2025‌​‌Activity reportProject-TeamCTRL-A​​

7.1.1​​​‌ Heptagon

• Keywords:
  Compilers, Synchronous‌ Language, Controller synthesis
• Functional‌​‌ Description:

  Heptagon is an​​ experimental language for the​​​‌ implementation of embedded real-time‌ reactive systems. It is‌​‌ developed inside the Synchronics​​ large-scale initiative, in collaboration​​​‌ with Inria Rhones-Alpes. It‌ is essentially a subset‌​‌ of Lucid Synchrone, without​​ type inference, type polymorphism​​​‌ and higher-order. It is‌ thus a Lustre-like language‌​‌ extended with hierchical automata​​ in a form very​​​‌ close to SCADE 6.‌ The intention for making‌​‌ this new language and​​ compiler is to develop​​​‌ new aggressive optimization techniques‌ for sequential C code‌​‌ and compilation methods for​​ generating parallel code for​​​‌ different platforms. This explains‌ much of the simplifications‌​‌ we have made in​​ order to ease the​​​‌ development of compilation techniques.‌

  The current version of‌​‌ the compiler includes the​​ following features: - Inclusion​​​‌ of discrete controller synthesis‌ within the compilation: the‌​‌ language is equipped with​​ a behavioral contract mechanisms,​​​‌ where assumptions can be‌ described, as well as‌​‌ an "enforce" property part.​​ The semantics of this​​​‌ latter is that the‌ property should be enforced‌​‌ by controlling the behaviour​​ of the node equipped​​​‌ with the contract. This‌ property will be enforced‌​‌ by an automatically built​​ controller, which will act​​​‌ on free controllable variables‌ given by the programmer.‌​‌ This extension has been​​ named BZR in previous​​​‌ works. - Expression and‌ compilation of array values‌​‌ with modular memory optimization.​​ The language allows the​​​‌ expression and operations on‌ arrays (access, modification, iterators).‌​‌ With the use of​​ location annotations, the programmer​​​‌ can avoid unnecessary array‌ copies.

• URL:
  https://­gitlab.­inria.­fr/­synchrone/­heptagon
• Contact:‌​‌
  Gwenaël Delaval
• Participants:
  Gwenaël​​ Delaval, Marc Pouzet, 5​​​‌ anonymous participants
• Partners:
  UGA,‌ ENS Paris, Inria, LIG‌​‌

7.1.2 DSL62443

• Name:
  DSL​​ for modeling IEC 62443​​​‌ compliant ICS instances, in‌ a zone/conduit model
• Keyword:‌​‌
  DSL
• Functional Description:
  Source​​ code for an eclipse​​​‌ plugin, allowing the user‌ to describe ICS instances‌​‌ that follows the IEC​​ 62443 zone/conduit model. Uses​​​‌ xtext for the textual‌ IDE, and Sirius for‌​‌ the graphical one. Also​​ contains an application, using​​​‌ constraint programming to reconfigure‌ a modeled system under‌​‌ attack. This controller is​​ generated from a description.​​​‌
• URL:
  https://­hal.­science/­hal-04573409
• Contact:
  Jolahn‌ Vaudey

7.1.3 RTUShark

• Name:‌​‌
  Modbus RTU network trafic​​ capture
• Keyword:
  Network monitoring​​​‌
• Functional Description:
  Allow to‌ capture Modbus RTU network‌​‌ trafic, and save it​​ in .pcap format, using​​​‌ a USB-RS485 adapter.
• URL:‌
  https://­hal.­science/­hal-04426339
• Contact:
  Stephane Mocanu‌​‌

7.1.4 GICS_HIL

• Name:
  Hardware​​ in the loop simulation​​​‌ system
• Keyword:
  Hardware and‌ Software Platform
• Functional Description:‌​‌
  We offer a set​​ of electronic boards (electronic​​​‌ schematics and Gerber files‌ for PCB manufacturing) that‌​‌ enable the emulation of​​​‌ digital and analog sensors​ and actuators, thus allowing​‌ interfacing between industrial control/command/protection​​ equipment and physical process​​​‌ simulation software. The system​ core is an electronic​‌ card inspired by the​​ STM32_Discovery evaluation board. The​​​‌ embedded firmware can be​ configured to manage I/O​‌ from industrial programmable logic​​ controllers (24V digital or​​​‌ +/-10V analog) or three-phase​ current and voltage sensors​‌ compatible with electrical substation​​ protection relays. Two power​​​‌ cards allow the signals​ to be adapted to​‌ current/voltage transformer standards: 0..1​​ A and +/- 48V​​​‌ (48V instead of 110V​ for compatibility with electrical​‌ safety standards for university​​ workbench). The cards interface​​​‌ with the simulation software​ via UDP communication. Interfacing​‌ software with Factory I/O​​ and Home I/O is​​​‌ provided, as well as​ software for controlling three-phase​‌ signals. Interfacing with Matlab/Simulink​​ is direct via Simulink​​​‌ UDP blocks. Interfacing with​ Modelica is also direct​‌ via the UDPSend and​​ UDP Receive blocks of​​​‌ the DeviceDrivers.Communication package
• URL:​
  https://­gitlab.­inria.­fr/­mocanu/­gics_discovery_hil
• Publications:
  hal-03282601v1,​‌ hal-02371133v1
• Contact:
  Stephane Mocanu​​

7.1.5 PLCOPENXML instrumentation tools​​​‌

• Name:
  Python scripts, instrumenting​ CEI 61131-10 PLCOPENXML files​‌ to allow for context​​ migration.
• Keyword:
  Instrumentation
• Functional​​​‌ Description:
  Python scripts, that​ take as input a​‌ PLCOPENXML description of a​​ PLC project. Then, for​​​‌ each application in the​ project: - Asks the​‌ user to determine its​​ limits (SFC programs and​​​‌ relevant variables) - Instrument​ the program to store​‌ the execution context in​​ an accessible area (here,​​​‌ through Modbus) - Instrument​ the program to allow​‌ migration - Store these​​ information in a serialized​​​‌ file, as a runnable​ snapshot manager. This manager​‌ can a) regularly take​​ snapshots of the corresponding​​​‌ application's state and b)​ migrate this execution context​‌ to another PLC.
• URL:​​
  https://­archive.­softwareheritage.­org/­browse/­directory/­3f49fc8e251e8393f97e1fe25c43f5a0221bb432/
• Publication:
  hal-05260039v1
• Contact:​​​‌
  Jolahn Vaudey

7.2.1 G-ICS: GreEn-ER​‌ Industrial Control systems Sandbox​​

Participants: Stéphane Mocanu.​​​‌

GreEn-ER Industrial Control Systems​ Sandbox (G-ICS) is a​‌ teaching and research platform​​ that brings together a​​​‌ hundred control, command, and​ industrial supervision devices of​‌ multi-protocol and multi-manufacturer that​​ can be flexibly coupled​​​‌ with a hardware-in-the-loop simulation​ system. The software simulation​‌ of processes can be​​ carried out with commercial​​​‌ simulators (Matlab/Simulink, Dymola) or​ open-source (Scilab or Modelica)​‌ as well as with​​ virtualization environments (Factory I/O​​​‌ or Home I/O). Thus,​ system architectures covering industrial​‌ fields ranging from home​​ automation and electrical distribution​​​‌ in buildings to manufacturing​ industry and smart grids​‌ can be realized.

2D Robot​​​‌ Models

Three Schneider MD1ADAX2M​ 2 Axis Machines educational​‌ models including two industrial​​ axes, an M340 PLC,​​​‌ two speed drives, and​ an HMI. Implemented protocols:​‌ CANOpen and Modbus/TCP.

