Posts

[T40] Software multi-tenancy on micro-controllers: enhancing security with TinyPART toolkit – Chrystel Gaber (Orange),  Gilles Grimaud (U Lille), Emmanuel Baccelli  (INRIA)

/0 Comments/in , , /by

On Fri, Nov 29th, 2024, 2pm CET, we welcome Chrystel Gaber (Orange),  Gilles Grimaud (U Lille), Emmanuel Baccelli  (INRIA), for another edition of TALK.CYBERcni.fr on “Software multi-tenancy on micro-controllers: enhancing security with TinyPART toolkit”. Share and join!

As containerization arrives for microcontrollers, it brings with it critical new security challenges. This talk will dive into how the TinyPART toolkit, developed through a joint French-German research project, addresses key concerns like memory isolation, secure software updates, and resource access control in multi-tenant environments. Discover how TinyPART’s innovations help overcome the risks of transitioning from monolithic to multi-tenant software paradigms on microcontrollers.

You are cordially invited to join the free live stream on youtube and LinkedIn! Please share the link https://talk.cybercni.fr/40 with your interested friends!

Trailer: https://youtu.be/TCTMaSay_Ng
LinkedIN Event: Not working for the moment/ will be added a soon as working again.
Facebook Event: https://www.facebook.com/events/1584069039186575/
Youtube: https://www.youtube.com/watch?v=RUcR8d55eFU&list=PLdftPKA9mTfaDJxqwexil2mPhUFIA9ITd
Stream redirect (for every edition): https://TALK.cyberCNI.fr/stream

Newsletter with invitations: Subscription on https://TALK.cyberCNI.fr

Help us spreading the news

The best talks are those with an interested diverse audience! Therefore, please use the following media to spread the news in your networks: 

Thank you!

Abstract

As containerization becomes available for microcontrollers, it is necessary for security models to evolve and address threats arising  from the transition from a monolithic software paradigm to a  multi-tenant one. Among the challenges that need to be overcome, this talk will in particular focus on memory isolation, secure software updates and ressource access control by describing the results of TinyPART (https://tinypart.github.io/TinyPART/), a German-French research  project on cybersecurity jointly sponsored by the German Ministry of  Education and Research and the French National Research Agency. In this talk, you will discover how the TinyPART toolkit can help you overcome this challenge by addressing issues related to memory isolation, software updates and resource access control.

Watch the trailer linked above!

Chrystel Gaber

Chrystel Gaber received her PhD in Computing Systems from the University of Caen in 2013. After working as a project coordinator and R&D engineer at Fime, she joined Orange as a researcher and project coordinator. She is involved in several projects related to cyber-physical security, IoT device management, and certification, and serves as the French coordinator for the TinyPART project.

Gilles Grimaud

Gilles Grimaud received an award from the French chapter of ACM SigOPS for his PhD thesis in 2001 and was appointed a full professor at the University of Lille in 2009. His primary research interests include embedded systems, cybersecurity, and formal methods, with notable achievements such as the development of Camille, a secure smart card operating system. He has contributed to numerous funded French and European projects and is currently a member of the TinyPART project.

Emmanuel Baccelli

Emmanuel Baccelli is a researcher at Inria and Freie Universität Berlin, having previously worked at AT&T Labs and Metro Optix Inc. He earned his PhD from École Polytechnique in 2006 and his habilitation from Université Pierre & Marie Curie in 2012. A co-founder of the RIOT open-source community, his main research interests involve the Internet of Things, low-power software, security, and the design and analysis of network protocols and algorithms.

About Orange

Orange is a leading global telecommunications operator, providing a wide  range of services including mobile and fixed-line communications,  internet, and digital solutions. With a strong commitment to innovation  and customer satisfaction, Orange aims to enhance connectivity and  improve the digital experience for individuals and businesses worldwide.

The Cyber CNI Lecture Series is a free monthly event that typically takes place on the last Friday of the month from 2pm to 3h30pm CET.

The Cyber CNI Speaker series aims to raise awareness and understanding of cyber security issues among all audiences. It aims to enable an ongoing dialogue between experts from industry and academia and the general public (citizens, families, small and large businesses, public organizations, etc.). All of us are concerned.

