Génération automatique de jeux de tests avec analyse symbolique des données pour les systèmes embarqués / Automatic test set generator with numeric constraints abstraction for embedded reactive systems

Abdelmoula, Mariem

18 December 2014

Un des plus grands défis dans la conception matérielle et logicielle est de s’assurer que le système soit exempt d’erreurs. La moindre erreur dans les systèmes embarqués réactifs peut avoir des conséquences désastreuses et coûteuses pour certains projets critiques, nécessitant parfois de gros investissements pour les corriger, ou même conduire à un échec spectaculaire et inattendu du système. Prévenir de tels phénomènes en identifiant tous les comportements critiques du système est une tâche assez délicate. Les tests en industrie sont globalement non exhaustifs, tandis que la vérification formelle souffre souvent du problème d’explosion combinatoire. Nous présentons dans ce contexte une nouvelle approche de génération exhaustive de jeux de test qui combine les principes du test industriel et de la vérification formelle académique. Notre approche construit un modèle générique du système étudié à partir de l’approche synchrone. Le principe est de se limiter à l’analyse locale des sous-espaces significatifs du modèle. L’objectif de notre approche est d’identifier et extraire les conditions préalables à l’exécution de chaque chemin du sous-espace étudie. Il s’agit ensuite de générer tout les cas de tests possibles à partir de ces pré-conditions. Notre approche présente un algorithme de quasi-aplatissement plus simple et efficace que les techniques existantes ainsi qu’une compilation avantageuse favorisant une réduction considérable du problème de l’explosion de l’espace d’états. Elle présente également une manipulation symbolique des données numériques permettant un test plus expressif et concret du système étudié. / One of the biggest challenges in hardware and software design is to ensure that a system is error-free. Small errors in reactive embedded systems can have disastrous and costly consequences for a project. Preventing such errors by identifying the most probable cases of erratic system behavior is quite challenging. Indeed, tests in industry are overall non-exhaustive, while formal verification in scientific research often suffers from combinatorial explosion problem. We present in this context a new approach for generating exhaustive test sets that combines the underlying principles of the industrial test technique and the academic-based formal verification approach. Our approach builds a generic model of the system under test according to the synchronous approach. The goal is to identify the optimal preconditions for restricting the state space of the model such that test generation can take place on significant subspaces only. So, all the possible test sets are generated from the extracted subspace preconditions. Our approach exhibits a simpler and efficient quasi-flattening algorithm compared with existing techniques and a useful compiled internal description to check security properties and reduce the state space combinatorial explosion problem. It also provides a symbolic processing technique of numeric data that provides a more expressive and concrete test of the system. We have implemented our approach on a tool called GAJE. To illustrate our work, this tool was applied to verify an industrial project on contactless smart cards security.

Jeux de tests

Approche synchrone

Modèle synchrone

Pré-conditions

Couverture de l’espace d’états

Manipulation numérique des données

Backtrack

GAJE

Test sets

Synchronous approach

Synchronous model

Pre-conditions

States space covering

Numeric data processing

Backtrack

GAJE

Contactless smart card

Návrh přístupového systému jako součást řešení fyzické bezpečnosti / Design of Access System as a Part of Physical Security Solution

Dohnal, Matěj

January 2017

This master’s thesis deals with design of an access system as a part of physical security solution for an energy company in the Czech Republic. The access system is designed to meet all legal requirements and conform to ISO 27001 certification. Implementation of the proposed access system is demonstrated on the selected company object, a representative example of connecting the critical infrastructure element and the company's common facility.

Webová vizualizace a demonstrátor anonymních pověření / Web visualization and demonstrator of anonymous credentials

Chwastková, Šárka

January 2021

This thesis deals with the topic of attribute based credentials with revocable anonymous credentials. The main focus of this work is the implementation of this scheme through a web application. The web application serves primarily as a visualization, which shows the functionality of this scheme through animations, and also as a practical demonstrator. Data and cryptographic calculations for individual system protocols are provided by the given cryptographic C application that communicates with the created application. The web application is also able to communicate with the connected smart card reader and the MultOS smart card and thus create the transmission of APDU commands and responses between the smart card and provided C application.

