Section: Bilateral Contracts and Grants with Industry

Bilateral Contracts with Industry

• DGA contract (2012-2013): “CAPALID”

  The CAPALID project aims at building a state of the art of off-the-shelf solutions for supervision systems in distributed environments. We first realized a state of the art of the research activities for intrusion detection systems (probes), correlation systems and visualization systems. On a second phase, we defined an assessment methodology of these types of tools. Finally, this methodology was applied by Amossys, our partner in the project, to evaluate the best off-the-shelf tools that have been retained in the context of the project. This study is led in cooperation with Amossys, a SME located in Rennes.

• Technicolor contract (2011-2014): “Data Aggregation in Large Scale Systems”

  The theme of this contract focuses on the management of massively distributed data sets. Briefly, our goal is to provide a lightweight yet continuous flow of aggregate and relevant data from a very large number of distributed sources to a management system. Collaborative data aggregation are relevant mechanisms that could help in securely providing digests of information. However, an important aspect that we want to preserve is the privacy of the aggregated information. This is of particular interest for Telco operators or software/hardware providers in order to smoothly manage the current state of their deployed platforms, allowing accordingly to develop new applications based on quick reactions/optimizations to identify and handle services inconsistencies.

  This study is conducted in cooperation with the Inria project Dionysos.

• HP contract (2013-2014): “Firmware Security”

  The work we have conducted on the automatic instrumentation of C programs in order to detect intrusions has led to the implementation of the approach within the Frama-C framework under the form of a plugin called SIDAN (see above). A part of this contract for HP consists in adapting and improving this plugin for a real-word code provided by HP, in order to harden their source code.

  Another aspect of this work consists in developing a knew intrusion detection mechanism at the hardware level to protect the firmware (i.e. BIOS or UEFI) level. This mechanism must take into account industrial constraints provided by HP. Thomas Letan has been hired as an engineer to design and implement a proof-of-concept of such mechanism. In 2013, he focused his work on studying state-of-the-art and comparing existing approaches using metrics adapted to HP constraints.