Software support for sparse computation
The performance of computers has become limited by data movement in the fields of AI, HPC and embedded computing. Hardware accelerators do exist to handle data movement in an energy-efficient way, but there is no programming language that allows them to be implemented in the code supporting the calculations.
It's up to the programmer to explicitly configure DMAs and use function calls for data transfers and do program analysis to identify memory bottleneck
In addition, compilers were designed in the 80s, when memories worked at the same frequency as computing cores.
The aim of this thesis will be to integrate into a compiler the ability to perform optimizations based on data transfers.
HW/SW Contracts for Security Analysis Against Fault Injection Attacks on Open-source Processors
This thesis focuses on the cybersecurity of embedded systems, particularly the vulnerability of processors and programs to fault injection attacks. These attacks disrupt the normal functioning of systems, allowing attackers to exploit weaknesses to access sensitive information. Although formal methods have been developed to analyze the robustness of systems, they often limit their analyses to hardware or software separately, overlooking the interaction between the two.
The proposed work aims to formalize hardware/software (HW/SW) contracts specifically for security analysis against fault injection. Building on a hardware partitioning approach, this research seeks to mitigate scalability issues related to the complexity of microarchitecture models. Expected outcomes include the development of techniques and tools for effective security verification of embedded systems, as well as the creation of contracts that facilitate the assessment of compliance for both hardware and software implementations. This approach could also reduce the time-to-market for secure systems.
Cryptographic security of RISC-V processor enclaves with CHERI
CHERI (Capability Hardware Enhanced RISC Instructions) is a solution for securing the processor against spatial and temporal memory leaks by transforming any pointer into a capability that clearly defines the access limits to the data or instructions addressed.
In this thesis, we propose to enrich CHERI and its control-flow integrity capabilities on a RISC-V application processor, by protecting instructions right up to their execution against any type of modification. Secondly, based on authenticated memory encryption, we will study the possibility of using CHERI to define secure enclaves enabling cryptographic isolation between processes. The processor will be modified so that each process is encrypted with its own key and can have a secure life cycle. All keys must be efficiently protected in hardware.
Contact : olivier.savry@cea.fr
Combining over and underapproximation of memory abstractions for low-level code analysis
Rice's theorem stating that no method can automatically tell whether a property of a program is true or not has led to the separation of verification tools into two groups: sound tools operating by over-approximation, such as abstract interpretation, are able to automatically prove that certain properties are true, but are sometimes unable to conclude and produce alarms; conversely, complete tools operating by under-approximation, such as symbolic execution, are able to produce counter-examples, but are unable to demonstrate whether a property is true.
*The general aim of the thesis is to study the combination of sound and complete methods of programanalysis, and in particular static analysis by abstract interpretation and the generation of underapproximated formulae by symbolic execution*.
We are particularly interested in the combination of over- and sub-approximating abstractions, especially for memory. The priority applications envisaged concern the analysis of code at the binary level, as achieved by the combination of the BINSEC and CODEX analysis platforms, so as to automatically discover new security vulnerabilities, or prove their absence.
Portable GPU-based parallel algorithms for nuclear fuel simulation on exascale supercomputers
In a context where the standards of high performance computing (HPC) keep evolving, the design of supercomputers includes always more frequently a growing number of accelerators or graphics processing units (GPUs) that provide the bulk of the computing power in most supercomputers. Due to their architectural departures from CPUs and still-evolving software environments, GPUs pose profound programming challenges. GPUs use massive fine-grained parallelism, and thus programmers must rewrite their algorithms and code in order to effectively utilize the compute power.
CEA has developed PLEIADES, a computing platform devoted to simulating nuclear fuel behavior, from its manufacture all the way to its exploitation in reactors and its storage. PLEIADES can count on an MPI distributed memory parallelization allowing simulations to run on several hundred cores and it meets the needs of CEA's partners EDF and Framatome. Porting PLEIADES to use the most recent computing infrastructures is nevertheless essential. In particular providing a flexible, portable and high-performance solution for simulations on supercomputers equipped with GPUs is of major interest in order to capture ever more complex physics on simulations involving ever larger computational domains.
Within such a context the present thesis aims at developing and evaluating different strategies for porting computational kernels to GPUs and at using dynamic load balancing methods tailored to current and upcoming GPU-based supercomputers. The candidate will rely on the tools developed at CEA such as the thermo-mechanical solver MFEM-MGIS [1,2] or MANTA [3]. The software solutions and parallel algorithms proposed with this thesis will eventually enable large 3D multi-physics modeling calculations of the behavior of fuel rods on supercomputers comprising thousands of computing cores and GPUs.
The candidate will work at the PLEIADES Fuel Scientific Computing Tools Development Laboratory (LDOP) of the department for fuel studies (DEC - IRESNE, CEA Cadarache). They will be brought to evolve in a multidisciplinary team composed of mathematicians, physicists, mechanicians and computer scientists. Ultimately, the contributions of the thesis aim at enriching the computing platform for nuclear fuel simulations PLEIADES.