Kryptografie na výpočetně omezených zařízeních / Cryptography on Computationally Limited Devices

Hampl, Dalibor

January 2012

The thesis focuses on cryptographic algorithms of low performance devices, and mutual authentication of authentication server and user using smart cards. In the first part of this thesis the cryptography, cryptographic primitives, cryptographic goals, security models and cryptographic algorithms of low performance devices are presented. The second part focuses on low performance devices as RFID tags, NFC technology, microcontrollers and smart cards (.NET cards, java cards, MIFARE cards). The practical part deals with the comparison of chosen low performance devices and measure the time required for encryption and decryption using different cryptographic algorithms on Gemalto .NET Smart Card V2+. This thesis describes and explains the three authentication schemes for mutual authentication of remote server and user using smart cards. The new authentication scheme, which is based on the second related scheme, attempts to eliminate possible security attacks and keeps efficiency. For all four authentication schemes the application is implemented to test required time for authentication of server and user using smart cards.

Elektronický geocaching / Electronic geocaching

Pavel, Lukáš

January 2014

The goal is to design and implement a concept of electronic geocaching with contactless smart card and cell phone with NFC interface. In the first chapter I describe geocaching and try to familiarize the reader with this game. The second chapter deals with the issue of smart cards, I describe here the contact and contactless cards and their security. In the third chapter, I describe use and security of radio communication interface NFC. In the fourth chapter, I describe the principles of symmetric and asymmetric cryptography and selected cryptographic techniques. In the fifth chapter is description of proposed solution for electronic geocaching with digital signature. The last chapter describes all created applications.

Smart Card Packaging Process Control System

Siddiqi, Saad Ahmed

January 2012

The project focuses on the packaging process of the smart card manufacturing industry. The idea of the project concerns how to increase production packaging efficiency by introducing a control system. After taking an in-depth look at the current production environment, the following system goals were defined: packaging time reduction, cost reduction, decrease in human errors, and reducing the number of customer complaints. To achieve these goals, the thesis project was divided into the following tasks: discovering a feasible solution, actual system development, testing, and evaluation. The proposed system is based on hardware (i.e. barcode scanner, and barcode printer) integrated with customized control software. The barcode scanner acts as a bridge between the system and the production process by scanning a barcode printed on each product. The system prints the required information label for the product’s package according to the scanned product. This label is pasted on the product’s box and is used as a tracking tool during further production steps. The system is very flexible and suits any packaging model. Other functional properties maintained in the system include data security, product traceability, and real time production monitoring. Testing of the system was done in an actual production environment at an Oberthur Technologies manufacturing site. Two production lines were selected to test the system’s functionality, specifically the SIM card production packaging line and the Scratch card/ Bank Card production packaging line. The results obtained during the evaluation phase of the proposed system show that the proposed solution decreased the packaging processing time by (27.3%) over the previous values. Moreover, the resulting human error rate is close to (zero%). / Projektet fokuserar på förpackningen processen smartkortet tillverkningsindustrin. Tanken med projektet handlar om hur att öka effektiviteten produktionen förpackningar genom att införa ett styrsystem. Efter att ha tagit en fördjupad titt på den nuvarande produktionsmiljö, var följande systemkrav mål definieras: nedsättning förpackning tid, minskade kostnader, minskad mänskliga fel och minska antalet kundklagomål. För att uppnå dessa mål var examensarbetet indelad i följande uppgifter: att upptäcka en genomförbar lösning, faktisk systemutveckling, testning och utvärdering. Det föreslagna systemet bygger på hårdvara (dvs streckkodsläsare och streckkod skrivare) integreras med skräddarsydd styrprogram. Den streckkodsläsare fungerar som en bro mellan systemet och produktionsprocessen genom att läsa en streckkod tryckt på varje produkt. Systemet skriver den erforderliga informationen etiketten för produktens förpackning enligt den scannade produkten. Denna etikett klistras in på produktens ask och används som ett verktyg för spårning under ytterligare produktionssteg. Systemet är mycket flexibelt och passar varje förpackning modell. Andra funktionella egenskaper bibehålls i systemet inkluderar datasäkerhet, spårbarhet och i realtid övervakning av produktionen. Testning av systemet gjordes i en verklig produktionsmiljö i ett Oberthur Technologies tillverkningsanläggning. Två produktionslinjer valdes för att testa systemets funktionalitet, särskilt i SIM-kortet produktionen förpackning linje och skrapkort / Bank kortproduktion förpackningslinje. De resultat som erhållits under utvärderingsfasen av det föreslagna systemet visar att den föreslagna lösningen minskade tiden förpackningen behandling av (27,3 %) jämfört med föregående värden. Dessutom är den resulterande mänskliga fel som ligger nära (noll %).

