Activez les alertes d’offres d’emploi par e-mail !
Preuve d'équivalence fonctionnelle de programmes binaires pour la cyber-sécurité / Proof of Fun[...]
Université Grenoble Alpes
France
Sur place
EUR 40 000 - 60 000
Plein temps
Générez un CV personnalisé en quelques minutes
Décrochez un entretien et gagnez plus. En savoir plus
Résumé du poste
A French research university is offering a fully funded Ph.D. position in cybersecurity focusing on embedded systems. The candidate will work on formal verification of software counter-measures against physical attacks, utilizing tools like BINSEC and COGITO. The research will occur in a multidisciplinary environment aiming to demonstrate functional correctness in optimized programs. Expected start date is October 1, 2024.
Prestations
Qualifications
- Strong background in cyber-security, especially in embedded systems.
- Experience in software development using C or C++.
- Familiarity with formal verification methods.
Responsabilités
- Conduct research on software counter-measures against physical attacks.
- Develop sound symbolic reasoning methods integrated into the BINSEC platform.
- Collaborate with multidisciplinary teams in cybersecurity and embedded software.
Formation
Outils
cf. summary in english.
This Ph.D. thesis takes place in the general context of cyber-security in embedded systems. The research background of this thesis is tied to the automatic application of counter-measures against so-called physical attacks: observation attacks (side-channel attacks\autocite{MangardPoweranalysisattacks2007}) and perturbation attacks (fault-injection attacks\autocite{BreierAutomatedMethodsCryptographic2019}).
The goal of this thesis is to bring new formal guarantees about the functional correctness of the secured programs, i.e., that non-functional changes (application of counter-measures) do not alter the functional behaviour of the original program.
The work will be structured around the two following research tools:
- BINSEC\autocite{CEAListBINSEC2023}, an open-source platform for automatic reasoning on safety and security properties at the binary level (e.g., \autocite{DanielBinsecRelEfficient2020});
- COGITO, a compiler toolchain based on LLVM for automated application of software counter-measures against physical attacks (e.g., \autocite{Maskara2020,MorelCodepolymorphismmeets2021}).
We seek to formally demonstrate that an optimized and hardened binary program is functionally equivalent to the original, non-hardened one. To do so, we aim to develop a sound and exhaustive symbolic reasoning supported by and integrated in the BINSEC platform. The work will consider COGITO counter-measures of incremental complexity with respect to the research objectives.
You will be hosted at the CEA in Saclay or Grenoble, in a multidisciplinary environment including experts in embedded software, cyber-security, hardware design, and machine learning. Stays at the DILS at the CEA in Saclay will be planned throughout the three years of the thesis to collaborate with experts and developers of BINSEC.
The position is fully funded.
Début de la thèse : 01/10/2024
WEB : https://binsec.github.io/
Funding category:
Autres financements
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
