Design and Analysis of Side-Channel Feedback for Vulnerability Discovery
Fuzzing is a dynamic testing technique that enables vulnerabilities to be discovered very efficiently. Hundreds or even thousands of vulnerabilities are detected (and repaired) every year in the software we use. When we try to transpose the fuzzing approach to embedded systems, we are faced with a number of problems: the source code is not always available, very little information is available about the behaviour of the system at runtime and, finally, it is difficult to detect whether a bug has appeared. For several years now, the LTSO laboratory has been developing state-of-the-art techniques for analysing auxiliary channels, in particular the electromagnetic radiation produced by systems during operation. These measurements make it possible to infer information (data, executed code) about the behaviour of the system in a non-intrusive way. The aim of this thesis is therefore to determine whether these side-channel measurements can be used to improve the fuzzing process on embedded systems. The use of this new source of information also opens the door to the discovery of new classes of vulnerabilities, such as micro-architectural vulnerabilities.
The PhD will take place at CEA Grenoble, within the LETI institute, in a research team dedicated to the study and development of solutions for the security of present and future electronic systems (http://www.leti-cea.com/cea-tech/leti/english/Pages/Applied-Research/Facilities/cyber-security-platform.aspx).
Translated with www.DeepL.com/Translator (free version)
Linearisation of optical micro-sources for communications
Would you like to play a part in the future of optical transmission for high-speed communications? This PhD will play a key role, focusing on performance and energy efficiency, with a particular focus on encouraging the emergence of optical solutions with low carbon costs and low dependence on rare materials.
The field of non-coherent optical communications on LEDs has been booming in recent years, notably due to the advantages that GaN and organic microLEDs can bring in terms of high data rate ([1-2], http://www.youtube.com/watch?v=9kfNgPBuUpk), energy efficiency and hybrid integration for recent and varied applications such as LiFi, communications on fibre (data centres, etc.) or on waveguide (chip-to-chip). However, on one hand these sources require delicate optimisation of the waveform parameters due to their multi-factorial and complex frequency behaviour, and on the other hand they impose non-linearities and memory effects that limit performance and can be similar to the phenomena introduced by power amplifiers in conventional RF systems, albeit with their own specific features. Over the last ten years or so, studies have attempted to compensate for these non-linearities by using models with different trade-offs between complexity and modelling accuracy, with validations on commercial macro-LEDs. In addition, microLEDs such as those developed at the CEA (http://www.leti-cea.fr/cea-tech/leti/Pages/actualites/News/debit-lifi-un-nouveau-record-telecommunication-et-objets-communicants.aspx) have recently come to the fore in certain areas of research, thanks to their high bandwidth and high integration, but with specific HF behaviour and memory effects increased by a modulation band exceeding one gigahertz.
The thesis will first study solutions for optimising the configuration of multicarrier waveforms based on the specific characteristics of optical microsources (inverse dependence of efficiency and bandwidth on polarisation). Secondly, non-linearity compensation algorithms will be implemented on this type of optical source in an attempt to improve transmission rates or distances, based on complexity/performance trade-offs. Hardware validations of the digital solutions developed will be carried out on micro-sources implemented in instrumented transmission benches, enabling a real-time demonstration of the innovations produced during the thesis.
You will be part of a dynamic team working on a wide range of research topics relating to signal processing, protocols and implementation platforms. We are looking for a candidate with a background in digital communications, signal processing and optoelectronics, who is genuinely motivated to work on a multidisciplinary subject (waveforms, algorithms, modelling, simulations and hardware implementation).
We will offer you a unique research environment dedicated to ambitious projects that address today's major societal challenges, experience at the cutting edge of innovation (strong potential for industrial development) and exceptional experimental resources, leading to real career opportunities in R&D at the end of your thesis.
Come and join us, develop your skills and acquire new ones! To apply, please email your CV directly to luc.maret@cea.fr
[1] M. N. Munshi, L. Maret, B. Racine, A. P. A. Fischer, M. Chakaroun and N. Loganathan, "2.85-Gb/s Organic Light Communication With a 459-MHz Micro-OLED," in IEEE Photonics Technology Letters, vol. 35, no. 24, pp. 1399-1402, 15 Dec.15, 2023, doi: 10.1109/LPT.2023.3327612.
[2] L. Maret et al., « Ultra-High Speed Optical Wireless Communications with gallium-nitride microLED », Photonics West, SPIE OPTO, Light-Emiting Devices, Materials and Application 2021
Environmental monitoring of pollutant dispersion: optimal placement of mobile sensors
Do you feel concerned by environmental pollution issues? This research will enable optimal deployment of mobile sensors for monitoring air quality in urban environments. Complex urban geometries [1] and dynamic pollutant dispersion scenarios are the scientific challenges to be met in order to better estimate local air pollution, identify sources and anticipate exposure peaks.