Smart card

SIM card packaging process

scratch card/bank card packaging process

barcode

label printer

unified modeling language (UML)

Scan and Print Method

Triple Data Encryption Standard (3-DES)

Communication Systems

Kommunikationssystem

Understanding the Development and Design of Chinese Cities: Towards an Approach based upon the New Science for Cities

Kong, Hui

11 September 2018

No description available.

Geographic Information Science

Geography

Transportation Planning

Urban Planning

Transportation

Land Use Planning

urban analytics

urban design

urban growth

Cellular Automata modeling

mixed-use development

bus smart card data

bus stop optimization

Agent-based one-shot authorisation scheme in a commercial extranet environment

Au, Wai Ki Richard

January 2005

The enormous growth of the Internet and the World Wide Web has provided the opportunity for an enterprise to extend its boundaries in the global business environment. While commercial functions can be shared among a variety of strategic allies - including business partners and customers, extranets appear to be the cost-effective solution to providing global connectivity for different user groups. Because extranets allow third-party users into corporate networks, they need to be extremely secure and external access needs to be highly controllable. Access control and authorisation mechanisms must be in place to regulate user access to information/resources in a manner that is consistent with the current set of policies and practices both at intra-organisational and cross-organisational levels. In the business-to-customer (B2C) e-commerce setting, a service provider faces a wide spectrum of new customers, who may not have pre-existing relationships established. Thus the authorisation problem is particularly complex. In this thesis, a new authorisation scheme is proposed to facilitate the service provider to establish trust with potential customers, grant access privileges to legitimate users and enforce access control in a diversified commercial environment. Four modules with a number of innovative components and mechanisms suitable for distributed authorisation on extranets are developed: * One-shot Authorisation Module - One-shot authorisation token is designed as a flexible and secure credential for access control enforcement in client/server systems; * Token-Based Trust Establishment Module - Trust token is proposed for server-centric trust establishment in virtual enterprise environment. * User-Centric Anonymous Authorisation Module - One-task authorisation key and anonymous attribute certificate are developed for anonymous authorisation in a multi-organisational setting; * Agent-Based Privilege Negotiation Module - Privilege negotiation agents are proposed to provide dynamic authorisation services with secure client agent environment for hosting these agents on user's platform

distributed authorisation

extranet

Intranet

smart card

personal secure device

authentication

security architecture

security server

trust establishment

trust token

credential-based authorisation

one-shot authorisation token

one-task authorisation key

anonymous attribute certificate

key binding certificate

anonymous authorisation

referee server

privilege negotiation agent

authorisation agent

secure client agent environment

Elliptic Curve Cryptography for Lightweight Applications.