The​​ image depicts a detailed​​​‌ view of an industrial​ control panel and a​‌ machine setup. The control​​ panel contains various electrical​​​‌ and electronic components such​ as switches, circuit breakers,​‌ and controllers. Labels on​​ the image identify parts​​ like the M340 automation​​​‌ unit, Ethernet switch, power‌ supplies, differential circuit breaker,‌​‌ and safety modules. The​​ machine setup includes features​​​‌ such as a multi-axis‌ system, safety interrupters, a‌​‌ transparent polycarbonate door, and​​ a marking unit. The​​​‌ control panel and machine‌ components are interconnected with‌​‌ wires and cables, and​​ the setup appears to​​​‌ be for an industrial‌ automation or manufacturing process.‌​‌ (Description generated at January​​ 18th, 2026 by Albert​​​‌ AI with the model‌ Mistral-Small-3.2-24B)

FischerTechnik​​ Models

Scaled-down physical processes:​​​‌ Six FischerTechnik factory simulator‌ cases1. Sensors/actuators‌​‌ interfaced with TM3BCEIP remote​​ I/O units (Figure 2​​​‌). Communication based on‌ Modbus/TCP.

The image displays‌​‌ a interconnected PLC network​​ centered around a FischerTechnik​​​‌ Industry 4.0 factory simulation.‌ Sensors and actuators of‌​‌ each subprocess are acquired​​ by RTU then read​​​‌ by the four PLC‌ that control the process.‌​‌ An HMI allows to​​ monitor the process state.​​​‌ Each supprocess is identified‌ by a color.

Hardware-in-the-Loop​​​‌ Models

About fifty programmable‌ logic controllers (PLCs) from‌​‌ Schneider, Siemens, Wago, and​​ ABB connected to electronic​​​‌ interfaces allowing coupling with‌ process simulators. Home I/O,‌​‌ Factory I/O simulator licenses​​ available or interfacing with​​​‌ Matlab/Simulink, Modelica, etc. The‌ principle is presented in‌​‌ Figure 3.

The​​ image depicts a centralized​​​‌ automation system with various‌ interconnected components. At the‌​‌ center there are three​​ control units linked to​​​‌ electronic interfacing cards and‌ to multiple devices and‌​‌ interfaces, including databases, personal​​ computers, HMIs. Under the​​​‌ interfacing cards are logos‌ and icons representing programming‌​‌ languages and software tools,​​ such as MATLAB Simulink,​​​‌ Python, C++, and Modelica,‌ highlighting the interfacing of‌​‌ industrial controllers with of​​ different programning technologies via​​​‌ the electronic cards.

Multiprotocol Models

Multiprotocol models:​​ an internally made "SCADA​​​‌ suitcase" model is available‌ (10 copies - Figure‌​‌ 4). The model​​ allows studying and carrying​​​‌ out attacks on hierarchical‌ and distributed multi-protocol architectures‌​‌ (Modbus TCP, CANOpen, OPC​​ UA, Modbus RTU).

The​​​‌ image depicts an industrial‌ supervision and control system.‌​‌ It features a local​​ Modbus/TCP and OPC UA​​​‌ network connecting a PC‌ supervision screen to a‌​‌ network switch. The switch​​ connects to two automation​​​‌ devices, API M340 and‌ API M251, via an‌​‌ HMI (Human-Machine Interface). These​​ devices link to sensors/actuators​​​‌ through Modbus/RTU and CanOpen‌ field buses, controlling a‌​‌ piloted process. Connections include​​ both digital (TOR) and​​​‌ analog signals. (Description generated‌ at January 22nd, 2026‌​‌ by Albert AI with​​ the model Mistral-Small-3.2-24B)

Smart-grid Platform IEC 61850‌​‌

About 30 protection relays​​ and current and voltage​​​‌ measurement units are available‌ for creating models of‌​‌ protection and control infrastructures​​ for electrical networks based​​​‌ on IEC 61850 communication‌ protocols and redundant HSR‌​‌ and PRP networks. One​​ of the models constructed​​​‌ from several standalone measurement‌ units (SAMU) and protection‌​‌ relays (IED) is presented​​ in Figure 5.​​​‌ The redundant network is‌ accessible for frame capture‌​‌ and attack deployment via​​​‌ a Redundancy Box (RedBox).​

The image shows a​‌ network setup involving industrial​​ devices. On the left​​​‌ is a diagram with​ SCADA, PRP (Parallel Redundancy​‌ Protocol), and GOOSE (Generic​​ Object Oriented Substation Event)​​​‌ connections. Key components include​ IEDs (Intelligent Electronic Devices),​‌ SAMUs (Synchronized Measurement Units),​​ and RedBoxes. On the​​​‌ right is a rack​ with actual equipment labeled​‌ RedBox, IED, and SAMU,​​ connected by numerous wires.​​​‌ The RedBox serves as​ a network device, while​‌ IEDs and SAMUs are​​ connected to monitor and​​​‌ control electrical systems. (Description​ generated at January 18th,​‌ 2026 by Albert AI​​ with the model Mistral-Small-3.2-24B)​​​‌ (Description generated at January​ 18th, 2026 by Albert​‌ AI with the model​​ Mistral-Small-3.2-24B)

Safety Automation​ Tesbed

Three complete testbeds​‌ (sensors, actuators, and programmable​​ controllers) from PILZ brand​​​‌ as well as several​ Schneider and Siemens safety​‌ PLCs are available for​​ demonstrating attacks on safety​​​‌ command functions (Figure 6​).

The image shows​‌ a training workbench dedicated​​ to safety related control​​​‌ systems. Are visible :​ a safety Pilz PLC,​‌ an HMI, a security​​ badge reader with badges​​​‌ and various sefety sensort​ : an emergency stop,​‌ a safety gate, and​​ an enabling switch.

IDS calibration and​ benchmark ICS dataset

• Contributors:​‌
  Stephane Mocanu, Léa Kenmogne,​​ Oualid Koucham
• Description:
  Datasets​​​‌ containing industrial traffic captured​ in a simple industrial​‌ system. Two datasets are​​ provided : normal traffic​​​‌ dataset for training of​ the Intrusion Detection System​‌ and the dataset containing​​ the process oriented attacks​​​‌ (actuators manipulation) for IDS​ banchmarking. Both datasets are​‌ provided in two versions​​ : the original network​​​‌ trafic capture (pcap file)​ and the extracted features​‌ (sensor and actuators values)​​ CVS files.
• Dataset PID​​​‌ (DOI,...):
  https://­doi.­org/­10.­57745/­J0F5CZ
• Publications:
  42​, 24

GICS Intrusion​‌ Detection Datasets

• Contributors:
  Oualid​​ Koucham, Stephane Mocanu
• Description:​​​‌
  These datasets include network​ traces collected at the​‌ ENSE3 GICS platform for​​ the purposes of evaluating​​​‌ an intrusion detection system​ (IDS) for ICS. The​‌ network traces capture the​​ behavior of an ICS​​​‌ test bed under attacks​ targeting the physical process.​‌ The test bed is​​ implemented in GICS and​​​‌ is comprised of several​ controllers (Schneider M340/M580, Wago​‌ IPC-C6, Siemens, etc.) along​​ with supervisory machines, engineering​​​‌ workstations and human machine​ interfaces (HMIs). Each controller​‌ sends commands and receives​​ sensor information, via I/O​​​‌ interface cards, from a​ real-time OpenModelica simulation of​‌ a complex physical process​​ representing a complex chemical​​​‌ plant. The traces contain,​ among other protocols, Modbus​‌ traffic carrying attacks violating​​ the specifications of the​​​‌ underlying physical process. This​ is performed by sending​‌ a sequence of Modbus​​ commands from workstations to​​​‌ controllers running the control​ logics which steer the​‌ process. Two types of​​ attacks are contained in​​​‌ these datasets. The first​ type of attacks violates​‌ qualitative temporal constraints on​​ the behavior of the​​​‌ physical process. Examples of​ such attacks include opening​‌ simultaneously two valves or​​ stopping a motor before​​​‌ its due time. The​ second type of attacks​‌ violates quantitative temporal constraints.​​ For example, the traces​​​‌ include attacks that wear​ a valve by quickly​‌ opening and closing it.​​ The contents of the​​​‌ datasets is as follows:​ One capture free from​‌ attacks and containing only​​ legitimate traffic and Four​​​‌ captures containing attacks.
• Dataset​ PID (DOI,...):
  https://­doi.­org/­10.­18709/­perscido.­2018.­09.­ds236
• Publications:​‌
  42, 41

