Hardware/software cybersecurity of embedded systems

The French Alternative Energies and Atomic Energy Commission (CEA) is a key player in research, development and innovation in four main areas: defense and security, nuclear and renewable energies, technological research for industry, fundamental research in the physical sciences and life sciences. One of three institutes that comprise CEA Tech, the List institute is committed to technological innovation in digital systems.

Within the DSCIN department of CEA List, a technological research team develops a pre-silicon methodology and tools to analysis the security of embedded systems against fault-injection attacks.

Context: Fault injection allows an attacker to move the target processor out of its expected functioning bounds. A hardware perturbation, by means of a fault injection, aims at inducing logical changes either at the hardware or software levels, such that the target system reaches unexpected states or follows unexpected execution paths. Reaching such unexpected states is then leveraged in attacks for leaking secrets, escalating privileges, etc. Recent research has highlighted the need to consider the consequences of fault injection in the processor micro-architecture.

In this area, pre-silicon tools developed by our team [1,2] are able to: 1) identify exploitable vulnerabilities at the software level based on these interactions between a software and a microarchitecture, or 2) formally prove the security, for a given attacker model, of a system embedding hardware/software countermeasures against fault injections. Gobally, these tools implement a methodology that have shown to be successful to find microarchitectural vulnerabilities and/or prove the robustness, for a given fault model, of various RISC-V based processors [3]. For instance, we apply this methodology to the OpenTitan secure element and formally prove the security of its processor’s HW countermeasure to single bit-flip injections [4].

Objectives: Within a national research project promoting the use of pre-silicon tools to validate countermeasures against fault-injection attacks, your main missions will be:

• Design and extend our pre-silicon methodology and associated tools to support different secured processors. In particular, leverage the specificities of the countermeasures embedded by such secured processors to speedup analysis techniques, but also integrate in our methodology and tools post-synthesis netlist level analyses of hardware architectures.
• Participate in the comparison between the use of pre-silicon tools and post-silicon security evaluations on different RISC-V based systems (flavors of CV32E40 processors) using different injection means (clock glitching and/or laser beams). You will take advantage of a rich national and european eco-system and expertise around security evaluations of embedded systems

To carry out your mission, you will benefit from a first-class environment at CEA LIST with access to a large number of reference tools and a strong experience in design and analysis of secure systems, in particular against fault-injection attacks and applied formal methods for microarchitectural analyses.

References

[1] µArchiFI: https://github.com/CEA-LIST/uArchiFI

[2] k-FRP: https://github.com/CEA-LIST/Fault-Resistant-Partitioning

[3] S. Tollec et al. μArchiIFI: Formal Modeling and Verification Strategies for Microarchitectural Fault Injections. FMCAD 2023: 101-109

[4] S. Tollec et al.. Fault-Resistant Partitioning of Secure CPUs for System Co-Verification against Faults. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2024(4): 179-204 (2024) 

You have a PhD or a Engineer’s degree in the field of electronics or embedded systems. You have experience in computer architecture and/or hardware synthesis and/or formal methods for hardware verification. You enjoy working in an applied research environment at the state of the art and proposing innovations and various application areas.

You have acquired the following technical skills:

• Knowledge in: computer architecture, programming languages, formal methods, cyber-security;
• Hardware description languages (e.g., Verilog) programming languages (C, C++ and ASM), scripting;
• Excellent written and spoken English;
• Communication and writing skills;
• Teamwork and autonomy.

 
Location: Saclay (near Paris) or Grenoble