The events are broadcast live on Youtube (https://talk.cybercni.fr/) and LinkedIn, allowing worldwide remote participation – including a tool to participate in the discussion.

You can add the event calendar via ICSwebcalHTML.

How the digital transformation is changing our lives

Our society relies more and more on information and operational technologies. Examples include water, energy, heat and cooling supply, communications, healthcare, production and processing of goods, transportation, national security, banking, research and education, and food production.

What all these areas have in common is that they make intensive use of networked distributed computer systems. These systems can be attacked in many ways. This is no longer just a problem for computer “pros” because computer systems are essential to all of us. The effects of “cyber-attacks” range from power outages to the collapse of the health care or banking sectors.

Program and registration: https://talk.cybercni.fr/

[T39] A case for Internet Transparency – the Responsible Internet – Ralph Holz (Universität Münster)

/0 Comments/in , /by

On Fri, Oct 25th, 2024, 2pm CET, we welcome Ralph Holz from Universität Münster, Germany, for another edition of TALK.CYBERcni.fr on “A case for Internet Transparency – the Responsible Internet”. Share and join!

Despite technological advancements, Internet security issues persist, particularly at the infrastructure level. Ralph Holz will discuss why traditional solutions are often ineffective and propose a game-changing approach: Internet Transparency. By making it possible to identify the operators and reasons behind security failures, we can change the incentives to invest in better security practices. Holz will also introduce “The Responsible Internet,” a multidisciplinary approach combining global measurements, decentralized logging, and economics research to foster a more secure and accountable Internet.

You are cordially invited to join the free live stream on youtube and LinkedIn! Please share the link https://talk.cybercni.fr/39 with your interested friends!

Trailer: https://youtu.be/iyms8BQAo7M
LinkedIN Event: https://www.linkedin.com/events/7255532351269613569 (Seems currently down, so switch to another link below.)
Facebook Event: https://www.facebook.com/events/1311255863375430/
Youtube: https://www.youtube.com/watch?v=A0sYEm5xt_w&list=PLdftPKA9mTfaDJxqwexil2mPhUFIA9ITd
Stream redirect (for every edition): https://TALK.cyberCNI.fr/stream

Newsletter with invitations: Subscription on https://TALK.cyberCNI.fr

Help us spreading the news

The best talks are those with an interested diverse audience! Therefore, please use the following media to spread the news in your networks: 

Thank you!

Abstract

Despite some progress over the last 20 years, Internet security problems just keep cropping up. At the infrastructure level in particular – from hardware to critical services – it is sobering to realize that the incentives to invest in modern technologies too often clash with business or organisational considerations. Instead of continuing to rely on technologies that tend to be poorly received by the market, we provide arguments why it is more expedient to take a more indirect approach by introducing and fostering so-called “Internet Transparency”. This idea is based on earlier empirical evidence: if it is possible to determine by which operator, and why, a problem was caused, the incentives to invest in security and less flawed processes change across the board. We will therefore start by presenting a few results from previous work to motivate why we should now focus on Internet Transparency, before moving on to a possible approach for implementing this, which is largely based on global measurements and decentralised logging, flanked by economics and governance research and efforts. We have nicknamed this multidisciplinary approach the Responsible Internet, and the remainder of the talk will introduce our approach and ongoing efforts.

Watch the trailer linked above!

Ralph Holz

Ralph is Full Professor for Networks and Network Security at the University of Münster in Germany and co-appointed at the University of Twente in the Netherlands. His research interest is the empirical analysis of computer security, especially on the Internet. His prior positions include roles at NICTA (National ICT Australia), the University of Sydney, and the University of Twente. Ralph holds a PhD from the Technical University of Munich. He is currently the PI of a 2m EUR project on the Responsible Internet that aims to bring about better controllability, accountability, and transparency for the security of Internet communication (https://responsible-internet.org). Ralph has contributed to Internet standardization and his work has received several awards.

About Universität Münster

The University of Münster is one of Germany’s largest and most prestigious universities, with well over 40,000 students in 15 departments. Ralph is a full professor in the Department of Computer Science, where he does empirical research in network security.

Talk.cybercni.fr

The Cyber CNI Lecture Series is a free monthly event that typically takes place on the last Friday of the month from 2pm to 3h30pm CET.

