Analyses sécuritaires de code de carte à puce sous attaques physiques simulées / Security analysis of smart card C code using simulated physical attacks

Kauffmann-Tourkestansky, Xavier

28 November 2012

Cette thèse s’intéresse aux effets des attaques par fautes physiques sur le code d’un système embarqué en particulier la carte à puce. De telles attaques peuvent compromettre la sécurité du système en donnant accès à des informations confidentielles, en compromettant l’intégrité de données sensibles ou en perturbant le fonctionnement pendant l’exécution. Dans cette thèse, nous décrivons des propriétés de sécurité permettant d’exprimer les garanties du système et établissons un modèle d’attaque de haut niveau définissant les capacités d’un attaquant à modifier le système. Ces propriétés et ce modèle nous servent à vérifier la sécurité du code par analyse statique ou test dynamique, combinés avec l’injection d’attaques, simulant les conséquences logicielles des fautes physiques. Deux méthodologies sont ainsi développées afin de vérifier le comportement fonctionnel du code sous attaques, tester le fonctionnement des sécurités implémentées et identifier de nouvelles attaques. Ces méthodologies ont été mises en oeuvre dans un cadre industriel afin de faciliter le travail du développeur chargé de sécuriser un code de carte à puce. / This thesis focuses on the effects of attacks by physical faults on embedded source code specifically for smart cards. Such attacks can compromise the security of the system by providing access to confidential information, compromising the integrity of sensitive data or disrupting the execution flow. In this thesis, we describe security properties to express security guarantees on the system. We also offer an attack model defining at high level an attacker’s ability to disrupt the system. With these properties and model, we check the source code security against physical attacks. We use static analysis and dynamic testing, combined with attack injection to simulate the consequences of physical faults at software level. Two techniques are created to stress the functional behavior of the code under attack, test the reliability of built-in security countermeasures and identify new threats. These techniques were implemented in a framework to help developers secure their source code in an industrial environment.

Code

Sécurité

Attaques physiques

Carte à puce

Confidentialité

Intégrité

Injection de faute

Simulation logicielle

Code

Security

Physical attacks

Smart card

Confidentiality

Integrity

Fault injection

Software simulation

Justážní kolimátor pro Fluorescenční holografický mikroskop / The adjusting collimator for the Fluorescent holographic microscope

Hlaváčová, Kateřina

January 2018

For the proper function of the Fluorescence olographic microscope, it is necessary to adjust all the optical components of the microscope. Furthermore, the precise adjustment is the very critical condition for proper imaging of the Coherence-controlled holographic microscope. Therefore, it is necessary to create a sight collimator for these microscopes for their adjustment. The fluorescence holographic microscope is based on an interference and holographic principles, whose history is mentioned in the theoretical part of the thesis. The existing state of the art of laser sight collimators and their use in practice is also mentioned. The optical and mechanical design of the laser sight collimator and its realization are described in the next part of the thesis. The software for detecting the black sight cross was created for the use of the laser sight collimator in practice. The software is necessary to evaluate the correctness of the alignment of the adjusted microscope. The descriptions of the adjustment procedures for the laser sight collimator and for the Fluorescence holographic microscope are mentioned in the last part of the thesis. These procedures are necessary for proper manipulation and use with the proposed laser sight collimator.

Hardware-in-the-loop simulation of pressurized water reactor steam-generator water-level control, designed for use within physically distributed testing environments

Brink, Michael Joseph

21 May 2013

No description available.

Engineering

Nuclear Engineering

Hardware-in-the-loop

PWR

steam generator

software simulation

nuclear power

pressurized water reactor

digital instrumentation and control

physically distributed testing

Modeling, Design And Evaluation Of Networking Systems And Protocols Through Simulation

Lacks, Daniel Jonathan

01 January 2007

Computer modeling and simulation is a practical way to design and test a system without actually having to build it. Simulation has many benefits which apply to many different domains: it reduces costs creating different prototypes for mechanical engineers, increases the safety of chemical engineers exposed to dangerous chemicals, speeds up the time to model physical reactions, and trains soldiers to prepare for battle. The motivation behind this work is to build a common software framework that can be used to create new networking simulators on top of an HLA-based federation for distributed simulation. The goals are to model and simulate networking architectures and protocols by developing a common underlying simulation infrastructure and to reduce the time a developer has to learn the semantics of message passing and time management to free more time for experimentation and data collection and reporting. This is accomplished by evolving the simulation engine through three different applications that model three different types of network protocols. Computer networking is a good candidate for simulation because of the Internet's rapid growth that has spawned off the need for new protocols and algorithms and the desire for a common infrastructure to model these protocols and algorithms. One simulation, the 3DInterconnect simulator, simulates data transmitting through a hardware k-array n-cube network interconnect. Performance results show that k-array n-cube topologies can sustain higher traffic load than the currently used interconnects. The second simulator, Cluster Leader Logic Algorithm Simulator, simulates an ad-hoc wireless routing protocol that uses a data distribution methodology based on the GPS-QHRA routing protocol. CLL algorithm can realize a maximum of 45% power savings and maximum 25% reduced queuing delay compared to GPS-QHRA. The third simulator simulates a grid resource discovery protocol for helping Virtual Organizations to find resource on a grid network to compute or store data on. Results show that worst-case 99.43% of the discovery messages are able to find a resource provider to use for computation. The simulation engine was then built to perform basic HLA operations. Results show successful HLA functions including creating, joining, and resigning from a federation, time management, and event publication and subscription.

software simulation

HLA/RTI

distributed computing

computer networking

grid computing

wireless ad-hoc cluster routing

k-array n-cube wormhole routing

Computer Engineering

Engineering