References :[1] MFEM-MGIS - https://thelfer.github.io/mfem-mgis/[2]; Th. Helfer, G. Latu. « MFEM-MGIS-MFRONT, a HPC mini-application targeting nonlinear thermo-mechanical simulations of nuclear fuels at mesoscale ». IAEA Technical Meeting on the Development and Application of Open-Source Modelling and Simulation Tools for Nuclear Reactors, June 2022, https://conferences.iaea.org/event/247/contributions/20551/attachments/10969/16119/Abstract_Latu.docx, https://conferences.iaea.org/event/247/contributions/20551/attachments/10969/19938/Latu_G_ONCORE.pdf; [3] O. Jamond et al. «MANTA : un code HPC généraliste pour la simulation de problèmes complexes en mécanique », https://hal.science/hal-03688160
Dynamic Assurance Cases for Autonomous Adaptive Systems
Providing assurances that autonomous systems will operate in a safe and secure manner is a prerequisite for their deployment in mission-critical and safety-critical application domains. Typically, assurances are provided in the form of assurance cases, which are auditable and reasoned arguments that a high-level claim (usually concerning safety or other critical properties) is satisfied given a set of evidence concerning the context, design, and implementation of a system. Assurance case development is traditionally an analytic activity, which is carried out off-line prior to system deployment and its validity relies on assumptions/predictions about system behavior (including its interactions with its environment). However, it has been argued that this is not a viable approach for autonomous systems that learn and adapt in operation. The proposed PhD will address the limitations of existing assurance approaches by proposing a new class of security-informed safety assurance techniques that are continually assessing and evolving the safety reasoning, concurrently with the system, to provide through-life safety assurance. That is, safety assurance will be provided not only during initial development and deployment, but also at runtime based on operational data.
Assisted generation of complex computational kernels in solid mechanics
The behavior laws used in numerical simulations describe the physical characteristics of simulated materials. As our understanding of these materials evolves, the complexity of these laws increases. Integrating these laws is a critical step for the performance and robustness of scientific computations. Therefore, this step can lead to intrusive and complex developments in the code.
Many digital platforms, such as FEniCS, FireDrake, FreeFEM, and Comsol, offer Just-In-Time (JIT) code generation techniques to handle various physics. This JIT approach significantly reduces the time required to implement new simulations, providing great versatility to the user. Additionally, it allows for optimization specific to the cases being treated and facilitates porting to various architectures (CPU or GPU). Finally, this approach hides implementation details; any changes in these details are invisible to the user and absorbed by the code generation layer.
However, these techniques are generally limited to the assembly steps of the linear systems to be solved and do not include the crucial step of integrating behavior laws.
Inspired by the successful experience of the open-source project mgis.fenics [1], this thesis aims to develop a Just-In-Time code generation solution dedicated to the next-generation structural mechanics code Manta [2], developed by CEA. The objective is to enable strong coupling with behavior laws generated by MFront [3], thereby improving the flexibility, performance, and robustness of numerical simulations.
The doctoral student will benefit from guidance from the developers of MFront and Manta (CEA), as well as the developers of the A-Set code (a collaboration between Mines-Paris Tech, Onera, and Safran). This collaboration within a multidisciplinary team will provide a stimulating and enriching environment for the candidate.
Furthermore, the thesis work will be enhanced by the opportunity to participate in conferences and publish articles in peer-reviewed scientific journals, offering national and international visibility to the thesis results.
The PhD will take place at CEA Cadarache, in south-eastern France, in the Nuclear Fuel Studies Department of the IRESNE Institute [4]. The host laboratory is the LMPC, whose role is to contribute to the development of the physical components of the PLEIADES digital platform [5], co-developed by CEA and EDF.
[1] https://thelfer.github.io/mgis/web/mgis_fenics.html
[2] MANTA : un code HPC généraliste pour la simulation de problèmes complexes en mécanique. https://hal.science/hal-03688160
[3] https://thelfer.github.io/tfel/web/index.html
[4] https://www.cea.fr/energies/iresne/Pages/Accueil.aspx
[5] PLEIADES: A numerical framework dedicated to the multiphysics and multiscale nuclear fuel behavior simulation https://www.sciencedirect.com/science/article/pii/S0306454924002408
CORTEX: Container Orchestration for Real-Time, Embedded/edge, miXed-critical applications
This PhD proposal will develop a container orchestration scheme for real-time applications, deployed on a continuum of heterogeneous computing resources in the embedded-edge-cloud space, with a specific focus on applications that require real-time guarantees.
Applications, from autonomous vehicles, environment monitoring, or industrial automation, applications traditionally require high predictability with real-time guarantees, but they increasingly ask for more runtime flexibility as well as a minimization of their overall environmental footprint.
For these applications, a novel adaptive runtime strategy is required that can optimize dynamically at runtime the deployment of software payloads on hardware nodes, with a mixed-critical objective that combines real-time guarantees with the minimization of the environmental footprint.
A revolution in intervention in complex environments: AI and Digital twins in synergy for innovative and effective solutions.
Scientific Context
The operation of complex equipment, particularly in the nuclear sector, relies on quick and secure access to heterogeneous data. Advances in generative AI, combined with Digital Twins (DT), offer innovative solutions to enhance human-system interactions. However, integrating these technologies into critical environments requires tailored approaches to ensure intuitiveness, security, and efficiency.
Proposed Work
This thesis aims to develop a generative AI architecture enriched with domain-specific data and accessible via mixed reality, enabling a glovebox operator to ask natural language questions. The proposed work includes:
A review of the state-of-the-art on Retrieval-Augmented Generation (RAG), ASR/TTS technologies, and Digital Twins.
The development and integration of a chatbot for nuclear operations.
The evaluation of human-AI interactions and the definition of efficiency and adoption metrics.
Expected Outcomes
The project aims to enhance safety and productivity through optimized interactions and to propose guidelines for the adoption of such systems in critical environments.