Our previous research has focused on the identification of pollution sources, neglecting the critical aspect of sensor placement [2]. For partial differential equation models, promising approaches based on the structural property of observability of dynamical systems have been proposed [3]. A generic two-stage approach will be studied in the thesis: the development of an infinite-dimensional variational approach for an advection-diffusion model, followed by the finite-dimensional implementation. The results of this thesis will include new sensor placement strategies, quantitative evaluation results in simulation under realistic conditions on a city district in Grenoble and/or Paris, and an in-depth understanding of how Physics-Informed Machine Learning (PIML) [4] can improve air quality monitoring in urban areas, both in 2D and 3D.
CEA-Grenoble (http://www.youtube.com/watch?v=bCIcNJOzYZY) employs over 2,500 researchers and technicians on a 64-hectare campus in the foothills. The activities of our lab focus on sensor signal fusion through studies in signal and information processing, artificial intelligence, and embedded algorithms, and brings together some twenty experienced research engineers and students from Master 2 to post-doctorate. To join our team, we are looking for a candidate with an applied mathematics profile, a taste for physical models and numerical methods, and good writing skills. You will be co-supervised by Prof. Didier Georges of GIPSA-Lab at Grenoble- Alps University (UGA)(http://scholar.google.fr/citations?user=oF1ahtcAAAAJ&hl=fr). You will also have access to scientific databases, a computing cluster with GPUs and will be trained in the use of a state-of-the-art atmospheric dispersion simulator: Parallel Micro-Swift-Spray co-developed at CEA. Remuneration will be around €2400 (gross) per month during the three years of the thesis. Join us in a unique research environment dedicated to ambitious projects that address today's major societal challenges.
[1] M. Mendil, S. Leirens, P. Armand, C. Duchenne, “Hazardous atmospheric dispersion in urban areas: A Deep Learning approach for emergency pollution forecast”, Environmental Modelling & Software, Volume 152, 2022
[2] R. Lopez-Ferber, D. Georges, S. Leirens, “Fast Estimation of Pollution Sources in Urban Areas Using a 3D LS-RBF-FD Approach”, submitted to the European Control Conference 2024
[3] D. Georges, “Optimal Location of Mobile Sensors for Environmental Monitoring”, European Control Conference (ECC), July 17-19, 2013, Zürich, Switzerland
[4] M. Raissi, P. Perdikaris, and G. E. Karniadakis. Physics-informed neural networks: A deep learning
framework for solving forward and inverse problems involving nonlinear partial differential equations. Journal of Computational physics, 378 :686–707, 2019.
Exploring the Future of Satellite Communications: Dual-Band Electronically Reconfigurable Flat Lens Antennas with Ultra-Wide Scan Range
CEA Leti offers a PhD topic to develop new electronically scanning antennas for efficient data transmission in satellite communications (Satcom). Novel efficient electronically scanning antennas are essential for future satellite communications (Satcom). Electronically reconfigurable flat lens antennas, also known as transmitarrays, are a promising architecture to achieve high scanning performance. Each element of the flat lens introduces an optimized phase shift on the impinging wave emitted by a primary source, to steer and shape the radiation pattern. The phase profile over the lens can be dynamically modified by adding reconfigurable devices in the cells, such as switches (e.g. pin diodes) or varactors. Compared to phased arrays, these antennas attain high-gain beam-steering with a significantly lower power consumption and architectural complexity.
The Ph.D. work aims to propose and experimentally demonstrate novel concepts and design methods for wideband/multi-band electronically beam-steering flat lens antennas. The main research goals are:
. Study of new approaches for designing unit cells with broad radiation patterns, stable performance under oblique incidence and wideband/multiband operation.
. Electrically thin subwavelength cells and Huygens’ radiating elements will be investigated to tailor the angular and frequency response of the cell.
. Novel design solutions to enable a fine electronic control of the phase shift introduced by the cells. Multilayer cells comprising either pin diodes or varactors, or a combination of both, will be analyzed. The trade-offs between phase resolution, bandwidth, power consumption, number of reconfigurable devices and bias lines, will be studied.
. Development of dedicated synthesis procedures to enable the independent control and shaping of the radiation pattern at two or multiple frequencies.
. Experimental demonstration of high-gain dual-band fixed-beam and electronically 2-D beam-steering prototypes achieving extremely wide scan ranges (±60° or greater). The demonstratators will be optimized to work in typical Satcom bands (e.g. around 20 GHz and 30 GHz).