The Cyber CNI Speaker series aims to raise awareness and understanding of cyber security issues among all audiences. It aims to enable an ongoing dialogue between experts from industry and academia and the general public (citizens, families, small and large businesses, public organizations, etc.). All of us are concerned.

The events are broadcast live on Youtube (https://talk.cybercni.fr/) and LinkedIn, allowing worldwide remote participation – including a tool to participate in the discussion.

You can add the event calendar via ICSwebcalHTML.

How the digital transformation is changing our lives

Our society relies more and more on information and operational technologies. Examples include water, energy, heat and cooling supply, communications, healthcare, production and processing of goods, transportation, national security, banking, research and education, and food production.

What all these areas have in common is that they make intensive use of networked distributed computer systems. These systems can be attacked in many ways. This is no longer just a problem for computer “pros” because computer systems are essential to all of us. The effects of “cyber-attacks” range from power outages to the collapse of the health care or banking sectors.

Program and registration: https://talk.cybercni.fr/

[T38] Security Aspects in the Evolved IoT-Edge-Cloud Continuum Paradigm – Valeria Loscri

/0 Comments/in , /by

On Fri, Sep 27th, 2024, 2pm CET, we welcome Valeria Loscri from INRIA Lille, France for another edition of TALK.CYBERcni.fr on “Security Aspects in the Evolved IoT-Edge-Cloud Continuum Paradigm”. Share and join!

As our connected world expands with advanced services and applications, the IoT-Edge-Cloud Continuum has emerged as a key paradigm, seamlessly integrating IoT devices, edge computing, and cloud services. But with this evolution comes new security challenges, exposing vulnerabilities across heterogeneous devices. Valeria will dive into the security landscape of this paradigm, highlighting how IoT-device vulnerabilities can escalate into powerful attacks on higher layers of the continuum.

You are cordially invited to join the free live stream on youtube and LinkedIn! Please share the link https://talk.cybercni.fr/38 with your interested friends!

Trailer: https://youtu.be/6iE1WWSIGZ8?list=PLdftPKA9mTfaDJxqwexil2mPhUFIA9ITd
LinkedIN Event: https://www.linkedin.com/events/7245358136469983232
Facebook Event: https://www.facebook.com/events/1052373216497306/
Youtube: https://www.youtube.com/watch?v=3LYfZHsTZ4Y&list=PLdftPKA9mTfaDJxqwexil2mPhUFIA9ITd&index=1
Stream redirect (for every edition): https://TALK.cyberCNI.fr/stream

Newsletter with invitations: Subscription on https://TALK.cyberCNI.fr

Help us spreading the news

The best talks are those with an interested diverse audience! Therefore, please use the following media to spread the news in your networks: 

Thank you!

Abstract

Living in our perpetually connected world presents us with an abundance of novel advanced services and automated applications. In order to meet the increasing demand of advanced services and applications, significant activity has been dedicated in the recent years to build the IoT-Edge-Cloud Continuum paradigm. 

This paradigm shift comes with a change in the security landscape, enabling new and more powerful attacks relying on vulnerabilities of heterogeneous devices, where not all the devices cannot be with same level of security. 

It is paramount to analyze this new security landscape and estimate the potential impact of attacks at IoT-devices on the upper layers. 

Watch the trailer linked above!

Valeria Loscri

Valeria Loscri is researcher director in the FUN Team at Inria Lille (France), that she joined in 2013. From Dec. 2006 to Sept. 2013, she was Research Fellow in the TITAN Lab of the University of Calabria, Italy. She received her MSc and PhD degrees in Computer Science in 2003 and 2007, respectively, from the University of Calabria and her HDR (Habilitation à diriger des recherches) in 2018 from Université de Lille (France). Her research interests focus on emerging technologies for new communication paradigms such as Visible Light Communication (VLC), mmWave, cooperation and coexistence of wireless heterogeneous devices and cyber security in wireless networks. She is involved in the activity of several European Projects (Horizon Europe MLSysOps, H2020 CyberSANE, FP7 EU project VITAL, etc.).
She has been nominated to the 2021 Women Stars in Computer Networking and Communications Communications by the IEEE Communication Society. She is in the editorial board of IEEE COMST, Transactions on Information Forensics and Security, Elsevier ComNet, ComCom. She is serving as TPC members in several primary international conferences, such as IEEE ESORICS, IEEE CNS, IEEE INFOCOM, IEEE PerCom.
She is Action Chair and scientific Holder of BEiNG-WISE COST Action (since 2023). Since 2019, she is Scientific International Delegate for Inria Lille