8.1.1 Autonomic​‌ Resource Harvesting in HPC:​​ Control Methods and their​​​‌ Reusability

Participants: Raphaël Bleuse​, Sophie Cerf,​‌ Quentin Guilloteau, Rosa​​ Pagano, Bogdan Robu​​​‌, Eric Rutten.​

Using control theory methods​‌ to adapt to unpredictable​​ variations in resource managment​​​‌ allows for the design​ of well-founded autonomic managers.​‌ Choosing the relevant approach​​ is daunting due to​​​‌ the variety of existing​ controllers. The criteria are​‌ of different natures, involving​​ performance and efficiency, but​​​‌ also required expertise in​ control theory, and reusability​‌ or portability between sub-systems.​​ We study how reusability​​​‌ relates to the adaptivity​ and robustness properties in​‌ control. We compare various​​ control designs:

• the classic​​ Proportional-Integral-Derivative (PID) control,
• its​​​‌ upgrade as adaptive control,‌
• and Model-Free Control (MFC).‌​‌

We perform experimental evaluation​​ and compare performance and​​​‌ reusability. Trade-offs are found‌ on different criteria: while‌​‌ adaptive control is largely​​ portable, its design complexity​​​‌ is significant for non-experts;‌ PID control has good‌​‌ nominal performance, yet its​​ portability is limited; MFC​​​‌ requires few competences to‌ be used, but cannot‌​‌ provide strong guarantees.

This​​ comparative study has been​​​‌ published in 17.‌

8.2.1 Mitigation​​ of I/O Congestion Using​​​‌ Control Theory

Participants: Raphaël‌ Bleuse, Sophie Cerf‌​‌, Thomas Collignon,​​ Kouds Halitim, Bogdan​​​‌ Robu, Eric Rutten‌, Lionel Seinturier,‌​‌ Alexandre van Kempen.​​

Efficient data access in​​​‌ High-Performance Computing (HPC) systems‌ is essential to the‌​‌ performance of intensive computing​​ tasks. Traditional optimizations of​​​‌ the I/O stack aim‌ to improve peak performance‌​‌ but are often workload​​ specific and require deep​​​‌ expertise, making them difficult‌ to generalize. In shared‌​‌ HPC environments, resource congestion​​ can lead to unpredictable​​​‌ performance, causing slowdowns and‌ timeouts. To address these‌​‌ challenges, a self-adaptive approach​​ based on Control Theory​​​‌ is proposed to dynamically‌ regulate client-side I/O rates.‌​‌ Our approach leverages a​​ small set of runtime​​​‌ system load metrics to‌ reduce congestion and enhance‌​‌ performance stability.

We study​​ this problem in two​​​‌ distinct experimental setups:

1. A‌ single-node system, as a‌​‌ preliminary work 26,​​ 33.
2. A multi-node​​​‌ cluster, where we evaluate‌ a representative workload on‌​‌ a real testbed. Experimental​​ results demonstrate that our​​​‌ method effectively mitigates I/O‌ congestion, reducing total runtime‌​‌ by up to 20%​​ and lowering tail latency,​​​‌ while maintaining stable performance.‌ These results have been‌​‌ published in 22.​​

8.2.2 Graceful application degradation​​​‌ in HPC with Power‌ Capping

Participants: Raphaël Bleuse‌​‌, Sophie Cerf,​​ Kouds Halitim, Mohamed​​​‌ Abdeldjalil Maziz, Bogdan‌ Robu, Eric Rutten‌​‌.

We study control-based​​ approaches that regulate the​​​‌ power usage of an‌ HPC application to achieve‌​‌ a graceful degradation of​​ its performance, i.e. allowing​​​‌ significant energy savings with‌ limited increase in execution‌​‌ time.

Power capping is​​ performed using the RAPL​​​‌ (Running Average Power Limit)‌ actuation and sensing mechanism,‌​‌ which is known to​​ have noise and inaccuracies.​​​‌ We address the challenges‌ of noise and actuator‌​‌ inaccuracies with an approach​​ that incorporates a cascade​​​‌ control design, allowing to‌ have an inner loop‌​‌ specially designed to ensure​​ that the actuator effisciently​​​‌ reach the desired action‌ value in a short‌​‌ time (compared to the​​ main regulation loop).

Additionaly,​​​‌ the number of processors‌ in an HPC setup‌​‌ can vary, which implies​​ that the control has​​​‌ to handle a variable‌ number of power signals‌​‌ (i.e. output) for a​​ same input. The control​​​‌ design results in a‌ robust cascade control approach.‌​‌ The system can be​​ divided into two subsystems:​​​‌ the RAPL actuator and‌ the HPC plant. The‌​‌ first subsystem is a​​ Single-Input Multiple-Output (SIMO) system​​​‌ due to the different‌ power values collected from‌​‌ power sensors, while the​​​‌ second subsystem is a​ Multiple-Input Single-Output (MISO) system​‌ between the power measures​​ and the application's progress.​​​‌

This approach of robust​ cascade control for variable​‌ dimension systems has been​​ published in 23.​​​‌

Previous works study the​ power control on various​‌ benchmarks, i.e. either compute-intensive​​ or memory-intensive. We tackled​​​‌ a more realistic scenario​ by considering a workload​‌ that vary in computational​​ intensity, alternating between compute-bound​​​‌ and memory-bound phases. Two​ adequate control strategies are​‌ explored: a gain-scheduled PI​​ controller and a ${\mathrm{H‌}}_{\infty }$ polytopic LPV controller,​ both modulated by a​‌ scheduling parameter, which represents​​ the ratio of compute​​​‌ to memory activity. This​ was the work done​‌ by Mohamed Abdeldjalil Maziz​​ during his internship 34​​​‌.

8.2.3 Stochastic Control​ for Resource Harvesting

Participants:​‌ Mahmoud Abdo, Raphaël​​ Bleuse, Sophie Cerf​​​‌, Kouds Halitim,​ Bogdan Robu, Eric​‌ Rutten.

This works​​ builds upon previous works​​​‌ on the Cigri/OAR composition​ to harvest idle resources​‌ in HPC clusters. One​​ promising approach is to​​​‌ fill idle resources by​ injecting small, flexible, independent,​‌ and interruptible jobs that​​ have no strict time​​​‌ constraints. However, managing the​ injection of these jobs​‌ is challenging due to​​ the uncertain nature of​​​‌ job characteristics, such as​ execution times and resource​‌ consumption. Additionally, process noise-resulting​​ from system complexity and​​​‌ the arrival and execution​ of varying external workloads-can​‌ interrupt or terminate these​​ filler jobs.

