Security Contract Semantics For Fault-Injection Attacks In Embedded Systems H/F CEA
Saclay - 91 CDD- Bac +3, Bac +4
- Bac +5
- Industrie high-tech • Telecom
Les missions du poste
Research Context and Challenge.
Fault-injection attacks exploit hardware perturbations to move a processor into unexpected states or execution paths, potentially exposing secrets or escalating privileges. Recent research has highlighted the need to consider the consequences of fault injection in the processor micro-architecture. In this area, we have developed pre-silicon methodologies and tools [1,2] that have shown to BE successful to find microarchitectural vulnerabilities and/or formally prove the robustness, for a given fault model, of various RISC-V based processors [4]. We have also developed binary-level program analysis methods (BINSEC/ASE) able to efficiently take into account some predefined ISA-level fault injection models [7,8,9]. Yet, a major and common challenge of all these approaches lies in the state space generated by the modeling of processor's behavior executing a sequence of instructions and under a fault model.
Objective.
This CDD or Post-doc position focuses on defining and implementing security contracts [5, 6] for fault-injection attacker models. The proposed security contracts should support a multi-level approach, enabling the design and analysis of hybrid countermeasures, while also bridging fault models derived from experimental characterizations to the software level. They will also BE used to revisit our k-fault-resistant partitioning methodology [4] to analysis multi-fault models within complex systems, such as applications processors, and to help our binary-level code analyzers to handle more generic classes of fault models [7,8,9].
Within the TwinSec research project, your main missions will BE to :
Define a semantics for the use of contracts in the context of fault injection attacks. Potential implementations may involve a domain-specific language or annotations to describe, at the ISA-level, the effects of faults stemming from the microarchitectural level. The model must account for both spatial aspects (defining RTL/netlist-level signals to BE targeted) and temporal aspects (identifying injection time intervals);
Explore how such security contracts can enhance microarchitectural-level analyses, in particular by integrating into fault models information from experimental characterizations of laser injections. In particular, as TwinSec proposes a more realistic attacker model to identify microarchitecture-specific vulnerabilities, microarchitectural analyses could leverage for instance post-layout information;
Investigate the use of security contracts to integrate microarchitectural descriptions into ISA-level analysis tools like Binsec [7,8,9]. The expected outcome is the validation of a multi-level semantics for contracts adapted to the the context of fault injection attacks, ultimately enabling the implementation of an end-to-end analysis tool.
References.
See attached pdf
#CEA-List ; #Post-doc ; #Post-doctorat ; #Researcher ; #LI-CB1 ; #CDD
Nos étapes de recrutement
Les étapes de recrutement peuvent varier selon l’offre à laquelle vous postulez.
-
Dépôt de CV via notre site carrière
-
Préqualification téléphonique
-
Entretiens et évaluation avec manager et RH
-
Négociation salariale et contrat de travail
-
Embauche et intégration
Le profil recherché
The major breakthrough introduced by security contracts will BE the ability to provide formal composable security properties, thus enabling the exploration of binary-level software analyses with RTL or post-synthesis level analyses of secure hardware circuits.
We are seeking a motivated researcher with :
A PhD in computer science, embedded systems, or related fields.
Expertise in fault-injection attacks, formal verification, or microarchitecture security.
Strong programming skills and analytical thinking. Experience with RISC-V processors, ISA-level / binary analysis tools, or domain-specific languages is a plus.
In accordance with the commitments made by the CEA in favor of the integration of people with disabilities, this job is open to everyone.
The TwinSec project is also recruiting a PhD candidate to work on the topic of security contracts for fault-injection attacker models. The Post-doc researcher will participate in the co-supervision of this PhD project and contribute to the development of the methodologies and tools designed by the PhD student.
Raisons de nous rejoindre
-
Télétravail jusqu’à 3 jours par semaine
-
52 jours de congés/RTT
-
Possibilité d’aménagement du temps de travail
-
Formation personnalisée
-
Restauration d’entreprise
-
Offre de transport interne et prise en charge Navigo and co,
-
Mutuelle d’entreprise avantageuse
-
CE (aides vacances, loisirs, frais de garde, scolarité des enfants etc
Bienvenue chez CEA
Le CEA est un acteur majeur de la recherche, au service des citoyens, de l'économie et de l'Etat.
Il apporte des solutions concrètes à leurs besoins dans quatre domaines principaux : transition énergétique, transition numérique, technologies pour la médecine du futur, défense et sécurité sur un socle de recherche fondamentale. Le CEA s'engage depuis plus de 75 ans au service de la souveraineté scientifique, technologique et industrielle de la France et de l'Europe pour un présent et un avenir mieux maîtrisés et plus sûrs.
Implanté au coeur des territoires équipés de très grandes infrastructures de recherche, le CEA dispose d'un large éventail de partenaires académiques et industriels en France, en Europe et à l'international.
Les 20 000 collaboratrices et collaborateurs du CEA partagent trois valeurs fondamentales :
- La conscience des responsabilités
- La coopération
- La curiosité
Créez une alerte
Pour être informé rapidement des nouvelles offres, merci de préciser les critères :
Finalisez votre candidature
sur le site du recruteur
Créez votre compte pour postuler
sur le site du recruteur !
sur le site du recruteur
sur le site du recruteur !
Ces offres pourraient aussi
vous intéresser
Recherches similaires
- Job Ingénieur en informatique industrielle
- Job Industrie
- Job Étampes
- Job Dourdan
- Job Corbeil-Essonnes
- Job Massy
- Job Montgeron
- Job Brétigny-sur-Orge
- Job Les Ulis
- Job Draveil
- Job Milly-la-Forêt
- Job Yerres
- Job Technicien de maintenance industrielle
- Job Peintre industriel
- Job Mécanicien industriel
- Job Préparateur méthode
- Job Ingénieur en méthode et industrialisation
- Entreprises Industrie
- Entreprises Ingénieur en informatique industrielle
- Entreprises Saclay
- Job Numérique
- Job Etat
- Job Europe
- Job Scientifique
- Job Technologies
- CEA Saclay
- CEA Ingénieur en informatique industrielle
{{title}}
{{message}}
{{linkLabel}}