About INRIA

Inria is the French national institute for research in digital science and technology, and since January 2024 has been responsible for the Agence de programmes dans le numérique (Digital Programs Agency), designed to strengthen the collective dynamics of higher education and research. Its DNA is based on world-class research, technological innovation and entrepreneurial risk. Within 220 project teams, most of which are shared with major research universities, more than 3,800 scientists are exploring new avenues, often in interdisciplinary collaboration with industrial partners, to meet ambitious challenges. As a technology institute, Inria supports a wide range of innovation paths: from open source software publishing to the creation of technology startups (Deeptech).

Talk.cybercni.fr

The Cyber CNI Lecture Series is a free monthly event that typically takes place on the last Friday of the month from 2pm to 3h30pm CET.

The Cyber CNI Speaker series aims to raise awareness and understanding of cyber security issues among all audiences. It aims to enable an ongoing dialogue between experts from industry and academia and the general public (citizens, families, small and large businesses, public organizations, etc.). All of us are concerned.

The events are broadcast live on Youtube (https://talk.cybercni.fr/) and LinkedIn, allowing worldwide remote participation – including a tool to participate in the discussion.

You can add the event calendar via ICSwebcalHTML.

How the digital transformation is changing our lives

Our society relies more and more on information and operational technologies. Examples include water, energy, heat and cooling supply, communications, healthcare, production and processing of goods, transportation, national security, banking, research and education, and food production.

What all these areas have in common is that they make intensive use of networked distributed computer systems. These systems can be attacked in many ways. This is no longer just a problem for computer “pros” because computer systems are essential to all of us. The effects of “cyber-attacks” range from power outages to the collapse of the health care or banking sectors.

Program and registration: https://talk.cybercni.fr/

[T36] Dynamic Cybersecurity Risk Management with Responsible AI Practice  for Enhancing Security and Resilience of Digital Infrastructure – Shareeful Islam

/0 Comments/in , , /by

On Fri, July 26th, 2024, 2h00pm CET, we welcome Shareeful Islam from Anglia Ruskin University, UK for another edition of TALK.CYBERcni.fr on “Dynamic Cybersecurity Risk Management with Responsible AI Practice  for Enhancing Security and Resilience of Digital Infrastructure – Shareeful Islam”. Share and join!
We are excited to welcome Dr. Shareeful Islam from Anglia Ruskin University for a compelling talk on “Dynamic Cybersecurity Risk Management with Responsible AI Practice for Enhancing Security and Resilience of Digital Infrastructure.” In this session, Dr. Islam will address the growing sophistication of cyberattacks and the critical need for dynamic cybersecurity risk management. Learn how hybrid AI-enabled models, combining linear regression and deep learning, can help manage risks more effectively and ensure the development of trustworthy AI systems.

You are cordially invited to join the free live stream on youtube and LinkedIn! Please share the link https://talk.cybercni.fr/36 with your interested friends!

Trailer: https://youtu.be/lcDndbVe8ds
LinkedIN Event: https://www.linkedin.com/events/7221126855918063619
Facebook Event: https://www.facebook.com/events/366087109924061/
Youtube: https://www.youtube.com/watch?v=3ZSARwpfwgA&list=PLdftPKA9mTfaDJxqwexil2mPhUFIA9ITd
Stream redirect (for every edition): https://TALK.cyberCNI.fr/stream

Newsletter with invitations: Subscription on https://TALK.cyberCNI.fr

Help us spreading the news

The best talks are those with an interested diverse audience! Therefore, please use the following media to spread the news in your networks: 

Thank you!

