PhD offer in Embedded Systems Cybersecurity
PhD offer in Embedded Systems Cybersecurity
“Mitigating coupled information leakages in mixed-signal reconfigurable SoCs”
Scientific and Technical Context
Cybersecurity has become one of the major concerns in all types of systems, from data centers to edge computing to Internet of Things. Cybersecurity is concerned with different types of system’s vulnerabilities that are exposed to attackers. Depending on the attacker’s objectives, confidentiality, integrity and availability of the system can be jeopardized. In this context, the proposed PhD topic focuses on the confidentiality of embedded systems, i.e., on preventing the leakage of data that could be intercepted by an attacker. In today’s embedded systems, Side Channel Attacks (SCA) constitute one of the most critical vulnerabilities. Side channels lead to a risk of leaks of sensitive and unencrypted data, known as "red" data, from an information system; the non-sensitive or encrypted data being qualified as "black". SCAs are non-invasive (and often non-detectable) methods that can retrieve red data from a system by exploiting indirect sources of physical information leaked from the device, which include, among others, power consumption, timing variations and electromagnetic radiations. When trying to access red data, an attacker can exploit any computation-related physical phenomenon and work on recovering data from its correlation to computational activity.
The trend towards more heterogeneous computing platforms has led to physically close mixed-signal devices combining digital processing and radio modules (transceivers, RF data converters). The coupling of digital computation noise in these devices flows to the analogue part of the chip and is amplified and transmitted by the antenna, making SCA attacks succeed at increasingly larger distances. One recent instance of this issue is the Screaming Channels project (http://s3.eurecom.fr/tools/screaming_channels/), which shows how attacks to recover AES keys over WiFi and Bluetooth mixed-signal chips are possible at distances of up to 10m.
The information leaked by a digital circuit depends on its physical structure, which produces a certain transistor switching activity that results from the computation over red data. Hence, a circuit’s architecture, specifically its low-level implementation, is ultimately responsible of its security, as it plays a key linking role mapping inputs to outputs. Looking at an FPGA based cryptographic system, this context opens many research questions. Can we find ways to minimize the resulting correlation (between leaked traces and red data) by building different architectures and physical implementations of functionally equivalent circuits? Can we devise models that turn secure circuit architecture design into an optimization problem, maximizing security? Can we apply these methodologies and techniques to mitigate the new threats in mixed-signal reconfigurable platforms?
To the best of our knowledge no work has yet tackled the approach considered here, consisting of: (1) understanding the relation between a given architecture implementation with its resulting degree of security (resistance to attacks); (2) building functionally equivalent architectures with different implementations and expected levels of security; (3) understanding the effects on threats of new mixed-signal reconfigurable platforms and building countermeasures. This PhD focuses on understanding how the architecture of cryptographic primitives affect confidentiality. We will investigate methodologies and metrics to rank systems’ security. With this evaluation methodology, we will look into how such a circuit diversification in architectures and physical implementations of FPGA crypto-circuits helps building inherently more secure circuits.
Come work with us!!
This PhD thesis is for you if: you like participating in innovative projects with high expected impact; you like hardware design, systems programming and security; you are passionate about research; you wonder why things are the way they are and want to go further and improve them; you have initiative to propose and defend your own ideas; you are a proud computer geek.
CentraleSupélec has a long, established tradition of excellence in Cybersecurity. It is a great place to do your PhD at the IETR CNRS-affiliated laboratory. Come join us and benefit from a great international working environment in Rennes, a vibrant city with great surroundings and a world-class research and innovation pole. You will be supported by the combined experience of two complimentary research groups in two leading engineering schools with an active international network that can boost your career in research or industry.
- Hosting laboratory: IETR (Institute of Electronics and Telecommunications of Rennes)
- Hosting institutions: CentraleSupélec, Rennes Campus and INSA de Rennes
- Research groups: SCEE (Signals, Communications and Embedded Electronics) and VAADER (Video Analysis and Architecture Design for Embedded Resources)
- Social security coverage
- Subsidized meals
- Partial reimbursement of public transport costs
- Support with accommodation (facilities available at the campus)
- Access to vocational training
- Social, cultural and sports events and activities
Starting date: Fall 2020 (duration of PhD contract is 3 years).
Master degree in Computer/Electrical Engineering, Embedded Systems, Electronics, Computer Science or related areas
You can demonstrate a strong background in most of the following topics:
- Digital design with VHDL/Verilog
- Reconfigurable computing, FPGAs & design tools
- Embedded systems architectures
- Hardware security
Other interesting skills you might have are:
- Programming in C/C++, Python
- Use of Linux/Git as development environment
- (Implementation of) Cryptographic algorithms
Language and interpersonal skills:
- You are able to speak, write and read English with a very good level. French language is not required, although you will benefit from learning it during your PhD.
- Open-mindedness, strong integration skills and team spirit.
Please do not hesitate to contact us if you are not sure if your experience could match the profile.
How to apply
Please send us:
- Your CV along with your transcripts
- A motivational text
- Any additional documents/links that you think can show your experience
Candidates with the required background will be invited to have an interview over Skype.
Application deadline: mid-March 2020.
Rubén SALVADOR: email@example.com
Amor NAFKHA: firstname.lastname@example.org
Maxime PELCAT: Maxime.Pelcat@insa-rennes.fr
Apply for PhD offer in Embedded Systems Cybersecurity
Already uploaded your resume? Sign in to apply instantly