We propose​​​‌ and evaluate, using real​ data, a Stochastic Model​‌ Predictive Control (SMPC) approach​​ that addresses system uncertainty​​​‌ and incorporates a feed-forward​ compensation mechanism for disturbance​‌ rejection. The proposed algorithm​​ shows promising results: it​​​‌ ensures a platform usage​ rate of 98%, significantly​‌ improving overall resource efficiency​​ and reducing the number​​​‌ of early terminated jobs​ compared to previous work.​‌

The results were published​​ in 27. The​​​‌ formulation of the Model​ Predictive Controller has been​‌ studied by Mahmoud Abdo​​ during his internship 30​​​‌.

8.2.4 Modeling and​ Simulation of HPC Jobs​‌ Arrival

Participants: Raphaël Bleuse​​, Robin Chaussemy,​​​‌ Franck Corset.

The​ contributions of this work​‌ are twofold. First we​​ consolidate in a single​​​‌ database the exploitation traces​ of the GRICAD clusters​‌ for the past ten​​ years. The consolidation process​​​‌ merges the exploitation databases​ of each cluster's OAR​‌ database and the exploitation​​ database of the job​​​‌ injector Cigri. Second, we​ model the arrival of​‌ jobs on the platform​​ as a homogeneous Poisson​​​‌ process. We then simulate​ jobs' arrival with a​‌ marked Poisson process to​​ account for the polling​​​‌ frequency of the RJMS.​

Preliminary results are available​‌ the Master thesis of​​ Robin Chaussemy31.​​​‌ The modeling lays the​ foundation for refining control​‌ signals.

8.2.5 Flexibility in​​ Data-Centers for Digital Soberness​​​‌

Participants: Raphaël Bleuse,​ Alexis Detroyat, Clement​‌ Mommessin.

We collaborate​​ with RTE (Réseau de​​​‌ transport d'électricité) to study​ the flexibility capabilities of​‌ data-centers. One of the​​ aspect we studied is​​​‌ the adaptation of the​ computation load to a​‌ time-varying power budget. Alexis​​ Detroyat worked on the​​ characterization of the relationship​​​‌ between the power cap‌ applied to a server‌​‌ and the runtime of​​ jobs executed on that​​​‌ server. This characterization has‌ been conducted on a‌​‌ diverse set of hardware​​ from the Grid'5000 testbed​​​‌ using workloads from the‌ NAS Parallel Benchmark. This‌​‌ work allows us to​​ identify, with respect to​​​‌ the hardware, a range‌ of applicable power cap‌​‌ at a reasonable increase​​ of the execution time​​​‌ of the jobs. These‌ experiments are detailed in‌​‌ the internship report 32​​.

Such experiments are​​​‌ a step towards defining‌ ranges of flexibility to‌​‌ improve or design new​​ power-aware scheduling algorithms for​​​‌ computing platforms.

8.2.6 Performance‌ portable batched linear algebra‌​‌ kernels for transport sweeps​​ using Kokkos

Participants: Thierry​​​‌ Gautier.

The paper‌ 28 describes the development‌​‌ of performance portable batched​​ linear algebra kernels for​​​‌ SN-DG neutron transport sweeps‌ using Kokkos. We establish‌​‌ a new sweep algorithm​​ for GPUs that relies​​​‌ on batched linear algebra‌ kernels. We implement an‌​‌ optimized batched gesv solver​​ for small linear systems​​​‌ that builds upon state-of-the-art‌ algorithms. Our implementation achieves‌​‌ high performance by minimizing​​ global memory traffic and​​​‌ maximizing the amount of‌ computations done at compile-time.‌​‌ We assess the performance​​ of the batched gesv​​​‌ kernel on NVIDIA and‌ AMD GPUs. We show‌​‌ that our custom implementation​​ outperforms state-of-the-art linear algebra​​​‌ libraries on these architectures.‌ The performance of the‌​‌ new GPU sweep implementation​​ is assessed on the​​​‌ H100 and MI300A GPUs.‌ We demonstrate that it‌​‌ is able to achieve​​ high performance on both​​​‌ architectures, and is competitive‌ with an optimized multithreaded‌​‌ CPU implementation on a​​ 128-core AMD Genoa CPU​​​‌ node.

This work, published‌ in a SC'25 workshop‌​‌ last october, is the​​ subject of PhD Gabiel​​​‌ SUAU (CEA) supervised by‌ Thierry Gautier and it‌​‌ has begun in the​​ Avalon project team.

8.3.1 Safety-Security Convergence:‌​‌ Automation of IEC 62443-3-2​​

Participants: Da Silva Mike​​​‌, Stephane Mocanu,‌ Maxime Puys, Thevenon‌​‌ Pierre-Henri.

We develop​​ a method to automate​​​‌ industrial cybersecurity risk assessment‌ as specified in the‌​‌ IEC 62443-3-2 standard, which​​ is widely used in​​​‌ the industrial cybersecurity domain.‌ By automating parts of‌​‌ these risk assessment processes,​​ we can reduce the​​​‌ error-prone manual efforts and‌ increase the consistency of‌​‌ risk assessment. More specifically,​​ the proposed risk assessment​​​‌ comprises three parts which,‌ respectively:

• identify the specific‌​‌ vulnerabilities of industrial control​​ systems,
• determine the attack​​​‌ scenarios that compromise the‌ safety of the system‌​‌
• assess whether the attack​​ scenarios are tolerable by​​​‌ the organization's policy.

In‌ the first part, we‌​‌ automated the entire threat​​ modeling process of file​​​‌ called PLCOpen. This automation‌ of the Microsoft Threat‌​‌ Modeling Tool process Threat​​ Modeling Tool by developing​​​‌ an automatable method for‌ building the system model,‌​‌ in the form of​​ a data flow diagram,​​​‌ from a standard XML‌ file called PLCOpen. This‌​‌ automation of the Microsoft​​ Threat Modeling Tool process​​​‌ enables us to automate‌ vulnerability identification for industrial‌​‌ control systems.

In the​​​‌ second part, we enhance​ a previous work that​‌ generates theoretical safety-compromising attack​​ scenarios by building a​​​‌ complete attack scenario from​ system vulnerabilities to safety​‌ compromise.

Finally, in the​​ third part, we rank​​​‌ the attack scenarios using​ a specific risk matrix​‌ in order to determine​​ which scenarios exceed the​​​‌ risk tolerable by the​ organization and therefore require​‌ additional controls.

The results​​ were published in 16​​​‌

8.3.2 Host-based Intrusion Detection​ for Industrial Control Systems​‌

Participants: Omayma Alla,​​ Stephane Mocanu.

Traditionally,​​​‌ intrusion detection in Industrial​ control systems is performed​‌ at network level due​​ to the fact that​​​‌ the embedded OS of​ the Programmable Logic Controllers​‌ (PLCs) is accessible only​​ to the manufacturers.

We​​​‌ start evaluating the posibility​ to effectively incorporating lightweight​‌ Host-Based Intrusion Detection Systems​​ (HIDS) into PLCs. This​​​‌ technique provides a more​ comprehensive and rapid degree​‌ of security through monitoring​​ device activity in real​​​‌ time. The methodology uses​ formal specification methods to​‌ generate attributes from industrial​​ control logic (in particular​​​‌ written in SFC language)​ and regulations that can​‌ be verified at runtime.​​

The overall idea was​​​‌ published in 20.​ A first IDS was​‌ implemented as a PLC​​ separate task and a​​​‌ proof of concept was​ implemented on the G-ICS​‌ testbed. The result was​​ accepted for publication in​​​‌ January 2026 at the​ ICIT26 conference.

8.3.3 An​‌ Explainable Approach to Process-Oriented​​ Attacks in Industrial Control​​​‌ Systems using SHAP and​ LIME

Participants: Lea Astrid​‌ Kenmogne Mekemte, Stephane​​ Mocanu.

