Vérification de propriété de cybersécurité temporisés grâce aux méthodes formelles.

Offre de thèse

Date limite de candidature

10-05-2024

Date de début de contrat

01-10-2024

Directeur de thèse

MERZ Stephan

Encadrement

Thèse co-encadré entre Lefaucheux Engel et Stephan Merz au LORIA (Nancy). Étienne ANDRÉ au LIPN (Paris) sera officieusement également co-encadrant de la thèse.

Type de contrat

Concours pour un contrat doctoral

Candidater à cette offre target="_blank"

école doctorale

IAEM - INFORMATIQUE - AUTOMATIQUE - ELECTRONIQUE - ELECTROTECHNIQUE - MATHEMATIQUES

équipe

MOSEL-VERIDIS

contexte

The pervasiveness of cyber-physical systems is highly increasing, raising many safety and security concerns. For instance, the observation of an user's interac- tions with a system should not give secret information to an attacker. Take the example of an attacker trying to guess a password by writing down a random input. If the system follows a naive algorithm to check the correctness of the password (i.e. checking if every letter is correct one by one and returning f alse as soon as a wrong letter is detected), the attacker can guess how many of the first letters of their input are correct. In order to deal with this kind of issue, we request systems to be opaque, meaning that secret behaviours of the system (the correct password) give the same observations to an attacker as some public behaviours of the system. These observations may include timing delays, energy consumption,. . . Formal methods aim at tackling problems such as opacity through the verifi- cation of formal properties on a model abstracting the real system. A well-known formal model to reason about timed systems is timed automata, an extension of finite-state automata with continuous clocks measuring time. Timed automata have been extensively used to verify safety properties, but not so much security properties, with some exceptions.

spécialité

Informatique

laboratoire

LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications

Mots clés

Vérification de modèles , Automates, méthodes formelles, Opacité, Systèmes temporisés

Détail de l'offre

L'objectif de cette thèse est la formulation est l'analyse de propriété de cyber-sécurité telles que l'opacité sur des modèles mathématiques (automates, réseaux de Pétri,...) temporisés.

Keywords

Verification, Model-checking, timed systems, Automata, Opacity

Subject details

The objective of this PhD is the formulation and analysis of cyber-security properties such as opacity on timed mathematical models (timed automata, timed Petri nets,...).

Profil du candidat

Bac + 5 (Master ou équivalent) en informatique.
Une connaissance des méthodes formelles et du model-checking en particulier serait très utile.
Avoir suivi un cours sur les systèmes temporisés est un plus, mais pas obligatoire.

Candidate profile

Master in computer science or equivalent.
Having some experience in formal methods and in particular model-checking is strongly recommended.
Having some knowledge of timed systems is a nice bonus, but not a requirement.

Référence biblio

1. Rajeev Alur and David L. Dill. A theory of timed automata. TCS, 126(2):183–235,
April 1994.
2. Étienne André and Jun Sun. Parametric timed model checking for guaranteeing
timed opacity. In Yu-Fang Chen, Chih-Hong Cheng, and Javier Esparza, editors,
ATVA, volume 11781 of LNCS, pages 115–130. Springer, 2019.
3. Gilles Benattar, Franck Cassez, Didier Lime, and Olivier H. Roux. Control and syn-
thesis of non-interferent timed systems. International Journal of Control, 88(2):217–
236, 2015.
4. Franck Cassez. The dark side of timed opacity. In Jong Hyuk Park, Hsiao-Hwa
Chen, Mohammed Atiquzzaman, Changhoon Lee, Tai-Hoon Kim, and Sang-Soo
Yeo, editors, ISA, volume 5576 of LNCS, pages 21–30. Springer, 2009.