Hitchcock, Yvonne Roslyn

January 2003

Elliptic curves were first proposed as a basis for public key cryptography in the mid 1980's. They provide public key cryptosystems based on the difficulty of the elliptic curve discrete logarithm problem (ECDLP) , which is so called because of its similarity to the discrete logarithm problem (DLP) over the integers modulo a large prime. One benefit of elliptic curve cryptosystems (ECCs) is that they can use a much shorter key length than other public key cryptosystems to provide an equivalent level of security. For example, 160 bit ECCs are believed to provide about the same level of security as 1024 bit RSA. Also, the level of security provided by an ECC increases faster with key size than for integer based discrete logarithm (dl) or RSA cryptosystems. ECCs can also provide a faster implementation than RSA or dl systems, and use less bandwidth and power. These issues can be crucial in lightweight applications such as smart cards. In the last few years, ECCs have been included or proposed for inclusion in internationally recognized standards. Thus elliptic curve cryptography is set to become an integral part of lightweight applications in the immediate future. This thesis presents an analysis of several important issues for ECCs on lightweight devices. It begins with an introduction to elliptic curves and the algorithms required to implement an ECC. It then gives an analysis of the speed, code size and memory usage of various possible implementation options. Enough details are presented to enable an implementer to choose for implementation those algorithms which give the greatest speed whilst conforming to the code size and ram restrictions of a particular lightweight device. Recommendations are made for new functions to be included on coprocessors for lightweight devices to support ECC implementations Another issue of concern for implementers is the side-channel attacks that have recently been proposed. They obtain information about the cryptosystem by measuring side-channel information such as power consumption and processing time and the information is then used to break implementations that have not incorporated appropriate defences. A new method of defence to protect an implementation from the simple power analysis (spa) method of attack is presented in this thesis. It requires 44% fewer additions and 11% more doublings than the commonly recommended defence of performing a point addition in every loop of the binary scalar multiplication algorithm. The algorithm forms a contribution to the current range of possible spa defences which has a good speed but low memory usage. Another topic of paramount importance to ECCs for lightweight applications is whether the security of fixed curves is equivalent to that of random curves. Because of the inability of lightweight devices to generate secure random curves, fixed curves are used in such devices. These curves provide the additional advantage of requiring less bandwidth, code size and processing time. However, it is intuitively obvious that a large precomputation to aid in the breaking of the elliptic curve discrete logarithm problem (ECDLP) can be made for a fixed curve which would be unavailable for a random curve. Therefore, it would appear that fixed curves are less secure than random curves, but quantifying the loss of security is much more difficult. The thesis performs an examination of fixed curve security taking this observation into account, and includes a definition of equivalent security and an analysis of a variation of Pollard's rho method where computations from solutions of previous ECDLPs can be used to solve subsequent ECDLPs on the same curve. A lower bound on the expected time to solve such ECDLPs using this method is presented, as well as an approximation of the expected time remaining to solve an ECDLP when a given size of precomputation is available. It is concluded that adding a total of 11 bits to the size of a fixed curve provides an equivalent level of security compared to random curves. The final part of the thesis deals with proofs of security of key exchange protocols in the Canetti-Krawczyk proof model. This model has been used since it offers the advantage of a modular proof with reusable components. Firstly a password-based authentication mechanism and its security proof are discussed, followed by an analysis of the use of the authentication mechanism in key exchange protocols. The Canetti-Krawczyk model is then used to examine secure tripartite (three party) key exchange protocols. Tripartite key exchange protocols are particularly suited to ECCs because of the availability of bilinear mappings on elliptic curves, which allow more efficient tripartite key exchange protocols.

Elliptic curve (EC)

elliptic curve cryptosystem (ECC)

discrete logarithm problem (DLP)

speed

code size

memory usage

ram usage

fixed curve

random curve

Pollard's rho method

Canetti-Krawczyk proof model

key exchange protocols

security proof

tripartite key exchange

pairings

password-based authentication

point addition

projective coordinates

Jacobian coordinates

Chudnovsky Jacobian coordinates

modified Jacobian coordinates

binary method

simultaneous multiple exponentiation

two-in-one scalar multiplication

coprocessor

smart card

lightweight device

simple power analysis (spa)

side channel attack

equivalent security.