Process oriented​​​‌ attacks are attacks that​ target specifically the controlled​‌ physical process in an​​ industrial control system. Typically​​​‌ they are “stealth” attacks​ in the sense that​‌ they do not violate​​ the syntax or the​​​‌ semantics of communication protocols.​ They are sending legal​‌ frames (controls to actuators)​​ but in an inapropriate​​​‌ context. In previous approaches​ (42, 38​‌) we use runtime-monitoring​​ of security specification patterns​​​‌ extracted either from devices​ documentation and standards or​‌ mining of normal execution​​ traces. The problem of​​​‌ these approaches is that,​ in general, the full​‌ set of security patterns​​ cannot be obtained. Specification​​​‌ mining will produce a​ lot of false positive​‌ or inconsitent patterns while​​ extraction from device documentation​​​‌ and standars is manual​ and limited. On the​‌ other hand control programs​​ specifications are rarely available​​​‌ and reverse engineering of​ the specifications from PLC​‌ programs is very costly​​ and cannot be automatized.​​​‌

We propose an approach​ to detect process oriented​‌ attacks in industrial control​​ systems based on explainable​​​‌ artificial intelligence (XAI) using​ LIME and SHAP methods​‌ to understand the model’s​​ predictions. The experimental evaluation,​​​‌ conducted on a simulated​ industrial process, demonstrates that​‌ our approach provides good​​ detection accuracy and a​​​‌ comprehensive explanation of attacks​ being able to rebuild​‌ a large number of​​ security pattern from the​​​‌ explaination of the alerts.​

The methodology and experimental​‌ validation were presented in​​ 24.

8.3.4 Reconfiguration​​​‌ of Firewall Filter Rules​ as a Response to​‌ Industrial Control System Intrusion​​

Participants: Jolahn Vaudey,​​ Stephane Mocanu, Gwenaël​​​‌ Delaval, Stephane Mocanu‌.

As the IEC‌​‌ 62443 becomes the “de​​ facto” information security standard​​​‌ in industrial control systems‌ a need of supporting‌​‌ tools and methodologies for​​ the implementation of the​​​‌ standard requirements has arised.‌

This result adresses the‌​‌ network segmentation (called “Restricted​​ Data flow”) requirements of​​​‌ the standard in particular‌ reacting to the attack.‌​‌ Starting with a formal​​ description of the IEC​​​‌ 62443 compliant ICS under‌ study, we automate the‌​‌ creation of all necessary​​ filter rules, and the​​​‌ adaptation to application migration‌ and compromised device isolation.‌​‌ This approach is tested​​ on a small scale​​​‌ installation supervising a physical‌ process with industrial hardware.‌​‌

The methodology and experimental​​ validation were presented in​​​‌ 25.

8.3.5 Self-Reconfiguration‌ of Industrial Control Systems‌​‌ as a Response to​​ Cyberattacks

Participants: Jolahn Vaudey​​​‌, Stephane Mocanu,‌ Gwenaël Delaval, Eric‌​‌ Rutten.

In the​​ same vein of system​​​‌ reconfiguration in case of‌ an attack as the‌​‌ previous result, we propose​​ a system that, upon​​​‌ detection of a compromised‌ component, dynamically reconfigures itself‌​‌ to maintain functionality. Our​​ approach leverages the increasing​​​‌ virtualization of ICS to‌ migrate tasks from compromised‌​‌ devices to healthy ones,​​ ensuring continued operation while​​​‌ containing the attack. We‌ model the reconfiguration problem‌​‌ using the IEC 62443​​ standard, representing ICS as​​​‌ a network of zones‌ linked by conduits. We‌​‌ present a system model​​ incorporating security levels, device​​​‌ capacities, application dependencies, and‌ communication constraints. Then, we‌​‌ formulate the task migration​​ as an optimization problem​​​‌ solved via constraint programming.‌ We detail several variations‌​‌ of the base reconfiguration​​ program, including the activation​​​‌ of countermeasures or conduits,‌ and the preemptive allocations‌​‌ of applications instances to​​ host devices with memory​​​‌ size constraints. Our approach‌ is evaluated through a‌​‌ combination of a physical​​ training factory use case​​​‌ and generated problem instances‌ with arbitrary sizes. This‌​‌ evaluation concerns the execution​​ time of the reconfiguration​​​‌ process, as well as‌ the resilience, measured in‌​‌ number of devices attacked​​ before a critical application​​​‌ must be stopped.

The‌ methodology and experimental validation‌​‌ were presented in 18​​. The instrumentation scripts​​​‌ are public 35.‌

Qarnot computing

Participants: Raphaël‌ Bleuse, Kouds Halitim‌​‌, Bogdan Robu,​​ Eric Rutten.

We​​​‌ have a cooperation with‌ Qarnot computing in the‌​‌ framework of the Inria​​ challenge PULSE (website​​​‌), with the support‌ of Ademe, on the‌​‌ topic of pushing carbon-neutral​​ services towards the edge.​​​‌ Particularly, we are involved‌ in WP5 on the‌​‌ Control of emissions of​​ intensive computation tasks, and​​​‌ WP6, which we are‌ coordinating, on the efficient‌​‌ hybridation of heterogeneous computing​​ tasks.

RTE

Participants: Stéphane​​​‌ Mocanu, Clément Mommessin‌, Eric Rutten,‌​‌ Jolahn Vaudey.

We​​ have a cooperation with​​​‌ RTE (the French Energy‌ Transportion company) : Guillaume‌​‌ Giraud, following our recent​​ work in the H2020​​​‌ CPS4EU project. It is‌ continuing in the new‌​‌ project Tasting (Section 10.2.3​​​‌) of the PEPR​ TASE.

10.1.1 Seanergys

Participants: Raphaël​​​‌ Bleuse.

Since Septembre​ 2025, we are involved​‌ in the Searnegys project​​ (website). Our​​​‌ involvment in this project​ is mainly in the​‌ work package 4, focusing​​ on dynamic resource management.​​​‌ We develop simulation tooling​ for HPC platforms. This​‌ participation in the project​​ strenghthen the existing collaboration​​​‌ with the Datamove team.​

10.2.1​‌ PEPR Cybersecurity, project SuperviZ​​

Participants: Omayma Alla,​​​‌ Gwenaël Delaval, Léa​ Kenmogne, Elian Loraux​‌, Stéphane Mocanu,​​ Eric Rutten, Jolahn​​​‌ Vaudey.

We participate​ in the PEPR Cybersecurity​‌ research project SuperviZ in​​ three workpackages.

The SuperviZ​​​‌ project is granting four​ Phd's ins the areas​‌ of dectection and reaction​​ to attacks (Figure 7​​​‌).

The image presents​ the NIST Cybersecurity Framework,​‌ depicted as a circular​​ diagram divided into five​​​‌ segments: Identify, Protect, Detect,​ Respond, and Recover, all​‌ governed centrally. Four PhD​​ research topics related to​​​‌ cybersecurity are linked to​ different parts of the​‌ framework. PhD Elian Loraux​​ (2028) focuses on OT​​​‌ Honeypot and Naval Group​ collaboration, linked to Respond.​‌ PhD Jolahn Vaudey (2025)​​ on OT/IT reconfiguration and​​​‌ IEC 62443 DSL, linked​ to Respond. PhD Omayma​‌ Alla (2027) on Host​​ IDS for PLC, linked​​​‌ to Detect. PhD Léa​ Kenmogne (2026) on Explainable​‌ AI for intrusion detection​​ in ICS, linked to​​​‌ Detect.

Stéphane Mocanu is​​ the leader of the​​​‌ Platforms workpackage of SuperviZ.​ An mid-term advancement report​‌ of the project is​​ available 36.

