SECUREVAL (2022-2028) funded by ANR (PEPR security)
The security assessment of digital systems relies on compliance and vulnerability analyses to provide recognized cybersecurity assurances. The SECUREVAL project of PEPR Cybersecurity aims to design new tools around new digital technologies to verify the absence of hardware and software vulnerabilities and achieve the required compliance proofs. These developments are based on a double approach, first theoretical and founded on the French school of symbolic reasoning, then applied and anchored in the practice of tool development and security assessment techniques. In addition, by exploring new techniques for security assessments, this project will also allow France to remain at the top of the world in assessment capabilities by anticipating the evolution of international certification schemes. Within this project’s framework, our contribution concerns tasks 4.4 Formal analysis and models at the software-hardware boundary (led by Guillaume Hiet) and 3.2 Vulnerability analysis tools in binary codes (led by Frédéric Tronel). Two Ph.D. and one postdoc funded by this project will start between 2023 and 2025.
TrustGW (2022-2025) – funded by ANR
In the ANR TrustGW project, we consider a system composed of IoT objects connected to a gateway. This gateway is, in turn, connected to one or more cloud servers. The architecture of the gateway, which is at the heart of the project, is heterogeneous (software/hardware), composed of a baseband processor, an application processor, and hardware accelerators implemented on an FPGA. A hypervisor allows the sharing of these resources and their allocation to different virtual machines. TrustGW is a collaborative project between the ARCAD team from Lab-STICC, the ASIC team from IETR, and the SUSHI team from IRISA. The project addresses three main challenges: (1) to define a heterogeneous, dynamically configurable, and trusted gateway architecture, (2) to propose a trusted hypervisor allowing the deployment of virtual machines on a heterogeneous software-hardware architecture with virtualization of the whole resources, and (3) to secure the applications running on the gateway. Within this project’s framework, our contribution focuses mainly on the last challenge, particularly through the Ph.D. of Lionel Hemmerlé (2022-2025). Guillaume Hiet is the director of this Ph.D., co-supervised by Guillaume Hiet, Frédéric Tronel, Pierre Wilke, and Jean-Christophe Prévotet. We will also explore hardware-assisted DIFT approaches for hybrid applications, which offload part of their computation to an FPGA.
SCRATCHS (2021-2024) – funded by Labex CominLabs
SCRATCHS is a collaboration between researchers in the fields of formal methods (EPICURE, Inria Rennes), security (SUSHI, CentraleSupélec Rennes), and hardware design (Lab-STICC).
Our goal is to co-design a RISC-V processor and a compiler toolchain to ensure by construction that a security-sensitive code is immune to timing side-channel attacks while running at maximal
speed. We claim that co-design is essential for end-to-end security: cooperation between the compiler and hardware is necessary to avoid time leaks due to the micro-architecture with minimal overhead. In the context of this project, Guillaume Hiet is the director of the Ph.D. of Jean-Loup Hatchikian-Houdot, co-supervised by Guillaume Hiet, Pierre Wilke, and Frédéric Besson on security-enhancing compilation against side-channel attacks.
ATTILA (2022-2025 – funded by ANR (JCJC)
ATTILA tackles the interplay between security and Approximate Computing (AxC) in the context of DNN accelerators security. In particular, it studies the threats posed to such accelerators when built using AxC techniques. We build on the hypothesis of hidden side-channel vulnerabilities that might be due to AxC and on the possibility of leveraging AxC itself to build countermeasures.
Specifically, the objectives are:
(1) to study power/EM side-channel vulnerabilities of approximate DNN accelerators and the impact of AxC on leakage behavior and SCA resistance;
(2) to build more secure implementations leveraging on DSE and Pareto fronts to facilitate trading-off SCA resistance with inference quality for different approximations;
(3) to evaluate AxC and intelligent run-time managers as countermeasures that enable self-adaptation through the Pareto front and beyond to render SCA attacks more difficult;
and (4) to extend current SCA practices for DNN implementations towards more powerful ML-based techniques.
Rubén Salvador is the PI of ATTILA, which runs in collaboration with the ASIC team from IETR.
The project employs 1 Ph.D. student directed by Jean-Christophe Prévotet (INSA Rennes/IETR) and co-supervised by Rubén Salvador, Maria Mendez Real (Polytech Nantes/IETR), and Jean-Christophe Prévotet.
SIS Lab (2021) – funded by Rennes Métropole (Allocation d’Installation Scientifique)
SIS Lab (Secure Intelligent Systems Laboratory) is a scientific installation grant (40k€) from Rennes Métropole to Rubén Salvador. The objective is to help kickstart his research activities on secure, intelligent computing systems by contributing to funding a hardware security laboratory at CentraleSupélec for EM/power side-channel analysis. It consists mainly of a motorized x-y-z table, EM probes, workstations with GPU for data analysis, and different target boards, among other laboratory equipment. This lab should form the basis for future research in the team around the security of emerging computing paradigms like NMC/IMC. This research lab is open to other researchers, including IETR, where Rubén Salvador was associated when he got this grant.