Abstract

The sophistication of cyberattacks has significantly increased, making it almost certain that organizations can be victims of cyberattacks at any time. Managing cybersecurity risk is critical for any organization so that informed decisions can be made to tackle risks before they materialize. However, performing effective risk management is always challenging due to the constant changes in organizational infrastructure and security posture, including the adoption of new applications and the reconfiguration or updating of existing assets and their dependencies, as well as the potential exploitation of vulnerabilities. Despite the wider adoption of AI enabled solution in  cybersecurity , but lack of focus on the analysing  dynamic parameters using AI models  and their integration into cybersecurity  risk management. Additionally, AI-enable cybersecurity solution needs to assure the Responsible AI practice for trustworthy AI system development and use 

This talk presents dynamic Cyber Security Risk Management (d-CSRM)) to tackle this challenge by integrating for assessing and managing the risk. It considers hybrid AI-enabled model that combines both linear regression and deep learning,  with responsible AI practice to assess the risk.

Watch the trailer linked above!

Shareeful Islam

Dr. Shareeful Islam is an Associate Professor  in Cybersecurity at the Faculty of Science and Engineering, Anglia Ruskin University(ARU). He is currently visiting professor LUT School of Engineering Sciences, Lappeenranta, Finland and  previously worked as a visiting professor at the National Institute of Informatics (NII), Japan, and a visiting researcher at SBA Research, Austria. He has over 22 years of experience in teaching , administration, and research. He published more than 90 papers and secured ca 1.5 M £ funding mostly from the national and EU funding agency with experienced with lead and manage project. He has  successfully supervised to timely completion 11 PhDs and MPhils and currently leading Horizon project for ARU. He has published more than 90  papers in different top ranked journals and conferences. His research interest includes cybersecurity risk management, Responsible AI, AI-enabled cyber security, and regulatory compliance.

About the Anglia Ruskin University (ARU)

named one of the top 40 universities in the UK and top 350 institutions in the world, in the Times Higher Education (THE) World University Rankings in 2023.  ARU teaching and research focuses on Chelmsford, Cambridge, Peterborough and rated Gold in the Teaching Excellence Framework   The school of computing and information science  boasts state-of-the-art research facilities, equipped with the latest technology and resources necessary for conducting advanced research in cybersecurity. CIS includes a number of online specialized labs including threat and forensic analysis, penetration testing, and evidence visualization.  CIS is a dynamic hub for academic excellence and innovation in the field of computer science, information technology, and cybersecurity.  Faculty members of CIS are distinguished experts in cybersecurity, artificial intelligence, and network defence.

Talk.cybercni.fr

The Cyber CNI Lecture Series is a free monthly event that typically takes place on the last Friday of the month from 2pm to 3h30pm CET.

The Cyber CNI Speaker series aims to raise awareness and understanding of cyber security issues among all audiences. It aims to enable an ongoing dialogue between experts from industry and academia and the general public (citizens, families, small and large businesses, public organizations, etc.). All of us are concerned.

The events are broadcast live on Youtube (https://talk.cybercni.fr/) and LinkedIn, allowing worldwide remote participation – including a tool to participate in the discussion.

You can add the event calendar via ICSwebcalHTML.

How the digital transformation is changing our lives

Our society relies more and more on information and operational technologies. Examples include water, energy, heat and cooling supply, communications, healthcare, production and processing of goods, transportation, national security, banking, research and education, and food production.

What all these areas have in common is that they make intensive use of networked distributed computer systems. These systems can be attacked in many ways. This is no longer just a problem for computer “pros” because computer systems are essential to all of us. The effects of “cyber-attacks” range from power outages to the collapse of the health care or banking sectors.

Program and registration: https://talk.cybercni.fr/

[T35] Formally verifying security properties of cyber-physical systems – Mikael Asplund

/0 Comments/in , /by

On Fri, June 28th, 2024, 2h00pm CET, we welcome Mikael Asplund from Linköping University for another edition of TALK.CYBERcni.fr on “Formally verifying security properties of cyber-physical systems”. Share and join!

Join Mikael Asplund from Linköping University as he delves into the critical need for rigorous and verifiable development methods in our increasingly connected world. In his talk on “Formally Verifying Security Properties of Cyber-Physical Systems,” Asplund will explore how formal methods can be leveraged to ensure the security of networked systems at multiple abstraction levels. Discover the challenges and breakthroughs in translating high-level security requirements into low-level implementations, and learn why keeping up with the sophistication of cyber threats is more crucial than ever. After the talk, engage directly with Asplund in a lively 45-minute discussion. Bring your questions and ideas to this interactive session and be part of the conversation shaping the future of cyber-physical security!