10.2.2​​​‌ PEPR Cloud, project Taranis​

Participants: Raphaël Bleuse,​‌ Robin Chaussemy, Nathan​​ Rabier, Eric Rutten​​​‌.

In the framework​ of the PEPR Cloud,​‌ Ctrl-A is participating in​​ the project Taranis (Model,​​​‌ Deploy, Orchestrate, and Optimize​ Cloud Applications and Infrastructure).​‌ We mainly work within​​ WP 3 Orchestration of​​​‌ services and ressources.

The​ project is funding two​‌ PhDs working on autconomic​​ managers. The focus is​​​‌ on the integration –​ as model and decision​‌ tools – of control​​ and constraints, control and​​​‌ scheduling. The integration of​ temporal aspects in reconfiguration​‌ management will also be​​ studied.

This work is​​​‌ done in cooperation with​ the Spirals team at​‌ Inria Lille and the​​ Stack team in Nantes.​​​‌

10.2.3 PEPR TASE, project​ Tasting

Participants: Stéphane Mocanu​‌, Clément Mommessin,​​ Eric Rutten.

In​​​‌ the framework of the​ PEPR TASE (Technologies Avancées​‌ des Systèmes Énergétiques), Ctrl-A​​ is participating in the​​​‌ project Tasting (TrAnsformation of​ the energy SysTem for​‌ a better resilience and​​ flexibility with enhanced digitalization),​​​‌ particularly in :

• WP1​ : Infrastructure reliability and​‌ security with a post-doc​​ position on : specification​​​‌ of the distributed architecture​ and reconfiguration strategy for​‌ the communication and control​​ infrastructure
• WP2 : Distributed​​​‌ architectures of cyber-physical systems​ with a post-doc position​‌ on : methods for​​ attacks detection by events​​​‌ correlation between network traffic​ observations and logs from​‌ control equipment. This postdoc​​ is already ongoing and​​ we start developping implementation​​​‌ tools for attacks on‌ real-time protocols (SMV, GOOSE‌​‌ and PTP). The experimental​​ validation is performed on​​​‌ G-ICS lab on a‌ substation protection workbench. The‌​‌ electrical network is simulated​​ by the G-ICS HIL​​​‌ system.

  

  The image shows‌ a mobile technical setup‌​‌ with three open cabinets.​​ Each cabinet contains electronic​​​‌ equipment, an Intelligent Electronic‌ Device (protection relay) and‌​‌ Stand-Alone Measurement Unit (SAMU)​​ upper sections and the​​​‌ sets of electronic boards‌ used to simulate the‌​‌ electrical network on the​​ lower sections.

• WP3‌ : Ease deployment on‌​‌ hardware with post-doc positions​​ on :
  • model-based control​​​‌ (constraints solving) of self-adaptive‌ deployment of distributed applications‌​‌ on the Cloud-Edge infrastructures​​
  • reactive infrastructures for rapid​​​‌ protection in case of‌ process perturbation

10.2.4 AMI‌​‌ CMA CyberSkill@Alpes

Participants: Stéphane​​ Mocanu.

We participate​​​‌ in the AMI CMA‌ Cyberskill@Alpes cybersecurity education and‌​‌ research project.

Stéphane Mocanu​​ is involved into the​​​‌ AMI CMA Cyberskill together‌ with a small team‌​‌ of technical staff not​​ affiliated with CTRL-A. He​​​‌ is in charge of‌ four deliverables:

1. A demonstrator‌​‌ of IEC 62443 security​​ approach deployment (zone/conduit definition​​​‌ and implementation). The demonstrator‌ consists of five interconnected‌​‌ Fischertechnik Training Factory Industry​​ 4.0 models twenty PLC​​​‌ and five industrial firewalls‌ and a local network‌​‌ intended to show the​​ security levels calculation, deployment​​​‌ of network flow cartography‌ and network segmentation. The‌​‌ mechanical and electrical parts​​ of the demonstrator are​​​‌ ready, we are starting‌ the software development. A‌​‌ security supervision module will​​ be added in the​​​‌ future.
2. A low-cost workbench‌ for cybersecurity awareness. Based‌​‌ on a simulated physical​​ process, a low-cost PLC​​​‌ and HMI and license‌ free software the workbench‌​‌ is intended to be​​ used by high-school and​​​‌ secondary school teachers. We‌ have designed the plans‌​‌ and acquired the hardware;​​ the physical process simulation​​​‌ will be developed by‌ computer science students in‌​‌ 2026 and the electrical​​ and mechanical part of​​​‌ the workbench shall be‌ achieved by the end‌​‌ of 2026

   

   The image​​ shows four FischerTechnik Factory​​​‌ Industry 4.0 simulators fully‌ instrumented with PLS's industrial‌​‌ switches and firewals.

3. A set of‌ serious games for industrial‌​‌ systems security awareness and​​ training. We intend to​​​‌ develop a board game‌ with several complexity levels‌​‌ combining strategy, collaboration, resource​​ management, hazard and cheating​​​‌ in a red team‌ / blue team setup.‌​‌ A professional in game​​ development was contacted and​​​‌ we hope to start‌ the developments during 2026.‌​‌
4. An industrial systems security​​ module including masterclasses and​​​‌ labs. Intended initially for‌ the local cybersecurity master‌​‌ students the project has​​ evolved to a training​​​‌ module that well be‌ distributed by the PTCC‌​‌ (Programme de Transfert au​​ Campus Cyber). A PTCC​​​‌ Formation grant was obtained‌ in November 2025 and‌​‌ the developments are expected​​ to start in January​​​‌ 2026. The labs will‌ be developed on the‌​‌ Airbus CyberRange.

10.2.5 ANR​​ RADYAL

Participants: Bogdan Robu​​​‌, Eric Rutten.‌

Ctrl-A participates in the‌​‌ ANR project (in the​​​‌ ANR call : AI​ computing hardware architectures and​‌ accelerators in the context​​ of Edge Computing) called​​​‌ Radyal Resource-Aware DYnamically Adaptable​ machine Learning, in cooperation​‌ with INSA Lyon /​​ LIRIS (Stefan Duffner), the​​​‌ TARAN team, Inria /​ Irisa, Rennes (Marcello Traiola),​‌ and the MODUS team,​​ UGA / GIPSA-lab, Grenoble​​​‌ (Bogdan Robu).

We will​ work on the analysis​‌ of self-adaptationreconfiguration spaces in​​ the dimensions of Application​​​‌ (DNN algorithms), environment (applicative​ aspects e.g., lighting, obstruction​‌ in image analysis), and​​ infrastructure and implementation configuration​​​‌ and deployment (involving hardware​ with reconfigurable precision and​‌ mapping). A post-doctoral fellow​​ has started at GIPSA-lab​​​‌ on this project.

11.1.1 Scientific events:​​ organisation

11.1.2 Scientific​ events: selection

11.1.3 Journal​

11.1.4 Invited talks​​

Stéphane Mocanu was invited​​​‌ to a keynote on​ the cybersecurity of electrical​‌ grids at the SATES​​ conference in 2025 in​​​‌ Nancy 19.

Clément​ Mommessin was invited for​‌ a seminar at the​​ IRIT laboratory in Toulouse,​​​‌ in July 2025.

11.1.5​ Scientific expertise

Stephane Mocanu​‌ is member of the​​ Scientific and Technical Comitee​​​‌ of the SEE society​ and also of the​‌ Technical Commitee of the​​ PTCC (Programme de Transfert​​​‌ au Campus Cyber).

11.1.6​ Research administration

Raphaël Bleuse​‌ is member of the​​ team organizing the LIG​​​‌ keynotes.

