Platform Architect
Internet of Trust Program
Cyber-security Hardening Environment for Systems of Systems (CHESS)
■ I lead design, architecture and the implementation of a research and experimentation platform, called CHESS, created to study the most serious and sophisticated forms of attacks, including Advanced Persistent Threats. This platform is part of French Government "Nouvelle France Industrielle", Cyber-security plan, action 8: set up testing and demonstration cyber-security platforms.
CHESS platform provides a range of cyber capabilities that deliver robust and resilient defense against large-scale cyber compromise and attacks whose targets are systems of Systems such as :
► Smart Grids : Advanced metering infrastructure, smart meter, sensors, RF gateway, data concentrator, Machine to Machine (M2M) & the Internet of Things (IoT), etc.
► Factory of the Future : from legacy Industrial Control System (SCADA, PLC, RTU, HMI, etc.) to Smart Factory rely on the Industrial Internet of Things (IIoT) & Cyber-Physical Systems (CPS).
► Connected Vehicle : Audio/Video, Telematics, Telediagnostics, ADAS, e-Call/b-Call, etc.
► Information Systems & new services associated to IoT.
■ Innovative operational demonstrator or proof of concept build on top of the CHESS platform:
★ ABACHE: Anonymous Biometric Access Control based on Homomorphic Encryption co-designed with CEA Tech List. An access control system with multi-factor authentication (Biometric and NFC/RFID card and/or secure token) which strengthens confidentiality of biometric data thanks to homomorphic encryption (Publication on CloudCom 2016 track "Security and Privacy "An architecture for practical confidentiality-strengthened face authentication embedding homomomorphic cryptography" with Renaud Sirdey, Nabil Bouzerna, Stan Oana, Nguyen Thanh-Hai and Wolf Philippe - 15 December 2016).
★ SODA-IIoT: Co-designed with CEA Tech LIST, Airbus Innovation Group and Engie, Secured On-the-pouce Decentralized Architecture for the Industrial Internet of Things features innovative solutions to manage IIoT access rights management and to secure software/firmware update through Blockchain technology & cryptographic signatures. (Publication submitted to IEEE Security & privacy on the Blockchain 2017 (IEEE S&B 2017) "Towards Better Availability and Accountability for IoT Updates by means of a Blockchain" with Renaud Sirdey, Aymen Boudguiga, Nabil Bouzerna, Flavien Quesnel, Louis Granboulan, Alexis Olivereau and Anthony Roger - 29 April 2017).
★ SOC-NG: Data visualization for the next-generation security operations center. Web-based 2D/3D maps for visualizing dynamic data such as cyber attack, Analysis of large networks of relationships.
★ AISO: Anonymization on Internet for Secured Operation. Ability to produce continuously tailored Cyber Threat Intelligence during collection operations on the Web.
★ C-MASS: Cybersercurity - Multi Agent System Simulation. Modeling and simulation of cyber attacks based on multi-agent systems.
Environment for Interoperability and Integration in Cybersecurity (EIC)
This project aims at responding to increasingly complex and growing cybersecurity threats in critical information systems (CIS). It is of particular interest to protect critical infrastructures and operators (in sectors like energy, utility, chemistry, telecommunication, transportation, healthcare, manufacturing and so on) since their ability to defend against cyber-attacks is a key requirement for the national security (More information about EIC projet).
Partners : ANSSI, Airbus Group, Bertin IT, Engie, Prove&Run, Institut Mine Telecom - Telecom Sud Paris, CEA Tech List, UTT