You are cordially invited to join the free live stream on youtube and LinkedIn! Please share the link https://talk.cybercni.fr/35 with your interested friends!

Trailer: https://youtu.be/oYeVh4vIZYQ
LinkedIN Event: https://www.linkedin.com/events/7206936139524362240/comments/
Facebook Event: https://www.facebook.com/events/7898805550141847/
Youtube: https://www.youtube.com/watch?v=RAiCFhJWH4M&list=PLdftPKA9mTfaDJxqwexil2mPhUFIA9ITd
Stream redirect (for every edition): https://TALK.cyberCNI.fr/stream

Newsletter with invitations: Subscription on https://TALK.cyberCNI.fr

Help us spreading the news

The best talks are those with an interested diverse audience! Therefore, please use the following media to spread the news in your networks: 

Thank you!

Abstract

Cyber-physical systems are often  safety-critical and require a rigorous  development process to reduce  the risk of hazards to an acceptable  level. Traditionally, this meant  isolated components with predictable  run-time behaviour, combined with  redundancy to achieve fault tolerance.  Today, we consider it normal to  have internet-connected cars,  management of critical infrastructure  running in the cloud, and  air-traffic control that operate remotely  with digital screens instead  of windows for the operators. At the same  time, the cyber threats have  grown drastically in frequency and  sophistication putting many of these  connected cyber-physical systems  at risk. Unfortunately, we have not  kept up with the development of  rigorous and verifiable development  methods to match the increased  connectivity and complexity of our  critical systems. In this talk I  will discuss opportunities and  challenges of using formal methods to  verify security properties in  cyber-physical systems. The focus will be  on networked cyber-physical  systems considering three different  abstraction levels, entity  coordination, cryptographic protocol design,  and implementation of  communication protocols. I will discuss how  high-level requirements can  be refined and translated to low-level  properties, show some examples of  what we can show, and where we are  still struggling to find suitable  abstractions and models.

Watch the trailer linked above!

Mikael Asplund

Professor Mikael Asplund is a Senior Associate  Professor in Computer Science at Linköping University (LiU). He received  his M.Sc. degree in computer science and engineering and the  Ph.D.degree in computer science from LiU, in 2005 and 2011,  respectively. From 2011 to 2012, he was a Research Fellow with Trinity  College Dublin. He currently leads five research projects on  cybersecurity and is responsible for two Master programs at LiU. His  research is focused on methods for rigorous security of cyber-physical  systems.

About the Linköping University

We all want to create a better world. At Linköping University, LiU, we use boundary-breaking research and innovative education to get there. To solve the challenges of the day, we are in continuous and close contact with industry and society. International rankings show that LiU is among the world’s top universities. Our students are sought after in the labour market, and we are one of the most attractive employers in Sweden. We believe that all this stems from our courage to think freely and innovate in contexts large and small.

LiU continues to give generations of curious individuals the opportunity to grow and contribute to a better world. We do this with the power of 37,600 students and 4,300 co-workers.

Talk.cybercni.fr

The Cyber CNI Lecture Series is a free monthly event that typically takes place on the last Friday of the month from 2pm to 3h30pm CET.

The Cyber CNI Speaker series aims to raise awareness and understanding of cyber security issues among all audiences. It aims to enable an ongoing dialogue between experts from industry and academia and the general public (citizens, families, small and large businesses, public organizations, etc.). All of us are concerned.

The events are broadcast live on Youtube (https://talk.cybercni.fr/) and LinkedIn, allowing worldwide remote participation – including a tool to participate in the discussion.

You can add the event calendar via ICSwebcalHTML.

How the digital transformation is changing our lives

Our society relies more and more on information and operational technologies. Examples include water, energy, heat and cooling supply, communications, healthcare, production and processing of goods, transportation, national security, banking, research and education, and food production.

What all these areas have in common is that they make intensive use of networked distributed computer systems. These systems can be attacked in many ways. This is no longer just a problem for computer “pros” because computer systems are essential to all of us. The effects of “cyber-attacks” range from power outages to the collapse of the health care or banking sectors.

Program and registration: https://talk.cybercni.fr/