Gwenaël Delaval is​ elected member at the​‌ Academic Council (Conseil Académique)​​ of University Grenoble Alpes​​​‌ (UGA) for the Confédération​ Générale du Travail trade​‌ union.

11.2.1 Teaching

• Master :​‌ Omayma Alla , Computer​​ Networks and Cybersecurity, 28h​​​‌ lab, M1, Grenoble-INP/ENSE3
• Licence:​ Raphaël Bleuse , Communication​‌ bas niveau, 4h tutorials,​​ 6h practicals, L1, Univ.​​​‌ Grenoble Alpes/IUT2
• Licence: Raphaël​ Bleuse , Introduction aux​‌ services réseaux, 8h tutorials,​​ 8h practicals, L1, Univ.​​ Grenoble Alpes/IUT2
• Licence: Raphaël​​​‌ Bleuse , Installation de‌ services réseau, 8h practicals,‌​‌ L1, Univ. Grenoble Alpes/IUT2​​
• Lifelong-learning: Raphaël Bleuse ,​​​‌ Fondamentaux en informatique, 22h‌ lectures, 8h practicals, Univ.‌​‌ Grenoble Alpes/IUT2
• Licence :​​ Gwenaël Delaval , Bases​​​‌ du développement logiciel, modularité‌ et tests, 15h lecture/tutorials,‌​‌ 15h lab, L2, Univ.​​ Grenoble Alpes
• Master :​​​‌ Gwenaël Delaval , Sémantique‌ des Langages de Programmation‌​‌ et Compilation, 30h tutorials,​​ M1, Univ. Grenoble Alpes​​​‌
• Master : Gwenaël Delaval‌ , Compilation project, 4‌​‌ weeks software project tutoring,​​ M1, Univ. Grenoble Alpes​​​‌
• Master : Lea Astrid‌ Kenmogne Mekemte , Computer‌​‌ Networks and Cybersecurity, 28h​​ lab, M1, Grenoble-INP/ENSE3
• Master​​​‌ : Lea Astrid Kenmogne‌ Mekemte , Computer Networks‌​‌ and Automation, 10h class,​​ 28h lab, M1, Grenoble-INP/ENSE3​​​‌
• Master: Elian Loraux ,‌ sécurité de l'information: Red‌​‌ team Blue team DNS,​​ 15h practicals, M2, Grenoble-INP/Ensimag​​​‌
• Master : Stephane Mocanu‌ , Computer Networks and‌​‌ Cybersecurity, 16h class, 34h​​ lab, M1, Grenoble-INP/ENSE3
• Master​​​‌ : Stephane Mocanu ,‌ Industrial Computer Networks, 8h‌​‌ class, 8h lab, M2,​​ Grenoble-INP/ENSE3
• Master : Stephane​​​‌ Mocanu , Reliability, 10h‌ class, 8h lab, M2,‌​‌ Grenoble-INP/ENSE3
• Lifelong-learning : Stephane​​ Mocanu , Industrial Control​​​‌ Sytels Cybersecurity, Inria Academy,‌ One day State-of-the-Art Training.‌​‌
• Licence: Clement Mommessin ,​​ Automatisation de la chaine​​​‌ de production, 6h lectures,‌ 14h practicals, L3, Univ.‌​‌ Grenoble Alpes/IUT2
• Licence: Clement​​ Mommessin , Virtualisation avancée​​​‌ 4h lectures, 12h practicals,‌ L3, Univ. Grenoble Alpes/IUT2‌​‌

11.2.2 Supervision

• PhD: Jolahn​​ Vaudey (UGA), Self-reconfiguration of​​​‌ industrial systems applied to‌ cyberresilience ; started October‌​‌ 2022, defended October 2025;​​ co-advised by Stéphane Mocanu,​​​‌ Gwenaël Delaval, Eric Rutten.‌
• PhD in progress: Kouds‌​‌ Halitim (Inria), Efficicient task​​ hybridization in heterogeneous computing:​​​‌ practical combinations of Control‌ and Scheduling theories ;‌​‌ started November 2023 ;​​ co-advised by Raphaël Bleuse,​​​‌ Éric Rutten, Bogdan Robu.‌
• PhD in progress: Lea‌​‌ Astrid Kenmogne Mekemte (UGA),​​ Explainable AI for Network​​​‌ Intrusion Detection in Industrial‌ Control Systems ; started‌​‌ November 2023 ; advised​​ by Stéphane Mocanu.
• PhD​​​‌ in progress: Omayma Alla‌ (UGA), Host Intrusion Detection‌​‌ Systems for PLC ;​​ started January 2025 ;​​​‌ advised by Stéphane Mocanu.‌
• PhD in progress: Elian‌​‌ Loraux (UGA), Interactive honeypot​​ fior industrial control systems​​​‌ ; started October 2025‌ ; co-advised by Stéphane‌​‌ Mocanu, Julien Francq (Naval​​ Group) and Jean Leneutre​​​‌ (Telecom Paris).
• PhD in‌ progress: Robin Chaussemy (Inria),‌​‌ Modelization of HPC Jobs​​ and Resources to Minimize​​​‌ Energy Waste; started October‌ 2025 ; co-advised by‌​‌ Raphaël Bleuse , Franck​​ Corset (LJK) and Éric​​​‌ Rutten .
• PhD in‌ progress: Nathan Rabier (Inria),‌​‌ Handling dynamic constaints and​​ deadlines in distributed software​​​‌ reconfiguration ; started November‌ 2025 ; co-advised by‌​‌ Sophie Cerf , Hélène​​ Coullon (IMT Atlantique) and​​​‌ Eric Rutten .

11.2.3‌ Juries

Stephane Mocanu was‌​‌ reviewer and member of​​ the PhD dissertation committees​​​‌ of Ahmed ELMARKEZ, U.‌ Bretagne Sud and Nourhan‌​‌ HALAWI GHOSON, ENSAM, Nov.​​ 2025 and also Enzo​​​‌ D'ANDREA, U. Lorraine, in‌ Dec. 2025 and member‌​‌ of the CSI comitees​​ of Arthur TRAN VAN,​​​‌ Telecom Paris and Florent‌ DURECU (U. Clermont-Ferrand).

Eric‌​‌ Rutten was reviewer and​​​‌ member of the HdR​ jury of Hèlene Coulon​‌ (Univ. Nantes).

International journals‌

• 16 articleM.Mike‌​‌ Da Silva, S.​​Stéphane Mocanu, M.​​​‌Maxime Puys and P.-H.‌Pierre-Henri Thevenon. Safety-Security‌​‌ Convergence: Automation of IEC​​ 62443-3-2.Computers &​​​‌ Security1562025,‌ 104477HALDOIback‌​‌ to text
• 17 article​​Q.Quentin Guilloteau,​​​‌ R.Raphaël Bleuse,‌ S.Sophie Cerf,‌​‌ B.Bogdan Robu,​​ R.Rosa Pagano and​​​‌ É.Éric Rutten.‌ Autonomic Resource Harvesting in‌​‌ HPC: Control Methods and​​ their Reusability.ACM​​​‌ Transactions on Autonomous and‌ Adaptive SystemsSeptember 2025‌​‌, 1-24HALDOI​​back to text
• 18​​​‌ articleJ.Jolahn Vaudey‌, S.Stephane Mocanu‌​‌, E.Eric Rutten​​ and G.Gwenaël Delaval​​​‌. Self-Reconfiguration of Industrial‌ Control Systems as a‌​‌ Response to Cyberattacks.​​Journal of Network and​​​‌ Systems Management341‌September 2025, 1-27‌​‌HALDOIback to​​ text

