Security characterization of a RISC-V processor H/F H/F
Stage Grenoble (Isère) IT development
Job description
Détail de l'offre
Informations générales
Entité de rattachement
Le CEA est un acteur majeur de la recherche, au service des citoyens, de l'économie et de l'Etat.Il apporte des solutions concrètes à leurs besoins dans quatre domaines principaux : transition énergétique, transition numérique, technologies pour la médecine du futur, défense et sécurité sur un socle de recherche fondamentale. Le CEA s'engage depuis plus de 75 ans au service de la souveraineté scientifique, technologique et industrielle de la France et de l'Europe pour un présent et un avenir mieux maîtrisés et plus sûrs.
Implanté au cœur des territoires équipés de très grandes infrastructures de recherche, le CEA dispose d'un large éventail de partenaires académiques et industriels en France, en Europe et à l'international.
Les 20 000 collaboratrices et collaborateurs du CEA partagent trois valeurs fondamentales :
• La conscience des responsabilités
• La coopération
• La curiosité
Référence
2024-33973Description de l'unité
Le CEA (commissariat à l'énergie atomique et aux énergies alternatives) est un institut de recherche de premier plan : il a été reconnu en 2016 comme l'institut de recherche le plus innovant au monde par Reuters (https://www.reuters.com/article/us-innovation-rankings/the-worlds-most-innovative-research-institutions-idUSKCN0WA2A5 ). Sa division de la recherche technologique, présente à Grenoble et en région parisienne, est spécialisée en technologie de l'information et dans les énergies renouvelables. Ce stage aura lieu à Grenoble, au sein de l'institut CEA-LIST. L'étudiant intègrera une équipe pluridisciplinaire comportant des experts en systèmes embarqués, cyber-sécurité pour l'internet des objets, et design matériel.
Description du poste
Domaine
Mathématiques, information scientifique, logiciel
Contrat
Stage
Intitulé de l'offre
Security characterization of a RISC-V processor H/F H/F
Sujet de stage
The French Alternative Energies and Atomic Energy Commission (CEA) is a key player in research, devel-opment and innovation in four main areas: defense and security, nuclear and renewable energies, tech-nological research for industry, fundamental research in the physical sciences and life sciences. Drawing on its widely acknowledged expertise, the CEA actively participates in collaborative projects with a large number of academic and industrial partners. One of three institutes that comprise CEA Tech, the List institute is committed to technological innovation in digital systems. Within the DSCIN department of CEA List, the LECA and LFIM laboratories invest R&D efforts in the analysis of the robustness of embedded systems against fault-injection attacks.
Durée du contrat (en mois)
6
Description de l'offre
With the rise of new development models based on open source, secure hardware components are increasingly being developed in public implementations, notably within the OpenHW Group [1]. The possibility of building a complete system from publicly available, open-source components is becoming a reality. For example, the CV32E40S RISC-V processor [2], derived from the CV32E40P [3], incorporates several hardware countermeasures against fault injection and side-channel attacks. However, a significant challenge lies in evaluating both the security level of each individual countermeasure and the overall effectiveness of these countermeasures when combined.
In [4], we introduced a method dedicated to the formal modeling and verification of microarchitecture-level fault injections and their effects on complex hardware/software systems. In the proposed internship, we are looking to apply this methodology to the CV32E40S processor, and to evaluate the potential security gap with regards to real hardware attacks. A security characterization of the CV32E40S will be performed using affordable fault injection equipment such as the ChipWhisperer fault injection tools [5].
The main tasks carried out in this internship will be :
- Implement the CV32E40S on an FPGA and functionally validate the attack setup using ChipWhisperer fault injection tools [5].
- Define attack scenarios and characterize vulnerabilities using the uArchiFI formal tool [4]
- Exploit the defined attack scenarios to perform a comprehensive security characterization of the CV32E40S using ChipWhisperer fault injection tools.
[1] OpenHW Group. https://www.openhwgroup.org
[2] Processor RISC-V CV32E40S. https://github.com/openhwgroup/cv32e40s
[3] Processor RISC-V CV32E40P. https://github.com/openhwgroup/cv32e40p
[4] µArchiFI: Formal Modeling and Verification Strategies for Microarchitectural Fault Injections. S. Tollec, M. Asavoae, D. Couroussé, K. Heydemann, et M. Jan. in FMCAD. 2023 https://doi.org/10.34727/2023/isbn.978-3-85448-060-0_18
[5] https://www.newae.com/
Desired profile
Profil du candidat
This position is aimed at students seeking an ambitious technical internship, eager to gain significant experience in industry-related technological research. It is particularly well-suited to students considering a doctorate, with new funded positions offered each year within the department. The internship is aimed at students in their final year of engineering school (or Master 2) in computer science or microelectronics, or equivalent levels, preferably with a specialization in processor systems/architecture or formal methods. Knowledge of micro-architecture or cybersecurity is an asset, but not a prerequisite. A strong capacity for personal work, ability to work in a team and motivation to take on technical challenges are essential.
In line with CEA's commitment to integrating people with disabilities, this job is open to all.