Séminaire Systèmes embarqués critiques

Le jeudi 22 février 2018 à Télécom Paris / Barrault. Séminaire entièrement en anglais.
February 22nd, 2018 at 10 a.m. in room B115

The presentations will be given by Jean Leneutre and Benjamin Dauphin. You can find the detailed program with abstracts below.

10h00 – 10h45 : Presentation of Jean Leneutre
10h45 – 11h00 : Coffee break
11h00 – 11h45 : Presentation of Benjamin Dauphin

Towards a strategic approach to security based on game theory

Jean Leneutre

Abstract: In the recent years, a large number of works have proposed to use game theory as a decision support framework for security. Problems tackled in these works include:
– how to optimize the allocation of security resources?
– how to configure in an optimal way protection or monitoring
– how to select the best security response to an incident?

Along this line of research, we will present in this talk a recent contribution related to the integrity and availability of outsourced data. A Service Level Agreement (SLA) is usually signed between the Cloud Provider and the customer. For redundancy purposes, it is important to verify the Cloud Provider’s compliance with data backup requirements in the SLA. There exists a number of security mechanisms to check the integrity and availability of outsourced data. This task can be performed by the customer or be delegated to an independent entity that we will refer to as the Verifier. However, checking the availability of data introduces extra costs, which can discourage the customer of performing data verification too often. The interaction between the Verifier and the Cloud provider can be captured using game theory in order to find an optimal data verification strategy. We formulate this problem as a two player non-cooperative one-shot game. We consider the case in which each type of data is replicated a number of times that can depend on a set of parameters including, among others, its size and sensitivity. We analyze the strategies of the cloud provider and the verifier at the Nash Equilibrium and derive the expected behavior of both players. We also consider a second formulation of the problem as a Stackelberg game in which there are a leader and a follower. While, providing some valuable insights for decision making in security, these models based on game theory are not without limitations, in particular regarding the high level of abstraction that it implies.  In a second part of the talk, we will discuss these limitations, and propose future research directions to improve the applicability of game theoretic approaches to security.

Automating the Measurements and Identifying Power MOSFET Devices

Benjamin Dauphin (LabSoc team)

Power MOSFET devices are a primary component of power converters, and so are widely used in electronic systems. This widespread usage makes the study of the devices an important domain.  Understanding the way these devices function enables to design more performant systems. Also, due to their extensive use, ensuring the security of embedded system involves ensuring the authenticity of the power MOSFET devices they contain. The authenticity must be ensured because a refurbished or a counterfeit device could affect performances and/or security of critical systems such as automobiles.

To achieve device authentication we:
– Designed an automatic measurement system to measure more easily the devices, and
– Used Machine Learning on the measurement curves obtained in order to identify devices