Invited conferences

• 19​​​‌ inproceedingsS.Stéphane Mocanu‌. Smart-Grids Cybersecurity: threats,‌​‌ vulnerabilities and security framework​​.SATES 2025 -​​​‌ Symposium on Advanced Technologies‌ in Electrical SystemsNancy,‌​‌ France2025HALback​​ to text

International peer-reviewed​​​‌ conferences

• 20 inproceedingsO.‌Omayma Alla and S.‌​‌Stéphane Mocanu. Host-based​​​‌ Intrusion Detection for Industrial​ Control Systems.NetSoft​‌ 2025 - 11th IEEE​​ International Conference on Network​​​‌ SoftwarizationBudapest, HungaryIEEE​2025, 1-3HAL​‌back to text
• 21​​ inproceedingsR.Roungsan Chaisricharoen​​​‌, D.Denis Genon-Catalot​, V.Vimontha Khieovongphachanh​‌, S.Stéphane Mocanu​​, E.Emil Novakov​​​‌, P.Phosy Panthongsy​, J.-M.Jean-Marc Thiriet​‌, K.Kosorl Thourn​​, D.Denis Lubineau​​​‌, K.Kanthanet Tharot​ and H.Hamed Yahoui​‌. Curricula Developments regarding​​ Industry 4.0 in an​​​‌ Asian-European partnership in 3​ countries in South-East Asia​‌.Proceedings of EAEEIE'2025​​ ConferenceEAEEIE 2025 -​​​‌ 34th Annual Conference of​ the European Association for​‌ Education in Electrical and​​ Information EngineeringCluj-Napoca, Romania​​​‌Technical University of Cluj-Napoca​June 2025, ID​‌ 10HALback to​​ text
• 22 inproceedingsT.​​​‌Thomas Collignon, K.​Kouds Halitim, R.​‌Raphaël Bleuse, S.​​Sophie Cerf, B.​​​‌Bogdan Robu, É.​Éric Rutten, L.​‌Lionel Seinturier and A.​​Alexandre van Kempen.​​​‌ Mitigating Shared Storage Congestion​ Using Control Theory.​‌UCC '25: Proceedings of​​ the IEEE/ACM 18th International​​​‌ Conference on Utility and​ Cloud ComputingUCC 2025​‌ - 18th IEEE/ACM International​​ Conference on Utility and​​​‌ Cloud Computing (UCC 2025)​Nantes (France), FranceIEEE​‌November 2025, 1-10​​HALDOIback to​​​‌ text
• 23 inproceedingsK.​Kouds Halitim, S.​‌Sophie Cerf and B.​​Bogdan Robu. Robust​​​‌ cascade control for variable​ dimension systems -Application to​‌ processors' power capping.​​ECC 2025 - 23rd​​​‌ European Control ConferenceThessalonique,​ Greece2025, 1-8​‌HALback to text​​
• 24 inproceedingsL. A.​​​‌Léa Astrid Kenmogne and​ S.Stéphane Mocanu.​‌ An Explainable Approach to​​ Process-Oriented Attacks in Industrial​​​‌ Control Systems using SHAP​ and LIME.Proceedings​‌ of the IEEE International​​ Conference on Computational Intelligence,​​​‌ Security, and Artificial Intelligence​ (IEEE-IntelliSecAI 2025).IntelliSecAI 2025​‌ - IEEE International Conference​​ on Computational Intelligence, Security,​​​‌ and Artificial IntelligenceAI​ Khobar, Saudi ArabiaDecember​‌ 2025HALback to​​ textback to text​​​‌
• 25 inproceedingsJ.Jolahn​ Vaudey, S.Stéphane​‌ Mocanu, G.Gwenaël​​ Delaval and E.Eric​​​‌ Rutten. Reconfiguration of​ Firewall Filter Rules as​‌ a Response to Industrial​​ Control System Intrusion.​​​‌SICSI 2025 - 1st​ IEEE International Workshop on​‌ Secure Industrial Control Systems​​ and Industrial-IoTAvignon, France​​​‌IEEE2025, 1-6​HALback to text​‌

Conferences without proceedings

• 26​​ inproceedingsT.Thomas Collignon​​​‌, K.Kouds Halitim​, R.Raphaël Bleuse​‌, S.Sophie Cerf​​, B.Bogdan Robu​​​‌, E.Eric Rutten​, L.Lionel Seinturier​‌ and A.Alexandre van​​ Kempen. Coarse-grain Congestion​​​‌ Regulation Using Control Theory​.COMPAS 2025 -​‌ Conférence francophone d'informatique en​​ Parallélisme, Architecture et Système​​​‌Bordeaux, France2025,​ 1-10HALback to​‌ text
• 27 inproceedingsK.​​Kouds Halitim, B.​​​‌Bogdan Robu, S.​Sophie Cerf, R.​‌Raphaël Bleuse and É.​​Éric Rutten. Stochastic​​​‌ Model Predictive Control with​ Direct Feedforward Compensation: Harvesting​‌ Idle Resources in High-Performance​​ Computing.ICSTCC 2025​​ - International Conference on​​​‌ System Theory, Control and‌ ComputingCluj-Napoca, Romania2025‌​‌, 1-8HALback​​ to text
• 28 inproceedings​​​‌G.Gabriel Suau,‌ T.Thierry Gautier,‌​‌ A.Ansar Calloo,​​ R.Rémi Baron and​​​‌ R.Romain Le Tellier‌. Performance portable batched‌​‌ linear algebra kernels for​​ transport sweeps using Kokkos​​​‌.SC Workshops '25:‌ Workshops of the International‌​‌ Conference for High Performance​​ Computing, Networking, Storage and​​​‌ AnalysisSt Louis, United‌ StatesACMNovember 2025‌​‌, 1147-1158HALDOI​​back to text

Doctoral​​​‌ dissertations and habilitation theses‌

• 29 thesisJ.Jolahn‌​‌ Vaudey. Reconfiguration of​​ industrial systems as a​​​‌ reaction to cyberattacks.‌Université Grenoble AlpesOctober‌​‌ 2025HAL

Other scientific​​ publications

• 30 thesisM.​​​‌Mahmoud Abdo. Harvesting‌ Wasted Resources in HPC‌​‌ Systems Using Model Predictive​​ Control.Grenoble Alpes​​​‌ UniversityJune 2025HAL‌back to text
• 31‌​‌ thesisR.Robin Chaussemy​​. Modelisation and estimation​​​‌ of HPC jobs life‌ expectancy.Université Grenoble‌​‌ - AlpesSeptember 2025​​HALback to text​​​‌
• 32 thesisA.Alexis‌ Detroyat. Flexibility in‌​‌ Data-Centers for Digital Soberness​​.Université grenoble alpes​​​‌June 2025HALback‌ to text
• 33 inproceedings‌​‌K.Kouds Halitim.​​ Task hybridization in heterogeneous​​​‌ computing: a combination of‌ control and scheduling theories‌​‌.2025 - concours​​ de la journée «​​​‌ PhD Madness » du‌ LIGGRENOBLE (38000), France‌​‌May 2025HALback​​ to text
• 34 thesis​​​‌M. A.Mohamed Abdeldjalil‌ Maziz. Power Capping‌​‌ Control Across Varying Workloads​​ in HPC.Grenoble​​​‌ UGA - Université Grenoble‌ AlpesJune 2025,‌​‌ 1-27HALback to​​ text

Software

• 35 software​​​‌J.Jolahn Vaudey.‌ Python scripts, instrumenting CEI‌​‌ 61131-10 PLCOPENXML files to​​ allow for context migration.​​​‌.March 2025Inria‌ lic: Creative Commons Attribution‌​‌ 4.0 International.HAL​​Software Heritageback to​​​‌ text