  • Université de Bretagne Sud, Lab-STICC (Coordinator)
  • Université Jean Monnet, Lab. H. Curien
  • UPMC, LIP6
  • CEA - LIST

Contact
lilian.bossuet (at) univ-st-etienne.fr